emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tls: cipher 009D is not yet supported, don't test for it

Browse Source 
function                                             old     new   delta
tls_handshake                                       2116    2108      -8

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko
2018-11-26 16:30:22 +01:00
parent d9f6c3b091
commit 60f784027e
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
networking/tls.c
View File

@@ -1629,7 +1629,6 @@ static void get_server_hello(tls_state_t *tls)
struct server_hello *hp; struct server_hello *hp;
uint8_t *cipherid; uint8_t *cipherid;
uint8_t cipherid1; uint8_t cipherid1;
unsigned cipher;
int len, len24; int len, len24;
len = tls_xread_handshake_block(tls, 74 - 32); len = tls_xread_handshake_block(tls, 74 - 32);
@@ -1696,8 +1695,7 @@ static void get_server_hello(tls_state_t *tls)
0x00,0x3B, // TLS_RSA_WITH_NULL_SHA256 0x00,0x3B, // TLS_RSA_WITH_NULL_SHA256
#endif #endif
cipherid1 = cipherid[1]; cipherid1 = cipherid[1];
tls->cipher_id = cipher = 0x100 * cipherid[0] + cipherid1; tls->cipher_id = 0x100 * cipherid[0] + cipherid1;
dbg("server chose cipher %04x\n", cipher);
tls->key_size = AES256_KEYSIZE; tls->key_size = AES256_KEYSIZE;
tls->MAC_size = SHA256_OUTSIZE; tls->MAC_size = SHA256_OUTSIZE;
/*tls->IV_size = 0; - already is */ /*tls->IV_size = 0; - already is */
@@ -1728,13 +1726,14 @@ static void get_server_hello(tls_state_t *tls)
if (cipherid1 <= 0x35) { if (cipherid1 <= 0x35) {
tls->MAC_size = SHA1_OUTSIZE; tls->MAC_size = SHA1_OUTSIZE;
} else } else
if (cipherid1 == 0x9C || cipherid1 == 0x9D) { if (cipherid1 == 0x9C /*|| cipherid1 == 0x9D*/) {
/* 009C,9D are AES-GCM */ /* 009C,9D are AES-GCM */
tls->flags |= ENCRYPTION_AESGCM; tls->flags |= ENCRYPTION_AESGCM;
tls->MAC_size = 0; tls->MAC_size = 0;
tls->IV_size = 4; tls->IV_size = 4;
} }
} }
dbg("server chose cipher %04x\n", tls->cipher_id);
dbg("key_size:%u MAC_size:%u IV_size:%u\n", tls->key_size, tls->MAC_size, tls->IV_size); dbg("key_size:%u MAC_size:%u IV_size:%u\n", tls->key_size, tls->MAC_size, tls->IV_size);
/* Handshake hash eventually destined to FINISHED record /* Handshake hash eventually destined to FINISHED record