aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2018-11-24 13:51:46 +0100
committerDenys Vlasenko <vda.linux@googlemail.com>2018-11-24 13:51:46 +0100
commit941440cf166ef77ad82c4ead9eae3a8a2552a418 (patch)
treed97607a0d7515ff412dff5b1aa82681569a89b8a
parent985702c892d94ac9656754b94402dee933abb156 (diff)
downloadbusybox-941440cf166ef77ad82c4ead9eae3a8a2552a418.tar.gz
tls: in AES-GCM decoding, avoid memmove
function old new delta xorbuf3 - 36 +36 xorbuf 24 12 -12 tls_xread_record 656 634 -22 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/2 up/down: 36/-34) Total: 2 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--networking/tls.c20
-rw-r--r--networking/tls.h1
-rw-r--r--networking/tls_aesgcm.c9
-rw-r--r--networking/tls_aesgcm.h2
4 files changed, 17 insertions, 15 deletions
diff --git a/networking/tls.c b/networking/tls.c
index 1e0e0991c..1f8c21f8b 100644
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -343,6 +343,20 @@ void FAST_FUNC tls_get_random(void *buf, unsigned len)
xfunc_die();
}
+static void xorbuf3(void *dst, const void *src1, const void *src2, unsigned count)
+{
+ uint8_t *d = dst;
+ const uint8_t *s1 = src1;
+ const uint8_t* s2 = src2;
+ while (count--)
+ *d++ = *s1++ ^ *s2++;
+}
+
+void FAST_FUNC xorbuf(void *dst, const void *src, unsigned count)
+{
+ xorbuf3(dst, dst, src, count);
+}
+
/* Nondestructively see the current hash value */
static unsigned sha_peek(md5sha_ctx_t *ctx, void *buffer)
{
@@ -941,7 +955,6 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size)
memcpy(nonce, tls->server_write_IV, 4);
memcpy(nonce + 4, buf, 8);
- buf += 8;
cnt = 1;
remaining = size;
@@ -952,12 +965,12 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size)
COUNTER(nonce) = htonl(cnt); /* yes, first cnt here is 2 (!) */
aes_encrypt_one_block(&tls->aes_decrypt, nonce, scratch);
n = remaining > AES_BLOCK_SIZE ? AES_BLOCK_SIZE : remaining;
- xorbuf(buf, scratch, n);
+ xorbuf3(buf, scratch, buf + 8, n);
buf += n;
remaining -= n;
}
- //aesgcm_GHASH(tls->H, aad, tls->outbuf + OUTBUF_PFX, size, authtag);
+ //aesgcm_GHASH(tls->H, aad, tls->inbuf + RECHDR_LEN, size, authtag);
//COUNTER(nonce) = htonl(1);
//aes_encrypt_one_block(&tls->aes_encrypt, nonce, scratch);
//xorbuf(authtag, scratch, sizeof(authtag));
@@ -1046,7 +1059,6 @@ static int tls_xread_record(tls_state_t *tls, const char *expected)
sz -= 8 + AES_BLOCK_SIZE; /* we will overwrite nonce, drop hash */
tls_aesgcm_decrypt(tls, p, sz);
- memmove(p, p + 8, sz);
dbg("encrypted size:%u\n", sz);
} else
if (tls->min_encrypted_len_on_read > tls->MAC_size) {
diff --git a/networking/tls.h b/networking/tls.h
index f2ef67aac..4b0dc7459 100644
--- a/networking/tls.h
+++ b/networking/tls.h
@@ -81,6 +81,7 @@ typedef int16_t int16;
#define AES_BLOCK_SIZE 16
void tls_get_random(void *buf, unsigned len) FAST_FUNC;
+void xorbuf(void* buf, const void* mask, unsigned count) FAST_FUNC;
#define matrixCryptoGetPrngData(buf, len, userPtr) (tls_get_random(buf, len), PS_SUCCESS)
diff --git a/networking/tls_aesgcm.c b/networking/tls_aesgcm.c
index b9a6a9b0a..db720e5f6 100644
--- a/networking/tls_aesgcm.c
+++ b/networking/tls_aesgcm.c
@@ -11,15 +11,6 @@ typedef uint32_t word32;
#define XMEMSET memset
#define XMEMCPY memcpy
-void FAST_FUNC xorbuf(void* buf, const void* mask, unsigned count)
-{
- word32 i;
- byte* b = (byte*)buf;
- const byte* m = (const byte*)mask;
- for (i = 0; i < count; i++)
- b[i] ^= m[i];
-}
-
/* from wolfssl-3.15.3/wolfcrypt/src/aes.c */
static ALWAYS_INLINE void FlattenSzInBits(byte* buf, word32 sz)
diff --git a/networking/tls_aesgcm.h b/networking/tls_aesgcm.h
index 75694f3fa..d7e672e6e 100644
--- a/networking/tls_aesgcm.h
+++ b/networking/tls_aesgcm.h
@@ -4,8 +4,6 @@
* Licensed under GPLv2, see file LICENSE in this source tree.
*/
-void xorbuf(void* buf, const void* mask, unsigned count) FAST_FUNC;
-
void aesgcm_GHASH(uint8_t* h,
const uint8_t* a, //unsigned aSz,
const uint8_t* c, unsigned cSz,