ea72bd0b60
The EVP_CIPHER codepath should no longer be used with TLS. It still exists for DTLS and SSLv3. The AEAD construction in TLS does not allow for variable-overhead AEADs, so stateful AEADs do not include the length in the ad parameter. Rather the AEADs internally append the unpadded length once it is known. EVP_aead_rc4_md5_tls is modified to account for this. Tests are added (and RC4-MD5's regenerated) for each of the new AEADs. The cipher tests are all moved into crypto/cipher/test because there's now a lot of them and they clutter the directory listing. In ssl/, the stateful AEAD logic is also modified to account for stateful AEADs with a fixed IV component, and for AEADs which use a random nonce (for the explicit-IV CBC mode ciphers). The new implementation fixes a bug/quirk in stateless CBC mode ciphers where the fixed IV portion of the keyblock was generated regardless. This is at the end, so it's only relevant for EAP-TLS which generates a MSK from the end of the key block. Change-Id: I2d8b8aa11deb43bde2fd733f4f90b5d5b8cb1334 Reviewed-on: https://boringssl-review.googlesource.com/2692 Reviewed-by: Adam Langley <agl@google.com>
38 lines
387 B
CMake
38 lines
387 B
CMake
include_directories(. .. ../../include)
|
|
|
|
add_library(
|
|
cipher
|
|
|
|
OBJECT
|
|
|
|
cipher.c
|
|
cipher_error.c
|
|
derive_key.c
|
|
aead.c
|
|
|
|
e_null.c
|
|
e_rc2.c
|
|
e_rc4.c
|
|
e_des.c
|
|
e_aes.c
|
|
e_chacha20poly1305.c
|
|
|
|
tls_cbc.c
|
|
e_tls.c
|
|
)
|
|
|
|
add_executable(
|
|
cipher_test
|
|
|
|
cipher_test.c
|
|
)
|
|
|
|
add_executable(
|
|
aead_test
|
|
|
|
aead_test.c
|
|
)
|
|
|
|
target_link_libraries(cipher_test crypto)
|
|
target_link_libraries(aead_test crypto)
|