[tls] Generate pre-master secret at point of sending ClientKeyExchange - openslx-ng/ipxe.git - Fork of ipxe; additional commands and features

diff options

author	Michael Brown	2022-10-11 14:47:06 +0200
committer	Michael Brown	2022-10-11 15:37:12 +0200
commit	028aac99a397f591de6cc6f6f2b4763f55aa8962 (patch)
tree	e42ad5ba0e477d3614519125aa3a1252dae4ae20 /src/interface/linux/linux_api.c
parent	[tls] Generate master secret at point of sending ClientKeyExchange (diff)
download	ipxe-028aac99a397f591de6cc6f6f2b4763f55aa8962.tar.gz ipxe-028aac99a397f591de6cc6f6f2b4763f55aa8962.tar.xz ipxe-028aac99a397f591de6cc6f6f2b4763f55aa8962.zip

[tls] Generate pre-master secret at point of sending ClientKeyExchange

The pre-master secret is currently constructed at the time of instantiating the TLS connection. This precludes the use of key exchange mechanisms such as Ephemeral Diffie-Hellman (DHE), which require a ServerKeyExchange message to exchange additional key material before the pre-master secret can be constructed. Allow for the use of such cipher suites by deferring generation of the master secret until the point of sending the ClientKeyExchange message. Signed-off-by: Michael Brown <mcb30@ipxe.org>

Diffstat (limited to 'src/interface/linux/linux_api.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: