Default session ticket enc/dec: allow AES-CBC with HMAC #7703

SparkiDev · 2024-07-02T01:38:37Z

Description

Add option to use AES-CBC with HMAC for default session ticket enc/dec. Defaults to AES-128-CBC with HMAC-SHA256.
Options include:
WOLFSSL_TICKET_ENC_HMAC_SHA512 for HMAC-SHA512
WOLFSSL_TICKET_ENC_HMAC_SHA384 for HMAC-SHA384
WOLFSSL_TICKET_ENC_AES256_CBC for AES-256-CBC

Fixes zd#18205

Testing

./configure '--disable-shared' '--enable-session-ticket' 'CFLAGS=-DWOLFSSL_TICKET_ENC_CBC_HMAC'

Checklist

added tests
updated/added doxygen
updated appropriate READMEs
Updated manual and documentation

Add option to use AES-CBC with HMAC for default session ticket enc/dec. Defaults to AES-128-CBC with HMAC-SHA256. Options include: WOLFSSL_TICKET_ENC_HMAC_SHA512 for HMAC-SHA512 WOLFSSL_TICKET_ENC_HMAC_SHA384 for HMAC-SHA384 WOLFSSL_TICKET_ENC_AES256_CBC for AES-256-CBC

SparkiDev assigned SparkiDev and wolfSSL-Bot and unassigned SparkiDev Jul 2, 2024

SparkiDev requested a review from wolfSSL-Bot July 3, 2024 22:29

dgarske approved these changes Jul 19, 2024

View reviewed changes

dgarske merged commit bd55866 into wolfSSL:master Jul 19, 2024
119 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Default session ticket enc/dec: allow AES-CBC with HMAC #7703

Default session ticket enc/dec: allow AES-CBC with HMAC #7703

SparkiDev commented Jul 2, 2024

Default session ticket enc/dec: allow AES-CBC with HMAC #7703

Default session ticket enc/dec: allow AES-CBC with HMAC #7703

Conversation

SparkiDev commented Jul 2, 2024

Description

Testing

Checklist