aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2018-11-24 13:51:46 +0100
committerDenys Vlasenko <vda.linux@googlemail.com>2018-11-24 13:51:46 +0100
commit941440cf166ef77ad82c4ead9eae3a8a2552a418 (patch)
treed97607a0d7515ff412dff5b1aa82681569a89b8a
parent985702c892d94ac9656754b94402dee933abb156 (diff)
downloadbusybox-w32-941440cf166ef77ad82c4ead9eae3a8a2552a418.tar.gz
busybox-w32-941440cf166ef77ad82c4ead9eae3a8a2552a418.tar.bz2
busybox-w32-941440cf166ef77ad82c4ead9eae3a8a2552a418.zip
tls: in AES-GCM decoding, avoid memmove
function old new delta xorbuf3 - 36 +36 xorbuf 24 12 -12 tls_xread_record 656 634 -22 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/2 up/down: 36/-34) Total: 2 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat
-rw-r--r--networking/tls.c20
-rw-r--r--networking/tls.h1
-rw-r--r--networking/tls_aesgcm.c9
-rw-r--r--networking/tls_aesgcm.h2
4 files changed, 17 insertions, 15 deletions
diff --git a/networking/tls.c b/networking/tls.c
index 1e0e0991c..1f8c21f8b 100644
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -343,6 +343,20 @@ void FAST_FUNC tls_get_random(void *buf, unsigned len)
343 xfunc_die(); 343 xfunc_die();
344} 344}
345 345
346static void xorbuf3(void *dst, const void *src1, const void *src2, unsigned count)
347{
348 uint8_t *d = dst;
349 const uint8_t *s1 = src1;
350 const uint8_t* s2 = src2;
351 while (count--)
352 *d++ = *s1++ ^ *s2++;
353}
354
355void FAST_FUNC xorbuf(void *dst, const void *src, unsigned count)
356{
357 xorbuf3(dst, dst, src, count);
358}
359
346/* Nondestructively see the current hash value */ 360/* Nondestructively see the current hash value */
347static unsigned sha_peek(md5sha_ctx_t *ctx, void *buffer) 361static unsigned sha_peek(md5sha_ctx_t *ctx, void *buffer)
348{ 362{
@@ -941,7 +955,6 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size)
941 955
942 memcpy(nonce, tls->server_write_IV, 4); 956 memcpy(nonce, tls->server_write_IV, 4);
943 memcpy(nonce + 4, buf, 8); 957 memcpy(nonce + 4, buf, 8);
944 buf += 8;
945 958
946 cnt = 1; 959 cnt = 1;
947 remaining = size; 960 remaining = size;
@@ -952,12 +965,12 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size)
952 COUNTER(nonce) = htonl(cnt); /* yes, first cnt here is 2 (!) */ 965 COUNTER(nonce) = htonl(cnt); /* yes, first cnt here is 2 (!) */
953 aes_encrypt_one_block(&tls->aes_decrypt, nonce, scratch); 966 aes_encrypt_one_block(&tls->aes_decrypt, nonce, scratch);
954 n = remaining > AES_BLOCK_SIZE ? AES_BLOCK_SIZE : remaining; 967 n = remaining > AES_BLOCK_SIZE ? AES_BLOCK_SIZE : remaining;
955 xorbuf(buf, scratch, n); 968 xorbuf3(buf, scratch, buf + 8, n);
956 buf += n; 969 buf += n;
957 remaining -= n; 970 remaining -= n;
958 } 971 }
959 972
960 //aesgcm_GHASH(tls->H, aad, tls->outbuf + OUTBUF_PFX, size, authtag); 973 //aesgcm_GHASH(tls->H, aad, tls->inbuf + RECHDR_LEN, size, authtag);
