diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2018-11-13 11:44:32 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2018-11-13 11:44:32 +0100 |
| commit | de7b5bb59a5d89f8b63284c6a9de5a5a95f02db3 (patch) | |
| tree | 21af8eae19c25b5fb9008dcff0a75ed01be0f60b | |
| parent | 375fc78d51f128f36c4fe17df0d284cecd28d55e (diff) | |
| download | busybox-w32-de7b5bb59a5d89f8b63284c6a9de5a5a95f02db3.tar.gz busybox-w32-de7b5bb59a5d89f8b63284c6a9de5a5a95f02db3.tar.bz2 busybox-w32-de7b5bb59a5d89f8b63284c6a9de5a5a95f02db3.zip | |
tls: tidy up recently added ECDSA code
function old new delta
tls_handshake 1935 1930 -5
static.OID_ECDSA_KEY_ALG 21 11 -10
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-15) Total: -15 bytes
text data bss dec hex filename
950036 477 7296 957809 e9d71 busybox_old
950048 477 7296 957821 e9d7d busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| -rw-r--r-- | networking/tls.c | 40 |
1 files changed, 21 insertions, 19 deletions
diff --git a/networking/tls.c b/networking/tls.c index 694fbf34d..20343bc0a 100644 --- a/networking/tls.c +++ b/networking/tls.c | |||
| @@ -966,6 +966,13 @@ static int tls_xread_record(tls_state_t *tls, const char *expected) | |||
| 966 | return sz; | 966 | return sz; |
| 967 | } | 967 | } |
| 968 | 968 | ||
| 969 | static void binary_to_pstm(pstm_int *pstm_n, uint8_t *bin_ptr, unsigned len) | ||
| 970 | { | ||
| 971 | pstm_init_for_read_unsigned_bin(/*pool:*/ NULL, pstm_n, len); | ||
| 972 | pstm_read_unsigned_bin(pstm_n, bin_ptr, len); | ||
| 973 | //return bin_ptr + len; | ||
| 974 | } | ||
| 975 | |||
| 969 | /* | 976 | /* |
| 970 | * DER parsing routines | 977 | * DER parsing routines |
| 971 | */ | 978 | */ |
| @@ -1031,15 +1038,6 @@ static uint8_t *skip_der_item(uint8_t *der, uint8_t *end) | |||
| 1031 | return new_der; | 1038 | return new_der; |
| 1032 | } | 1039 | } |
| 1033 | 1040 | ||
| 1034 | // | ||
| 1035 | static void binary_to_pstm(pstm_int *pstm_n, uint8_t *bin_ptr, unsigned len) | ||
| 1036 | { | ||
| 1037 | pstm_init_for_read_unsigned_bin(/*pool:*/ NULL, pstm_n, len); | ||
| 1038 | pstm_read_unsigned_bin(pstm_n, bin_ptr, len); | ||
| 1039 | //return bin_ptr + len; | ||
| 1040 | } | ||
| 1041 | // | ||
| 1042 | |||
| 1043 | static void der_binary_to_pstm(pstm_int *pstm_n, uint8_t *der, uint8_t *end) | 1041 | static void der_binary_to_pstm(pstm_int *pstm_n, uint8_t *der, uint8_t *end) |
| 1044 | { | 1042 | { |
| 1045 | uint8_t *bin_ptr; | 1043 | uint8_t *bin_ptr; |
| @@ -1047,9 +1045,6 @@ static void der_binary_to_pstm(pstm_int *pstm_n, uint8_t *der, uint8_t *end) | |||
| 1047 | 1045 | ||
| 1048 | dbg_der("binary bytes:%u, first:0x%02x\n", len, bin_ptr[0]); | 1046 | dbg_der("binary bytes:%u, first:0x%02x\n", len, bin_ptr[0]); |
| 1049 | binary_to_pstm(pstm_n, bin_ptr, len); | 1047 | binary_to_pstm(pstm_n, bin_ptr, len); |
| 1050 | //pstm_init_for_read_unsigned_bin(/*pool:*/ NULL, pstm_n, len); | ||
| 1051 | //pstm_read_unsigned_bin(pstm_n, bin_ptr, len); | ||
