- Added support for Hardware Acceleration hooking in SSL/TLS

2012-05-08 09:17:57 +00:00 · 2012-05-08 09:17:57 +00:00 · 05ef835b6a
commit 05ef835b6a
parent 8308e68d53
6 changed files with 132 additions and 28 deletions
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@ -228,6 +228,16 @@
 */
 #define POLARSSL_SELF_TEST

+/**
+ * \def POLARSSL_SSL_HW_RECORD_ACCEL
+ *
+ * Enable hooking functions in SSL module for hardware acceleration of
+ * individual records.
+ *
+ * Uncomment this macro to enable hooking functions.
+#define POLARSSL_SSL_HW_RECORD_ACCEL
+ */
+
 /**
 * \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
 *
--- a/include/polarssl/error.h
+++ b/include/polarssl/error.h
@ -75,7 +75,8 @@
 * RSA      4   9
 * MD       5   4
 * CIPHER   6   5
- * SSL      7   30
+ * SSL      6   1 (Started from top)
+ * SSL      7   31
 *
 * Module dependent error code (5 bits 0x.08.-0x.F8.)
 */
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@ -84,6 +84,8 @@
 #define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC         -0x7E00  /**< Processing of the ChangeCipherSpec handshake message failed. */
 #define POLARSSL_ERR_SSL_BAD_HS_FINISHED                   -0x7E80  /**< Processing of the Finished handshake message failed. */
 #define POLARSSL_ERR_SSL_MALLOC_FAILED                     -0x7F00  /**< Memory allocation failed */
+#define POLARSSL_ERR_SSL_HW_ACCEL_FAILED                   -0x7F80  /**< Hardware acceleration function returned with error */
+#define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH              -0x6F80  /**< Hardware acceleration function skipped / left alone data */

 /*
 * Various constants
@ -385,6 +387,17 @@ extern "C" {

 extern int ssl_default_ciphersuites[];

+#if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
+extern int (*ssl_hw_record_init)(ssl_context *ssl,
+                const unsigned char *key_enc, const unsigned char *key_dec,
+                const unsigned char *iv_enc,  const unsigned char *iv_dec,
+                const unsigned char *mac_enc, const unsigned char *mac_dec);
+extern int (*ssl_hw_record_reset)(ssl_context *ssl);
+extern int (*ssl_hw_record_write)(ssl_context *ssl);
+extern int (*ssl_hw_record_read)(ssl_context *ssl);
+extern int (*ssl_hw_record_finish)(ssl_context *ssl);
+#endif
+
 /**
 * \brief Returns the list of ciphersuites supported by the SSL/TLS module.
 *