diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-07-31 16:54:35 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-08-14 06:56:11 +0100 |
commit | e75c5a794e71baa3d76214be3ac8dc6e082e4a1a (patch) | |
tree | 2c55f9fdb39a3536113b2da0f2b71bdec95257dc /ssl/record | |
parent | 2fd7fb99dba9f56fbcb7ee1686bef30c7aef4754 (diff) |
CCM support.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/rec_layer_d1.c | 2 | ||||
-rw-r--r-- | ssl/record/rec_layer_s3.c | 2 | ||||
-rw-r--r-- | ssl/record/ssl3_record.c | 14 |
3 files changed, 14 insertions, 4 deletions
diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 3da4f116bb..74796bed6f 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -1120,6 +1120,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, /* Need explicit part of IV for GCM mode */ else if (mode == EVP_CIPH_GCM_MODE) eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN; + else if (mode == EVP_CIPH_CCM_MODE) + eivlen = EVP_CCM_TLS_EXPLICIT_IV_LEN; else eivlen = 0; } else diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 8a9e30302d..5b286630ac 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -799,6 +799,8 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, /* Need explicit part of IV for GCM mode */ else if (mode == EVP_CIPH_GCM_MODE) eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN; + else if (mode == EVP_CIPH_CCM_MODE) + eivlen = EVP_CCM_TLS_EXPLICIT_IV_LEN; else eivlen = 0; } else diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 1865f24241..1fa1710326 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -764,10 +764,16 @@ int tls1_enc(SSL *s, int send) ? (i < 0) : (i == 0)) return -1; /* AEAD can fail to verify MAC */ - if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send) { - rec->data += EVP_GCM_TLS_EXPLICIT_IV_LEN; - rec->input += EVP_GCM_TLS_EXPLICIT_IV_LEN; - rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN; + if (send == 0) { + if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE) { + rec->data += EVP_GCM_TLS_EXPLICIT_IV_LEN; + rec->input += EVP_GCM_TLS_EXPLICIT_IV_LEN; + rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN; + } else if (EVP_CIPHER_mode(enc) == EVP_CIPH_CCM_MODE) { + rec->data += EVP_CCM_TLS_EXPLICIT_IV_LEN; + rec->input += EVP_CCM_TLS_EXPLICIT_IV_LEN; + rec->length -= EVP_CCM_TLS_EXPLICIT_IV_LEN; + } } ret = 1; |