| 1052 | ////return bin_ptr + len; | ||
| 1053 | } | 1048 | } |
| 1054 | 1049 | ||
| 1055 | static void find_key_in_der_cert(tls_state_t *tls, uint8_t *der, int len) | 1050 | static void find_key_in_der_cert(tls_state_t *tls, uint8_t *der, int len) |
| @@ -1180,18 +1175,19 @@ static void find_key_in_der_cert(tls_state_t *tls, uint8_t *der, int len) | |||
| 1180 | { /* check subjectPublicKeyInfo.algorithm */ | 1175 | { /* check subjectPublicKeyInfo.algorithm */ |
| 1181 | static const uint8_t OID_RSA_KEY_ALG[] = { | 1176 | static const uint8_t OID_RSA_KEY_ALG[] = { |
| 1182 | 0x30,0x0d, // SEQ 13 bytes | 1177 | 0x30,0x0d, // SEQ 13 bytes |
| 1183 | 0x06,0x09, 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01, // OID RSA_KEY_ALG 42.134.72.134.247.13.1.1.1 | 1178 | 0x06,0x09, 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01, //OID_RSA_KEY_ALG 42.134.72.134.247.13.1.1.1 |
| 1184 | //0x05,0x00, // NULL | 1179 | //0x05,0x00, // NULL |
| 1185 | }; | 1180 | }; |
| 1186 | static const uint8_t OID_ECDSA_KEY_ALG[] = { | 1181 | static const uint8_t OID_ECDSA_KEY_ALG[] = { |
| 1187 | 0x30,0x13, // SEQ 0x13 bytes | 1182 | 0x30,0x13, // SEQ 0x13 bytes |
| 1188 | 0x06,0x07, 0x2a,0x86,0x48,0xce,0x3d,0x02,0x01, //OID_ECDSA_KEY_ALG 42.134.72.206.61.2.1 | 1183 | 0x06,0x07, 0x2a,0x86,0x48,0xce,0x3d,0x02,0x01, //OID_ECDSA_KEY_ALG 42.134.72.206.61.2.1 |
| 1189 | 0x06,0x08, 0x2a,0x86,0x48,0xce,0x3d,0x03,0x01,0x07, //OID_EC_prime256v1 42.134.72.206.61.3.1.7 | 1184 | //allow any curve code for now... |
| 1190 | //rfc3279: | 1185 | // 0x06,0x08, 0x2a,0x86,0x48,0xce,0x3d,0x03,0x01,0x07, //OID_EC_prime256v1 42.134.72.206.61.3.1.7 |
| 1186 | //RFC 3279: | ||
| 1191 | //42.134.72.206.61.3 is ellipticCurve | 1187 | //42.134.72.206.61.3 is ellipticCurve |
| 1192 | //42.134.72.206.61.3.0 is c-TwoCurve | 1188 | //42.134.72.206.61.3.0 is c-TwoCurve |
| 1193 | //42.134.72.206.61.3.1 is primeCurve | 1189 | //42.134.72.206.61.3.1 is primeCurve |
| 1194 | //42.134.72.206.61.3.1.7 is prime256v1 | 1190 | //42.134.72.206.61.3.1.7 is curve_secp256r1 |
| 1195 | }; | 1191 | }; |
| 1196 | if (memcmp(der, OID_RSA_KEY_ALG, sizeof(OID_RSA_KEY_ALG)) == 0) { | 1192 | if (memcmp(der, OID_RSA_KEY_ALG, sizeof(OID_RSA_KEY_ALG)) == 0) { |
| 1197 | dbg("RSA key\n"); | 1193 | dbg("RSA key\n"); |
| @@ -1210,7 +1206,7 @@ static void find_key_in_der_cert(tls_state_t *tls, uint8_t *der, int len) | |||
| 1210 | /* skip subjectPublicKeyInfo.algorithm */ | 1206 | /* skip subjectPublicKeyInfo.algorithm */ |
| 1211 | der = skip_der_item(der, end); | 1207 | der = skip_der_item(der, end); |
| 1212 | /* enter subjectPublicKeyInfo.publicKey */ | 1208 | /* enter subjectPublicKeyInfo.publicKey */ |
| 1213 | // die_if_not_this_der_type(der, end, 0x03); /* must be BITSTRING */ | 1209 | //die_if_not_this_der_type(der, end, 0x03); /* must be BITSTRING */ |
| 1214 | der = enter_der_item(der, &end); | 1210 | der = enter_der_item(der, &end); |
| 1215 | 1211 | ||
