emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tls: add support for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher

Browse Source 
function                                             old     new   delta
xwrite_encrypted                                     209     605    +396
GHASH                                                  -     395    +395
aes_encrypt_1                                          -     382    +382
GMULT                                                  -     192    +192
tls_xread_record                                     489     659    +170
aes_encrypt_one_block                                  -      65     +65
aesgcm_setkey                                          -      58     +58
FlattenSzInBits                                        -      52     +52
tls_handshake                                       1890    1941     +51
xwrite_and_update_handshake_hash                      46      81     +35
xorbuf                                                 -      24     +24
aes_setkey                                             -      16     +16
psRsaEncryptPub                                      413     421      +8
stty_main                                           1221    1227      +6
ssl_client_main                                      138     143      +5
next_token                                           841     845      +4
spawn_ssl_client                                     218     219      +1
volume_id_probe_hfs_hfsplus                          564     563      -1
read_package_field                                   232     230      -2
i2cdetect_main                                       674     672      -2
fail_hunk                                            139     136      -3
parse_expr                                           891     883      -8
curve25519                                           802     793      -9
aes_cbc_decrypt                                      971     958     -13
xwrite_handshake_record                               43       -     -43
aes_cbc_encrypt                                      644     172    -472
------------------------------------------------------------------------------
(add/remove: 9/1 grow/shrink: 9/8 up/down: 1860/-553)        Total: 1307 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko
2018-11-23 17:21:38 +01:00
parent 03ad7ae081
commit 83e5c627e1
11 changed files with 479 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
include/libbb.h
View File

@@ -736,10 +736,17 @@ struct hostent *xgethostbyname(const char *name) FAST_FUNC;
// + inet_common.c has additional IPv4-only stuff
struct tls_aes {
uint32_t key[60];
unsigned rounds;
};
#define TLS_MAX_MAC_SIZE 32
#define TLS_MAX_KEY_SIZE 32
#define TLS_MAX_IV_SIZE 4
struct tls_handshake_data; /* opaque */
typedef struct tls_state {
unsigned flags;
int ofd;
int ifd;
@@ -748,6 +755,7 @@ typedef struct tls_state {
uint8_t encrypt_on_write;
unsigned MAC_size;
unsigned key_size;
unsigned IV_size;
uint8_t *outbuf;
int outbuf_size;
@@ -769,12 +777,21 @@ typedef struct tls_state {
/*uint64_t read_seq64_be;*/
uint64_t write_seq64_be;
/*uint8_t *server_write_MAC_key;*/
uint8_t *client_write_key;
uint8_t *server_write_key;
uint8_t *client_write_IV;
uint8_t *server_write_IV;
uint8_t client_write_MAC_key[TLS_MAX_MAC_SIZE];
uint8_t server_write_MAC_k__[TLS_MAX_MAC_SIZE];
uint8_t client_write_k__[TLS_MAX_KEY_SIZE];
uint8_t server_write_k__[TLS_MAX_KEY_SIZE];
uint8_t client_write_I_[TLS_MAX_IV_SIZE];
uint8_t server_write_I_[TLS_MAX_IV_SIZE];
struct tls_aes aes_encrypt;
struct tls_aes aes_decrypt;
uint8_t H[16]; //used by AES_GCM
} tls_state_t;
static inline tls_state_t *new_tls_state(void)