diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2017-02-04 16:23:49 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2017-02-04 16:23:49 +0100 |
| commit | c31b54fd81690b3df3898437f5865674d06e6577 (patch) | |
| tree | 22029dfd1c4892cf300051b486cc11ca8593e5d4 /networking/tls.c | |
| parent | 5b05d9db29843144b2ed620ca437d6a3bacc3816 (diff) | |
| download | busybox-w32-c31b54fd81690b3df3898437f5865674d06e6577.tar.gz busybox-w32-c31b54fd81690b3df3898437f5865674d06e6577.tar.bz2 busybox-w32-c31b54fd81690b3df3898437f5865674d06e6577.zip | |
tls: fold AES CBC en/decryption into single functions
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking/tls.c')
| -rw-r--r-- | networking/tls.c | 30 |
1 files changed, 11 insertions, 19 deletions
diff --git a/networking/tls.c b/networking/tls.c index 4e9187d4f..30afd9ea9 100644 --- a/networking/tls.c +++ b/networking/tls.c | |||
| @@ -722,17 +722,12 @@ static void xwrite_encrypted(tls_state_t *tls, unsigned size, unsigned type) | |||
| 722 | } while ((size & (AES_BLOCKSIZE - 1)) != 0); | 722 | } while ((size & (AES_BLOCKSIZE - 1)) != 0); |
| 723 | 723 | ||
| 724 | /* Encrypt content+MAC+padding in place */ | 724 | /* Encrypt content+MAC+padding in place */ |
| 725 | { | 725 | aes_cbc_encrypt( |
| 726 | psCipherContext_t ctx; | 726 | tls->client_write_key, tls->key_size, /* selects 128/256 */ |
| 727 | psAesInit(&ctx, buf - AES_BLOCKSIZE, /* IV */ | 727 | buf - AES_BLOCKSIZE, /* IV */ |
| 728 | tls->client_write_key, tls->key_size /* selects 128/256 */ | 728 | buf, size, /* plaintext */ |
| 729 | ); | 729 | buf /* ciphertext */ |
| 730 | psAesEncrypt(&ctx, | 730 | ); |
| 731 | buf, /* plaintext */ | ||
| 732 | buf, /* ciphertext */ | ||
| 733 | size | ||
| 734 | ); | ||
| 735 | } | ||
| 736 | 731 | ||
| 737 | /* Write out */ | 732 | /* Write out */ |
| 738 | dbg("writing 5 + %u IV + %u encrypted bytes, padding_length:0x%02x\n", | 733 | dbg("writing 5 + %u IV + %u encrypted bytes, padding_length:0x%02x\n", |
| @@ -875,7 +870,6 @@ static int tls_xread_record(tls_state_t *tls) | |||
| 875 | 870 | ||
| 876 | /* Needs to be decrypted? */ | 871 | /* Needs to be decrypted? */ |
| 877 | if (tls->min_encrypted_len_on_read > tls->MAC_size) { | 872 | if (tls->min_encrypted_len_on_read > tls->MAC_size) { |
| 878 | psCipherContext_t ctx; | ||
| 879 | uint8_t *p = tls->inbuf + RECHDR_LEN; | 873 | uint8_t *p = tls->inbuf + RECHDR_LEN; |
| 880 | int padding_len; | 874 | int padding_len; |
| 881 | 875 | ||
| @@ -886,14 +880,12 @@ static int tls_xread_record(tls_state_t *tls) | |||
| 886 | sz, tls->min_encrypted_len_on_read); | 880 | sz, tls->min_encrypted_len_on_read); |
| 887 | } | 881 | } |
| 888 | /* Decrypt content+MAC+padding, moving it over IV in the process */ | 882 | /* Decrypt content+MAC+padding, moving it over IV in the process */ |
| 889 | psAesInit(&ctx, p, /* IV */ | ||
| 890 | tls->server_write_key, tls->key_size /* selects 128/256 */ | ||
| 891 | ); | ||
| 892 | sz -= AES_BLOCKSIZE; /* we will overwrite IV now */ | 883 | sz -= AES_BLOCKSIZE; /* we will overwrite IV now */ |
| 893 | psAesDecrypt(&ctx, | 884 | aes_cbc_decrypt( |
| 894 | p + AES_BLOCKSIZE, /* ciphertext */ | 885 | tls->server_write_key, tls->key_size, /* selects 128/256 */ |
| 895 | p, /* plaintext */ | 886 | p, /* IV */ |
| 896 | sz | 887 | p + AES_BLOCKSIZE, sz, /* ciphertext */ |
| 888 | p /* plaintext */ | ||
| 897 | ); | 889 | ); |
| 898 | padding_len = p[sz - 1]; | 890 | padding_len = p[sz - 1]; |
| 899 | dbg("encrypted size:%u type:0x%02x padding_length:0x%02x\n", sz, p[0], padding_len); | 891 | dbg("encrypted size:%u type:0x%02x padding_length:0x%02x\n", sz, p[0], padding_len); |