Use constants rather than macros for the cipher bytes in the apps
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
This commit is contained in:
parent
ca8c71ba35
commit
adfc37868e
3 changed files with 8 additions and 6 deletions
|
@ -55,6 +55,8 @@ extern char *default_config_file;
|
|||
extern BIO *bio_in;
|
||||
extern BIO *bio_out;
|
||||
extern BIO *bio_err;
|
||||
extern const unsigned char tls13_aes128gcmsha256_id[];
|
||||
extern const unsigned char tls13_aes256gcmsha384_id[];
|
||||
BIO *dup_bio_in(int format);
|
||||
BIO *dup_bio_out(int format);
|
||||
BIO *dup_bio_err(int format);
|
||||
|
|
|
@ -172,8 +172,8 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
|
|||
}
|
||||
#endif
|
||||
|
||||
#define TLS13_AES_128_GCM_SHA256_BYTES ((const unsigned char *)"\x13\x01")
|
||||
#define TLS13_AES_256_GCM_SHA384_BYTES ((const unsigned char *)"\x13\x02")
|
||||
const unsigned char tls13_aes128gcmsha256_id[] = { 0x13, 0x01 };
|
||||
const unsigned char tls13_aes256gcmsha384_id[] = { 0x13, 0x02 };
|
||||
|
||||
static int psk_use_session_cb(SSL *s, const EVP_MD *md,
|
||||
const unsigned char **id, size_t *idlen,
|
||||
|
@ -196,9 +196,9 @@ static int psk_use_session_cb(SSL *s, const EVP_MD *md,
|
|||
}
|
||||
|
||||
if (key_len == EVP_MD_size(EVP_sha256()))
|
||||
cipher = SSL_CIPHER_find(s, TLS13_AES_128_GCM_SHA256_BYTES);
|
||||
cipher = SSL_CIPHER_find(s, tls13_aes128gcmsha256_id);
|
||||
else if(key_len == EVP_MD_size(EVP_sha384()))
|
||||
cipher = SSL_CIPHER_find(s, TLS13_AES_256_GCM_SHA384_BYTES);
|
||||
cipher = SSL_CIPHER_find(s, tls13_aes256gcmsha384_id);
|
||||
|
||||
if (cipher == NULL) {
|
||||
/* Doesn't look like a suitable TLSv1.3 key. Ignore it */
|
||||
|
|
|
@ -208,9 +208,9 @@ static int psk_find_session_cb(SSL *ssl, const unsigned char *identity,
|
|||
}
|
||||
|
||||
if (key_len == EVP_MD_size(EVP_sha256()))
|
||||
cipher = SSL_CIPHER_find(ssl, TLS13_AES_128_GCM_SHA256_BYTES);
|
||||
cipher = SSL_CIPHER_find(ssl, tls13_aes128gcmsha256_id);
|
||||
else if(key_len == EVP_MD_size(EVP_sha384()))
|
||||
cipher = SSL_CIPHER_find(ssl, TLS13_AES_256_GCM_SHA384_BYTES);
|
||||
cipher = SSL_CIPHER_find(ssl, tls13_aes256gcmsha384_id);
|
||||
|
||||
if (cipher == NULL) {
|
||||
/* Doesn't look like a suitable TLSv1.3 key. Ignore it */
|
||||
|
|
Loading…
Reference in a new issue