diff options
author | Juraj Somorovsky <[email protected]> | 2016-05-09 00:48:13 +0200 |
---|---|---|
committer | Juraj Somorovsky <[email protected]> | 2016-05-11 07:55:02 +0200 |
commit | 7c7fcecbe6a94ffaba5752175d8da5e33fbf0d7b (patch) | |
tree | 5ed7b29e5d3441c26b8aa6b5520ab589f9e05377 /src/lib/tls/msg_server_hello.cpp | |
parent | 6d327f879c608908ca2c6b9b99f7fd74d498b4ef (diff) |
Encrypt-then-MAC extension (RFC 7366)
Introduced a countermeasure against the logjam attack
Short TLS records (AES-CBC) now return BAD_RECORD_MAC
Fixed a compatibility problem with OpenSSL and TLS 1.0 (BEAST countermeasure)
Diffstat (limited to 'src/lib/tls/msg_server_hello.cpp')
-rw-r--r-- | src/lib/tls/msg_server_hello.cpp | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/lib/tls/msg_server_hello.cpp b/src/lib/tls/msg_server_hello.cpp index f8d0c63c7..e309a7c91 100644 --- a/src/lib/tls/msg_server_hello.cpp +++ b/src/lib/tls/msg_server_hello.cpp @@ -38,6 +38,13 @@ Server_Hello::Server_Hello(Handshake_IO& io, if(client_hello.supports_extended_master_secret()) m_extensions.add(new Extended_Master_Secret); + if(client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac()) + { + Ciphersuite c = Ciphersuite::by_id(m_ciphersuite); + if(c.cbc_ciphersuite()) + m_extensions.add(new Encrypt_then_MAC); + } + if(client_hello.secure_renegotiation()) m_extensions.add(new Renegotiation_Extension(reneg_info)); @@ -90,6 +97,13 @@ Server_Hello::Server_Hello(Handshake_IO& io, if(client_hello.supports_extended_master_secret()) m_extensions.add(new Extended_Master_Secret); + if(client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac()) + { + Ciphersuite c = resumed_session.ciphersuite(); + if(c.cbc_ciphersuite()) + m_extensions.add(new Encrypt_then_MAC); + } + if(client_hello.secure_renegotiation()) m_extensions.add(new Renegotiation_Extension(reneg_info)); |