openssl: Fix AES-GCM with BoringSSL

BoringSSL only supports a limited list of (hard-coded) algorithms via EVP_get_cipherbyname(), which does not include AES-GCM. While BoringSSL deprecated these functions they are also supported by OpenSSL (in BoringSSL a completely new interface for AEADs was added, which OpenSSL currently does not support).
2016-10-11 10:54:06 +02:00 · 2016-10-11 10:54:06 +02:00 · c72c6e9225
parent 8b35d5f162
commit c72c6e9225
1 changed files with 3 additions and 3 deletions
--- a/src/libstrongswan/plugins/openssl/openssl_gcm.c
+++ b/src/libstrongswan/plugins/openssl/openssl_gcm.c
@ -255,13 +255,13 @@ aead_t *openssl_gcm_create(encryption_algorithm_t algo,
 					key_size = 16;
 					/* FALL */
 				case 16:
-					this->cipher = EVP_get_cipherbyname("aes-128-gcm");
+					this->cipher = EVP_aes_128_gcm();
 					break;
 				case 24:
-					this->cipher = EVP_get_cipherbyname("aes-192-gcm");
+					this->cipher = EVP_aes_192_gcm();
 					break;
 				case 32:
-					this->cipher = EVP_get_cipherbyname("aes-256-gcm");
+					this->cipher = EVP_aes_256_gcm();
 					break;
 				default:
 					free(this);