[tls] Add GCM cipher suites

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2022-11-07 18:09:09 +00:00 · 2022-11-07 18:09:09 +00:00 · 688646fe6d
parent f5c829b6f8
commit 688646fe6d
7 changed files with 147 additions and 8 deletions
--- a/src/config/config_crypto.c
+++ b/src/config/config_crypto.c
@ -124,3 +124,15 @@ REQUIRE_OBJECT ( rsa_aes_cbc_sha1 );
    defined ( CRYPTO_DIGEST_SHA256 )
 REQUIRE_OBJECT ( rsa_aes_cbc_sha256 );
 #endif
+
+/* RSA, AES-GCM, and SHA-256 */
+#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_CIPHER_AES_GCM ) && \
+    defined ( CRYPTO_DIGEST_SHA256 )
+REQUIRE_OBJECT ( rsa_aes_gcm_sha256 );
+#endif
+
+/* RSA, AES-GCM, and SHA-384 */
+#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_CIPHER_AES_GCM ) && \
+    defined ( CRYPTO_DIGEST_SHA384 )
+REQUIRE_OBJECT ( rsa_aes_gcm_sha384 );
+#endif
--- a/src/config/crypto.h
+++ b/src/config/crypto.h
@ -18,6 +18,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 /** AES-CBC block cipher */
 #define CRYPTO_CIPHER_AES_CBC

+/** AES-GCM block cipher */
+#define CRYPTO_CIPHER_AES_GCM
+
 /** MD4 digest algorithm */
 //#define CRYPTO_DIGEST_MD4

--- a/src/crypto/mishmash/rsa_aes_cbc_sha1.c
+++ b/src/crypto/mishmash/rsa_aes_cbc_sha1.c
@ -32,7 +32,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

 /** TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher suite */
 struct tls_cipher_suite
-tls_dhe_rsa_with_aes_128_cbc_sha __tls_cipher_suite ( 03 ) = {
+tls_dhe_rsa_with_aes_128_cbc_sha __tls_cipher_suite ( 05 ) = {
 	.code = htons ( TLS_DHE_RSA_WITH_AES_128_CBC_SHA ),
 	.key_len = ( 128 / 8 ),
 	.fixed_iv_len = 0,
@ -47,7 +47,7 @@ tls_dhe_rsa_with_aes_128_cbc_sha __tls_cipher_suite ( 03 ) = {

 /** TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher suite */
 struct tls_cipher_suite
-tls_dhe_rsa_with_aes_256_cbc_sha __tls_cipher_suite ( 04 ) = {
+tls_dhe_rsa_with_aes_256_cbc_sha __tls_cipher_suite ( 06 ) = {
 	.code = htons ( TLS_DHE_RSA_WITH_AES_256_CBC_SHA ),
 	.key_len = ( 256 / 8 ),
 	.fixed_iv_len = 0,
@ -62,7 +62,7 @@ tls_dhe_rsa_with_aes_256_cbc_sha __tls_cipher_suite ( 04 ) = {

 /** TLS_RSA_WITH_AES_128_CBC_SHA cipher suite */
 struct tls_cipher_suite
-tls_rsa_with_aes_128_cbc_sha __tls_cipher_suite ( 13 ) = {
+tls_rsa_with_aes_128_cbc_sha __tls_cipher_suite ( 15 ) = {
 	.code = htons ( TLS_RSA_WITH_AES_128_CBC_SHA ),
 	.key_len = ( 128 / 8 ),
 	.fixed_iv_len = 0,
@ -77,7 +77,7 @@ tls_rsa_with_aes_128_cbc_sha __tls_cipher_suite ( 13 ) = {

 /** TLS_RSA_WITH_AES_256_CBC_SHA cipher suite */
 struct tls_cipher_suite
-tls_rsa_with_aes_256_cbc_sha __tls_cipher_suite ( 14 ) = {
+tls_rsa_with_aes_256_cbc_sha __tls_cipher_suite ( 16 ) = {
 	.code = htons ( TLS_RSA_WITH_AES_256_CBC_SHA ),
 	.key_len = ( 256 / 8 ),
 	.fixed_iv_len = 0,
--- a/src/crypto/mishmash/rsa_aes_cbc_sha256.c
+++ b/src/crypto/mishmash/rsa_aes_cbc_sha256.c
@ -31,7 +31,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

 /** TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite */
 struct tls_cipher_suite
-tls_dhe_rsa_with_aes_128_cbc_sha256 __tls_cipher_suite ( 01 ) = {
+tls_dhe_rsa_with_aes_128_cbc_sha256 __tls_cipher_suite ( 03 ) = {
 	.code = htons ( TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 ),
 	.key_len = ( 128 / 8 ),
 	.fixed_iv_len = 0,
@ -46,7 +46,7 @@ tls_dhe_rsa_with_aes_128_cbc_sha256 __tls_cipher_suite ( 01 ) = {

 /** TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 cipher suite */
 struct tls_cipher_suite
-tls_dhe_rsa_with_aes_256_cbc_sha256 __tls_cipher_suite ( 02 ) = {
+tls_dhe_rsa_with_aes_256_cbc_sha256 __tls_cipher_suite ( 04 ) = {
 	.code = htons ( TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 ),
 	.key_len = ( 256 / 8 ),
 	.fixed_iv_len = 0,
@ -61,7 +61,7 @@ tls_dhe_rsa_with_aes_256_cbc_sha256 __tls_cipher_suite ( 02 ) = {

