diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-01-06 13:02:16 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2020-01-06 13:02:16 +1000 |
| commit | 0d2bfe52bb7e839f7bddcdb1160c335f2994df2f (patch) | |
| tree | 91d972d9aca1832ae2bdfc5ebd130e1c74dc4bc1 /include | |
| parent | 26583f6aa8dc28e3598e61db66e54e2fdf8b195f (diff) | |
Add AES_CBC_HMAC_SHA ciphers to providers.
Also Add ability for providers to dynamically exclude cipher algorithms.
Cipher algorithms are only returned from providers if their capable() method is either NULL,
or the method returns 1.
This is mainly required for ciphers that only have hardware implementations.
If there is no hardware support, then the algorithm needs to be not available.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10146)
Diffstat (limited to 'include')
| -rw-r--r-- | include/crypto/aes_platform.h | 7 | ||||
| -rw-r--r-- | include/openssl/core_names.h | 16 |
2 files changed, 23 insertions, 0 deletions
diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h index 483a1949ee..b478520cf8 100644 --- a/include/crypto/aes_platform.h +++ b/include/crypto/aes_platform.h @@ -121,6 +121,13 @@ void gcm_ghash_v8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len); # endif # endif /* OPENSSL_CPUID_OBJ */ +# if defined(AES_ASM) && ( \ + defined(__x86_64) || defined(__x86_64__) || \ + defined(_M_AMD64) || defined(_M_X64) ) +# define AES_CBC_HMAC_SHA_CAPABLE 1 +# define AESNI_CBC_HMAC_SHA_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32))) +# endif + # if defined(AES_ASM) && !defined(I386_ONLY) && ( \ ((defined(__i386) || defined(__i386__) || \ defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \ diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index e441ddf6c8..446af5fa8e 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -73,6 +73,22 @@ extern "C" { /* For passing the AlgorithmIdentifier parameter in DER form */ #define OSSL_CIPHER_PARAM_ALG_ID "alg_id_param" /* octet_string */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT \ + "tls1multi_maxsndfrag" /* uint */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE \ + "tls1multi_maxbufsz" /* size_t */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE \ + "tls1multi_interleave" /* uint */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD \ + "tls1multi_aad" /* octet_string */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN \ + "tls1multi_aadpacklen" /* uint */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC \ + "tls1multi_enc" /* octet_string */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN \ + "tls1multi_encin" /* octet_string */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN \ + "tls1multi_enclen" /* size_t */ /* digest parameters */ #define OSSL_DIGEST_PARAM_XOFLEN "xoflen" /* size_t */ |