summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko2018-12-08 21:24:38 +0100
committerDenys Vlasenko2018-12-08 21:24:38 +0100
commit32ec5f170589537ebec40ba334324ecf208009e7 (patch)
treea467d52be288dcce75c3d7f37c04048ca4db3612
parent6e7c65fca0cb176592000b249f612e037a1dc7fc (diff)
downloadbusybox-32ec5f170589537ebec40ba334324ecf208009e7.zip
busybox-32ec5f170589537ebec40ba334324ecf208009e7.tar.gz
tls: AES-GCM: in GMULT, avoid memcpy, use one less variable in bit loop
function old new delta GMULT 168 159 -9 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--networking/tls_aesgcm.c22
1 files changed, 11 insertions, 11 deletions
diff --git a/networking/tls_aesgcm.c b/networking/tls_aesgcm.c
index 008dc9b..a4663cd 100644
--- a/networking/tls_aesgcm.c
+++ b/networking/tls_aesgcm.c
@@ -97,25 +97,25 @@ static void RIGHTSHIFTX(byte* x)
#undef l
}
+// Caller guarantees X is aligned
static void GMULT(byte* X, byte* Y)
{
byte Z[AES_BLOCK_SIZE] ALIGNED_long;
- byte V[AES_BLOCK_SIZE] ALIGNED_long;
- int i, j;
+ //byte V[AES_BLOCK_SIZE] ALIGNED_long;
+ int i;
XMEMSET(Z, 0, AES_BLOCK_SIZE);
- XMEMCPY(V, X, AES_BLOCK_SIZE);
- for (i = 0; i < AES_BLOCK_SIZE; i++)
- {
- byte y = Y[i];
- for (j = 0; j < 8; j++)
- {
+ //XMEMCPY(V, X, AES_BLOCK_SIZE);
+ for (i = 0; i < AES_BLOCK_SIZE; i++) {
+ uint32_t y = 0x800000 | Y[i];
+ for (;;) { // for every bit in Y[i], from msb to lsb
if (y & 0x80) {
- xorbuf_aligned_AES_BLOCK_SIZE(Z, V);
+ xorbuf_aligned_AES_BLOCK_SIZE(Z, X); // was V, not X
}
-
- RIGHTSHIFTX(V);
+ RIGHTSHIFTX(X); // was V, not X
y = y << 1;
+ if ((int32_t)y < 0) // if bit 0x80000000 set = if 8 iterations done
+ break;
}
}
XMEMCPY(X, Z, AES_BLOCK_SIZE);