aboutsummaryrefslogtreecommitdiff
path: root/networking/tls.c
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2018-11-04 20:53:54 +0100
committerDenys Vlasenko <vda.linux@googlemail.com>2018-11-04 20:53:54 +0100
commit9b0ce4d608a34f113d4757d326f8c4288a0b5352 (patch)
tree5179e8d8894467b3dd65b38dbf44b2de7aff61d5 /networking/tls.c
parent9d05ad087e1cb1295463ea1133bb619b67125f1d (diff)
downloadbusybox-w32-9b0ce4d608a34f113d4757d326f8c4288a0b5352.tar.gz
busybox-w32-9b0ce4d608a34f113d4757d326f8c4288a0b5352.tar.bz2
busybox-w32-9b0ce4d608a34f113d4757d326f8c4288a0b5352.zip
tls: add more cipher ids, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking/tls.c')
-rw-r--r--networking/tls.c63
1 files changed, 48 insertions, 15 deletions
diff --git a/networking/tls.c b/networking/tls.c
index c8d9e9697..eeacf34d7 100644
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -56,6 +56,8 @@
56// Works with "wget https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.9.5.tar.xz" 56// Works with "wget https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.9.5.tar.xz"
57#define CIPHER_ID2 TLS_RSA_WITH_AES_128_CBC_SHA 57#define CIPHER_ID2 TLS_RSA_WITH_AES_128_CBC_SHA
58 58
59// bug #11456: host is.gd accepts only ECDHE-ECDSA-foo (the simplest which works: ECDHE-ECDSA-AES128-SHA 0xC009)
60
59 61
60#define TLS_DEBUG 0 62#define TLS_DEBUG 0
61#define TLS_DEBUG_HASH 0 63#define TLS_DEBUG_HASH 0
@@ -108,7 +110,7 @@
108#define SSL_RSA_WITH_RC4_128_MD5 0x0004 110#define SSL_RSA_WITH_RC4_128_MD5 0x0004
109#define SSL_RSA_WITH_RC4_128_SHA 0x0005 111#define SSL_RSA_WITH_RC4_128_SHA 0x0005
110#define SSL_RSA_WITH_3DES_EDE_CBC_SHA 0x000A /* 10 */ 112#define SSL_RSA_WITH_3DES_EDE_CBC_SHA 0x000A /* 10 */
111#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F /* 47 */ 113#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F /*SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 */
112#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 /* 53 */ 114#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 /* 53 */
113#define TLS_RSA_WITH_NULL_SHA256 0x003B /* 59 */ 115#define TLS_RSA_WITH_NULL_SHA256 0x003B /* 59 */
114 116
@@ -135,34 +137,65 @@
135#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x0091 /* 145 */ 137#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x0091 /* 145 */
136#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /* 49156 */ 138#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /* 49156 */
137#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /* 49157 */ 139#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /* 49157 */
138#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /* 49161 */ 140#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /*TLSv1 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1 */
139#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /* 49162 */ 141#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /*TLSv1 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1 */
140#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /* 49170 */ 142#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /* 49170 */
141#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /* 49171 */ 143#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /*TLSv1 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1 */
142#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /* 49172 */ 144#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /*TLSv1 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1 */
143#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /* 49166 */ 145#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /* 49166 */
144#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /* 49167 */ 146#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /* 49167 */
145#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /* 49187 */ 147#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 */
146#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /* 49188 */ 148#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 */
147#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /* 49189 */ 149#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /* 49189 */
148#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /* 49190 */ 150#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /* 49190 */
149#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /* 49191 */ 151#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /*TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 */
150#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /* 49192 */ 152#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /*TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 */
151#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /* 49193 */ 153#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /* 49193 */
152#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /* 49194 */ 154#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /* 49194 */
153 155
154/* RFC 5288 "AES Galois Counter Mode (GCM) Cipher Suites for TLS" */ 156/* RFC 5288 "AES Galois Counter Mode (GCM) Cipher Suites for TLS" */
155#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C /* 156 */ 157#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C /*TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD */
156#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009D /* 157 */ 158#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009D /*TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD */
157#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /* 49195 */ 159#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD */
158#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /* 49196 */ 160#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD */
159#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /* 49197 */ 161#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /* 49197 */
160#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /* 49198 */ 162#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /* 49198 */
161#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /* 49199 */ 163#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /*TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD */
162#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /* 49200 */ 164#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /*TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD */
163#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /* 49201 */ 165#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /* 49201 */
164#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /* 49202 */ 166#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /* 49202 */
165 167
168/* From http://wiki.mozilla.org/Security/Server_Side_TLS */
169/* and 'openssl ciphers -V -stdname' */
170#define TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050 /*TLSv1.2 Kx=RSA Au=RSA Enc=ARIAGCM(128) Mac=AEAD */
171#define TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052 /*TLSv1.2 Kx=DH Au=RSA Enc=ARIAGCM(128) Mac=AEAD */
172#define TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053 /*TLSv1.2 Kx=DH Au=RSA Enc=ARIAGCM(256) Mac=AEAD */
173#define TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=ARIAGCM(256) Mac=AEAD */
174#define TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051 /*TLSv1.2 Kx=RSA Au=RSA Enc=ARIAGCM(256) Mac=AEAD */
175#define TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=ARIAGCM(128) Mac=AEAD */
176#define TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060 /*TLSv1.2 Kx=ECDH Au=RSA Enc=ARIAGCM(128) Mac=AEAD */
177#define TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061 /*TLSv1.2 Kx=ECDH Au=RSA Enc=ARIAGCM(256) Mac=AEAD */
178#define TLS_RSA_WITH_AES_128_CCM 0xC09C /*TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM(128) Mac=AEAD */
179#define TLS_RSA_WITH_AES_256_CCM 0xC09D /*TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM(256) Mac=AEAD */
180#define TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /*TLSv1.2 Kx=DH Au=RSA Enc=AESCCM(256) Mac=AEAD */
181#define TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /*TLSv1.2 Kx=DH Au=RSA Enc=AESCCM(128) Mac=AEAD */
182#define TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /*TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM8(128) Mac=AEAD */
183#define TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /*TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM8(256) Mac=AEAD */
184#define TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /*TLSv1.2 Kx=DH Au=RSA Enc=AESCCM8(128) Mac=AEAD */
185#define TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /*TLSv1.2 Kx=DH Au=RSA Enc=AESCCM8(256) Mac=AEAD */
186#define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8 /*TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD */
187#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9 /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD */
188#define TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA /*TLSv1.2 Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD */
189#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM(128) Mac=AEAD */
190#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM(256) Mac=AEAD */
191#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM8(128) Mac=AEAD */
192#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /*TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM8(256) Mac=AEAD */
193
194#define TLS_AES_256_GCM_SHA384 0x1302 /*TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD */
195#define TLS_CHACHA20_POLY1305_SHA256 0x1303 /*TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD */
196#define TLS_AES_128_GCM_SHA256 0x1301 /*TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD */
197#define TLS_AES_128_CCM_SHA256 0x1304 /*TLSv1.3 Kx=any Au=any Enc=AESCCM(128) Mac=AEAD */
198
166/* Might go to libbb.h */ 199/* Might go to libbb.h */
167#define TLS_MAX_CRYPTBLOCK_SIZE 16 200#define TLS_MAX_CRYPTBLOCK_SIZE 16
168#define TLS_MAX_OUTBUF (1 << 14) 201#define TLS_MAX_OUTBUF (1 << 14)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 21:26:04 +0000