From 03569bc50f0d731aa3af94ab600adc59eaac3162 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Sat, 24 Nov 2018 14:08:29 +0100 Subject: tls: speed up xor'ing of aligned 16-byte buffers function old new delta xorbuf_aligned_AES_BLOCK_SIZE - 23 +23 xwrite_encrypted 585 580 -5 aesgcm_GHASH 233 228 -5 GMULT 192 187 -5 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/3 up/down: 23/-15) Total: 8 bytes Signed-off-by: Denys Vlasenko --- networking/tls.c | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) (limited to 'networking/tls.c') diff --git a/networking/tls.c b/networking/tls.c index 1f8c21f..b774340 100644 --- a/networking/tls.c +++ b/networking/tls.c @@ -357,6 +357,20 @@ void FAST_FUNC xorbuf(void *dst, const void *src, unsigned count) xorbuf3(dst, dst, src, count); } +void FAST_FUNC xorbuf_aligned_AES_BLOCK_SIZE(void *dst, const void *src) +{ + unsigned long *d = dst; + const unsigned long *s = src; + d[0] ^= s[0]; +#if ULONG_MAX <= 0xffffffffffffffff + d[1] ^= s[1]; + #if ULONG_MAX == 0xffffffff + d[2] ^= s[2]; + d[3] ^= s[3]; + #endif +#endif +} + /* Nondestructively see the current hash value */ static unsigned sha_peek(md5sha_ctx_t *ctx, void *buffer) { @@ -802,10 +816,10 @@ static void xwrite_encrypted_aesgcm(tls_state_t *tls, unsigned size, unsigned ty { #define COUNTER(v) (*(uint32_t*)(v + 12)) - uint8_t aad[13 + 3] ALIGNED(4); /* +3 creates [16] buffer, simplifying GHASH() */ - uint8_t nonce[12 + 4] ALIGNED(4); /* +4 creates space for AES block counter */ - uint8_t scratch[AES_BLOCK_SIZE] ALIGNED(4); //[16] - uint8_t authtag[AES_BLOCK_SIZE] ALIGNED(4); //[16] + uint8_t aad[13 + 3] ALIGNED_long; /* +3 creates [16] buffer, simplifying GHASH() */ + uint8_t nonce[12 + 4] ALIGNED_long; /* +4 creates space for AES block counter */ + uint8_t scratch[AES_BLOCK_SIZE] ALIGNED_long; //[16] + uint8_t authtag[AES_BLOCK_SIZE] ALIGNED_long; //[16] uint8_t *buf; struct record_hdr *xhdr; unsigned remaining; @@ -850,7 +864,7 @@ static void xwrite_encrypted_aesgcm(tls_state_t *tls, unsigned size, unsigned ty aesgcm_GHASH(tls->H, aad, /*sizeof(aad),*/ tls->outbuf + OUTBUF_PFX, size, authtag /*, sizeof(authtag)*/); COUNTER(nonce) = htonl(1); aes_encrypt_one_block(&tls->aes_encrypt, nonce, scratch); - xorbuf(authtag, scratch, sizeof(authtag)); + xorbuf_aligned_AES_BLOCK_SIZE(authtag, scratch); memcpy(buf, authtag, sizeof(authtag)); #undef COUNTER @@ -938,10 +952,10 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size) { #define COUNTER(v) (*(uint32_t*)(v + 12)) - //uint8_t aad[13 + 3] ALIGNED(4); /* +3 creates [16] buffer, simplifying GHASH() */ - uint8_t nonce[12 + 4] ALIGNED(4); /* +4 creates space for AES block counter */ - uint8_t scratch[AES_BLOCK_SIZE] ALIGNED(4); //[16] - //uint8_t authtag[AES_BLOCK_SIZE] ALIGNED(4); //[16] + //uint8_t aad[13 + 3] ALIGNED_long; /* +3 creates [16] buffer, simplifying GHASH() */ + uint8_t nonce[12 + 4] ALIGNED_long; /* +4 creates space for AES block counter */ + uint8_t scratch[AES_BLOCK_SIZE] ALIGNED_long; //[16] + //uint8_t authtag[AES_BLOCK_SIZE] ALIGNED_long; //[16] unsigned remaining; unsigned cnt; @@ -973,7 +987,7 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size) //aesgcm_GHASH(tls->H, aad, tls->inbuf + RECHDR_LEN, size, authtag); //COUNTER(nonce) = htonl(1); //aes_encrypt_one_block(&tls->aes_encrypt, nonce, scratch); - //xorbuf(authtag, scratch, sizeof(authtag)); + //xorbuf_aligned_AES_BLOCK_SIZE(authtag, scratch); //memcmp(buf, authtag, sizeof(authtag)) || DIE("HASH DOES NOT MATCH!"); #undef COUNTER -- cgit v1.1