Encrypt-then-MAC extension (RFC 7366)

Introduced a countermeasure against the logjam attack
Short TLS records (AES-CBC) now return BAD_RECORD_MAC
Fixed a compatibility problem with OpenSSL and TLS 1.0 (BEAST countermeasure)

1 files changed, 6 insertions, 1 deletions

diff --git a/src/lib/tls/tls_session.h b/src/lib/tls/tls_session.h
index 8ca646cf2..15e79b811 100644
--- a/src/lib/tls/tls_session.h
+++ b/src/lib/tls/tls_session.h
@@ -38,7 +38,8 @@ class BOTAN_DLL Session
          m_compression_method(0),
          m_connection_side(static_cast<Connection_Side>(0)),
          m_srtp_profile(0),
-         m_extended_master_secret(false)
+         m_extended_master_secret(false),
+         m_encrypt_then_mac(false)
             {}
 
       /**
@@ -51,6 +52,7 @@ class BOTAN_DLL Session
               byte compression_method,
               Connection_Side side,
               bool supports_extended_master_secret,
+              bool supports_encrypt_then_mac,
               const std::vector<X509_Certificate>& peer_certs,
               const std::vector<byte>& session_ticket,
               const Server_Information& server_info,
@@ -157,6 +159,8 @@ class BOTAN_DLL Session
 
       bool supports_extended_master_secret() const { return m_extended_master_secret; }
 
+      bool supports_encrypt_then_mac() const { return m_encrypt_then_mac; }
+
       /**
       * Return the certificate chain of the peer (possibly empty)
       */
@@ -194,6 +198,7 @@ class BOTAN_DLL Session
       Connection_Side m_connection_side;
       u16bit m_srtp_profile;
       bool m_extended_master_secret;
+      bool m_encrypt_then_mac;
 
       std::vector<X509_Certificate> m_peer_certs;
       Server_Information m_server_info; // optional