Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open ssl 1 1 1m+quic #68

Merged
merged 34 commits into from
Dec 14, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
4d4cd37
QUIC: Add support for BoringSSL QUIC APIs
tmshort Apr 12, 2019
35e49b6
QUIC: Fix resumption secret
tmshort Nov 12, 2019
af71ccc
QUIC: Handle EndOfEarlyData and MaxEarlyData
tmshort Nov 13, 2019
48503b1
QUIC: Increase HKDF_MAXBUF to 2048
tmshort Jan 7, 2020
1ffdf71
QUIC: Fall-through for 0RTT
tmshort Jan 7, 2020
d4f4c54
QUIC: Some cleanup for the main QUIC changes
kaduk Apr 22, 2020
0f84d89
QUIC: Prevent KeyUpdate for QUIC
kaduk May 11, 2020
3669e90
QUIC: Test KeyUpdate rejection
kaduk May 11, 2020
eda855f
QUIC: Test HKDF with empty IKM
kaduk May 21, 2020
24ea1af
QUIC: Allow zero-length HKDF keys
kaduk May 22, 2020
f4b0194
QUIC: Buffer all provided quic data
kaduk Aug 31, 2020
6a5be53
QUIC: enforce consistent encryption level for handshake messages
kaduk Sep 1, 2020
5233a6d
QUIC: add v1 quic_transport_parameters
tmshort Dec 12, 2020
e45b6c6
QUIC: return success when no post-handshake data
tmshort Jan 5, 2021
13a21ad
QUIC: Update shared library version
tmshort Mar 3, 2021
01d5c6b
QUIC: Swap around README files
tmshort Mar 3, 2021
5d62d39
QUIC: Fix 1.1.1 GitHub CI
tmshort Mar 3, 2021
928b58d
QUIC: Add compile/run-time checking for QUIC
tmshort Mar 5, 2021
be51461
QUIC: Add early data support (#8)
tatsuhiro-t Mar 10, 2021
257041c
QUIC: Make SSL_provide_quic_data accept 0 length data (#10)
tatsuhiro-t Mar 10, 2021
9b62b2b
QUIC: Process multiple post-handshake messages in a single call (#14)
tatsuhiro-t Mar 12, 2021
0a6abde
QUIC: Tighten up some language in SSL_CTX_set_quic_method.pod (#12)
kaduk Mar 12, 2021
099060d
QUIC: Fix typo in README.md (#21)
NanXiao Mar 16, 2021
17a9991
QUIC: Add SSL_new_session_ticket() API
kaduk Mar 16, 2020
adaeddb
QUIC: Add test for SSL_new_session_ticket()
kaduk Mar 17, 2020
49de233
QUIC: make update for SSL_new_session_ticket()
kaduk Apr 9, 2021
77231e8
QUIC: Fix up whitespace nits introduced by PR #11416
kaduk May 4, 2020
f78d874
QUIC: SSL_new_session_ticket() support (#26)
kaduk Apr 9, 2021
4f527dd
QUIC: Fix no-quic builds
tmshort Aug 25, 2021
a7b3570
QUIC: Error when non-empty session_id in CH (fixes #29)
tmshort Oct 18, 2021
cbd25f5
QUIC: Update SSL_clear() to clear quic data
tmshort Oct 19, 2021
5ee222c
QUIC: Better SSL_clear()
tmshort Oct 29, 2021
2bca4de
QUIC: Update README
tmshort Nov 2, 2021
3109721
fixup! QUIC: Update README
tmshort Dec 14, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions CHANGES
Original file line number Diff line number Diff line change
Expand Up @@ -344,6 +344,9 @@

Changes between 1.1.1c and 1.1.1d [10 Sep 2019]

*) Implement BoringSSL's QUIC API
[Todd Short]

*) Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
number generator (RNG). This was intended to include protection in the
event of a fork() system call in order to ensure that the parent and child
Expand Down
5 changes: 4 additions & 1 deletion Configure
Original file line number Diff line number Diff line change
Expand Up @@ -401,6 +401,7 @@ my @disablables = (
"poly1305",
"posix-io",
"psk",
"quic",
"rc2",
"rc4",
"rc5",
Expand Down Expand Up @@ -485,7 +486,7 @@ my @disable_cascades = (
"ssl3-method" => [ "ssl3" ],
"zlib" => [ "zlib-dynamic" ],
"des" => [ "mdc2" ],
"ec" => [ "ecdsa", "ecdh" ],
"ec" => [ "ecdsa", "ecdh", "quic" ],

