5 files changed, 28 insertions, 32 deletions
diff --git a/networking/tls.c b/networking/tls.c
index 38a965ad6..23622d76e 100644
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -758,7 +758,7 @@ static void xwrite_encrypted_and_hmac_signed(tls_state_t *tls, unsigned size, un
        /* Encrypt content+MAC+padding in place */
 //optimize key setup
        aes_cbc_encrypt(
-                tls->client_write_key, tls->key_size, /* selects 128/256 */
+                &tls->aes_decrypt, /* selects 128/256 */
                buf - AES_BLOCK_SIZE, /* IV */
                buf, size, /* plaintext */
                buf /* ciphertext */
@@ -1061,7 +1061,7 @@ static int tls_xread_record(tls_state_t *tls, const char *expected)
                        /* Decrypt content+MAC+padding, moving it over IV in the process */
                        sz -= AES_BLOCK_SIZE; /* we will overwrite IV now */
                        aes_cbc_decrypt(
-                                tls->server_write_key, tls->key_size, /* selects 128/256 */
+                                &tls->aes_decrypt, /* selects 128/256 */
                                p, /* IV */
                                p + AES_BLOCK_SIZE, sz, /* ciphertext */
                                p /* plaintext */
@@ -1934,8 +1934,14 @@ static void send_client_key_exchange(tls_state_t *tls)
                dump_hex("client_write_IV:%s\n",
                        tls->client_write_IV, tls->IV_size
                );
-                aesgcm_setkey(tls->H, &tls->aes_encrypt, tls->client_write_key, tls->key_size);
                aes_setkey(&tls->aes_decrypt, tls->server_write_key, tls->key_size);
+                aes_setkey(&tls->aes_encrypt, tls->client_write_key, tls->key_size);
+                {
+                        uint8_t iv[AES_BLOCK_SIZE];
+                        memset(iv, 0, AES_BLOCK_SIZE);
+                        aes_encrypt_one_block(&tls->aes_encrypt, iv, tls->H);
+                }
        }
 }
diff --git a/networking/tls_aes.c b/networking/tls_aes.c
index 4d2b68975..cf6b5fe3d 100644
--- a/networking/tls_aes.c
+++ b/networking/tls_aes.c
@@ -326,8 +326,11 @@ static void InvMixColumns(unsigned astate[16])
        }
 }
-static void aes_encrypt_1(unsigned astate[16], unsigned rounds, const uint32_t *RoundKey)
+static void aes_encrypt_1(struct tls_aes *aes, unsigned astate[16])
 {
+        unsigned rounds = aes->rounds;
+        const uint32_t *RoundKey = aes->key;
        for (;;) {
                AddRoundKey(astate, RoundKey);
                RoundKey += 4;
@@ -355,22 +358,19 @@ void FAST_FUNC aes_encrypt_one_block(struct tls_aes *aes, const void *data, void
        for (i = 0; i < 16; i++)
                astate[i] = pt[i];
-        aes_encrypt_1(astate, aes->rounds, aes->key);
+        aes_encrypt_1(aes, astate);
        for (i = 0; i < 16; i++)
                ct[i] = astate[i];
 }
-void FAST_FUNC aes_cbc_encrypt(const void *key, int klen, void *iv, const void *data, size_t len, void *dst)
+void FAST_FUNC aes_cbc_encrypt(struct tls_aes *aes, void *iv, const void *data, size_t len, void *dst)
 {
-        uint32_t RoundKey[60];
        uint8_t iv2[16];
-        unsigned rounds;
        const uint8_t *pt = data;
        uint8_t *ct = dst;
        memcpy(iv2, iv, 16);
-        rounds = KeyExpansion(RoundKey, key, klen);
        while (len > 0) {
                {
                        /* almost aes_encrypt_one_block(rounds, RoundKey, pt, ct);
