API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 15th, 2019
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.21 KB | None | 0 0
raw download clone embed print report
  1. diff --git a/src/tls/cipher_suites.go b/src/cipher_suites.go
  2. index 9eb699f1c..99c169a7a 100644
  3. --- a/src/tls/cipher_suites.go
  4. +++ b/src/tls/cipher_suites.go
  5. @@ -13,6 +13,7 @@ import (
  6. "crypto/rc4"
  7. "crypto/sha1"
  8. "crypto/sha256"
  9. + "crypto/sha512"
  10. "crypto/x509"
  11. "hash"
  12. "internal/x/crypto/chacha20poly1305"
  13. @@ -85,7 +86,9 @@ var cipherSuites = []*cipherSuite{
  14. {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
  15. {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
  16. {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
  17. + {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 32, 48, 16, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteSHA384, cipherAES, macSHA384, nil},
  18. {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
  19. + {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 32, 48, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12 | suiteSHA384, cipherAES, macSHA256, nil},
  20. {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherAES, macSHA1, nil},
  21. {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
  22. {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherAES, macSHA1, nil},
  23. @@ -94,6 +97,7 @@ var cipherSuites = []*cipherSuite{
  24. {TLS_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, rsaKA, suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
  25. {TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
  26. {TLS_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
  27. + {TLS_RSA_WITH_AES_256_CBC_SHA256, 32, 32, 16, rsaKA, suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
  28. {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, ecdheRSAKA, suiteECDHE, cipher3DES, macSHA1, nil},
  29. {TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, rsaKA, 0, cipher3DES, macSHA1, nil},
  30.  
  31. @@ -152,6 +156,19 @@ func macSHA1(version uint16, key []byte) macFunction {
  32. return tls10MAC{h: hmac.New(newConstantTimeHash(sha1.New), key)}
  33. }
  34.  
  35. +// macSHA384 returns a macFunction for the given protocol version.
  36. +func macSHA384(version uint16, key []byte) macFunction {
  37. + if version == VersionSSL30 {
  38. + mac := ssl30MAC{
  39. + h: sha512.New384(),
  40. + key: make([]byte, len(key)),
  41. + }
  42. + copy(mac.key, key)
  43. + return mac
  44. + }
  45. + return tls10MAC{h: hmac.New(sha512.New384, key)}
  46. +}
  47. +
  48. // macSHA256 returns a SHA-256 based MAC. These are only supported in TLS 1.2
  49. // so the given version is ignored.
  50. func macSHA256(version uint16, key []byte) macFunction {
  51. @@ -443,6 +460,7 @@ const (
  52. TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002f
  53. TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035
  54. TLS_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x003c
  55. + TLS_RSA_WITH_AES_256_CBC_SHA256 uint16 = 0x003d
  56. TLS_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009c
  57. TLS_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009d
  58. TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xc007
  59. @@ -453,7 +471,9 @@ const (
  60. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0xc013
  61. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0xc014
  62. TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc023
  63. + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 uint16 = 0xc024
  64. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc027
  65. + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 uint16 = 0xc028
  66. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02f
  67. TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b
  68. TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc030
  69. diff --git a/src/tls/decrypt.go b/src/tls/decrypt.go
  70. index 0cc354a61..e9569a81c 100644
  71. --- a/src/tls/decrypt.go
  72. +++ b/src/tls/decrypt.go
  73. @@ -178,6 +178,7 @@ var csByName = map[string]uint16{
  74. "TLS_RSA_WITH_3DES_EDE_CBC_SHA": 0x000a,
  75. "TLS_RSA_WITH_AES_128_CBC_SHA": 0x002f,
  76. "TLS_RSA_WITH_AES_256_CBC_SHA": 0x0035,
  77. + "TLS_RSA_WITH_AES_256_CBC_SHA256": 0x003d,
  78. "TLS_RSA_WITH_AES_128_GCM_SHA256": 0x009c,
  79. "TLS_RSA_WITH_AES_256_GCM_SHA384": 0x009d,
  80. "TLS_AES_128_GCM_SHA256": 0x1301,
  81. @@ -191,7 +192,9 @@ var csByName = map[string]uint16{
  82. "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": 0xc013,
  83. "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": 0xc014,
  84. "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": 0xc023,
  85. + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384": 0xc024,
  86. "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": 0xc027,
  87. + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384": 0xc028,
  88. "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 0xc02b,
  89. "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 0xc02c,
  90. "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 0xc02f,
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!