diff options
| author | Michael Brown <mcb30@ipxe.org> | 2022-10-28 13:06:11 +0100 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2022-11-07 11:19:48 +0000 |
| commit | d1bc872a2e3b682169da4dd708dfe143d539eaaf (patch) | |
| tree | 95d62a5594b24d3f337df1c9eccf4fa40b1de1fc /src/crypto | |
| parent | f8565a655eacc53319962c002a38cfd0340d0b81 (diff) | |
| download | ipxe-d1bc872a2e3b682169da4dd708dfe143d539eaaf.tar.gz | |
[tls] Formalise notions of fixed and record initialisation vectors
TLS block ciphers always use CBC (as per RFC 5246 section 6.2.3.2)
with a record initialisation vector length that is equal to the cipher
block size, and no fixed initialisation vector.
The initialisation vector for AEAD ciphers such as GCM is less
straightforward, and requires both a fixed and per-record component.
Extend the definition of a cipher suite to include fixed and record
initialisation vector lengths, and generate the fixed portion (if any)
as part of key expansion.
Do not add explicit calls to cipher_setiv() in tls_assemble_block()
and tls_split_block(), since the constraints imposed by RFC 5246 are
specifically chosen to allow implementations to avoid doing so.
(Instead, add a sanity check that the record initialisation vector
length is equal to the cipher block size.)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto')
| -rw-r--r-- | src/crypto/mishmash/rsa_aes_cbc_sha1.c | 8 | ||||
| -rw-r--r-- | src/crypto/mishmash/rsa_aes_cbc_sha256.c | 8 |
2 files changed, 16 insertions, 0 deletions
diff --git a/src/crypto/mishmash/rsa_aes_cbc_sha1.c b/src/crypto/mishmash/rsa_aes_cbc_sha1.c index b054a01c7..765ed1138 100644 --- a/src/crypto/mishmash/rsa_aes_cbc_sha1.c +++ b/src/crypto/mishmash/rsa_aes_cbc_sha1.c @@ -34,6 +34,8 @@ struct tls_cipher_suite tls_dhe_rsa_with_aes_128_cbc_sha __tls_cipher_suite ( 03 ) = { .code = htons ( TLS_DHE_RSA_WITH_AES_128_CBC_SHA ), .key_len = ( 128 / 8 ), + .fixed_iv_len = 0, + .record_iv_len = AES_BLOCKSIZE, .exchange = &tls_dhe_exchange_algorithm, .pubkey = &rsa_algorithm, .cipher = &aes_cbc_algorithm, @@ -45,6 +47,8 @@ struct tls_cipher_suite tls_dhe_rsa_with_aes_256_cbc_sha __tls_cipher_suite ( 04 ) = { .code = htons ( TLS_DHE_RSA_WITH_AES_256_CBC_SHA ), .key_len = ( 256 / 8 ), + .fixed_iv_len = 0, + .record_iv_len = AES_BLOCKSIZE, .exchange = &tls_dhe_exchange_algorithm, .pubkey = &rsa_algorithm, .cipher = &aes_cbc_algorithm, @@ -56,6 +60,8 @@ struct tls_cipher_suite tls_rsa_with_aes_128_cbc_sha __tls_cipher_suite ( 13 ) = { .code = htons ( TLS_RSA_WITH_AES_128_CBC_SHA ), .key_len = ( 128 / 8 ), + .fixed_iv_len = 0, + .record_iv_len = AES_BLOCKSIZE, .exchange = &tls_pubkey_exchange_algorithm, .pubkey = &rsa_algorithm, .cipher = &aes_cbc_algorithm, @@ -67,6 +73,8 @@ struct tls_cipher_suite tls_rsa_with_aes_256_cbc_sha __tls_cipher_suite ( 14 ) = { .code = htons ( TLS_RSA_WITH_AES_256_CBC_SHA ), .key_len = ( 256 / 8 ), + .fixed_iv_len = 0, + .record_iv_len = AES_BLOCKSIZE, .exchange = &tls_pubkey_exchange_algorithm, .pubkey = &rsa_algorithm, .cipher = &aes_cbc_algorithm, diff --git a/src/crypto/mishmash/rsa_aes_cbc_sha256.c b/src/crypto/mishmash/rsa_aes_cbc_sha256.c index b003523d5..1cc7dfe27 100644 --- a/src/crypto/mishmash/rsa_aes_cbc_sha256.c +++ b/src/crypto/mishmash/rsa_aes_cbc_sha256.c @@ -34,6 +34,8 @@ struct tls_cipher_suite tls_dhe_rsa_with_aes_128_cbc_sha256 __tls_cipher_suite ( 01 ) = { .code = htons ( TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 ), .key_len = ( 128 / 8 ), + .fixed_iv_len = 0, + .record_iv_len = AES_BLOCKSIZE, .exchange = &tls_dhe_exchange_algorithm, .pubkey = &rsa_algorithm, .cipher = &aes_cbc_algorithm, @@ -45,6 +47,8 @@ struct tls_cipher_suite tls_dhe_rsa_with_aes_256_cbc_sha256 __tls_cipher_suite ( 02 ) = { .code = htons ( TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 ), .key_len = ( 256 / 8 ), + .fixed_iv_len = 0, + .record_iv_len = AES_BLOCKSIZE, .exchange = &tls_dhe_exchange_algorithm, .pubkey = &rsa_algorithm, .cipher = &aes_cbc_algorithm, @@ -56,6 +60,8 @@ struct tls_cipher_suite tls_rsa_with_aes_128_cbc_sha256 __tls_cipher_suite ( 11 ) = { .code = htons ( TLS_RSA_WITH_AES_128_CBC_SHA256 ), .key_len = ( 128 / 8 ), + .fixed_iv_len = 0, + .record_iv_len = AES_BLOCKSIZE, .exchange = &tls_pubkey_exchange_algorithm, .pubkey = &rsa_algorithm, .cipher = &aes_cbc_algorithm, @@ -67,6 +73,8 @@ struct tls_cipher_suite tls_rsa_with_aes_256_cbc_sha256 __tls_cipher_suite ( 12 ) = { .code = htons ( TLS_RSA_WITH_AES_256_CBC_SHA256 ), .key_len = ( 256 / 8 ), + .fixed_iv_len = 0, + .record_iv_len = AES_BLOCKSIZE, .exchange = &tls_pubkey_exchange_algorithm, .pubkey = &rsa_algorithm, .cipher = &aes_cbc_algorithm, |