mirror of
https://github.com/RGBCube/serenity
synced 2025-07-28 09:57:36 +00:00
LibTLS: Add signature verification for DHE and ECDHE key exchange
This will verify that the signature of the ephemeral key used in the DHE and ECDHE key exchanges is actually generated by the server. This verification is done using the first certificate provided by the server, however the validity of this certificate is not checked here. Instead this code expects the validity to be checked earlier by `TLSv12::handle_certificate`.
This commit is contained in:
parent
be138474c5
commit
898be38517
5 changed files with 108 additions and 9 deletions
|
@ -482,6 +482,8 @@ private:
|
|||
|
||||
void pseudorandom_function(Bytes output, ReadonlyBytes secret, const u8* label, size_t label_length, ReadonlyBytes seed, ReadonlyBytes seed_b);
|
||||
|
||||
ssize_t verify_rsa_server_key_exchange(ReadonlyBytes server_key_info_buffer, ReadonlyBytes signature_buffer);
|
||||
|
||||
size_t key_length() const
|
||||
{
|
||||
switch (m_context.cipher) {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue