OpenCores
URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-dev/] [or1k-gcc/] [libgo/] [go/] [crypto/] [tls/] [cipher_suites.go] - Blame information for rev 775

Go to most recent revision | Details | Compare with Previous | View Log

Line No. Rev Author Line
1 747 jeremybenn 
// Copyright 2010 The Go Authors. All rights reserved.
2 
// Use of this source code is governed by a BSD-style
3 
// license that can be found in the LICENSE file.
4 
 
5 
package tls
6 
 
7 
import (
8 
        "crypto/aes"
9 
        "crypto/cipher"
10 
        "crypto/des"
11 
        "crypto/hmac"
12 
        "crypto/rc4"
13 
        "crypto/sha1"
14 
        "crypto/x509"
15 
        "hash"
16 
)
17 
 
18 
// a keyAgreement implements the client and server side of a TLS key agreement
19 
// protocol by generating and processing key exchange messages.
20 
type keyAgreement interface {
21 
        // On the server side, the first two methods are called in order.
22 
 
23 
        // In the case that the key agreement protocol doesn't use a
24 
        // ServerKeyExchange message, generateServerKeyExchange can return nil,
25 
        // nil.
26 
        generateServerKeyExchange(*Config, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, error)
27 
        processClientKeyExchange(*Config, *clientKeyExchangeMsg, uint16) ([]byte, error)
28 
 
29 
        // On the client side, the next two methods are called in order.
30 
 
31 
        // This method may not be called if the server doesn't send a
32 
        // ServerKeyExchange message.
33 
        processServerKeyExchange(*Config, *clientHelloMsg, *serverHelloMsg, *x509.Certificate, *serverKeyExchangeMsg) error
34 
        generateClientKeyExchange(*Config, *clientHelloMsg, *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error)
35 
}
36 
 
37 
// A cipherSuite is a specific combination of key agreement, cipher and MAC
38 
// function. All cipher suites currently assume RSA key agreement.
39 
type cipherSuite struct {
40 
        id uint16
41 
        // the lengths, in bytes, of the key material needed for each component.
42 
        keyLen int
43 
        macLen int
44 
        ivLen  int
45 
        ka     func() keyAgreement
46 
        // If elliptic is set, a server will only consider this ciphersuite if
47 
        // the ClientHello indicated that the client supports an elliptic curve
48 
        // and point format that we can handle.
49 
        elliptic bool
50 
        cipher   func(key, iv []byte, isRead bool) interface{}
51 
        mac      func(version uint16, macKey []byte) macFunction
52 
}
53 
 
54 
var cipherSuites = []*cipherSuite{
55 
        {TLS_RSA_WITH_RC4_128_SHA, 16, 20, 0, rsaKA, false, cipherRC4, macSHA1},
56 
        {TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, rsaKA, false, cipher3DES, macSHA1},
57 
        {TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, rsaKA, false, cipherAES, macSHA1},
58 
        {TLS_ECDHE_RSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheRSAKA, true, cipherRC4, macSHA1},
59 
        {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, ecdheRSAKA, true, cipher3DES, macSHA1},
60 
        {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheRSAKA, true, cipherAES, macSHA1},
61 
}
62 
 
63 
func cipherRC4(key, iv []byte, isRead bool) interface{} {
64 
        cipher, _ := rc4.NewCipher(key)
65 
        return cipher
66 
}
67 
 
68 
func cipher3DES(key, iv []byte, isRead bool) interface{} {
69 
        block, _ := des.NewTripleDESCipher(key)
70 
        if isRead {
71 
                return cipher.NewCBCDecrypter(block, iv)
72 
        }
73 
        return cipher.NewCBCEncrypter(block, iv)
74 
}
75 
 
76 
func cipherAES(key, iv []byte, isRead bool) interface{} {
77 
        block, _ := aes.NewCipher(key)
78 
        if isRead {
79 
                return cipher.NewCBCDecrypter(block, iv)
80 
        }
81 
        return cipher.NewCBCEncrypter(block, iv)
82 
}
83 
 
