aboutsummaryrefslogtreecommitdiff
path: root/networking/tls.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'busybox' into mergeRon Yorston2022-10-121-34/+79
|\
| * tls: move definitions around, no code changesDenys Vlasenko2022-09-081-22/+12
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: include signature_algorithms extension in client hello messageDenys Vlasenko2022-09-081-18/+73
| | | | | | | | | | | | | | | | | | | | function old new delta tls_xread_record 629 645 +16 .rodata 105167 105179 +12 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/0 up/down: 28/0) Total: 28 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge busybox into mergeRon Yorston2021-12-271-1/+2
|\| | | | | | | Fix merge conflict in coreutils/timeout.c.
| * tls: tweak debug printoutDenys Vlasenko2021-11-271-1/+2
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2021-10-131-56/+93
|\|
| * tls: replace "26-bit" P256 code with 32-bit one.Denys Vlasenko2021-10-051-8/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | function old new delta sp_256_ecc_mulmod_8 - 1171 +1171 sp_256_mod_mul_norm_8 - 834 +834 sp_256_proj_point_dbl_8 - 374 +374 sp_256_mont_reduce_8 - 268 +268 sp_256_mont_mul_8 - 151 +151 sp_256_sub_8 - 76 +76 sp_256_add_8 - 76 +76 sp_256_cmp_8 - 38 +38 static.sp_256_mont_dbl_8 - 31 +31 static.sp_256_mont_sub_8 - 29 +29 sp_256_to_bin_8 - 28 +28 sp_256_point_from_bin2x32 50 73 +23 sp_256_mont_sqr_8 - 7 +7 sp_256_mont_sqr_10 7 - -7 p256_mod 40 32 -8 curve_P256_compute_pubkey_and_premaster 186 167 -19 sp_256_sub_10 22 - -22 sp_256_add_10 22 - -22 sp_256_cmp_10 24 - -24 sp_256_norm_10 31 - -31 static.sp_256_mont_sub_10 49 - -49 static.sp_256_mont_dbl_10 52 - -52 static.sp_256_mul_add_10 82 - -82 sp_256_from_bin_10 119 - -119 sp_256_to_bin_10 120 - -120 sp_256_mont_reduce_10 178 - -178 sp_256_mont_mul_10 214 - -214 sp_256_proj_point_dbl_10 451 - -451 sp_256_ecc_mulmod_10 1216 - -1216 sp_256_mod_mul_norm_10 1305 - -1305 ------------------------------------------------------------------------------ (add/remove: 12/15 grow/shrink: 1/2 up/down: 3106/-3919) Total: -813 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: fix the case of sp_256_mont_tpl_10() leaving striay high bitsDenys Vlasenko2021-10-051-0/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | It has no effect on correctness, but interferes with compating internal state of different implementations. function old new delta sp_256_proj_point_dbl_10 443 451 +8 static.sp_256_mont_sub_10 46 49 +3 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/0 up/down: 11/0) Total: 11 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: "server cert is not RSA" is a fatal errorDenys Vlasenko2021-10-011-1/+1
| | | | | | | | | | | | | | function old new delta tls_handshake 2022 2019 -3 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: add scaffolding to selectively disable ciphers. no code changesDenys Vlasenko2021-10-011-55/+51
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2021-05-141-50/+70
|\|
| * tls: make x25519 key generation code more similar to P256Denys Vlasenko2021-04-261-36/+25
| | | | | | | | | | | | | | | | | | | | function old new delta curve_x25519_compute_pubkey_and_premaster - 74 +74 tls_handshake 2146 2072 -74 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/1 up/down: 74/-74) Total: 0 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: implement secp256r1 elliptic curve (aka P256)Denys Vlasenko2021-04-261-35/+66
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | function old new delta sp_256_mod_mul_norm_10 - 1439 +1439 sp_256_ecc_mulmod_10 - 1363 +1363 sp_256_proj_point_dbl_10 - 490 +490 p256_base - 244 +244 static.sp_256_mont_sqr_10 - 234 +234 static.sp_256_mont_mul_10 - 214 +214 curve_P256_compute_pubkey_and_premaster - 197 +197 static.sp_256_mont_reduce_10 - 176 +176 static.sp_256_from_bin - 149 +149 sp_256_to_bin - 148 +148 tls_handshake 2046 2146 +100 static.sp_256_mul_add_10 - 82 +82 .rodata 103275 103336 +61 static.sp_256_mont_sub_10 - 52 +52 static.sp_256_mont_dbl_10 - 52 +52 static.sp_256_cmp_10 - 43 +43 p256_mod - 40 +40 static.sp_256_cond_sub_10 - 32 +32 p256_mod_2 - 32 +32 sp_256_norm_10 - 31 +31 sp_256_cmp_equal_10 - 30 +30 sp_256_add_10 - 22 +22 addr_mask - 8 +8 ------------------------------------------------------------------------------ (add/remove: 22/0 grow/shrink: 2/0 up/down: 5239/0) Total: 5239 bytes text data bss dec hex filename 1018192 559 5020 1023771 f9f1b busybox_old 1023431 559 5020 1029010 fb392 busybox_unstripped Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: "server did not provide EC key" is fatalDenys Vlasenko2021-04-241-1/+1
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: make constant basepoint9[32] array 8-byte alignedDenys Vlasenko2021-04-221-1/+1
| | | | | | | | | | | | Has no effect on binary size, but likely to be more efficient. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | tls: avoid unnecessary changes to POSIX build, part 2Ron Yorston2021-01-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | On reflection, the previous commit may have been ill-advised. There are many calls to open_read_close() and most shouldn't be able to access special devices. (Though in practice only a few are enabled in busybox-w32.) Nonetheless, I've implemented a new mechanism which uses the macro MINGW_SPECIAL() to mark calls to functions that are allowed to access special devices. An unrelated change is to avoid compiling fputs_stdout() in coreutils/printf.c for the POSIX build.
