diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 212f17eff9d39..b16feaa0180ae 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -267,9 +267,7 @@ void openssl_add_all_ciphers_int(void) #endif #ifndef OPENSSL_NO_MACCIPHERS - EVP_add_cipher(EVP_maccipher_sha256()); - EVP_add_cipher_alias(SN_maccipher_sha256, "MACCIPHER-SHA256"); - EVP_add_cipher(EVP_maccipher_sha384()); - EVP_add_cipher_alias(SN_maccipher_sha384, "MACCIPHER-SHA384"); + EVP_add_cipher(EVP_maccipher_sha256()); /* not really relevant */ + EVP_add_cipher(EVP_maccipher_sha384()); /* not really relevant */ #endif } diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index f29d592e0fbcd..896492365135e 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -321,6 +321,11 @@ int EVP_CIPHER_get_type(const EVP_CIPHER *cipher) return NID_des_cfb64; + case NID_maccipher_sha256: + return NID_maccipher_sha256; + case NID_maccipher_sha384: + return NID_maccipher_sha384; + default: #ifdef FIPS_MODULE return NID_undef; diff --git a/providers/defltprov.c b/providers/defltprov.c index f02e04835ddf0..a938516f5ff83 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -334,6 +334,12 @@ static const OSSL_ALGORITHM deflt_macs[] = { #endif #ifndef OPENSSL_NO_POLY1305 { PROV_NAMES_POLY1305, "provider=default", ossl_poly1305_functions }, +#endif +#ifndef OPENSSL_NO_MACCIPHERS +# if 0 /* TODO */ + { PROV_NAMES_MACCIPHER_SHA256, "provider=default", ossl_maccipher_sha256_functions }, + { PROV_NAMES_MACCIPHER_SHA384, "provider=default", ossl_maccipher_sha384_functions }, +# endif #endif { NULL, NULL, NULL } }; diff --git a/providers/implementations/include/prov/names.h b/providers/implementations/include/prov/names.h index f0ad4353460d2..f67a742adf76d 100644 --- a/providers/implementations/include/prov/names.h +++ b/providers/implementations/include/prov/names.h @@ -170,6 +170,8 @@ #define PROV_NAMES_SM4_XTS "SM4-XTS:1.2.156.10197.1.104.10" #define PROV_NAMES_ChaCha20 "ChaCha20" #define PROV_NAMES_ChaCha20_Poly1305 "ChaCha20-Poly1305" +#define PROV_NAMES_MACCIPHER_SHA256 "MACCIPHER_SHA256" +#define PROV_NAMES_MACCIPHER_SHA384 "MACCIPHER_SHA384" #define PROV_NAMES_CAST5_ECB "CAST5-ECB" #define PROV_NAMES_CAST5_CBC "CAST5-CBC:CAST-CBC:CAST:1.2.840.113533.7.66.10" #define PROV_NAMES_CAST5_OFB "CAST5-OFB" diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 7f9e46f343048..871e5ff385d57 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -125,7 +125,7 @@ static SSL_CIPHER tls13_ciphers[] = { SSL_SHA256, TLS1_3_VERSION, TLS1_3_VERSION, 0, 0, - SSL_STRONG_NONE, + SSL_NOT_DEFAULT | SSL_STRONG_NONE, SSL_HANDSHAKE_MAC_SHA256, 256, 256, @@ -140,7 +140,7 @@ static SSL_CIPHER tls13_ciphers[] = { SSL_SHA384, TLS1_3_VERSION, TLS1_3_VERSION, 0, 0, - SSL_STRONG_NONE, + SSL_NOT_DEFAULT | SSL_STRONG_NONE, SSL_HANDSHAKE_MAC_SHA384, 256, 256, diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index b05012f74fd67..4f2618a98fe14 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -446,6 +446,7 @@ static const ssl_trace_tbl ssl_ciphers_tbl[] = { {0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"}, {0xFF85, "LEGACY-GOST2012-GOST8912-GOST8912"}, {0xFF87, "GOST2012-NULL-GOST12"}, + {0xC0B4, "TLS1_3_MACCIPHERS_SHA256_SHA256"}, {0xC100, "GOST2012-KUZNYECHIK-KUZNYECHIKOMAC"}, {0xC101, "GOST2012-MAGMA-MAGMAOMAC"}, {0xC102, "GOST2012-GOST8912-IANA"},