diff options
| author | DexesTTP <dexes.ttp@gmail.com> | 2021-05-19 00:21:14 +0200 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2021-05-19 09:18:45 +0200 |
| commit | ed1800547ea1b9e700d725eae65447b554737b33 (patch) | |
| tree | 1e2af7d7a93d8506e209d55d48a50121f340cbff /Userland | |
| parent | 68f6796e72e564136835904d19a6f4d19946128e (diff) | |
| download | serenity-ed1800547ea1b9e700d725eae65447b554737b33.zip | |
LibTLS: Enable the RSA_WITH_AES_256_GCM_SHA384 cipher
This is more of an example commit of how to add new ciphers to TLS.
Diffstat (limited to 'Userland')
| -rw-r--r-- | Userland/Libraries/LibTLS/CipherSuite.h | 1 | ||||
| -rw-r--r-- | Userland/Libraries/LibTLS/Record.cpp | 3 | ||||
| -rw-r--r-- | Userland/Libraries/LibTLS/TLSv12.h | 3 |
3 files changed, 5 insertions, 2 deletions
diff --git a/Userland/Libraries/LibTLS/CipherSuite.h b/Userland/Libraries/LibTLS/CipherSuite.h index 73cd67973a..590e46ef9f 100644 --- a/Userland/Libraries/LibTLS/CipherSuite.h +++ b/Userland/Libraries/LibTLS/CipherSuite.h @@ -20,7 +20,6 @@ enum class CipherSuite { RSA_WITH_AES_256_CBC_SHA = 0x0035, RSA_WITH_AES_128_CBC_SHA256 = 0x003C, RSA_WITH_AES_256_CBC_SHA256 = 0x003D, - // TODO RSA_WITH_AES_128_GCM_SHA256 = 0x009C, RSA_WITH_AES_256_GCM_SHA384 = 0x009D, }; diff --git a/Userland/Libraries/LibTLS/Record.cpp b/Userland/Libraries/LibTLS/Record.cpp index 97378dbdf2..a94c170a86 100644 --- a/Userland/Libraries/LibTLS/Record.cpp +++ b/Userland/Libraries/LibTLS/Record.cpp @@ -225,6 +225,9 @@ void TLSv12::ensure_hmac(size_t digest_size, bool local) case Crypto::Hash::SHA256::DigestSize: hash_kind = Crypto::Hash::HashKind::SHA256; break; + case Crypto::Hash::SHA384::DigestSize: + hash_kind = Crypto::Hash::HashKind::SHA384; + break; case Crypto::Hash::SHA512::DigestSize: hash_kind = Crypto::Hash::HashKind::SHA512; break; diff --git a/Userland/Libraries/LibTLS/TLSv12.h b/Userland/Libraries/LibTLS/TLSv12.h index 1ca251ed1d..42cae30f89 100644 --- a/Userland/Libraries/LibTLS/TLSv12.h +++ b/Userland/Libraries/LibTLS/TLSv12.h @@ -177,7 +177,7 @@ enum ClientVerificationStaus { C(true, CipherSuite::RSA_WITH_AES_128_CBC_SHA256, SignatureAlgorithm::RSA, CipherAlgorithm::AES_128_CBC, Crypto::Hash::SHA256, 16, false) \ C(true, CipherSuite::RSA_WITH_AES_256_CBC_SHA256, SignatureAlgorithm::RSA, CipherAlgorithm::AES_256_CBC, Crypto::Hash::SHA256, 16, false) \ C(true, CipherSuite::RSA_WITH_AES_128_GCM_SHA256, SignatureAlgorithm::RSA, CipherAlgorithm::AES_128_GCM, Crypto::Hash::SHA256, 8, true) \ - C(false, CipherSuite::RSA_WITH_AES_256_GCM_SHA384, SignatureAlgorithm::RSA, CipherAlgorithm::AES_256_GCM, Crypto::Hash::SHA384, 8, true) + C(true, CipherSuite::RSA_WITH_AES_256_GCM_SHA384, SignatureAlgorithm::RSA, CipherAlgorithm::AES_256_GCM, Crypto::Hash::SHA384, 8, true) constexpr SignatureAlgorithm get_signature_algorithm(CipherSuite suite) { @@ -225,6 +225,7 @@ struct Options { OPTION_WITH_DEFAULTS(Version, version, Version::V12) OPTION_WITH_DEFAULTS(Vector<SignatureAndHashAlgorithm>, supported_signature_algorithms, { HashAlgorithm::SHA512, SignatureAlgorithm::RSA }, + { HashAlgorithm::SHA384, SignatureAlgorithm::RSA }, { HashAlgorithm::SHA256, SignatureAlgorithm::RSA }, { HashAlgorithm::SHA1, SignatureAlgorithm::RSA }); |