Google Git
Sign in
boringssl/boringssl.git/4b968339e3ced2d498f4182cd725243bb6cca81b^!/.
commit
4b968339e3ced2d498f4182cd725243bb6cca81b
[log]
author
David Benjamin <davidben@google.com>
Sun Oct 14 11:01:40 2018 -0500
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Tue Oct 16 19:41:50 2018 +0000
tree
a5f09673e6edc1c7e10abbdbb6c122c693104863
parent
0e150027f9d4fb5566170853555206d613d72b5c [diff]
Add a compatibility EVP_CIPH_OCB_MODE value.

Node references it these days. Also replace the no-op modes with negative
numbers rather than zero. Stream ciphers like RC4 report a "mode" of zero, so
code comparing the mode to a dummy value will get confused.

(I came across https://github.com/nodejs/node/pull/23635, though we'd have run
into it sooner or later anyway. Better to just define the value and avoid ifdef
proliferation.)

Change-Id: I223f25663e138480ad83f35aa16f5218f1425563
Reviewed-on: https://boringssl-review.googlesource.com/c/32464
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
index 5963413..e9545c8 100644
--- a/include/openssl/cipher.h
+++ b/include/openssl/cipher.h

@@ -424,8 +424,9 @@
 
 // The following flags do nothing and are included only to make it easier to
 // compile code with BoringSSL.
-#define EVP_CIPH_CCM_MODE 0
-#define EVP_CIPH_WRAP_MODE 0
+#define EVP_CIPH_CCM_MODE (-1)
+#define EVP_CIPH_OCB_MODE (-2)
+#define EVP_CIPH_WRAP_MODE (-3)
 #define EVP_CIPHER_CTX_FLAG_WRAP_ALLOW 0
 
 // EVP_CIPHER_CTX_set_flags does nothing.