Skip to content

Instantly share code, notes, and snippets.

@jrwren
Created September 26, 2019 15:57
Show Gist options
  • Save jrwren/c1cf9d5a938d56d5f410312031115c6c to your computer and use it in GitHub Desktop.
Save jrwren/c1cf9d5a938d56d5f410312031115c6c to your computer and use it in GitHub Desktop.
Go tls is missing 3 ciphers that it could trivially support.
diff --git a/src/tls/cipher_suites.go b/src/cipher_suites.go
index 9eb699f1c..99c169a7a 100644
--- a/src/tls/cipher_suites.go
+++ b/src/tls/cipher_suites.go
@@ -13,6 +13,7 @@ import (
"crypto/rc4"
"crypto/sha1"
"crypto/sha256"
+ "crypto/sha512"
"crypto/x509"
"hash"
"internal/x/crypto/chacha20poly1305"
@@ -85,7 +86,9 @@ var cipherSuites = []*cipherSuite{
{TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 32, 48, 16, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteSHA384, cipherAES, macSHA384, nil},
{TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 32, 48, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12 | suiteSHA384, cipherAES, macSHA256, nil},
{TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherAES, macSHA1, nil},
{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherAES, macSHA1, nil},
@@ -94,6 +97,7 @@ var cipherSuites = []*cipherSuite{
{TLS_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, rsaKA, suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
{TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
{TLS_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
+ {TLS_RSA_WITH_AES_256_CBC_SHA256, 32, 32, 16, rsaKA, suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
{TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, ecdheRSAKA, suiteECDHE, cipher3DES, macSHA1, nil},
{TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, rsaKA, 0, cipher3DES, macSHA1, nil},
@@ -152,6 +156,19 @@ func macSHA1(version uint16, key []byte) macFunction {
return tls10MAC{h: hmac.New(newConstantTimeHash(sha1.New), key)}
}
+// macSHA384 returns a macFunction for the given protocol version.
+func macSHA384(version uint16, key []byte) macFunction {
+ if version == VersionSSL30 {
+ mac := ssl30MAC{
+ h: sha512.New384(),
+ key: make([]byte, len(key)),
+ }
+ copy(mac.key, key)
+ return mac
+ }
+ return tls10MAC{h: hmac.New(sha512.New384, key)}
+}
+
// macSHA256 returns a SHA-256 based MAC. These are only supported in TLS 1.2
// so the given version is ignored.
func macSHA256(version uint16, key []byte) macFunction {
@@ -443,6 +460,7 @@ const (
TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002f
TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035
TLS_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x003c
+ TLS_RSA_WITH_AES_256_CBC_SHA256 uint16 = 0x003d
TLS_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009c
TLS_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009d
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xc007
@@ -453,7 +471,9 @@ const (
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0xc013
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0xc014
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc023
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 uint16 = 0xc024
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc027
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 uint16 = 0xc028
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02f
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc030
diff --git a/src/tls/decrypt.go b/src/tls/decrypt.go
index 0cc354a61..e9569a81c 100644
--- a/src/tls/decrypt.go
+++ b/src/tls/decrypt.go
@@ -178,6 +178,7 @@ var csByName = map[string]uint16{
"TLS_RSA_WITH_3DES_EDE_CBC_SHA": 0x000a,
"TLS_RSA_WITH_AES_128_CBC_SHA": 0x002f,
"TLS_RSA_WITH_AES_256_CBC_SHA": 0x0035,
+ "TLS_RSA_WITH_AES_256_CBC_SHA256": 0x003d,
"TLS_RSA_WITH_AES_128_GCM_SHA256": 0x009c,
"TLS_RSA_WITH_AES_256_GCM_SHA384": 0x009d,
"TLS_AES_128_GCM_SHA256": 0x1301,
@@ -191,7 +192,9 @@ var csByName = map[string]uint16{
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": 0xc013,
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": 0xc014,
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": 0xc023,
+ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384": 0xc024,
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": 0xc027,
+ "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384": 0xc028,
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 0xc02b,
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 0xc02c,
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 0xc02f,
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment