diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2013-03-27 19:54:48 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-09-18 13:46:02 +0100 |
commit | b60b9e7afe649a564db13dbf10ca571e973844c1 (patch) | |
tree | cb50a28c6410f8cdcc9e172d213c49e4abc410e2 /ssl/d1_both.c | |
parent | 919834dc847d0652c58da641f867fe21ad2774ac (diff) |
Enable TLS 1.2 ciphers in DTLS 1.2.
Port TLS 1.2 GCM code to DTLS. Enable use of TLS 1.2 only ciphers when in
DTLS 1.2 mode too.
(cherry picked from commit 4221c0dd3004117c63b182af5e8ab345b7265902)
Diffstat (limited to 'ssl/d1_both.c')
-rw-r--r-- | ssl/d1_both.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/ssl/d1_both.c b/ssl/d1_both.c index 262299b154..f7947bd988 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -272,12 +272,17 @@ int dtls1_do_write(SSL *s, int type) (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH); if (s->write_hash) - mac_size = EVP_MD_CTX_size(s->write_hash); + { + if (s->enc_write_ctx && EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_GCM_MODE) + mac_size = 0; + else + mac_size = EVP_MD_CTX_size(s->write_hash); + } else mac_size = 0; if (s->enc_write_ctx && - (EVP_CIPHER_mode( s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE)) + (EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE)) blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher); else blocksize = 0; |