openssl: Fix AES-GCM with BoringSSL
BoringSSL only supports a limited list of (hard-coded) algorithms via EVP_get_cipherbyname(), which does not include AES-GCM. While BoringSSL deprecated these functions they are also supported by OpenSSL (in BoringSSL a completely new interface for AEADs was added, which OpenSSL currently does not support).
This commit is contained in:
parent
8b35d5f162
commit
c72c6e9225
|
@ -255,13 +255,13 @@ aead_t *openssl_gcm_create(encryption_algorithm_t algo,
|
|||
key_size = 16;
|
||||
/* FALL */
|
||||
case 16:
|
||||
this->cipher = EVP_get_cipherbyname("aes-128-gcm");
|
||||
this->cipher = EVP_aes_128_gcm();
|
||||
break;
|
||||
case 24:
|
||||
this->cipher = EVP_get_cipherbyname("aes-192-gcm");
|
||||
this->cipher = EVP_aes_192_gcm();
|
||||
break;
|
||||
case 32:
|
||||
this->cipher = EVP_get_cipherbyname("aes-256-gcm");
|
||||
this->cipher = EVP_aes_256_gcm();
|
||||
break;
|
||||
default:
|
||||
free(this);
|
||||
|
|
Loading…
Reference in New Issue