diff options
author | Pauli <paul.dale@oracle.com> | 2020-09-06 17:14:38 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-09-09 17:59:08 +1000 |
commit | 5c97eeb726dac6194e7a3aecf8231a512e0243ea (patch) | |
tree | 811802394b1a150ec18e5a11e2ec60e735aec5d6 /ssl/record | |
parent | b924d1b6e1b66def84979dbbf3c79059cff1d554 (diff) | |
download | openssl-5c97eeb726dac6194e7a3aecf8231a512e0243ea.zip openssl-5c97eeb726dac6194e7a3aecf8231a512e0243ea.tar.gz openssl-5c97eeb726dac6194e7a3aecf8231a512e0243ea.tar.bz2 |
TLS fixes for CBC mode and no-deprecated
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/ssl3_record.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index a45e5ee..046d6f2 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -1307,6 +1307,25 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending, return 1; } +/* + * ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function + * which ssl3_cbc_digest_record supports. + */ +char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx) +{ + switch (EVP_MD_CTX_type(ctx)) { + case NID_md5: + case NID_sha1: + case NID_sha224: + case NID_sha256: + case NID_sha384: + case NID_sha512: + return 1; + default: + return 0; + } +} + int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) { unsigned char *mac_sec, *seq; |