Merge branch 'etm' into dtls

* etm: Fix warning in reduced config Update Changelog for EtM Keep EtM state across renegotiations Adjust minimum length for EtM Don't send back EtM extension if not using CBC Fix for the RFC erratum Implement EtM Preparation for EtM Implement initial negotiation of EtM Conflicts: include/polarssl/check_config.h
2025-12-06 12:00:59 +03:00 · 2014-11-06 01:36:32 +01:00
parent 56d985d0a6 9d7821d774
commit f9d778d635
10 changed files with 531 additions and 23 deletions
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -221,6 +221,9 @@
 #define SSL_EXTENDED_MS_DISABLED        0
 #define SSL_EXTENDED_MS_ENABLED         1

+#define SSL_ETM_DISABLED                0
+#define SSL_ETM_ENABLED                 1
+
 #define SSL_COMPRESS_NULL               0
 #define SSL_COMPRESS_DEFLATE            1

@@ -442,6 +445,7 @@

 #define TLS_EXT_ALPN                        16

+#define TLS_EXT_ENCRYPT_THEN_MAC            22 /* 0x16 */
 #define TLS_EXT_EXTENDED_MASTER_SECRET  0x0017 /* 23 */

 #define TLS_EXT_SESSION_TICKET              35
@@ -585,6 +589,10 @@ struct _ssl_session
 #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
    int trunc_hmac;             /*!< flag for truncated hmac activation   */
 #endif /* POLARSSL_SSL_TRUNCATED_HMAC */
+
+#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
+    int encrypt_then_mac;       /*!< flag for EtM activation                */
+#endif
 };

 /*
@@ -795,6 +803,9 @@ struct _ssl_context
 #if defined(POLARSSL_SSL_FALLBACK_SCSV) && defined(POLARSSL_SSL_CLI_C)
    char fallback;              /*!< flag for fallback connections    */
 #endif
+#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
+    char encrypt_then_mac;      /*!< flag for encrypt-then-mac        */
+#endif
 #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
    char extended_ms;           /*!< flag for extended master secret  */
 #endif
@@ -1754,6 +1765,21 @@ int ssl_set_min_version( ssl_context *ssl, int major, int minor );
 void ssl_set_fallback( ssl_context *ssl, char fallback );
 #endif /* POLARSSL_SSL_FALLBACK_SCSV && POLARSSL_SSL_CLI_C */

+#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
+/**
+ * \brief           Enable or disable Encrypt-then-MAC
+ *                  (Default: SSL_ETM_ENABLED)
+ *
+ * \note            This should always be enabled, it is a security
+ *                  improvement, and should not cause any interoperability
+ *                  issue (used only if the peer supports it too).
+ *
+ * \param ssl       SSL context
+ * \param etm       SSL_ETM_ENABLED or SSL_ETM_DISABLED
+ */
+void ssl_set_encrypt_then_mac( ssl_context *ssl, char etm );
+#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */
+
 #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
 /**
 * \brief           Enable or disable Extended Master Secret negotiation.