[openssl-project] Potentially adding TLS record header to TLS 1.3 AAD
Matt Caswell
matt at openssl.org
Mon Feb 26 12:33:20 UTC 2018
On 24/02/18 18:57, Benjamin Kaduk wrote:
> Hi all,
>
> There's a pull request open against the TLS 1.3 spec to include the
> record header in the AAD for record protection
> (https://github.com/tlswg/tls13-spec/pull/1158). We're somewhat on
> the fence about this, with the main advantage seeming to be for DTLS
> and not plain TLS, but it would probably still be useful to have
> some sense for how hard it would be to implement. Matt, do you have
> any thoughts off the top of your head?
I've looked into this. And because I can't put this stuff down I played
around to see what it would take to implement it:
https://github.com/mattcaswell/openssl/commit/46494d3056fdfb9416b3585c8a5430e53abe0a58
It's quite straight forward really. The above commit still leaves a
couple of test failures there - but I went far enough to prove the
concept. The test failures just need a bit more time to solve (one is
something to do with the way I set up AAD for CCM ciphersuites; and the
other is that the TLSv1.3 encryption test vectors need updating).
Matt
More information about the openssl-project
mailing list