aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/msg_server_hello.cpp
diff options
context:
space:
mode:
authorJuraj Somorovsky <[email protected]>2016-05-09 00:48:13 +0200
committerJuraj Somorovsky <[email protected]>2016-05-11 07:55:02 +0200
commit7c7fcecbe6a94ffaba5752175d8da5e33fbf0d7b (patch)
tree5ed7b29e5d3441c26b8aa6b5520ab589f9e05377 /src/lib/tls/msg_server_hello.cpp
parent6d327f879c608908ca2c6b9b99f7fd74d498b4ef (diff)
Encrypt-then-MAC extension (RFC 7366)
Introduced a countermeasure against the logjam attack Short TLS records (AES-CBC) now return BAD_RECORD_MAC Fixed a compatibility problem with OpenSSL and TLS 1.0 (BEAST countermeasure)
Diffstat (limited to 'src/lib/tls/msg_server_hello.cpp')
-rw-r--r--src/lib/tls/msg_server_hello.cpp14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/lib/tls/msg_server_hello.cpp b/src/lib/tls/msg_server_hello.cpp
index f8d0c63c7..e309a7c91 100644
--- a/src/lib/tls/msg_server_hello.cpp
+++ b/src/lib/tls/msg_server_hello.cpp
@@ -38,6 +38,13 @@ Server_Hello::Server_Hello(Handshake_IO& io,
if(client_hello.supports_extended_master_secret())
m_extensions.add(new Extended_Master_Secret);
+ if(client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac())
+ {
+ Ciphersuite c = Ciphersuite::by_id(m_ciphersuite);
+ if(c.cbc_ciphersuite())
+ m_extensions.add(new Encrypt_then_MAC);
+ }
+
if(client_hello.secure_renegotiation())
m_extensions.add(new Renegotiation_Extension(reneg_info));
@@ -90,6 +97,13 @@ Server_Hello::Server_Hello(Handshake_IO& io,
if(client_hello.supports_extended_master_secret())
m_extensions.add(new Extended_Master_Secret);
+ if(client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac())
+ {
+ Ciphersuite c = resumed_session.ciphersuite();
+ if(c.cbc_ciphersuite())
+ m_extensions.add(new Encrypt_then_MAC);
+ }
+
if(client_hello.secure_renegotiation())
m_extensions.add(new Renegotiation_Extension(reneg_info));