diff options
| author | Denys Vlasenko | 2018-11-23 18:31:26 +0100 |
|---|---|---|
| committer | Denys Vlasenko | 2018-11-23 18:31:26 +0100 |
| commit | ecc9090cfcccf412288147f385808f8f9df97ebe (patch) | |
| tree | 0c937204026d3a2420597180e3db07cb3896ade3 /networking/tls.c | |
| parent | 5e4236d226309a32842a6928878fd0e1cd5937e7 (diff) | |
| download | busybox-ecc9090cfcccf412288147f385808f8f9df97ebe.zip busybox-ecc9090cfcccf412288147f385808f8f9df97ebe.tar.gz | |
tls: simplify aesgcm_GHASH()
function old new delta
xwrite_encrypted 604 599 -5
FlattenSzInBits 52 - -52
aesgcm_GHASH 395 262 -133
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/2 up/down: 0/-190) Total: -190 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking/tls.c')
| -rw-r--r-- | networking/tls.c | 30 |
1 files changed, 14 insertions, 16 deletions
diff --git a/networking/tls.c b/networking/tls.c index 23622d7..3b4f1b7 100644 --- a/networking/tls.c +++ b/networking/tls.c @@ -270,7 +270,7 @@ struct record_hdr { enum { NEED_EC_KEY = 1 << 0, GOT_CERT_RSA_KEY_ALG = 1 << 1, - GOT_CERT_ECDSA_KEY_ALG = 1 << 2, + GOT_CERT_ECDSA_KEY_ALG = 1 << 2, GOT_EC_KEY = 1 << 3, ENCRYPTION_AESGCM = 1 << 4, }; @@ -756,7 +756,6 @@ static void xwrite_encrypted_and_hmac_signed(tls_state_t *tls, unsigned size, un } while ((size & (AES_BLOCK_SIZE - 1)) != 0); /* Encrypt content+MAC+padding in place */ -//optimize key setup aes_cbc_encrypt( &tls->aes_decrypt, /* selects 128/256 */ buf - AES_BLOCK_SIZE, /* IV */ @@ -787,8 +786,9 @@ static void xwrite_encrypted_and_hmac_signed(tls_state_t *tls, unsigned size, un */ static void xwrite_encrypted_aesgcm(tls_state_t *tls, unsigned size, unsigned type) { -//go for [16] - uint8_t aad[13]; +#define COUNTER(v) (*(uint32_t*)(v + 12)) + + uint8_t aad[13 + 3]; /* +3 creates [16] buffer, simplifying GHASH() */ uint8_t nonce[12 + 4]; /* +4 creates space for AES block counter */ uint8_t scratch[AES_BLOCK_SIZE]; //[16] uint8_t authtag[AES_BLOCK_SIZE]; //[16] @@ -807,7 +807,8 @@ static void xwrite_encrypted_aesgcm(tls_state_t *tls, unsigned size, unsigned ty aad[9] = TLS_MAJ; aad[10] = TLS_MIN; aad[11] = size >> 8; - aad[12] = size & 0xff; + /* set aad[12], and clear aad[13..15] */ + COUNTER(aad) = SWAP_LE32(size & 0xff); memcpy(nonce, tls->client_write_IV, 4); memcpy(nonce + 4, &tls->write_seq64_be, 8); @@ -817,8 +818,6 @@ static void xwrite_encrypted_aesgcm(tls_state_t *tls, unsigned size, unsigned ty /* seq64 is not used later in this func, can increment here */ tls->write_seq64_be = SWAP_BE64(1 + SWAP_BE64(tls->write_seq64_be)); -#define COUNTER(v) (*(uint32_t*)(v + 12)) - cnt = 1; remaining = size; while (remaining != 0) { @@ -833,8 +832,7 @@ static void xwrite_encrypted_aesgcm(tls_state_t *tls, unsigned size, unsigned ty remaining -= n; } -//optimize fixed sizes - aesgcm_GHASH(tls->H, aad, sizeof(aad), tls->outbuf + OUTBUF_PFX, size, authtag, sizeof(authtag)); + aesgcm_GHASH(tls->H, aad, /*sizeof(aad),*/ tls->outbuf + OUTBUF_PFX, size, authtag /*, sizeof(authtag)*/); COUNTER(nonce) = htonl(1); aes_encrypt_one_block(&tls->aes_encrypt, nonce, scratch); xorbuf(authtag, scratch, sizeof(authtag)); @@ -923,8 +921,9 @@ static const char *alert_text(int code) static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size) { -//go for [16] - //uint8_t aad[13]; +#define COUNTER(v) (*(uint32_t*)(v + 12)) + + //uint8_t aad[13 + 3]; /* +3 creates [16] buffer, simplifying GHASH() */ uint8_t nonce[12 + 4]; /* +4 creates space for AES block counter */ uint8_t scratch[AES_BLOCK_SIZE]; //[16] //uint8_t authtag[AES_BLOCK_SIZE]; //[16] @@ -935,14 +934,14 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size) //aad[9] = TLS_MAJ; //aad[10] = TLS_MIN; //aad[11] = size >> 8; - //aad[12] = size & 0xff; + ///* set aad[12], and clear aad[13..15] */ + //COUNTER(aad) = SWAP_LE32(size & 0xff); + //memcpy(aad, &tls->write_seq64_be, 8); memcpy(nonce, tls->server_write_IV, 4); memcpy(nonce + 4, buf, 8); buf += 8; -#define COUNTER(v) (*(uint32_t*)(v + 12)) - cnt = 1; remaining = size; while (remaining != 0) { @@ -957,8 +956,7 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size) remaining -= n; } -////optimize fixed sizes - //aesgcm_GHASH(tls->H, aad, sizeof(aad), tls->outbuf + OUTBUF_PFX, size, authtag, sizeof(authtag)); + //aesgcm_GHASH(tls->H, aad, tls->outbuf + OUTBUF_PFX, size, authtag); //COUNTER(nonce) = htonl(1); //aes_encrypt_one_block(&tls->aes_encrypt, nonce, scratch); //xorbuf(authtag, scratch, sizeof(authtag)); |