"dgram" => [ "dtls", "sctp" ],
"sock" => [ "dgram" ],
Expand Down Expand Up @@ -514,6 +515,8 @@ my @disable_cascades = (
"comp" => [ "zlib" ],
"ec" => [ "tls1_3", "sm2" ],
"sm3" => [ "sm2" ],
"tls1_3" => [ "quic" ],

sub { !$disabled{"unit-test"} } => [ "heartbeats" ],

sub { !$disabled{"msan"} } => [ "asm" ],
Expand Down
3 changes: 3 additions & 0 deletions INSTALL
Original file line number Diff line number Diff line change
Expand Up @@ -457,6 +457,9 @@
no-psk
Don't build support for Pre-Shared Key based ciphersuites.

no-quic
Don't build with support for QUIC.

no-rdrand
Don't use hardware RDRAND capabilities.

Expand Down
File renamed without changes.
105 changes: 105 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
What This Is
============

This is a fork of [OpenSSL](https://www.openssl.org) to enable QUIC. In addition
to the website, the official source distribution is at
<https://github.com/openssl/openssl>. The OpenSSL `README` can be found at
[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1m%2Bquic/README-OpenSSL.md).

This fork adds APIs that can be used by QUIC implementations for connection
handshakes. Quoting the IETF Working group
[charter](https://datatracker.ietf.org/wg/quic/about/), QUIC is a "UDP-based,
stream-multiplexing, encrypted transport protocol." If you don't need QUIC, you
should use the official OpenSSL distributions.

The APIs here are used by Microsoft's
[MsQuic](https://github.com/microsoft/msquic) and Google's
[Chromium QUIC](https://chromium.googlesource.com/chromium/src/+/master/net/quic/)

We are not in competition with OpenSSL project. We informed them of
our plans to fork the code before we went public. We do not speak for the
OpenSSL project, and can only point to a
[blog post](https://www.openssl.org/blog/blog/2020/02/17/QUIC-and-OpenSSL/) and
[openssl-project email](https://github.com/quictls/openssl/discussions/54)
that provides their view of QUIC support.

As stated in their blog post, the OpenSSL team is focused on their 3.0 release
(released 2021-09-07), and does not intend to add QUIC functionality to 1.1.x.
There is a community need for a QUIC-capable TLS library. This fork is intended
as stopgap solution to enable higher level frameworks and runtimes to use QUIC
with the proven and reliable TLS functionality from OpenSSL. This fork will be
maintained until OpenSSL officially provides reasonable support for QUIC
implementations.

This fork can be considered a supported version of
[OpenSSL PR 8797](https://github.com/openssl/openssl/pull/8797).
We will endeavor to track OpenSSL releases within a day or so, and there is an
item below about how we'll follow their tagging.

On to the questions and answers.

What about branches?
--------------------
We don't want to conflict with OpenSSL branch names. Our current plan is to append
`+quic`. Release tags are likely to be the QUIC branch with `-releaseX` appended.
For example, the OpenSSL tag `openssl-3.0.0` would have a branch named
`openssl-3.0.0+quic` and a release tag of `openssl-3.0.0+quic-release1`.

How are you keeping current with OpenSSL?
-----------------------------------------
(In other words, "What about rebasing?")

Our plan is to always rebase on top of an upstream release tag. In particular:
- The changes for QUIC will always be at the tip of the branch -- you will know what
is from the original OpenSSL and what is for QUIC.
- New versions are quickly created once upstream creates a new tag.
- The use of git commands (such as "cherry") can be used to ensure that all changes
have moved forward with minimal or no changes. You will be able to see "QUIC: Add X"
on all branches and the commit itself will be nearly identical on all branches, and
any changes to that can be easily identified.

What about library names?
-------------------------
Library names will be the same, but will use a different version number. The version
numbers for the current OpenSSL libraries are `1.1` (for the 1.1.0 and 1.1.1 branches)
and `3` (for the 3.0 branch). We will be prefixing `81` (ASCII for 'Q') to
the version numbers to generate a unique version number.

- `libcrypto.so.81.3` vs `libcrypto.so.3`
- `libcrypto.so.81.1.1` vs `libcrypto.so.1.1`
- `libssl.so.81.3` vs `libssl.so.3`
- `libssl.so.81.1.1` vs `libssl.so.1.1`

The SONAME of these libraries are all different, guaranteeing the correct library
will be used.

...and the executable?
----------------------
We currently do not have any plans to change the name, mainly because we
haven't made any changes there. If you see a need, please open an issue.

The `openssl version` command will report that it is `+quic` enabled.

