diff options
author | Tianjia Zhang <tianjia.zhang@linux.alibaba.com> | 2021-11-04 15:42:46 +0800 |
---|---|---|
committer | Paul Yang <kaishen.yy@antfin.com> | 2021-11-08 17:41:28 +0800 |
commit | a075c882641782a6ee94a9123c72b47891a8cf28 (patch) | |
tree | 0178cec3b90a52007ebfaed447f5a7f160fcb384 /ssl | |
parent | 65d39565375bb7d0c5df733063ee09f7e8ca292b (diff) |
KTLS: use EVP_CIPHER_is_a instead of nid
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/16963)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ktls.c | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/ssl/ktls.c b/ssl/ktls.c index 02dbb937ea..79d980959e 100644 --- a/ssl/ktls.c +++ b/ssl/ktls.c @@ -129,28 +129,28 @@ int ktls_check_supported_cipher(const SSL *s, const EVP_CIPHER *c, /* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128 * or Chacha20-Poly1305 */ - switch (EVP_CIPHER_get_nid(c)) - { # ifdef OPENSSL_KTLS_AES_CCM_128 - case NID_aes_128_ccm: + if (EVP_CIPHER_is_a(c, "AES-128-CCM")) { if (s->version == TLS_1_3_VERSION /* broken on 5.x kernels */ || EVP_CIPHER_CTX_get_tag_length(dd) != EVP_CCM_TLS_TAG_LEN) - return 0; + return 0; + return 1; + } else # endif + if (0 # ifdef OPENSSL_KTLS_AES_GCM_128 - /* Fall through */ - case NID_aes_128_gcm: + || EVP_CIPHER_is_a(c, "AES-128-GCM") # endif # ifdef OPENSSL_KTLS_AES_GCM_256 - case NID_aes_256_gcm: + || EVP_CIPHER_is_a(c, "AES-256-GCM") # endif # ifdef OPENSSL_KTLS_CHACHA20_POLY1305 - case NID_chacha20_poly1305: + || EVP_CIPHER_is_a(c, "ChaCha20-Poly1305") # endif + ) { return 1; - default: - return 0; } + return 0; } /* Function to configure kernel TLS structure */ |