@@ -381,7 +381,7 @@ void FAST_FUNC aes_cbc_encrypt(const void *key, int klen, void *iv, const void *
                        unsigned astate[16];
                        for (i = 0; i < 16; i++)
                                astate[i] = pt[i] ^ iv2[i];
-                        aes_encrypt_1(astate, rounds, RoundKey);
+                        aes_encrypt_1(aes, astate);
                        for (i = 0; i < 16; i++)
                                iv2[i] = ct[i] = astate[i];
                }
@@ -391,8 +391,11 @@ void FAST_FUNC aes_cbc_encrypt(const void *key, int klen, void *iv, const void *
        }
 }
-static void aes_decrypt_1(unsigned astate[16], unsigned rounds, const uint32_t *RoundKey)
+static void aes_decrypt_1(struct tls_aes *aes, unsigned astate[16])
 {
+        unsigned rounds = aes->rounds;
+        const uint32_t *RoundKey = aes->key;
        RoundKey += rounds * 4;
        AddRoundKey(astate, RoundKey);
        for (;;) {
@@ -407,8 +410,10 @@ static void aes_decrypt_1(unsigned astate[16], unsigned rounds, const uint32_t *
 }
 #if 0 //UNUSED
-static void aes_decrypt_one_block(unsigned rounds, const uint32_t *RoundKey, const void *data, void *dst)
+static void aes_decrypt_one_block(struct tls_aes *aes, const void *data, void *dst)
 {
+        unsigned rounds = aes->rounds;
+        const uint32_t *RoundKey = aes->key;
        unsigned astate[16];
        unsigned i;
@@ -417,25 +422,22 @@ static void aes_decrypt_one_block(unsigned rounds, const uint32_t *RoundKey, con
        for (i = 0; i < 16; i++)
                astate[i] = ct[i];
-        aes_decrypt_1(astate, rounds, RoundKey);
+        aes_decrypt_1(aes, astate);
        for (i = 0; i < 16; i++)
                pt[i] = astate[i];
 }
 #endif
-void FAST_FUNC aes_cbc_decrypt(const void *key, int klen, void *iv, const void *data, size_t len, void *dst)
+void FAST_FUNC aes_cbc_decrypt(struct tls_aes *aes, void *iv, const void *data, size_t len, void *dst)
 {
-        uint32_t RoundKey[60];
        uint8_t iv2[16];
        uint8_t iv3[16];
-        unsigned rounds;
        uint8_t *ivbuf;
        uint8_t *ivnext;
        const uint8_t *ct = data;
        uint8_t *pt = dst;
-        rounds = KeyExpansion(RoundKey, key, klen);
        ivbuf = memcpy(iv2, iv, 16);
        while (len) {
                ivnext = (ivbuf==iv2) ? iv3 : iv2;
@@ -447,7 +449,7 @@ void FAST_FUNC aes_cbc_decrypt(const void *key, int klen, void *iv, const void *
                        unsigned astate[16];
                        for (i = 0; i < 16; i++)
                                ivnext[i] = astate[i] = ct[i];
-                        aes_decrypt_1(astate, rounds, RoundKey);
+                        aes_decrypt_1(aes, astate);
                        for (i = 0; i < 16; i++)
                                pt[i] = astate[i] ^ ivbuf[i];
                }
diff --git a/networking/tls_aes.h b/networking/tls_aes.h
index fc3881793..e9e3721f1 100644
--- a/networking/tls_aes.h
+++ b/networking/tls_aes.h
@@ -10,5 +10,5 @@ void aes_setkey(struct tls_aes *aes, const void *key, unsigned key_len) FAST_FUN
 void aes_encrypt_one_block(struct tls_aes *aes, const void *data, void *dst) FAST_FUNC;
-void aes_cbc_encrypt(const void *key, int klen, void *iv, const void *data, size_t len, void *dst) FAST_FUNC;
+void aes_cbc_encrypt(struct tls_aes *aes, void *iv, const void *data, size_t len, void *dst) FAST_FUNC;
