sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2026-02-12 21:29:39 +03:00
Code Issues Packages Projects Releases Wiki Activity

[tls] Add MAC length as a cipher suite parameter

Browse Source 
TLS stream and block ciphers use a MAC with a length equal to the
output length of the digest algorithm in use.  For AEAD ciphers there
is no MAC, with the equivalent functionality provided by the cipher
algorithm's authentication tag.

Allow for the existence of AEAD cipher suites by making the MAC length
a parameter of the cipher suite.

Assume that the MAC key length is equal to the MAC length, since this
is true for all currently supported cipher suites.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2022-11-07 18:11:36 +00:00
parent b6eef14858
commit c453b4c284
4 changed files with 28 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/include/ipxe/tls.h
View File

@@ -185,6 +185,8 @@ struct tls_cipher_suite {
uint8_t fixed_iv_len;
/** Record initialisation vector length */
uint8_t record_iv_len;
/** MAC length */
uint8_t mac_len;
};
/** TLS cipher suite table */