aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2017-01-21 02:07:59 +0100
committerDenys Vlasenko <vda.linux@googlemail.com>2017-01-21 02:08:34 +0100
commitf6e20724d4aac3655e921ff6072e60bbe182b273 (patch)
treec1527bf0a508c404ab6fb7c37716742714824518
parentdd2577f21a55e5a4d039590f76efa3f7faa3a135 (diff)
downloadbusybox-f6e20724d4aac3655e921ff6072e60bbe182b273.tar.gz
tls: reorder tls_state fields for smaller offsets
function old new delta xwrite_encrypted 363 360 -3 xwrite_and_update_handshake_hash 117 114 -3 tls_xread_handshake_block 72 69 -3 tls_error_die 211 202 -9 tls_get_outbuf 64 49 -15 tls_main 2163 2127 -36 tls_xread_record 702 639 -63 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 0/7 up/down: 0/-132) Total: -132 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--networking/tls.c38
1 files changed, 20 insertions, 18 deletions
diff --git a/networking/tls.c b/networking/tls.c
index 8fa532947..b111e4bb4 100644
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -226,24 +226,28 @@ struct record_hdr {
};
typedef struct tls_state {
- int fd;
+ int fd;
+
+ int min_encrypted_len_on_read;
+ uint8_t encrypt_on_write;
+
+ uint8_t *outbuf;
+ int outbuf_size;
+
+ int inbuf_size;
+ int ofs_to_buffered;
+ int buffered_size;
+ uint8_t *inbuf;
//TODO: store just the DER key here, parse/use/delete it when sending client key
//this way it will stay key type agnostic here.
psRsaKey_t server_rsa_pub_key;
-
- sha256_ctx_t handshake_sha256_ctx;
-
+// this is also unused after client key is sent
uint8_t client_and_server_rand32[2 * 32];
+// these two are unused after finished messages are exchanged:
+ sha256_ctx_t handshake_sha256_ctx;
uint8_t master_secret[48];
- uint8_t encrypt_on_write;
- int min_encrypted_len_on_read;
- uint8_t client_write_MAC_key[SHA256_OUTSIZE];
- uint8_t server_write_MAC_key[SHA256_OUTSIZE];
- uint8_t client_write_key[AES256_KEYSIZE];
- uint8_t server_write_key[AES256_KEYSIZE];
-
// RFC 5246
// sequence number
// Each connection state contains a sequence number, which is
@@ -251,15 +255,13 @@ typedef struct tls_state {
// number MUST be set to zero whenever a connection state is made the
// active state. Sequence numbers are of type uint64 and may not
// exceed 2^64-1.
+ /*uint64_t read_seq64_be;*/
uint64_t write_seq64_be;
- int outbuf_size;
- uint8_t *outbuf;
-
- int inbuf_size;
- int ofs_to_buffered;
- int buffered_size;
- uint8_t *inbuf;
+ uint8_t client_write_MAC_key[SHA256_OUTSIZE];
+ uint8_t server_write_MAC_key[SHA256_OUTSIZE];
+ uint8_t client_write_key[AES256_KEYSIZE];
+ uint8_t server_write_key[AES256_KEYSIZE];
} tls_state_t;