-void aes_cbc_decrypt(const void *key, int klen, void *iv, const void *data, size_t len, void *dst) FAST_FUNC;
+void aes_cbc_decrypt(struct tls_aes *aes, void *iv, const void *data, size_t len, void *dst) FAST_FUNC;
diff --git a/networking/tls_aesgcm.c b/networking/tls_aesgcm.c
index 584cee98e..eb32f4c05 100644
--- a/networking/tls_aesgcm.c
+++ b/networking/tls_aesgcm.c
@@ -136,13 +136,3 @@ void FAST_FUNC aesgcm_GHASH(byte* h, const byte* a, unsigned aSz, const byte* c,
    /* Copy the result into s. */
    XMEMCPY(s, x, sSz);
 }
-void FAST_FUNC aesgcm_setkey(uint8_t H[16], struct tls_aes *aes, const byte* key, unsigned len)
-{
-    byte iv[AES_BLOCK_SIZE];
-    aes_setkey(aes, key, len);
-    memset(iv, 0, AES_BLOCK_SIZE);
-    aes_encrypt_one_block(aes, iv, H);
-}
diff --git a/networking/tls_aesgcm.h b/networking/tls_aesgcm.h
index d4cde01f9..a71eced54 100644
--- a/networking/tls_aesgcm.h
+++ b/networking/tls_aesgcm.h
@@ -11,5 +11,3 @@ void aesgcm_GHASH(uint8_t* h,
        const uint8_t* c, unsigned cSz,
        uint8_t* s, unsigned sSz
 ) FAST_FUNC;
-void aesgcm_setkey(uint8_t H[16], struct tls_aes *aes, const uint8_t* key, unsigned len) FAST_FUNC;

diff --git a/networking/tls.c b/networking/tls.c index 38a965ad6..23622d76e 100644 --- a/networking/tls.c +++ b/networking/tls.c
@@ -758,7 +758,7 @@ static void xwrite_encrypted_and_hmac_signed(tls_state_t *tls, unsigned size, un
758	/* Encrypt content+MAC+padding in place */	758	/* Encrypt content+MAC+padding in place */
759	//optimize key setup	759	//optimize key setup
760	aes_cbc_encrypt(	760	aes_cbc_encrypt(
761	tls->client_write_key, tls->key_size, /* selects 128/256 */	761	&tls->aes_decrypt, /* selects 128/256 */
762	buf - AES_BLOCK_SIZE, /* IV */	762	buf - AES_BLOCK_SIZE, /* IV */
763	buf, size, /* plaintext */	763	buf, size, /* plaintext */
764	buf /* ciphertext */	764	buf /* ciphertext */
@@ -1061,7 +1061,7 @@ static int tls_xread_record(tls_state_t tls, const char expected)
1061	/* Decrypt content+MAC+padding, moving it over IV in the process */	1061	/* Decrypt content+MAC+padding, moving it over IV in the process */
1062	sz -= AES_BLOCK_SIZE; /* we will overwrite IV now */	1062	sz -= AES_BLOCK_SIZE; /* we will overwrite IV now */
1063	aes_cbc_decrypt(	1063	aes_cbc_decrypt(
1064	tls->server_write_key, tls->key_size, /* selects 128/256 */	1064	&tls->aes_decrypt, /* selects 128/256 */
1065	p, /* IV */	1065	p, /* IV */
1066	p + AES_BLOCK_SIZE, sz, /* ciphertext */	1066	p + AES_BLOCK_SIZE, sz, /* ciphertext */
1067	p /* plaintext */	1067	p /* plaintext */
@@ -1934,8 +1934,14 @@ static void send_client_key_exchange(tls_state_t *tls)
1934	dump_hex("client_write_IV:%s\n",	1934	dump_hex("client_write_IV:%s\n",
1935	tls->client_write_IV, tls->IV_size	1935	tls->client_write_IV, tls->IV_size
1936	);	1936	);
1937	aesgcm_setkey(tls->H, &tls->aes_encrypt, tls->client_write_key, tls->key_size);	1937
1938	aes_setkey(&tls->aes_decrypt, tls->server_write_key, tls->key_size);	1938	aes_setkey(&tls->aes_decrypt, tls->server_write_key, tls->key_size);
		1939	aes_setkey(&tls->aes_encrypt, tls->client_write_key, tls->key_size);
		1940	{
		1941	uint8_t iv[AES_BLOCK_SIZE];
		1942	memset(iv, 0, AES_BLOCK_SIZE);
		1943	aes_encrypt_one_block(&tls->aes_encrypt, iv, tls->H);
		1944	}
1939	}	1945	}
1940	}	1946	}
1941		1947


diff --git a/networking/tls_aes.c b/networking/tls_aes.c index 4d2b68975..cf6b5fe3d 100644 --- a/networking/tls_aes.c +++ b/networking/tls_aes.c
