git.ipfire.org Git - thirdparty/ipxe.git/commit

author	Michael Brown <mcb30@ipxe.org>
	Mon, 7 Nov 2022 18:11:36 +0000 (18:11 +0000)
committer	Michael Brown <mcb30@ipxe.org>
	Tue, 8 Nov 2022 14:09:18 +0000 (14:09 +0000)
commit	c453b4c284dbedb5de0663f6b30878b425a7a3e8
tree	3edacf954d8f3d899d5d666fc6b1c4ba71cbcb9a	tree
parent	b6eef1485808093f9dae4fe9d6b685e01a6d65a4	commit \| diff

[tls] Add MAC length as a cipher suite parameter

TLS stream and block ciphers use a MAC with a length equal to the
output length of the digest algorithm in use. For AEAD ciphers there
is no MAC, with the equivalent functionality provided by the cipher
algorithm's authentication tag.

Allow for the existence of AEAD cipher suites by making the MAC length
a parameter of the cipher suite.

Assume that the MAC key length is equal to the MAC length, since this
is true for all currently supported cipher suites.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/crypto/mishmash/rsa_aes_cbc_sha1.c		diff \| blob \| blame \| history
src/crypto/mishmash/rsa_aes_cbc_sha256.c		diff \| blob \| blame \| history
src/include/ipxe/tls.h		diff \| blob \| blame \| history
src/net/tls.c		diff \| blob \| blame \| history