Google Git
Sign in
boringssl / boringssl.git / 2f3404bb810a0a78ff0415b846d6264c7c691361^! / . / include
commit2f3404bb810a0a78ff0415b846d6264c7c691361[log] [tgz]
authorSteven Valdez <svaldez@google.com>Wed May 24 16:54:35 2017 -0400
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Fri May 26 20:06:36 2017 +0000
tree71b567f67786b9f95ca3b96ecda70930ec4c5baf
parent2d04cf08cb3413ba9c7271a1884ceca00c56c7e2 [diff]
Enforce incrementing counter for TLS 1.2 AES-GCM.

Change-Id: I7e790bc176369f2a57cc486c3dc960971faf019d
Reviewed-on: https://boringssl-review.googlesource.com/16625
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/include/openssl/aead.h b/include/openssl/aead.h
index 7515ba1..057f93f 100644
--- a/include/openssl/aead.h
+++ b/include/openssl/aead.h

@@ -117,16 +117,6 @@
  * https://tools.ietf.org/html/draft-irtf-cfrg-gcmsiv-02 */
 OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_gcm_siv(void);
 
-/* EVP_aead_aes_128_gcm_fips_testonly is AES-128 in Galois Counter Mode with
- * an internally-generated random nonce. This is unsafe and should not be
- * used. */
-OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_gcm_fips_testonly(void);
-
-/* EVP_aead_aes_256_gcm_fips_testonly is AES-256 in Galois Counter Mode with
- * an internally-generated random nonce. This is unsafe and should not be
- * used. */
-OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_gcm_fips_testonly(void);
-
 /* EVP_has_aes_hardware returns one if we enable hardware support for fast and
  * constant-time AES-GCM. */
 OPENSSL_EXPORT int EVP_has_aes_hardware(void);
@@ -293,6 +283,14 @@
 
 OPENSSL_EXPORT const EVP_AEAD *EVP_aead_null_sha1_tls(void);
 
+/* EVP_aead_aes_128_gcm_tls12 is AES-128 in Galois Counter Mode using the TLS
+ * 1.2 nonce construction. */
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_gcm_tls12(void);
+
+/* EVP_aead_aes_256_gcm_tls12 is AES-256 in Galois Counter Mode using the TLS
+ * 1.2 nonce construction. */
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_gcm_tls12(void);
+
 
 /* SSLv3-specific AEAD algorithms.
  *

diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
index f93f4cb..5710e3c 100644
--- a/include/openssl/cipher.h
+++ b/include/openssl/cipher.h

@@ -586,5 +586,6 @@
 #define CIPHER_R_UNSUPPORTED_TAG_SIZE 122
 #define CIPHER_R_WRONG_FINAL_BLOCK_LENGTH 123
 #define CIPHER_R_NO_DIRECTION_SET 124
+#define CIPHER_R_INVALID_NONCE 125
 
 #endif  /* OPENSSL_HEADER_CIPHER_H */