Update TLS OCB ciphersuites to match draft-zauner-tls-aes-ocb-00

and enable them in the default build, though still not enabled in the runtime policy.
author: lloyd <[email protected]> 2015-01-21 20:58:04 +0000
committer: lloyd <[email protected]> 2015-01-21 20:58:04 +0000
commit: 316a7b79146e8003d33f50b58e1c6c3ba9874a32 (patch)
tree: e9b049271ac1e4ff963e67caac30cb29f9e7b9a0 /src/lib/tls/tls_ciphersuite.cpp
parent: 1f59fa09984cb364c1dc560043ffa735e1f23494 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/src/lib/tls/tls_ciphersuite.cpp b/src/lib/tls/tls_ciphersuite.cpp
index c912965c6..b2ff2476b 100644
--- a/src/lib/tls/tls_ciphersuite.cpp
+++ b/src/lib/tls/tls_ciphersuite.cpp
@@ -134,7 +134,7 @@ bool Ciphersuite::valid() const
 #endif
 
 #if !defined(BOTAN_HAS_AEAD_OCB)
-         if(mode == "OCB")
+         if(mode == "OCB(12)" || mode == "OCB")
             return false;
 #endif
          }
@@ -233,7 +233,13 @@ std::string Ciphersuite::to_string() const
       else if(cipher_algo().find("Camellia") == 0)
          out << "CAMELLIA_" << std::to_string(8*cipher_keylen());
       else
-         out << replace_chars(cipher_algo(), {'-', '/'}, '_');
+         {
+         if(cipher_algo().find("OCB(12)") != std::string::npos)
+            out << replace_chars(cipher_algo().substr(0, cipher_algo().size() - 4),
+                                 {'-', '/'}, '_');
+         else
+            out << replace_chars(cipher_algo(), {'-', '/'}, '_');
+         }
 
       if(cipher_algo().find("/") != std::string::npos)
          out << "_"; // some explicit mode already included
author	lloyd <[email protected]>	2015-01-21 20:58:04 +0000
committer	lloyd <[email protected]>	2015-01-21 20:58:04 +0000
commit	316a7b79146e8003d33f50b58e1c6c3ba9874a32 (patch)
tree	e9b049271ac1e4ff963e67caac30cb29f9e7b9a0 /src/lib/tls/tls_ciphersuite.cpp
parent	1f59fa09984cb364c1dc560043ffa735e1f23494 (diff)