commit b2a985bfb8423e064205d8626f13e17087bde7ef
author David Benjamin <davidben@chromium.org> Sun Jun 21 15:13:57 2015 -0400
committer Adam Langley <agl@google.com> Fri Aug 07 00:57:37 2015 +0000
tree 85bf776b8ddc1b1865e35d347e580c7842b31731
parent 62138c5d5a2450c3a9da5b741048c6bb56745aed

Fold away SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD.

It's a property of just algorithm_enc and hopefully AES-GCM will
continue to be the only true AEAD that requires this. Simpler to just
keep it in ssl_aead_ctx.c.

Change-Id: Ib7c060a3de2fa8590b2dc36c23a5d5fabff43b07
Reviewed-on: https://boringssl-review.googlesource.com/5613
Reviewed-by: Adam Langley <agl@google.com>

ssl/ssl_aead_ctx.c

diff --git a/ssl/ssl_aead_ctx.c b/ssl/ssl_aead_ctx.c
index f2110c6..f50ed79 100644
--- a/ssl/ssl_aead_ctx.c
+++ b/ssl/ssl_aead_ctx.c
@@ -83,9 +83,10 @@
 
     memcpy(aead_ctx->fixed_nonce, fixed_iv, fixed_iv_len);
     aead_ctx->fixed_nonce_len = fixed_iv_len;
-    aead_ctx->variable_nonce_included_in_record =
-        (cipher->algorithm2 &
-         SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD) != 0;
+    /* AES-GCM uses an explicit nonce. */
+    if (cipher->algorithm_enc & (SSL_AES128GCM | SSL_AES256GCM)) {
+      aead_ctx->variable_nonce_included_in_record = 1;
+    }
   } else {
     aead_ctx->variable_nonce_included_in_record = 1;
     aead_ctx->random_variable_nonce = 1;