Refactor the AEAD function in libssl
Categories
(NSS :: Libraries, enhancement, P3)
Tracking
(Not tracked)
People
(Reporter: mt, Assigned: rrelyea)
References
Details
The ssl3con.c and tls13con.c uses of this standard interface are very different for no really good reason. The worst here is that the AAD is packed with a nonce in TLS 1.3. The new AEAD in bug 1528175 has to avoid this function as a result.
It would be really good if this could be refactored so that the same functions could be used in all contexts rather than having to have different functions for ssl3con.c and tls13con.c. Then the new AEAD functions could use the same code as well.
Updated•5 years ago
|
Assignee | ||
Comment 1•4 years ago
|
||
I'll end up taking a cut at this when I add the PKCS #11 v3.0 Message interface for AEAD. Most of the ugliness of these interfaces will be hidden under the new PK11_AEADOp() which knows how to handle the difference between CHACHA_POLY and AES_GCM (as well as dealing with differences between Message and non-message and differences with various AES_GCM implementations on tokens).
Assignee | ||
Comment 3•4 years ago
|
||
PK11_AEADOp() handles generi AEAD operations. Inside SSL, tls_AEAD, handles SSL specific stuff like SSL's nonce->IV creation and appending the tag to the end of the ciphertext.
Description
•