1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 00:27:45 +00:00

LibTLS: Add support for AEAD cipher suites

And integrate AES-GCM.
This commit is contained in:
AnotherTest 2020-11-13 01:59:36 +03:30 committed by Andreas Kling
parent d3c52cef86
commit 1172746633
4 changed files with 253 additions and 85 deletions

View file

@ -218,6 +218,8 @@ struct Context {
u8 local_mac[32];
u8 local_iv[16];
u8 remote_iv[16];
u8 local_aead_iv[4];
u8 remote_aead_iv[4];
} crypto;
Crypto::Hash::Manager handshake_hash;
@ -296,7 +298,11 @@ public:
bool supports_cipher(CipherSuite suite) const
{
return suite == CipherSuite::RSA_WITH_AES_128_CBC_SHA256 || suite == CipherSuite::RSA_WITH_AES_256_CBC_SHA256 || suite == CipherSuite::RSA_WITH_AES_128_CBC_SHA || suite == CipherSuite::RSA_WITH_AES_256_CBC_SHA;
return suite == CipherSuite::RSA_WITH_AES_128_CBC_SHA256
|| suite == CipherSuite::RSA_WITH_AES_256_CBC_SHA256
|| suite == CipherSuite::RSA_WITH_AES_128_CBC_SHA
|| suite == CipherSuite::RSA_WITH_AES_256_CBC_SHA
|| suite == CipherSuite::RSA_WITH_AES_128_GCM_SHA256;
}
bool supports_version(Version v) const
@ -423,7 +429,22 @@ private:
case CipherSuite::AES_256_GCM_SHA384:
case CipherSuite::RSA_WITH_AES_128_GCM_SHA256:
case CipherSuite::RSA_WITH_AES_256_GCM_SHA384:
return 12;
return 8; // 4 bytes of fixed IV, 8 random (nonce) bytes, 4 bytes for counter
// GCM specifically asks us to transmit only the nonce, the counter is zero
// and the fixed IV is derived from the premaster key.
}
}
bool is_aead() const
{
switch (m_context.cipher) {
case CipherSuite::AES_128_GCM_SHA256:
case CipherSuite::AES_256_GCM_SHA384:
case CipherSuite::RSA_WITH_AES_128_GCM_SHA256:
case CipherSuite::RSA_WITH_AES_256_GCM_SHA384:
return true;
default:
return false;
}
}
@ -440,8 +461,10 @@ private:
OwnPtr<Crypto::Authentication::HMAC<Crypto::Hash::Manager>> m_hmac_local;
OwnPtr<Crypto::Authentication::HMAC<Crypto::Hash::Manager>> m_hmac_remote;
OwnPtr<Crypto::Cipher::AESCipher::CBCMode> m_aes_local;
OwnPtr<Crypto::Cipher::AESCipher::CBCMode> m_aes_remote;
struct {
OwnPtr<Crypto::Cipher::AESCipher::CBCMode> cbc;
OwnPtr<Crypto::Cipher::AESCipher::GCMMode> gcm;
} m_aes_local, m_aes_remote;
bool m_has_scheduled_write_flush { false };
i32 m_max_wait_time_for_handshake_in_seconds { 10 };