...and FIPS?
------------
We are not doing anything with FIPS. This is actually good news: you should
be able to load the OpenSSL 3.0 FIPS module into an application built against
this fork and everything should Just Work&#8482;.

How can I contribute?
---------------------
We want any code here to be acceptable to OpenSSL. This means that all contributors
must have signed the appropriate
[contributor license agreements](https://www.openssl.org/policies/cla.html). We
will not ask for copies of any paperwork, you just need to tell us that you've
done so (and we might verify with OpenSSL). We are only interested in making it
easier and better for at least the mentioned QUIC implementations to use a variant
of OpenSSL. If you have a pull request that changes the TLS protocol, or adds
assembly support for a new CPU, or otherwise is not specific to enabling QUIC,
please contribute that to OpenSSL. This fork is intended to be a clean extension
to OpenSSL, with the deltas being specific to QUIC.

Who are you?
------------
This is a collaborative effort between [Akamai](https://www.akamai.com) and
[Microsoft](https://www.microsoft.com). We welcome anyone to contribute!
4 changes: 4 additions & 0 deletions crypto/cversion.c
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,10 @@ const char *OpenSSL_version(int t)
return "ENGINESDIR: \"" ENGINESDIR "\"";
#else
return "ENGINESDIR: N/A";
#endif
#ifndef OPENSSL_NO_QUIC
case OPENSSL_INFO_QUIC:
return "QUIC";
#endif
}
return "not available";
Expand Down
30 changes: 29 additions & 1 deletion crypto/err/openssl.txt
Original file line number Diff line number Diff line change
Expand Up @@ -1161,6 +1161,7 @@ SSL_F_FINAL_EMS:486:final_ems
SSL_F_FINAL_KEY_SHARE:503:final_key_share
SSL_F_FINAL_MAXFRAGMENTLEN:557:final_maxfragmentlen
SSL_F_FINAL_PSK:639:final_psk
SSL_F_FINAL_QUIC_TRANSPORT_PARAMS:3012:final_quic_transport_params
SSL_F_FINAL_RENEGOTIATE:483:final_renegotiate
SSL_F_FINAL_SERVER_NAME:558:final_server_name
SSL_F_FINAL_SIG_ALGS:497:final_sig_algs
Expand All @@ -1184,7 +1185,7 @@ SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE:431:*
SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE:601:\
ossl_statem_server_post_process_message
SSL_F_OSSL_STATEM_SERVER_POST_WORK:602:ossl_statem_server_post_work
SSL_F_OSSL_STATEM_SERVER_PRE_WORK:640:
SSL_F_OSSL_STATEM_SERVER_PRE_WORK:640:ossl_statem_server_pre_work
SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE:603:ossl_statem_server_process_message
SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION:418:ossl_statem_server_read_transition
SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION:604:\
Expand All @@ -1193,6 +1194,9 @@ SSL_F_PARSE_CA_NAMES:541:parse_ca_names
SSL_F_PITEM_NEW:624:pitem_new
SSL_F_PQUEUE_NEW:625:pqueue_new
SSL_F_PROCESS_KEY_SHARE_EXT:439:*
SSL_F_QUIC_CHANGE_CIPHER_STATE:3000:quic_change_cipher_state
SSL_F_QUIC_GET_MESSAGE:3001:quic_get_message
SSL_F_QUIC_SET_ENCRYPTION_SECRETS:3002:quic_set_encryption_secrets
SSL_F_READ_STATE_MACHINE:352:read_state_machine
SSL_F_SET_CLIENT_CIPHERSUITE:540:set_client_ciphersuite
SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET:595:srp_generate_client_master_secret
Expand All @@ -1203,7 +1207,9 @@ SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM:130:ssl3_check_cert_and_algorithm
SSL_F_SSL3_CTRL:213:ssl3_ctrl
SSL_F_SSL3_CTX_CTRL:133:ssl3_ctx_ctrl
SSL_F_SSL3_DIGEST_CACHED_RECORDS:293:ssl3_digest_cached_records
SSL_F_SSL3_DISPATCH_ALERT:3003:ssl3_dispatch_alert
SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC:292:ssl3_do_change_cipher_spec
SSL_F_SSL3_DO_WRITE:3004:ssl3_do_write
SSL_F_SSL3_ENC:608:ssl3_enc
SSL_F_SSL3_FINAL_FINISH_MAC:285:ssl3_final_finish_mac
SSL_F_SSL3_FINISH_MAC:587:ssl3_finish_mac
Expand Down Expand Up @@ -1311,6 +1317,8 @@ SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT:311:*
SSL_F_SSL_PEEK:270:SSL_peek
SSL_F_SSL_PEEK_EX:432:SSL_peek_ex
SSL_F_SSL_PEEK_INTERNAL:522:ssl_peek_internal
SSL_F_SSL_PROCESS_QUIC_POST_HANDSHAKE:3005:SSL_process_quic_post_handshake
SSL_F_SSL_PROVIDE_QUIC_DATA:3006:SSL_provide_quic_data
SSL_F_SSL_READ:223:SSL_read
SSL_F_SSL_READ_EARLY_DATA:529:SSL_read_early_data
SSL_F_SSL_READ_EX:434:SSL_read_ex
Expand Down Expand Up @@ -1360,6 +1368,7 @@ SSL_F_SSL_WRITE_EARLY_DATA:526:SSL_write_early_data
SSL_F_SSL_WRITE_EARLY_FINISH:527:*
SSL_F_SSL_WRITE_EX:433:SSL_write_ex
