diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2018-11-23 17:21:38 +0100 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2018-11-23 17:48:07 +0100 |
commit | 83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59 (patch) | |
tree | 3bdffe7c29ee5213ba4278da9b0ee116c2806d78 /include | |
parent | 03ad7ae08189ed88dd7e0fcb6c6001fbf3b12efb (diff) | |
download | busybox-83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59.tar.gz |
tls: add support for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher
function old new delta
xwrite_encrypted 209 605 +396
GHASH - 395 +395
aes_encrypt_1 - 382 +382
GMULT - 192 +192
tls_xread_record 489 659 +170
aes_encrypt_one_block - 65 +65
aesgcm_setkey - 58 +58
FlattenSzInBits - 52 +52
tls_handshake 1890 1941 +51
xwrite_and_update_handshake_hash 46 81 +35
xorbuf - 24 +24
aes_setkey - 16 +16
psRsaEncryptPub 413 421 +8
stty_main 1221 1227 +6
ssl_client_main 138 143 +5
next_token 841 845 +4
spawn_ssl_client 218 219 +1
volume_id_probe_hfs_hfsplus 564 563 -1
read_package_field 232 230 -2
i2cdetect_main 674 672 -2
fail_hunk 139 136 -3
parse_expr 891 883 -8
curve25519 802 793 -9
aes_cbc_decrypt 971 958 -13
xwrite_handshake_record 43 - -43
aes_cbc_encrypt 644 172 -472
------------------------------------------------------------------------------
(add/remove: 9/1 grow/shrink: 9/8 up/down: 1860/-553) Total: 1307 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/libbb.h | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/include/libbb.h b/include/libbb.h index aa9e9d019..b041ce047 100644 --- a/include/libbb.h +++ b/include/libbb.h @@ -736,10 +736,17 @@ struct hostent *xgethostbyname(const char *name) FAST_FUNC; // + inet_common.c has additional IPv4-only stuff +struct tls_aes { + uint32_t key[60]; + unsigned rounds; +}; #define TLS_MAX_MAC_SIZE 32 #define TLS_MAX_KEY_SIZE 32 +#define TLS_MAX_IV_SIZE 4 struct tls_handshake_data; /* opaque */ typedef struct tls_state { + unsigned flags; + int ofd; int ifd; @@ -748,6 +755,7 @@ typedef struct tls_state { uint8_t encrypt_on_write; unsigned MAC_size; unsigned key_size; + unsigned IV_size; uint8_t *outbuf; int outbuf_size; @@ -769,12 +777,21 @@ typedef struct tls_state { /*uint64_t read_seq64_be;*/ uint64_t write_seq64_be; + /*uint8_t *server_write_MAC_key;*/ uint8_t *client_write_key; uint8_t *server_write_key; + uint8_t *client_write_IV; + uint8_t *server_write_IV; uint8_t client_write_MAC_key[TLS_MAX_MAC_SIZE]; uint8_t server_write_MAC_k__[TLS_MAX_MAC_SIZE]; uint8_t client_write_k__[TLS_MAX_KEY_SIZE]; uint8_t server_write_k__[TLS_MAX_KEY_SIZE]; + uint8_t client_write_I_[TLS_MAX_IV_SIZE]; + uint8_t server_write_I_[TLS_MAX_IV_SIZE]; + + struct tls_aes aes_encrypt; + struct tls_aes aes_decrypt; + uint8_t H[16]; //used by AES_GCM } tls_state_t; static inline tls_state_t *new_tls_state(void) |