# endif
# define OPENSSL_KTLS_AES_GCM_128
# define OPENSSL_KTLS_AES_GCM_256
+# define OPENSSL_KTLS_TLS13
/*
* Only used by the tests in sslapitest.c.
case TLS1_VERSION:
case TLS1_1_VERSION:
case TLS1_2_VERSION:
+ case TLS1_3_VERSION:
break;
default:
return 0;
case SSL_AES128GCM:
case SSL_AES256GCM:
crypto_info->cipher_algorithm = CRYPTO_AES_NIST_GCM_16;
- crypto_info->iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
+ if (s->version == TLS1_3_VERSION)
+ crypto_info->iv_len = EVP_CIPHER_CTX_iv_length(dd);
+ else
+ crypto_info->iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
break;
case SSL_AES128:
case SSL_AES256:
const EVP_MD *md = NULL;
const EVP_CIPHER *cipher = NULL;
#if !defined(OPENSSL_NO_KTLS) && defined(OPENSSL_KTLS_TLS13)
-# ifndef __FreeBSD__
ktls_crypto_info_t crypto_info;
BIO *bio;
-# endif
#endif
if (which & SSL3_CC_READ) {
s->statem.enc_write_state = ENC_WRITE_STATE_VALID;
#ifndef OPENSSL_NO_KTLS
# if defined(OPENSSL_KTLS_TLS13)
-# ifndef __FreeBSD__
if (!(which & SSL3_CC_WRITE) || !(which & SSL3_CC_APPLICATION)
|| ((which & SSL3_CC_WRITE) && (s->mode & SSL_MODE_NO_KTLS_TX)))
goto skip_ktls;
/* ktls works with user provided buffers directly */
if (BIO_set_ktls(bio, &crypto_info, which & SSL3_CC_WRITE))
ssl3_release_write_buffer(s);
-# endif
skip_ktls:
# endif
#endif