SSL_F_SSL_WRITE_INTERNAL:524:ssl_write_internal
SSL_F_STATEM_FLUSH:3007:statem_flush
SSL_F_STATE_MACHINE:353:state_machine
SSL_F_TLS12_CHECK_PEER_SIGALG:333:tls12_check_peer_sigalg
SSL_F_TLS12_COPY_SIGALGS:533:tls12_copy_sigalgs
Expand Down Expand Up @@ -1423,6 +1432,10 @@ SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH:619:\
tls_construct_ctos_post_handshake_auth
SSL_F_TLS_CONSTRUCT_CTOS_PSK:501:tls_construct_ctos_psk
SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES:509:tls_construct_ctos_psk_kex_modes
SSL_F_TLS_CONSTRUCT_CTOS_QUIC_TRANSPORT_PARAMS:3008:\
tls_construct_ctos_quic_transport_params
SSL_F_TLS_CONSTRUCT_CTOS_QUIC_TRANSPORT_PARAMS_DRAFT:3013:\
tls_construct_ctos_quic_transport_params_draft
SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE:473:tls_construct_ctos_renegotiate
SSL_F_TLS_CONSTRUCT_CTOS_SCT:474:tls_construct_ctos_sct
SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME:475:tls_construct_ctos_server_name
Expand Down Expand Up @@ -1464,6 +1477,10 @@ SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE:456:tls_construct_stoc_key_share
SSL_F_TLS_CONSTRUCT_STOC_MAXFRAGMENTLEN:548:tls_construct_stoc_maxfragmentlen
SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG:457:tls_construct_stoc_next_proto_neg
SSL_F_TLS_CONSTRUCT_STOC_PSK:504:tls_construct_stoc_psk
SSL_F_TLS_CONSTRUCT_STOC_QUIC_TRANSPORT_PARAMS:3009:\
tls_construct_stoc_quic_transport_params
SSL_F_TLS_CONSTRUCT_STOC_QUIC_TRANSPORT_PARAMS_DRAFT:3014:\
tls_construct_stoc_quic_transport_params_draft
SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE:458:tls_construct_stoc_renegotiate
SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME:459:tls_construct_stoc_server_name
SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET:460:tls_construct_stoc_session_ticket
Expand Down Expand Up @@ -1492,6 +1509,10 @@ SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN:571:tls_parse_ctos_maxfragmentlen
SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH:620:tls_parse_ctos_post_handshake_auth
SSL_F_TLS_PARSE_CTOS_PSK:505:tls_parse_ctos_psk
SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES:572:tls_parse_ctos_psk_kex_modes
SSL_F_TLS_PARSE_CTOS_QUIC_TRANSPORT_PARAMS:3010:\
tls_parse_ctos_quic_transport_params
SSL_F_TLS_PARSE_CTOS_QUIC_TRANSPORT_PARAMS_DRAFT:3015:\
tls_parse_ctos_quic_transport_params_draft
SSL_F_TLS_PARSE_CTOS_RENEGOTIATE:464:tls_parse_ctos_renegotiate
SSL_F_TLS_PARSE_CTOS_SERVER_NAME:573:tls_parse_ctos_server_name
SSL_F_TLS_PARSE_CTOS_SESSION_TICKET:574:tls_parse_ctos_session_ticket
Expand All @@ -1510,6 +1531,10 @@ SSL_F_TLS_PARSE_STOC_KEY_SHARE:445:tls_parse_stoc_key_share
SSL_F_TLS_PARSE_STOC_MAXFRAGMENTLEN:581:tls_parse_stoc_maxfragmentlen
SSL_F_TLS_PARSE_STOC_NPN:582:tls_parse_stoc_npn
SSL_F_TLS_PARSE_STOC_PSK:502:tls_parse_stoc_psk
SSL_F_TLS_PARSE_STOC_QUIC_TRANSPORT_PARAMS:3011:\
tls_parse_stoc_quic_transport_params
SSL_F_TLS_PARSE_STOC_QUIC_TRANSPORT_PARAMS_DRAFT:3016:\
tls_parse_stoc_quic_transport_params_draft
SSL_F_TLS_PARSE_STOC_RENEGOTIATE:448:tls_parse_stoc_renegotiate
SSL_F_TLS_PARSE_STOC_SCT:564:tls_parse_stoc_sct
SSL_F_TLS_PARSE_STOC_SERVER_NAME:583:tls_parse_stoc_server_name
Expand Down Expand Up @@ -2745,6 +2770,8 @@ SSL_R_MISSING_ECDSA_SIGNING_CERT:381:missing ecdsa signing cert
SSL_R_MISSING_FATAL:256:missing fatal
SSL_R_MISSING_PARAMETERS:290:missing parameters
SSL_R_MISSING_PSK_KEX_MODES_EXTENSION:310:missing psk kex modes extension
SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION:801:\
missing quic transport parameters extension
SSL_R_MISSING_RSA_CERTIFICATE:168:missing rsa certificate
SSL_R_MISSING_RSA_ENCRYPTING_CERT:169:missing rsa encrypting cert
SSL_R_MISSING_RSA_SIGNING_CERT:170:missing rsa signing cert
Expand Down Expand Up @@ -2894,6 +2921,7 @@ SSL_R_VERSION_TOO_LOW:396:version too low
SSL_R_WRONG_CERTIFICATE_TYPE:383:wrong certificate type
SSL_R_WRONG_CIPHER_RETURNED:261:wrong cipher returned
SSL_R_WRONG_CURVE:378:wrong curve
SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED:800:wrong encryption level received
SSL_R_WRONG_SIGNATURE_LENGTH:264:wrong signature length
SSL_R_WRONG_SIGNATURE_SIZE:265:wrong signature size
SSL_R_WRONG_SIGNATURE_TYPE:370:wrong signature type
Expand Down
7 changes: 5 additions & 2 deletions crypto/kdf/hkdf.c
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
#include "internal/cryptlib.h"
#include "crypto/evp.h"

