Replace RC4 in examples with AES-128-GCM.
Avoiding superflous references to RC4 makes it easier to audit the code
to find unsafe uses of it. It also avoids subtly encouraging users to
choose RC4 instead of a better alternative.
Change-Id: Ia27d7f4cd465e143d30a28b36c7871f7c30411ea
Reviewed-on: https://boringssl-review.googlesource.com/3990
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/cipher/internal.h b/crypto/cipher/internal.h
index b35064e..e70d9ce 100644
--- a/crypto/cipher/internal.h
+++ b/crypto/cipher/internal.h
@@ -68,7 +68,7 @@
struct evp_cipher_st {
- /* type contains a NID identifing the cipher. (For example, NID_rc4.) */
+ /* type contains a NID identifing the cipher. (e.g. NID_aes_128_gcm.) */
int nid;
/* block_size contains the block size, in bytes, of the cipher, or 1 for a
diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
index 4bdda14..61c7308 100644
--- a/include/openssl/cipher.h
+++ b/include/openssl/cipher.h
@@ -237,7 +237,8 @@
const EVP_CIPHER_CTX *ctx);
/* EVP_CIPHER_CTX_nid returns a NID identifying the |EVP_CIPHER| underlying
- * |ctx| (e.g. |NID_rc4|). It will crash if no cipher has been configured. */
+ * |ctx| (e.g. |NID_aes_128_gcm|). It will crash if no cipher has been
+ * configured. */
OPENSSL_EXPORT int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
/* EVP_CIPHER_CTX_block_size returns the block size, in bytes, of the cipher
@@ -290,7 +291,7 @@
/* Cipher accessors. */
/* EVP_CIPHER_nid returns a NID identifing |cipher|. (For example,
- * |NID_rc4|.) */
+ * |NID_aes_128_gcm|.) */
OPENSSL_EXPORT int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
/* EVP_CIPHER_name returns the short name for |cipher| or NULL if no name is