@@ -326,8 +326,11 @@ static void InvMixColumns(unsigned astate[16])
326	}	326	}
327	}	327	}
328		328
329	static void aes_encrypt_1(unsigned astate[16], unsigned rounds, const uint32_t *RoundKey)	329	static void aes_encrypt_1(struct tls_aes *aes, unsigned astate[16])
330	{	330	{
		331	unsigned rounds = aes->rounds;
		332	const uint32_t *RoundKey = aes->key;
		333
331	for (;;) {	334	for (;;) {
332	AddRoundKey(astate, RoundKey);	335	AddRoundKey(astate, RoundKey);
333	RoundKey += 4;	336	RoundKey += 4;
@@ -355,22 +358,19 @@ void FAST_FUNC aes_encrypt_one_block(struct tls_aes aes, const void data, void
355		358
356	for (i = 0; i < 16; i++)	359	for (i = 0; i < 16; i++)
357	astate[i] = pt[i];	360	astate[i] = pt[i];
358	aes_encrypt_1(astate, aes->rounds, aes->key);	361	aes_encrypt_1(aes, astate);
359	for (i = 0; i < 16; i++)	362	for (i = 0; i < 16; i++)
360	ct[i] = astate[i];	363	ct[i] = astate[i];
361	}	364	}
362		365
363	void FAST_FUNC aes_cbc_encrypt(const void key, int klen, void iv, const void data, size_t len, void dst)	366	void FAST_FUNC aes_cbc_encrypt(struct tls_aes aes, void iv, const void data, size_t len, void dst)
364	{	367	{
365	uint32_t RoundKey[60];
366	uint8_t iv2[16];	368	uint8_t iv2[16];
367	unsigned rounds;
368		369
369	const uint8_t *pt = data;	370	const uint8_t *pt = data;
370	uint8_t *ct = dst;	371	uint8_t *ct = dst;
371		372
372	memcpy(iv2, iv, 16);	373	memcpy(iv2, iv, 16);
373	rounds = KeyExpansion(RoundKey, key, klen);
374	while (len > 0) {	374	while (len > 0) {
375	{	375	{
376	/* almost aes_encrypt_one_block(rounds, RoundKey, pt, ct);	376	/* almost aes_encrypt_one_block(rounds, RoundKey, pt, ct);
@@ -381,7 +381,7 @@ void FAST_FUNC aes_cbc_encrypt(const void key, int klen, void iv, const void *
381	unsigned astate[16];	381	unsigned astate[16];
382	for (i = 0; i < 16; i++)	382	for (i = 0; i < 16; i++)
383	astate[i] = pt[i] ^ iv2[i];	383	astate[i] = pt[i] ^ iv2[i];
384	aes_encrypt_1(astate, rounds, RoundKey);	384	aes_encrypt_1(aes, astate);
385	for (i = 0; i < 16; i++)	385	for (i = 0; i < 16; i++)
386	iv2[i] = ct[i] = astate[i];	386	iv2[i] = ct[i] = astate[i];
387	}	387	}
@@ -391,8 +391,11 @@ void FAST_FUNC aes_cbc_encrypt(const void key, int klen, void iv, const void *
391	}	391	}
392	}	392	}
393		393
394	static void aes_decrypt_1(unsigned astate[16], unsigned rounds, const uint32_t *RoundKey)	394	static void aes_decrypt_1(struct tls_aes *aes, unsigned astate[16])
395	{	395	{
		396	unsigned rounds = aes->rounds;
		397	const uint32_t *RoundKey = aes->key;
		398
396	RoundKey += rounds * 4;	399	RoundKey += rounds * 4;
397	AddRoundKey(astate, RoundKey);	400	AddRoundKey(astate, RoundKey);
398	for (;;) {	401	for (;;) {
@@ -407,8 +410,10 @@ static void aes_decrypt_1(unsigned astate[16], unsigned rounds, const uint32_t *
407	}	410	}
408		411
409	#if 0 //UNUSED	412	#if 0 //UNUSED
410	static void aes_decrypt_one_block(unsigned rounds, const uint32_t RoundKey, const void data, void *dst)	413	static void aes_decrypt_one_block(struct tls_aes aes, const void data, void *dst)
411	{	414	{
		415	unsigned rounds = aes->rounds;
		416	const uint32_t *RoundKey = aes->key;
412	unsigned astate[16];	417	unsigned astate[16];
413	unsigned i;	418	unsigned i;
414		419
@@ -417,25 +422,22 @@ static void aes_decrypt_one_block(unsigned rounds, const uint32_t *RoundKey, con
417		422
418	for (i = 0; i < 16; i++)	423	for (i = 0; i < 16; i++)
419	astate[i] = ct[i];	424	astate[i] = ct[i];