#define HKDF_MAXBUF 1024
#define HKDF_MAXBUF 2048

static unsigned char *HKDF(const EVP_MD *evp_md,
const unsigned char *salt, size_t salt_len,
Expand Down Expand Up @@ -107,7 +107,10 @@ static int pkey_hkdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
if (kctx->key != NULL)
OPENSSL_clear_free(kctx->key, kctx->key_len);

kctx->key = OPENSSL_memdup(p2, p1);
if (p1 == 0)
kctx->key = OPENSSL_zalloc(1);
else
kctx->key = OPENSSL_memdup(p2, p1);
if (kctx->key == NULL)
return 0;

Expand Down
13 changes: 13 additions & 0 deletions doc/man3/SSL_CIPHER_get_name.pod
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ SSL_CIPHER_get_digest_nid,
SSL_CIPHER_get_handshake_digest,
SSL_CIPHER_get_kx_nid,
SSL_CIPHER_get_auth_nid,
SSL_CIPHER_get_prf_nid,
SSL_CIPHER_is_aead,
SSL_CIPHER_find,
SSL_CIPHER_get_id,
Expand All @@ -34,6 +35,7 @@ SSL_CIPHER_get_protocol_id
const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
Expand Down Expand Up @@ -91,6 +93,15 @@ TLS 1.3 cipher suites) B<NID_auth_any> is returned. Examples (not comprehensive)
NID_auth_ecdsa
NID_auth_psk

SSL_CIPHER_get_prf_nid() retuns the pseudo-random function NID for B<c>. If B<c> is
a pre-TLS-1.2 cipher, it returns B<NID_md5_sha1> but note these ciphers use
SHA-256 in TLS 1.2. Other return values may be treated uniformly in all
applicable versions. Examples (not comprehensive):

NID_md5_sha1
NID_sha256
NID_sha384

SSL_CIPHER_is_aead() returns 1 if the cipher B<c> is AEAD (e.g. GCM or
ChaCha20/Poly1305), and 0 if it is not AEAD.

Expand Down Expand Up @@ -201,6 +212,8 @@ required to enable this function.

The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.

The SSL_CIPHER_get_prf_nid() function was added in OpenSSL 3.0.0.

=head1 COPYRIGHT

Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
Expand Down
Loading