diff options
author | Denys Vlasenko | 2018-12-08 21:24:38 +0100 |
---|---|---|
committer | Denys Vlasenko | 2018-12-08 21:24:38 +0100 |
commit | 32ec5f170589537ebec40ba334324ecf208009e7 (patch) | |
tree | a467d52be288dcce75c3d7f37c04048ca4db3612 | |
parent | 6e7c65fca0cb176592000b249f612e037a1dc7fc (diff) | |
download | busybox-32ec5f170589537ebec40ba334324ecf208009e7.zip busybox-32ec5f170589537ebec40ba334324ecf208009e7.tar.gz |
tls: AES-GCM: in GMULT, avoid memcpy, use one less variable in bit loop
function old new delta
GMULT 168 159 -9
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | networking/tls_aesgcm.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/networking/tls_aesgcm.c b/networking/tls_aesgcm.c index 008dc9b..a4663cd 100644 --- a/networking/tls_aesgcm.c +++ b/networking/tls_aesgcm.c @@ -97,25 +97,25 @@ static void RIGHTSHIFTX(byte* x) #undef l } +// Caller guarantees X is aligned static void GMULT(byte* X, byte* Y) { byte Z[AES_BLOCK_SIZE] ALIGNED_long; - byte V[AES_BLOCK_SIZE] ALIGNED_long; - int i, j; + //byte V[AES_BLOCK_SIZE] ALIGNED_long; + int i; XMEMSET(Z, 0, AES_BLOCK_SIZE); - XMEMCPY(V, X, AES_BLOCK_SIZE); - for (i = 0; i < AES_BLOCK_SIZE; i++) - { - byte y = Y[i]; - for (j = 0; j < 8; j++) - { + //XMEMCPY(V, X, AES_BLOCK_SIZE); + for (i = 0; i < AES_BLOCK_SIZE; i++) { + uint32_t y = 0x800000 | Y[i]; + for (;;) { // for every bit in Y[i], from msb to lsb if (y & 0x80) { - xorbuf_aligned_AES_BLOCK_SIZE(Z, V); + xorbuf_aligned_AES_BLOCK_SIZE(Z, X); // was V, not X } - - RIGHTSHIFTX(V); + RIGHTSHIFTX(X); // was V, not X y = y << 1; + if ((int32_t)y < 0) // if bit 0x80000000 set = if 8 iterations done + break; } } XMEMCPY(X, Z, AES_BLOCK_SIZE); |