420	aes_decrypt_1(astate, rounds, RoundKey);	425	aes_decrypt_1(aes, astate);
421	for (i = 0; i < 16; i++)	426	for (i = 0; i < 16; i++)
422	pt[i] = astate[i];	427	pt[i] = astate[i];
423	}	428	}
424	#endif	429	#endif
425		430
426	void FAST_FUNC aes_cbc_decrypt(const void key, int klen, void iv, const void data, size_t len, void dst)	431	void FAST_FUNC aes_cbc_decrypt(struct tls_aes aes, void iv, const void data, size_t len, void dst)
427	{	432	{
428	uint32_t RoundKey[60];
429	uint8_t iv2[16];	433	uint8_t iv2[16];
430	uint8_t iv3[16];	434	uint8_t iv3[16];
431	unsigned rounds;
432	uint8_t *ivbuf;	435	uint8_t *ivbuf;
433	uint8_t *ivnext;	436	uint8_t *ivnext;
434		437
435	const uint8_t *ct = data;	438	const uint8_t *ct = data;
436	uint8_t *pt = dst;	439	uint8_t *pt = dst;
437		440
438	rounds = KeyExpansion(RoundKey, key, klen);
439	ivbuf = memcpy(iv2, iv, 16);	441	ivbuf = memcpy(iv2, iv, 16);
440	while (len) {	442	while (len) {
441	ivnext = (ivbuf==iv2) ? iv3 : iv2;	443	ivnext = (ivbuf==iv2) ? iv3 : iv2;
@@ -447,7 +449,7 @@ void FAST_FUNC aes_cbc_decrypt(const void key, int klen, void iv, const void *
447	unsigned astate[16];	449	unsigned astate[16];
448	for (i = 0; i < 16; i++)	450	for (i = 0; i < 16; i++)
449	ivnext[i] = astate[i] = ct[i];	451	ivnext[i] = astate[i] = ct[i];
450	aes_decrypt_1(astate, rounds, RoundKey);	452	aes_decrypt_1(aes, astate);
451	for (i = 0; i < 16; i++)	453	for (i = 0; i < 16; i++)
452	pt[i] = astate[i] ^ ivbuf[i];	454	pt[i] = astate[i] ^ ivbuf[i];
453	}	455	}


diff --git a/networking/tls_aes.h b/networking/tls_aes.h index fc3881793..e9e3721f1 100644 --- a/networking/tls_aes.h +++ b/networking/tls_aes.h
@@ -10,5 +10,5 @@ void aes_setkey(struct tls_aes aes, const void key, unsigned key_len) FAST_FUN
10		10
11	void aes_encrypt_one_block(struct tls_aes aes, const void data, void *dst) FAST_FUNC;	11	void aes_encrypt_one_block(struct tls_aes aes, const void data, void *dst) FAST_FUNC;
12		12
13	void aes_cbc_encrypt(const void key, int klen, void iv, const void data, size_t len, void dst) FAST_FUNC;	13	void aes_cbc_encrypt(struct tls_aes aes, void iv, const void data, size_t len, void dst) FAST_FUNC;
14	void aes_cbc_decrypt(const void key, int klen, void iv, const void data, size_t len, void dst) FAST_FUNC;	14	void aes_cbc_decrypt(struct tls_aes aes, void iv, const void data, size_t len, void dst) FAST_FUNC;


diff --git a/networking/tls_aesgcm.c b/networking/tls_aesgcm.c index 584cee98e..eb32f4c05 100644 --- a/networking/tls_aesgcm.c +++ b/networking/tls_aesgcm.c
@@ -136,13 +136,3 @@ void FAST_FUNC aesgcm_GHASH(byte* h, const byte* a, unsigned aSz, const byte* c,
136	/* Copy the result into s. */	136	/* Copy the result into s. */
137	XMEMCPY(s, x, sSz);	137	XMEMCPY(s, x, sSz);
138	}	138	}
139
140	void FAST_FUNC aesgcm_setkey(uint8_t H[16], struct tls_aes aes, const byte key, unsigned len)
141	{
142	byte iv[AES_BLOCK_SIZE];
143
144	aes_setkey(aes, key, len);
145
146	memset(iv, 0, AES_BLOCK_SIZE);
147	aes_encrypt_one_block(aes, iv, H);
148	}


diff --git a/networking/tls_aesgcm.h b/networking/tls_aesgcm.h index d4cde01f9..a71eced54 100644 --- a/networking/tls_aesgcm.h +++ b/networking/tls_aesgcm.h
@@ -11,5 +11,3 @@ void aesgcm_GHASH(uint8_t* h,
11	const uint8_t* c, unsigned cSz,	11	const uint8_t* c, unsigned cSz,
12	uint8_t* s, unsigned sSz	12	uint8_t* s, unsigned sSz
13	) FAST_FUNC;	13	) FAST_FUNC;
14
15	void aesgcm_setkey(uint8_t H[16], struct tls_aes aes, const uint8_t key, unsigned len) FAST_FUNC;