• Dave Watson's avatar
    net: tls: Add tls 1.3 support · 130b392c
    Dave Watson authored
    TLS 1.3 has minor changes from TLS 1.2 at the record layer.
    
    * Header now hardcodes the same version and application content type in
      the header.
    * The real content type is appended after the data, before encryption (or
      after decryption).
    * The IV is xored with the sequence number, instead of concatinating four
      bytes of IV with the explicit IV.
    * Zero-padding:  No exlicit length is given, we search backwards from the
      end of the decrypted data for the first non-zero byte, which is the
      content type.  Currently recv supports reading zero-padding, but there
      is no way for send to add zero padding.
    Signed-off-by: default avatarDave Watson <davejwatson@fb.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    130b392c
tls_device.c 24.8 KB