84 
// macSHA1 returns a macFunction for the given protocol version.
85 
func macSHA1(version uint16, key []byte) macFunction {
86 
        if version == versionSSL30 {
87 
                mac := ssl30MAC{
88 
                        h:   sha1.New(),
89 
                        key: make([]byte, len(key)),
90 
                }
91 
                copy(mac.key, key)
92 
                return mac
93 
        }
94 
        return tls10MAC{hmac.New(sha1.New, key)}
95 
}
96 
 
97 
type macFunction interface {
98 
        Size() int
99 
        MAC(digestBuf, seq, data []byte) []byte
100 
}
101 
 
102 
// ssl30MAC implements the SSLv3 MAC function, as defined in
103 
// www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt section 5.2.3.1
104 
type ssl30MAC struct {
105 
        h   hash.Hash
106 
        key []byte
107 
}
108 
 
109 
func (s ssl30MAC) Size() int {
110 
        return s.h.Size()
111 
}
112 
 
113 
var ssl30Pad1 = [48]byte{0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36}
114 
 
115 
var ssl30Pad2 = [48]byte{0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c}
116 
 
117 
func (s ssl30MAC) MAC(digestBuf, seq, record []byte) []byte {
118 
        padLength := 48
119 
        if s.h.Size() == 20 {
120 
                padLength = 40
121 
        }
122 
 
123 
        s.h.Reset()
124 
        s.h.Write(s.key)
125 
        s.h.Write(ssl30Pad1[:padLength])
126 
        s.h.Write(seq)
127 
        s.h.Write(record[:1])
128 
        s.h.Write(record[3:5])
129 
        s.h.Write(record[recordHeaderLen:])
130 
        digestBuf = s.h.Sum(digestBuf[:0])
131 
 
132 
        s.h.Reset()
133 
        s.h.Write(s.key)
134 
        s.h.Write(ssl30Pad2[:padLength])
135 
        s.h.Write(digestBuf)
136 
        return s.h.Sum(digestBuf[:0])
137 
}
138 
 
139 
// tls10MAC implements the TLS 1.0 MAC function. RFC 2246, section 6.2.3.
140 
type tls10MAC struct {
141 
        h hash.Hash
142 
}
143 
 
144 
func (s tls10MAC) Size() int {
145 
        return s.h.Size()
146 
}
147 
 
148 
func (s tls10MAC) MAC(digestBuf, seq, record []byte) []byte {
149 
        s.h.Reset()
150 
        s.h.Write(seq)
151 
        s.h.Write(record)
152 
        return s.h.Sum(digestBuf[:0])
153 
}
154 
 
155 
func rsaKA() keyAgreement {
156 
        return rsaKeyAgreement{}
157 
}
158 
 
159 
func ecdheRSAKA() keyAgreement {
160 
        return new(ecdheRSAKeyAgreement)
161 
}
162 
 
163 
// mutualCipherSuite returns a cipherSuite given a list of supported
164 
// ciphersuites and the id requested by the peer.
165 
func mutualCipherSuite(have []uint16, want uint16) *cipherSuite {
166 
        for _, id := range have {
167 
                if id == want {
168 
                        for _, suite := range cipherSuites {
169 
                                if suite.id == want {
170 
                                        return suite
171 
                                }
172 
                        }
173 
                        return nil
174 
                }
175 
        }
176 
        return nil
177 
}
178 
 
179 
// A list of the possible cipher suite ids. Taken from
180 
// http://www.iana.org/assignments/tls-parameters/tls-parameters.xml
181 
const (
182 
        TLS_RSA_WITH_RC4_128_SHA            uint16 = 0x0005
183 
        TLS_RSA_WITH_3DES_EDE_CBC_SHA       uint16 = 0x000a
184 
        TLS_RSA_WITH_AES_128_CBC_SHA        uint16 = 0x002f
185 
        TLS_ECDHE_RSA_WITH_RC4_128_SHA      uint16 = 0xc011
186 
        TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xc012
187 
        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA  uint16 = 0xc013
188 
)

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.