diff options
author | Tobias Brunner <tobias@strongswan.org> | 2016-10-11 10:54:06 +0200 |
---|---|---|
committer | Tobias Brunner <tobias@strongswan.org> | 2016-10-11 15:29:14 +0200 |
commit | c72c6e92258f5bf25b073f2b7c7631258d9b83f8 (patch) | |
tree | 6b13bb813058de118e752019d1872d9fff3fd693 /src/libstrongswan | |
parent | 8b35d5f162ed57a0a9d6f0bacb3e5d2b9dc29c58 (diff) | |
download | strongswan-c72c6e92258f5bf25b073f2b7c7631258d9b83f8.tar.bz2 strongswan-c72c6e92258f5bf25b073f2b7c7631258d9b83f8.tar.xz |
openssl: Fix AES-GCM with BoringSSL
BoringSSL only supports a limited list of (hard-coded) algorithms via
EVP_get_cipherbyname(), which does not include AES-GCM. While BoringSSL
deprecated these functions they are also supported by OpenSSL (in BoringSSL
a completely new interface for AEADs was added, which OpenSSL currently does
not support).
Diffstat (limited to 'src/libstrongswan')
-rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_gcm.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.c b/src/libstrongswan/plugins/openssl/openssl_gcm.c index 6bbe4af95..5ef885b16 100644 --- a/src/libstrongswan/plugins/openssl/openssl_gcm.c +++ b/src/libstrongswan/plugins/openssl/openssl_gcm.c @@ -255,13 +255,13 @@ aead_t *openssl_gcm_create(encryption_algorithm_t algo, key_size = 16; /* FALL */ case 16: - this->cipher = EVP_get_cipherbyname("aes-128-gcm"); + this->cipher = EVP_aes_128_gcm(); break; case 24: - this->cipher = EVP_get_cipherbyname("aes-192-gcm"); + this->cipher = EVP_aes_192_gcm(); break; case 32: - this->cipher = EVP_get_cipherbyname("aes-256-gcm"); + this->cipher = EVP_aes_256_gcm(); break; default: free(this); |