| 1216 | dbg("key bytes:%u, first:0x%02x\n", (int)(end - der), der[0]); | 1212 | dbg("key bytes:%u, first:0x%02x\n", (int)(end - der), der[0]); |
| @@ -1233,6 +1229,11 @@ static void find_key_in_der_cert(tls_state_t *tls, uint8_t *der, int len) | |||
| 1233 | tls->hsd->server_rsa_pub_key.size = pstm_unsigned_bin_size(&tls->hsd->server_rsa_pub_key.N); | 1229 | tls->hsd->server_rsa_pub_key.size = pstm_unsigned_bin_size(&tls->hsd->server_rsa_pub_key.N); |
| 1234 | dbg("server_rsa_pub_key.size:%d\n", tls->hsd->server_rsa_pub_key.size); | 1230 | dbg("server_rsa_pub_key.size:%d\n", tls->hsd->server_rsa_pub_key.size); |
| 1235 | } | 1231 | } |
| 1232 | /* else: ECDSA key. It is not used for generating encryption keys, | ||
| 1233 | * it is used only to sign the EC public key (which comes in ServerKey message). | ||
| 1234 | * Since we do not verify cert validity, verifying signature on EC public key | ||
| 1235 | * wouldn't add any security. Thus, we do nothing here. | ||
| 1236 | */ | ||
| 1236 | } | 1237 | } |
| 1237 | 1238 | ||
| 1238 | /* | 1239 | /* |
| @@ -1376,7 +1377,7 @@ static void send_client_hello_and_alloc_hsd(tls_state_t *tls, const char *sni) | |||
| 1376 | ptr[8] = sni_len; //name len | 1377 | ptr[8] = sni_len; //name len |
| 1377 | ptr = mempcpy(&ptr[9], sni, sni_len); | 1378 | ptr = mempcpy(&ptr[9], sni, sni_len); |
| 1378 | } | 1379 | } |
| 1379 | mempcpy(ptr, supported_groups, sizeof(supported_groups)); | 1380 | memcpy(ptr, supported_groups, sizeof(supported_groups)); |
| 1380 | 1381 | ||
| 1381 | dbg(">> CLIENT_HELLO\n"); | 1382 | dbg(">> CLIENT_HELLO\n"); |
| 1382 | /* Can hash it only when we know which MAC hash to use */ | 1383 | /* Can hash it only when we know which MAC hash to use */ |
| @@ -1550,7 +1551,7 @@ static void process_server_key(tls_state_t *tls, int len) | |||
| 1550 | /* So far we only support curve_x25519 */ | 1551 | /* So far we only support curve_x25519 */ |
| 1551 | move_from_unaligned32(t32, keybuf); | 1552 | move_from_unaligned32(t32, keybuf); |
| 1552 | if (t32 != htonl(0x03001d20)) | 1553 | if (t32 != htonl(0x03001d20)) |
| 1553 | tls_error_die(tls); | 1554 | bb_error_msg_and_die("elliptic curve is not x25519"); |
| 1554 | 1555 | ||
| 1555 | memcpy(tls->hsd->ecc_pub_key32, keybuf + 4, 32); | 1556 | memcpy(tls->hsd->ecc_pub_key32, keybuf + 4, 32); |
| 1556 | dbg("got eccPubKey\n"); | 1557 | dbg("got eccPubKey\n"); |
| @@ -1575,6 +1576,7 @@ static void send_empty_client_cert(tls_state_t *tls) | |||
| 1575 | //record->cert_chain_len24_hi = 0; | 1576 | //record->cert_chain_len24_hi = 0; |
| 1576 | //record->cert_chain_len24_mid = 0; | 1577 | //record->cert_chain_len24_mid = 0; |
| 1577 | //record->cert_chain_len24_lo = 0; | 1578 | //record->cert_chain_len24_lo = 0; |
| 1579 | // same as above: | ||
| 1578 | memcpy(record, empty_client_cert, sizeof(empty_client_cert)); | 1580 | memcpy(record, empty_client_cert, sizeof(empty_client_cert)); |
| 1579 | 1581 | ||
| 1580 | dbg(">> CERTIFICATE\n"); | 1582 | dbg(">> CERTIFICATE\n"); |