diff options
author | 2014-11-18 05:33:43 +0000 | |
---|---|---|
committer | 2014-11-18 05:33:43 +0000 | |
commit | 4bb6f241c5c21adcaeba90e28dbb74fe4ebc8304 (patch) | |
tree | 4d37beb3d2303feabd53aefe9ce9796063158d54 /lib/libssl/t1_enc.c | |
parent | Enable the build of GOST routines in libcrypto. Riding upon the Cammelia (diff) | |
download | wireguard-openbsd-4bb6f241c5c21adcaeba90e28dbb74fe4ebc8304.tar.xz wireguard-openbsd-4bb6f241c5c21adcaeba90e28dbb74fe4ebc8304.zip |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some
internal-but-unfortunately-made-visible structs.
Diffstat (limited to 'lib/libssl/t1_enc.c')
-rw-r--r-- | lib/libssl/t1_enc.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c index fc313efc2c7..620da6ddd0b 100644 --- a/lib/libssl/t1_enc.c +++ b/lib/libssl/t1_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_enc.c,v 1.72 2014/11/16 14:12:47 jsing Exp $ */ +/* $OpenBSD: t1_enc.c,v 1.73 2014/11/18 05:33:43 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -448,6 +448,18 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys, mac_secret_size, (unsigned char *)mac_secret); } + if (s->s3->tmp.new_cipher->algorithm_enc == SSL_eGOST2814789CNT) { + int nid; + if (s->s3->tmp.new_cipher->algorithm2 & SSL_HANDSHAKE_MAC_GOST94) + nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet; + else + nid = NID_id_tc26_gost_28147_param_Z; + + EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_GOST_SET_SBOX, nid, 0); + if (s->s3->tmp.new_cipher->algorithm_mac == SSL_GOST89MAC) + EVP_MD_CTX_ctrl(mac_ctx, EVP_MD_CTRL_GOST_SET_SBOX, nid, 0); + } + return (1); err: |