git.ipfire.org Git - thirdparty/ipxe.git/commit

author	Michael Brown <mcb30@ipxe.org>
	Fri, 28 Oct 2022 12:06:11 +0000 (13:06 +0100)
committer	Michael Brown <mcb30@ipxe.org>
	Mon, 7 Nov 2022 11:19:48 +0000 (11:19 +0000)
commit	d1bc872a2e3b682169da4dd708dfe143d539eaaf
tree	95d62a5594b24d3f337df1c9eccf4fa40b1de1fc	tree \| snapshot
parent	f8565a655eacc53319962c002a38cfd0340d0b81	commit \| diff

[tls] Formalise notions of fixed and record initialisation vectors

TLS block ciphers always use CBC (as per RFC 5246 section 6.2.3.2)
with a record initialisation vector length that is equal to the cipher
block size, and no fixed initialisation vector.

The initialisation vector for AEAD ciphers such as GCM is less
straightforward, and requires both a fixed and per-record component.

Extend the definition of a cipher suite to include fixed and record
initialisation vector lengths, and generate the fixed portion (if any)
as part of key expansion.

Do not add explicit calls to cipher_setiv() in tls_assemble_block()
and tls_split_block(), since the constraints imposed by RFC 5246 are
specifically chosen to allow implementations to avoid doing so.
(Instead, add a sanity check that the record initialisation vector
length is equal to the cipher block size.)

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/crypto/mishmash/rsa_aes_cbc_sha1.c		diff \| blob \| blame \| history
src/crypto/mishmash/rsa_aes_cbc_sha256.c		diff \| blob \| blame \| history
src/include/ipxe/tls.h		diff \| blob \| blame \| history
src/net/tls.c		diff \| blob \| blame \| history