961 //COUNTER(nonce) = htonl(1); 974 //COUNTER(nonce) = htonl(1);
962 //aes_encrypt_one_block(&tls->aes_encrypt, nonce, scratch); 975 //aes_encrypt_one_block(&tls->aes_encrypt, nonce, scratch);
963 //xorbuf(authtag, scratch, sizeof(authtag)); 976 //xorbuf(authtag, scratch, sizeof(authtag));
@@ -1046,7 +1059,6 @@ static int tls_xread_record(tls_state_t *tls, const char *expected)
1046 1059
1047 sz -= 8 + AES_BLOCK_SIZE; /* we will overwrite nonce, drop hash */ 1060 sz -= 8 + AES_BLOCK_SIZE; /* we will overwrite nonce, drop hash */
1048 tls_aesgcm_decrypt(tls, p, sz); 1061 tls_aesgcm_decrypt(tls, p, sz);
1049 memmove(p, p + 8, sz);
1050 dbg("encrypted size:%u\n", sz); 1062 dbg("encrypted size:%u\n", sz);
1051 } else 1063 } else
1052 if (tls->min_encrypted_len_on_read > tls->MAC_size) { 1064 if (tls->min_encrypted_len_on_read > tls->MAC_size) {
diff --git a/networking/tls.h b/networking/tls.h
index f2ef67aac..4b0dc7459 100644
--- a/networking/tls.h
+++ b/networking/tls.h
@@ -81,6 +81,7 @@ typedef int16_t int16;
81#define AES_BLOCK_SIZE 16 81#define AES_BLOCK_SIZE 16
82 82
83void tls_get_random(void *buf, unsigned len) FAST_FUNC; 83void tls_get_random(void *buf, unsigned len) FAST_FUNC;
84void xorbuf(void* buf, const void* mask, unsigned count) FAST_FUNC;
84 85
85#define matrixCryptoGetPrngData(buf, len, userPtr) (tls_get_random(buf, len), PS_SUCCESS) 86#define matrixCryptoGetPrngData(buf, len, userPtr) (tls_get_random(buf, len), PS_SUCCESS)
86 87
diff --git a/networking/tls_aesgcm.c b/networking/tls_aesgcm.c
index b9a6a9b0a..db720e5f6 100644
--- a/networking/tls_aesgcm.c
+++ b/networking/tls_aesgcm.c
@@ -11,15 +11,6 @@ typedef uint32_t word32;
11#define XMEMSET memset 11#define XMEMSET memset
12#define XMEMCPY memcpy 12#define XMEMCPY memcpy
13 13
14void FAST_FUNC xorbuf(void* buf, const void* mask, unsigned count)
15{
16 word32 i;
17 byte* b = (byte*)buf;
18 const byte* m = (const byte*)mask;
19 for (i = 0; i < count; i++)
20 b[i] ^= m[i];
21}
22
23/* from wolfssl-3.15.3/wolfcrypt/src/aes.c */ 14/* from wolfssl-3.15.3/wolfcrypt/src/aes.c */
24 15
25static ALWAYS_INLINE void FlattenSzInBits(byte* buf, word32 sz) 16static ALWAYS_INLINE void FlattenSzInBits(byte* buf, word32 sz)
diff --git a/networking/tls_aesgcm.h b/networking/tls_aesgcm.h
index 75694f3fa..d7e672e6e 100644
--- a/networking/tls_aesgcm.h
+++ b/networking/tls_aesgcm.h
@@ -4,8 +4,6 @@
4 * Licensed under GPLv2, see file LICENSE in this source tree. 4 * Licensed under GPLv2, see file LICENSE in this source tree.
5 */ 5 */
6 6
7void xorbuf(void* buf, const void* mask, unsigned count) FAST_FUNC;
8
9void aesgcm_GHASH(uint8_t* h, 7void aesgcm_GHASH(uint8_t* h,
10 const uint8_t* a, //unsigned aSz, 8 const uint8_t* a, //unsigned aSz,
11 const uint8_t* c, unsigned cSz, 9 const uint8_t* c, unsigned cSz,
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 13:24:18 +0000