tls: add support for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher

function old new delta xwrite_encrypted 209 605 +396 GHASH - 395 +395 aes_encrypt_1 - 382 +382 GMULT - 192 +192 tls_xread_record 489 659 +170 aes_encrypt_one_block - 65 +65 aesgcm_setkey - 58 +58 FlattenSzInBits - 52 +52 tls_handshake 1890 1941 +51 xwrite_and_update_handshake_hash 46 81 +35 xorbuf - 24 +24 aes_setkey - 16 +16 psRsaEncryptPub 413 421 +8 stty_main 1221 1227 +6 ssl_client_main 138 143 +5 next_token 841 845 +4 spawn_ssl_client 218 219 +1 volume_id_probe_hfs_hfsplus 564 563 -1 read_package_field 232 230 -2 i2cdetect_main 674 672 -2 fail_hunk 139 136 -3 parse_expr 891 883 -8 curve25519 802 793 -9 aes_cbc_decrypt 971 958 -13 xwrite_handshake_record 43 - -43 aes_cbc_encrypt 644 172 -472 ------------------------------------------------------------------------------ (add/remove: 9/1 grow/shrink: 9/8 up/down: 1860/-553) Total: 1307 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Denys Vlasenko <vda.linux@googlemail.com> 2018-11-23 17:21:38 +0100
committer: Denys Vlasenko <vda.linux@googlemail.com> 2018-11-23 17:48:07 +0100
commit: 83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59 (patch)
tree: 3bdffe7c29ee5213ba4278da9b0ee116c2806d78 /include
parent: 03ad7ae08189ed88dd7e0fcb6c6001fbf3b12efb (diff)
download: busybox-w32-83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59.tar.gz
busybox-w32-83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59.tar.bz2
busybox-w32-83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59.zip
1 files changed, 17 insertions, 0 deletions
diff --git a/include/libbb.h b/include/libbb.h
index aa9e9d019..b041ce047 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -736,10 +736,17 @@ struct hostent *xgethostbyname(const char *name) FAST_FUNC;
 // + inet_common.c has additional IPv4-only stuff
+struct tls_aes {
+        uint32_t key[60];
+        unsigned rounds;
+};
 #define TLS_MAX_MAC_SIZE 32
 #define TLS_MAX_KEY_SIZE 32
+#define TLS_MAX_IV_SIZE   4
 struct tls_handshake_data; /* opaque */
 typedef struct tls_state {
+        unsigned flags;
        int ofd;
        int ifd;
@@ -748,6 +755,7 @@ typedef struct tls_state {
        uint8_t  encrypt_on_write;
        unsigned MAC_size;
        unsigned key_size;
+        unsigned IV_size;
        uint8_t *outbuf;
        int     outbuf_size;
@@ -769,12 +777,21 @@ typedef struct tls_state {
        /*uint64_t read_seq64_be;*/
        uint64_t write_seq64_be;
+        /*uint8_t *server_write_MAC_key;*/
        uint8_t *client_write_key;
        uint8_t *server_write_key;
+        uint8_t *client_write_IV;
+        uint8_t *server_write_IV;
        uint8_t client_write_MAC_key[TLS_MAX_MAC_SIZE];
        uint8_t server_write_MAC_k__[TLS_MAX_MAC_SIZE];
        uint8_t client_write_k__[TLS_MAX_KEY_SIZE];
        uint8_t server_write_k__[TLS_MAX_KEY_SIZE];
+        uint8_t client_write_I_[TLS_MAX_IV_SIZE];
+        uint8_t server_write_I_[TLS_MAX_IV_SIZE];
+        struct tls_aes aes_encrypt;
+        struct tls_aes aes_decrypt;
+        uint8_t H[16]; //used by AES_GCM
 } tls_state_t;
 static inline tls_state_t *new_tls_state(void)
author	Denys Vlasenko <vda.linux@googlemail.com>	2018-11-23 17:21:38 +0100
committer	Denys Vlasenko <vda.linux@googlemail.com>	2018-11-23 17:48:07 +0100
commit	83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59 (patch)
tree	3bdffe7c29ee5213ba4278da9b0ee116c2806d78 /include
parent	03ad7ae08189ed88dd7e0fcb6c6001fbf3b12efb (diff)
download	busybox-w32-83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59.tar.gz busybox-w32-83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59.tar.bz2 busybox-w32-83e5c627e1b2c7f34d694696d0c3d5a3ce25dc59.zip