 /** TLS_RSA_WITH_AES_128_CBC_SHA256 cipher suite */
 struct tls_cipher_suite
-tls_rsa_with_aes_128_cbc_sha256 __tls_cipher_suite ( 11 ) = {
+tls_rsa_with_aes_128_cbc_sha256 __tls_cipher_suite ( 13 ) = {
 	.code = htons ( TLS_RSA_WITH_AES_128_CBC_SHA256 ),
 	.key_len = ( 128 / 8 ),
 	.fixed_iv_len = 0,
@ -76,7 +76,7 @@ tls_rsa_with_aes_128_cbc_sha256 __tls_cipher_suite ( 11 ) = {

 /** TLS_RSA_WITH_AES_256_CBC_SHA256 cipher suite */
 struct tls_cipher_suite
-tls_rsa_with_aes_256_cbc_sha256 __tls_cipher_suite ( 12 ) = {
+tls_rsa_with_aes_256_cbc_sha256 __tls_cipher_suite ( 14 ) = {
 	.code = htons ( TLS_RSA_WITH_AES_256_CBC_SHA256 ),
 	.key_len = ( 256 / 8 ),
 	.fixed_iv_len = 0,
--- a/src/crypto/mishmash/rsa_aes_gcm_sha256.c
+++ b/src/crypto/mishmash/rsa_aes_gcm_sha256.c
@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2022 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <byteswap.h>
+#include <ipxe/rsa.h>
+#include <ipxe/aes.h>
+#include <ipxe/sha256.h>
+#include <ipxe/tls.h>
+
+/** TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite */
+struct tls_cipher_suite
+tls_dhe_rsa_with_aes_128_gcm_sha256 __tls_cipher_suite ( 01 ) = {
+	.code = htons ( TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 ),
+	.key_len = ( 128 / 8 ),
+	.fixed_iv_len = 4,
+	.record_iv_len = 8,
+	.mac_len = 0,
+	.exchange = &tls_dhe_exchange_algorithm,
+	.pubkey = &rsa_algorithm,
+	.cipher = &aes_gcm_algorithm,
+	.digest = &sha256_algorithm,
+	.handshake = &sha256_algorithm,
+};
+
+/** TLS_RSA_WITH_AES_128_GCM_SHA256 cipher suite */
+struct tls_cipher_suite
+tls_rsa_with_aes_128_gcm_sha256 __tls_cipher_suite ( 11 ) = {
+	.code = htons ( TLS_RSA_WITH_AES_128_GCM_SHA256 ),
+	.key_len = ( 128 / 8 ),
+	.fixed_iv_len = 4,
+	.record_iv_len = 8,
+	.mac_len = 0,
+	.exchange = &tls_pubkey_exchange_algorithm,
+	.pubkey = &rsa_algorithm,
+	.cipher = &aes_gcm_algorithm,
+	.digest = &sha256_algorithm,
+	.handshake = &sha256_algorithm,
+};
--- a/src/crypto/mishmash/rsa_aes_gcm_sha384.c
+++ b/src/crypto/mishmash/rsa_aes_gcm_sha384.c
@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2022 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <byteswap.h>
+#include <ipxe/rsa.h>
+#include <ipxe/aes.h>
+#include <ipxe/sha512.h>
+#include <ipxe/tls.h>
+
+/** TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 cipher suite */
+struct tls_cipher_suite
+tls_dhe_rsa_with_aes_256_gcm_sha384 __tls_cipher_suite ( 02 ) = {
+	.code = htons ( TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ),
+	.key_len = ( 256 / 8 ),
+	.fixed_iv_len = 4,
+	.record_iv_len = 8,
+	.mac_len = 0,
+	.exchange = &tls_dhe_exchange_algorithm,
+	.pubkey = &rsa_algorithm,
+	.cipher = &aes_gcm_algorithm,
+	.digest = &sha384_algorithm,
+	.handshake = &sha384_algorithm,
+};
+
+/** TLS_RSA_WITH_AES_256_GCM_SHA384 cipher suite */
+struct tls_cipher_suite
+tls_rsa_with_aes_256_gcm_sha384 __tls_cipher_suite ( 12 ) = {
+	.code = htons ( TLS_RSA_WITH_AES_256_GCM_SHA384 ),
+	.key_len = ( 256 / 8 ),
+	.fixed_iv_len = 4,
+	.record_iv_len = 8,
+	.mac_len = 0,
+	.exchange = &tls_pubkey_exchange_algorithm,
+	.pubkey = &rsa_algorithm,
+	.cipher = &aes_gcm_algorithm,
+	.digest = &sha384_algorithm,
+	.handshake = &sha384_algorithm,
+};
--- a/src/include/ipxe/tls.h
+++ b/src/include/ipxe/tls.h
@ -89,6 +89,10 @@ struct tls_header {
 #define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003d
 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067
 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006b
+#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009c
+#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009d
+#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009e
+#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x009f

 /* TLS hash algorithm identifiers */
 #define TLS_MD5_ALGORITHM 1