1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 23:07:35 +00:00

LibTLS: Implement the extended_master_secret TLS extension

This commit is contained in:
Michiel Visser 2023-11-25 00:27:45 +01:00 committed by Ali Mohammad Pur
parent 5ab64320b2
commit e785172290
4 changed files with 34 additions and 6 deletions

View file

@ -75,6 +75,7 @@ ByteBuffer TLSv12::build_hello()
auto elliptic_curves_length = 2 * m_context.options.elliptic_curves.size();
auto supported_ec_point_formats_length = m_context.options.supported_ec_point_formats.size();
bool supports_elliptic_curves = elliptic_curves_length && supported_ec_point_formats_length;
bool enable_extended_master_secret = m_context.options.enable_extended_master_secret;
// signature_algorithms: 2b extension ID, 2b extension length, 2b vector length, 2xN signatures and hashes
extension_length += 2 + 2 + 2 + 2 * m_context.options.supported_signature_algorithms.size();
@ -86,6 +87,9 @@ ByteBuffer TLSv12::build_hello()
if (supports_elliptic_curves)
extension_length += 6 + elliptic_curves_length + 5 + supported_ec_point_formats_length;
if (enable_extended_master_secret)
extension_length += 4;
builder.append((u16)extension_length);
if (sni_length) {
@ -130,6 +134,12 @@ ByteBuffer TLSv12::build_hello()
builder.append((u8)format);
}
if (enable_extended_master_secret) {
// extended_master_secret extension
builder.append((u16)ExtensionType::EXTENDED_MASTER_SECRET);
builder.append((u16)0);
}
if (alpn_length) {
// TODO
VERIFY_NOT_REACHED();