aboutsummaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2018-11-23 17:21:38 +0100
committerDenys Vlasenko <vda.linux@googlemail.com>2018-11-23 17:48:07 +0100
commit83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59 (patch)
tree3bdffe7c29ee5213ba4278da9b0ee116c2806d78 /include
parent03ad7ae08189ed88dd7e0fcb6c6001fbf3b12efb (diff)
downloadbusybox-83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59.tar.gz
tls: add support for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher
function old new delta xwrite_encrypted 209 605 +396 GHASH - 395 +395 aes_encrypt_1 - 382 +382 GMULT - 192 +192 tls_xread_record 489 659 +170 aes_encrypt_one_block - 65 +65 aesgcm_setkey - 58 +58 FlattenSzInBits - 52 +52 tls_handshake 1890 1941 +51 xwrite_and_update_handshake_hash 46 81 +35 xorbuf - 24 +24 aes_setkey - 16 +16 psRsaEncryptPub 413 421 +8 stty_main 1221 1227 +6 ssl_client_main 138 143 +5 next_token 841 845 +4 spawn_ssl_client 218 219 +1 volume_id_probe_hfs_hfsplus 564 563 -1 read_package_field 232 230 -2 i2cdetect_main 674 672 -2 fail_hunk 139 136 -3 parse_expr 891 883 -8 curve25519 802 793 -9 aes_cbc_decrypt 971 958 -13 xwrite_handshake_record 43 - -43 aes_cbc_encrypt 644 172 -472 ------------------------------------------------------------------------------ (add/remove: 9/1 grow/shrink: 9/8 up/down: 1860/-553) Total: 1307 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'include')
-rw-r--r--include/libbb.h17
1 files changed, 17 insertions, 0 deletions
diff --git a/include/libbb.h b/include/libbb.h
index aa9e9d019..b041ce047 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -736,10 +736,17 @@ struct hostent *xgethostbyname(const char *name) FAST_FUNC;
// + inet_common.c has additional IPv4-only stuff
+struct tls_aes {
+ uint32_t key[60];
+ unsigned rounds;
+};
#define TLS_MAX_MAC_SIZE 32
#define TLS_MAX_KEY_SIZE 32
+#define TLS_MAX_IV_SIZE 4
struct tls_handshake_data; /* opaque */
typedef struct tls_state {
+ unsigned flags;
+
int ofd;
int ifd;
@@ -748,6 +755,7 @@ typedef struct tls_state {
uint8_t encrypt_on_write;
unsigned MAC_size;
unsigned key_size;
+ unsigned IV_size;
uint8_t *outbuf;
int outbuf_size;
@@ -769,12 +777,21 @@ typedef struct tls_state {
/*uint64_t read_seq64_be;*/
uint64_t write_seq64_be;
+ /*uint8_t *server_write_MAC_key;*/
uint8_t *client_write_key;
uint8_t *server_write_key;
+ uint8_t *client_write_IV;
+ uint8_t *server_write_IV;
uint8_t client_write_MAC_key[TLS_MAX_MAC_SIZE];
uint8_t server_write_MAC_k__[TLS_MAX_MAC_SIZE];
uint8_t client_write_k__[TLS_MAX_KEY_SIZE];
uint8_t server_write_k__[TLS_MAX_KEY_SIZE];
+ uint8_t client_write_I_[TLS_MAX_IV_SIZE];
+ uint8_t server_write_I_[TLS_MAX_IV_SIZE];
+
+ struct tls_aes aes_encrypt;
+ struct tls_aes aes_decrypt;
+ uint8_t H[16]; //used by AES_GCM
} tls_state_t;
static inline tls_state_t *new_tls_state(void)