* | tls: avoid unnecessary changes to POSIX buildRon Yorston2021-01-241-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | Calls to tls_error_die() embed the line number of the error in the binary. Since some lines had been added to tls.c for the WIN32 port a POSIX build of the busybox-w32 source differed from upstream. Avoid this by pushing the special handling of /dev/urandom down into open_read_close(). tls.c is now unchanged from upstream. The only differences in the POSIX build reported by 'objdump -s' are now the GNU build id, the copyright date and the date of the configuration.
* | Merge branch 'busybox' into mergeRon Yorston2021-01-141-1/+1
|\|
| * decrease paddign: gcc-9.3.1 slaps 32-byte alignment on arrays willy-nillyDenys Vlasenko2020-11-301-1/+1
| | | | | | | | | | | | | | | | text data bss dec hex filename 1021988 559 5052 1027599 fae0f busybox_old 1021236 559 5052 1026847 fab1f busybox_unstripped Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2020-08-231-2/+0
|\|
| * ntpd: fix refid reported in server mode, closes 13056Denys Vlasenko2020-07-201-2/+0
| | | | | | | | | | | | | | | | | | | | function old new delta resolve_peer_hostname 129 196 +67 recv_and_process_peer_pkt 2475 2476 +1 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/0 up/down: 68/0) Total: 68 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2019-08-161-7/+7
|\|
| * libbb: reduce the overhead of single parameter bb_error_msg() callsJames Byrne2019-07-021-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Back in 2007, commit 0c97c9d43707 ("'simple' error message functions by Loic Grenie") introduced bb_simple_perror_msg() to allow for a lower overhead call to bb_perror_msg() when only a string was being printed with no parameters. This saves space for some CPU architectures because it avoids the overhead of a call to a variadic function. However there has never been a simple version of bb_error_msg(), and since 2007 many new calls to bb_perror_msg() have been added that only take a single parameter and so could have been using bb_simple_perror_message(). This changeset introduces 'simple' versions of bb_info_msg(), bb_error_msg(), bb_error_msg_and_die(), bb_herror_msg() and bb_herror_msg_and_die(), and replaces all calls that only take a single parameter, or use something like ("%s", arg), with calls to the corresponding 'simple' version. Since it is likely that single parameter calls to the variadic functions may be accidentally reintroduced in the future a new debugging config option WARN_SIMPLE_MSG has been introduced. This uses some macro magic which will cause any such calls to generate a warning, but this is turned off by default to avoid use of the unpleasant macros in normal circumstances. This is a large changeset due to the number of calls that have been replaced. The only files that contain changes other than simple substitution of function calls are libbb.h, libbb/herror_msg.c, libbb/verror_msg.c and libbb/xfuncs_printf.c. In miscutils/devfsd.c, networking/udhcp/common.h and util-linux/mdev.c additonal macros have been added for logging so that single parameter and multiple parameter logging variants exist. The amount of space saved varies considerably by architecture, and was found to be as follows (for 'defconfig' using GCC 7.4): Arm: -92 bytes MIPS: -52 bytes PPC: -1836 bytes x86_64: -938 bytes Note that for the MIPS architecture only an exception had to be made disabling the 'simple' calls for 'udhcp' (in networking/udhcp/common.h) because it made these files larger on MIPS. Signed-off-by: James Byrne <james.byrne@origamienergy.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2019-05-271-3/+3
|\|
| * *: slap on a few ALIGN1/2s where appropriateDenys Vlasenko2019-05-211-3/+3
| | | | | | | | | | | | | | | | | | | | The result of looking at "grep -F -B2 '*fill*' busybox_unstripped.map" text data bss dec hex filename 952537 485 7296 960318 ea73e busybox_old 952527 485 7296 960308 ea734 busybox_unstripped Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2019-01-101-17/+62
|\|
| * tls: add comment about dl.fedoraproject.org needing secp256r1 ECC curveDenys Vlasenko2019-01-081-0/+8
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: prepare for ECDH_anon ciphersDenys Vlasenko2018-12-101-7/+14
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: fix a potential (currently "disabled" by a macro) SHA1-related bugDenys Vlasenko2018-12-101-1/+1
