shithub: riscv

Download patch

ref: 07b245943ac5991b98ee4683f6c40efdf0fca351
parent: 163a772124af2bf0b216558016de574127da37b6
author: mischief <[email protected]>
date: Wed Aug 26 21:53:48 EDT 2015

libsec: add TLS_RSA_WITH_AES_128_CBC_SHA256 and TLS_RSA_WITH_AES_256_CBC_SHA256 ciphers

--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -17,7 +17,7 @@
 enum {
 	TLSFinishedLen = 12,
 	SSL3FinishedLen = MD5dlen+SHA1dlen,
-	MaxKeyData = 136,	// amount of secret we may need
+	MaxKeyData = 160,	// amount of secret we may need
 	MaxChunk = 1<<15,
 	RandomSize = 32,
 	SidSize = 32,
@@ -224,14 +224,14 @@
 
 // cipher suites
 enum {
-	TLS_NULL_WITH_NULL_NULL	 		= 0x0000,
-	TLS_RSA_WITH_NULL_MD5 			= 0x0001,
-	TLS_RSA_WITH_NULL_SHA 			= 0x0002,
-	TLS_RSA_EXPORT_WITH_RC4_40_MD5 		= 0x0003,
-	TLS_RSA_WITH_RC4_128_MD5 		= 0x0004,
-	TLS_RSA_WITH_RC4_128_SHA 		= 0x0005,
+	TLS_NULL_WITH_NULL_NULL			= 0x0000,
+	TLS_RSA_WITH_NULL_MD5			= 0x0001,
+	TLS_RSA_WITH_NULL_SHA			= 0x0002,
+	TLS_RSA_EXPORT_WITH_RC4_40_MD5		= 0x0003,
+	TLS_RSA_WITH_RC4_128_MD5		= 0x0004,
+	TLS_RSA_WITH_RC4_128_SHA		= 0x0005,
 	TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5	= 0X0006,
-	TLS_RSA_WITH_IDEA_CBC_SHA 		= 0X0007,
+	TLS_RSA_WITH_IDEA_CBC_SHA		= 0X0007,
 	TLS_RSA_EXPORT_WITH_DES40_CBC_SHA	= 0X0008,
 	TLS_RSA_WITH_DES_CBC_SHA		= 0X0009,
 	TLS_RSA_WITH_3DES_EDE_CBC_SHA		= 0X000A,
@@ -248,7 +248,7 @@
 	TLS_DHE_RSA_WITH_DES_CBC_SHA		= 0X0015,
 	TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA	= 0X0016,
 	TLS_DH_anon_EXPORT_WITH_RC4_40_MD5	= 0x0017,
-	TLS_DH_anon_WITH_RC4_128_MD5 		= 0x0018,
+	TLS_DH_anon_WITH_RC4_128_MD5		= 0x0018,
 	TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA	= 0X0019,
 	TLS_DH_anon_WITH_DES_CBC_SHA		= 0X001A,
 	TLS_DH_anon_WITH_3DES_EDE_CBC_SHA	= 0X001B,
@@ -265,11 +265,14 @@
 	TLS_DHE_DSS_WITH_AES_256_CBC_SHA	= 0X0038,
 	TLS_DHE_RSA_WITH_AES_256_CBC_SHA	= 0X0039,
 	TLS_DH_anon_WITH_AES_256_CBC_SHA	= 0X003A,
-	
+
+	TLS_RSA_WITH_AES_128_CBC_SHA256		= 0X003C,
+	TLS_RSA_WITH_AES_256_CBC_SHA256		= 0X003D,
+
 	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA	= 0xC013,
 	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA	= 0xC014,
-	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA  = 0xC009,
-	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A,
+	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA	= 0xC009,
+	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA	= 0xC00A,
 	CipherMax
 };
 
@@ -288,6 +291,8 @@
 	{"aes_128_cbc", "sha1", 2*(16+16+SHA1dlen), TLS_DHE_RSA_WITH_AES_128_CBC_SHA},
 	{"aes_256_cbc", "sha1", 2*(32+16+SHA1dlen), TLS_RSA_WITH_AES_256_CBC_SHA},
 	{"aes_128_cbc", "sha1", 2*(16+16+SHA1dlen), TLS_RSA_WITH_AES_128_CBC_SHA},
+	{"aes_128_cbc", "sha256", 2*(16+16+SHA2_256dlen), TLS_RSA_WITH_AES_128_CBC_SHA256},
+	{"aes_256_cbc", "sha256", 2*(32+16+SHA2_256dlen), TLS_RSA_WITH_AES_256_CBC_SHA256},
 	{"3des_ede_cbc","sha1",	2*(4*8+SHA1dlen), TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA},
 	{"3des_ede_cbc","sha1",	2*(4*8+SHA1dlen), TLS_RSA_WITH_3DES_EDE_CBC_SHA},
 	{"rc4_128", "sha1",	2*(16+SHA1dlen), TLS_RSA_WITH_RC4_128_SHA},