Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
break;
case SSL.cipherSuite.AES:
var enc = new Crypt.AES(o.key);
break;
case SSL.cipherSuite.RC4:
var enc = new Crypt.RC4(o.key);
break;
default:
throw new Error("SSL: SetupCipher: unkown encryption algorithm");
}
switch (cipher.encryptionMode) {
case SSL.cipherSuite.CBC:
case SSL.cipherSuite.NONE:
let h;
switch (cipher.hashAlgorithm) {
case SSL.cipherSuite.MD5: h = new Crypt.MD5(); break;
case SSL.cipherSuite.SHA1: h = new Crypt.SHA1(); break;
case SSL.cipherSuite.SHA256: h = new Crypt.SHA256(); break;
case SSL.cipherSuite.SHA384: h = new Crypt.SHA384(); break;
default:
throw new Error("SSL: SetupCipher: unknown hash algorithm");
}
o.hmac = new Crypt.HMAC(h, o.macSecret);
if (cipher.encryptionMode == SSL.cipherSuite.CBC)
o.enc = new Crypt.CBC(enc, o.iv); // no padding -- SSL 3.2 requires padding process beyond RFC2630
else
o.enc = enc;
break;
case SSL.cipherSuite.GCM:
let Arith = require.weak("arith");
o.enc = new Crypt.GCM(enc);
o.nonce = new Arith.Integer(1);
function PRF(session, secret, label, seed, n, hash)
{
var s = ArrayBuffer.fromString(label);
s = s.concat(seed);
if (session.protocolVersion <= 0x302)
var r = Bin.xor(
p_hash(new Crypt.MD5(), secret.slice(0, iceil(secret.byteLength, 2)), s, n),
p_hash(new Crypt.SHA1(), secret.slice(idiv(secret.byteLength, 2)), s, n)
);
else {
if (!hash)
hash = session.chosenCipher.hashAlgorithm == SSL.cipherSuite.SHA384 ? Crypt.SHA384 : Crypt.SHA256;
var r = p_hash(new hash(), secret, s, n);
}
return r.slice(0, n);
}