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: if !ENABLE_FEATURE_TLS_SHA1, tls->MAC_size is always SHA256_OUTSIZE for ↵Denys Vlasenko2018-12-101-6/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | AES-CBC function old new delta tls_xread_record 634 636 +2 xwrite_encrypted 579 580 +1 tls_handshake 2095 2085 -10 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/1 up/down: 3/-10) Total: -7 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: introduce FEATURE_TLS_SHA1 to make SHA1 code optionalDenys Vlasenko2018-12-101-6/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When disabled: function old new delta xwrite_encrypted 580 579 -1 prf_hmac_sha256 222 217 -5 hmac_begin 158 149 -9 static.ciphers 32 20 -12 tls_handshake 2115 2095 -20 hmac 87 61 -26 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 0/6 up/down: 0/-73) Total: -73 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2018-11-281-299/+817
|\|
| * tls: add ECDHE_PSK and remove ARIA cipher idsDenys Vlasenko2018-11-271-8/+4
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: add _anon_ cipher definitionsDenys Vlasenko2018-11-261-0/+4
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: enable TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipherDenys Vlasenko2018-11-261-29/+29
| | | | | | | | | | | | | | function old new delta static.ciphers 30 32 +2 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: cipher 009D is not yet supported, don't test for itDenys Vlasenko2018-11-261-4/+3
| | | | | | | | | | | | | | function old new delta tls_handshake 2116 2108 -8 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: speed up prf_hmac_sha256()Denys Vlasenko2018-11-261-40/+39
| | | | | | | | | | | | | | | | | | | | | | function old new delta hmac_sha_precomputed - 58 +58 prf_hmac_sha256 181 222 +41 hmac_sha256 68 - -68 ------------------------------------------------------------------------------ (add/remove: 1/1 grow/shrink: 1/0 up/down: 99/-68) Total: 31 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: simplify hmac_begin()Denys Vlasenko2018-11-261-11/+27
| | | | | | | | | | | | | | function old new delta hmac_begin 196 158 -38 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: add support for 8 more cipher ids - all tested to workDenys Vlasenko2018-11-261-87/+117
| | | | | | | | | | | | | | | | | | | | function old new delta tls_handshake 2059 2116 +57 static.ciphers - 30 +30 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 1/0 up/down: 87/0) Total: 87 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: fix commentsDenys Vlasenko2018-11-251-1/+5
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: add a comment on expanding list of supported ciphersDenys Vlasenko2018-11-251-7/+30
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: do not leak RSA keyDenys Vlasenko2018-11-251-0/+1
| | | | | | | | | | | | | | function old new delta tls_handshake 1957 2059 +102 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: code shrinkDenys Vlasenko2018-11-251-15/+12
| | | | | | | | | | | | | | | | function old new delta xwrite_and_update_handshake_hash 81 80 -1 tls_handshake 1987 1957 -30 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: code shrinkDenys Vlasenko2018-11-251-15/+16
| | | | | | | | | | | | | | function old new delta tls_handshake 1993 1987 -6 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: code shrinkDenys Vlasenko2018-11-251-1/+1
| | | | | | | | | | | | | | function old new delta aesgcm_GHASH 223 196 -27 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: actually fill in CIPHER_ID3 value in hello messageDenys Vlasenko2018-11-251-5/+3
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: fix is.gd again, fix AES-CBC using decrypt key instead of encryptDenys Vlasenko2018-11-241-5/+7
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: speed up xor'ing of aligned 16-byte buffersDenys Vlasenko2018-11-241-10/+24
| | | | | | | | | | | | | | | | | | | | | | | | function old new delta xorbuf_aligned_AES_BLOCK_SIZE - 23 +23 xwrite_encrypted 585 580 -5 aesgcm_GHASH 233 228 -5 GMULT 192 187 -5 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/3 up/down: 23/-15) Total: 8 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: in AES-GCM decoding, avoid memmoveDenys Vlasenko2018-11-241-4/+16
| | | | | | | | | | | | | | | | | | | | | | function old new delta xorbuf3 - 36 +36 xorbuf 24 12 -12 tls_xread_record 656 634 -22 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/2 up/down: 36/-34) Total: 2 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * tls: make tls_get_random() FAST_FUNCDenys Vlasenko2018-11-231-1/+1
| | | | | | | | | | | | | | | | | | | | function old new delta tls_handshake 1977 1985 +8 tls_get_random 32 28 -4 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/1 up/down: 8/-4) Total: 4 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>