ref: 99f9a601781d6ff26d09fbedb47a0043fff08323
parent: 774ccb19e4a29850f675c339e4ba7f5a8dbb48d8
author: mischief <mischief@offblast.org>
date: Tue Feb 25 12:37:59 EST 2014
libsec: add aes_128_cbc and aes_256_cbc ciphers
--- a/sys/man/3/tls
+++ b/sys/man/3/tls
@@ -258,9 +258,11 @@
.BR clear ,
meaning no encryption or digesting.
Currently implemented encryption algorithms are
-.B 'rc4_128'
+.B 'rc4_128',
+.BR '3des_ede_cbc',
+.BR 'aes_128_cbc',
and
-.BR '3des_ede_cbc' .
+.BR 'aes_256_cbc'.
Currently implemented hashing algorithms are
.B 'md5'
and
--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -17,7 +17,7 @@
enum {TLSFinishedLen = 12,
SSL3FinishedLen = MD5dlen+SHA1dlen,
- MaxKeyData = 104, // amount of secret we may need
+ MaxKeyData = 136, // amount of secret we may need
MaxChunk = 1<<14,
RandomSize = 32,
SidSize = 32,
@@ -248,7 +248,9 @@
static Algs cipherAlgs[] = { {"rc4_128", "md5", 2 * (16 + MD5dlen), TLS_RSA_WITH_RC4_128_MD5}, {"rc4_128", "sha1", 2 * (16 + SHA1dlen), TLS_RSA_WITH_RC4_128_SHA},- {"3des_ede_cbc","sha1",2*(4*8+SHA1dlen), TLS_RSA_WITH_3DES_EDE_CBC_SHA},+ {"3des_ede_cbc","sha1", 2*(4*8+SHA1dlen), TLS_RSA_WITH_3DES_EDE_CBC_SHA},+ {"aes_128_cbc", "sha1", 2*(16+16+SHA1dlen), TLS_RSA_WITH_AES_128_CBC_SHA},+ {"aes_256_cbc", "sha1", 2*(32+16+SHA1dlen), TLS_RSA_WITH_AES_256_CBC_SHA},};
static uchar compressors[] = {