From 6b1b004845ebec194c4d4868d3deb57f22711b19 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Thu, 19 Jan 2017 15:51:00 +0100 Subject: tls: commented out psPool_t use function old new delta psAesEncrypt 159 162 +3 der_binary_to_pstm 42 40 -2 xwrite_and_hash 437 434 -3 xread_tls_block 446 443 -3 pstm_div_2d 449 444 -5 psAesDecrypt 179 174 -5 pstm_init_size 52 45 -7 pstm_init 46 39 -7 pstm_to_unsigned_bin 165 157 -8 tls_main 1265 1256 -9 pstm_mulmod 132 123 -9 pstm_mod 125 116 -9 pstm_init_copy 93 84 -9 psAesInitKey 840 825 -15 send_client_key_exchange 362 342 -20 psAesInit 103 80 -23 psRsaEncryptPub 429 403 -26 psAesDecryptBlock 1211 1184 -27 psAesEncryptBlock 1223 1193 -30 pstm_exptmod 1582 1524 -58 pstm_div 1557 1472 -85 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/20 up/down: 3/-360) Total: -357 bytes Signed-off-by: Denys Vlasenko --- networking/tls.h | 3 +- networking/tls_aes.c | 60 +++++++++++++++++++-------------- networking/tls_pstm.c | 27 ++++++++------- networking/tls_pstm.h | 47 +++++++++++++++++++++++--- networking/tls_pstm_montgomery_reduce.c | 6 ++-- networking/tls_pstm_mul_comba.c | 10 +++--- networking/tls_pstm_sqr_comba.c | 10 +++--- networking/tls_rsa.c | 20 ++++++----- networking/tls_rsa.h | 4 +-- networking/tls_symmetric.h | 4 +-- 10 files changed, 122 insertions(+), 69 deletions(-) diff --git a/networking/tls.h b/networking/tls.h index 5a0cb67e9..5e6b346e2 100644 --- a/networking/tls.h +++ b/networking/tls.h @@ -66,8 +66,7 @@ typedef int32_t int32; typedef uint16_t uint16; typedef int16_t int16; -//FIXME -typedef char psPool_t; +//typedef char psPool_t; //#ifdef PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM #define PS_EXPTMOD_WINSIZE 3 diff --git a/networking/tls_aes.c b/networking/tls_aes.c index 661bd8272..6c3c39373 100644 --- a/networking/tls_aes.c +++ b/networking/tls_aes.c @@ -6,7 +6,7 @@ #include "tls.h" /* The file is taken almost verbatim from matrixssl-3-7-2b-open/crypto/symmetric/. - * Changes are flagged with ///bbox + * Changes are flagged with //bbox */ /** @@ -43,7 +43,7 @@ */ /******************************************************************************/ -///vda +//bbox //#include "../cryptoApi.h" #ifdef USE_AES @@ -1084,10 +1084,11 @@ int32 psAesInit(psCipherContext_t *ctx, unsigned char *IV, { int32 x, err; - if (IV == NULL || key == NULL || ctx == NULL) { - psTraceCrypto("psAesInit arg fail\n"); - return PS_ARG_FAIL; - } +//bbox +// if (IV == NULL || key == NULL || ctx == NULL) { +// psTraceCrypto("psAesInit arg fail\n"); +// return PS_ARG_FAIL; +// } memset(ctx, 0x0, sizeof(psCipherContext_t)); /* setup cipher @@ -1112,10 +1113,13 @@ int32 psAesEncrypt(psCipherContext_t *ctx, unsigned char *pt, uint32 i; unsigned char tmp[MAXBLOCKSIZE]; - if (pt == NULL || ct == NULL || ctx == NULL || (len & 0x7) != 0) { - psTraceCrypto("Bad parameters to psAesEncrypt\n"); - return PS_ARG_FAIL; - } +//bbox +// if (pt == NULL || ct == NULL || ctx == NULL || (len & 0x7) != 0) { +// psTraceCrypto("Bad parameters to psAesEncrypt\n"); +// return PS_ARG_FAIL; +// } + if ((len & 0x7) != 0) + bb_error_msg_and_die("AES len:%d", len); /* is blocklen valid? @@ -1159,10 +1163,13 @@ int32 psAesDecrypt(psCipherContext_t *ctx, unsigned char *ct, uint32 i; unsigned char tmp[MAXBLOCKSIZE], tmp2[MAXBLOCKSIZE]; - if (pt == NULL || ct == NULL || ctx == NULL || (len & 0x7) != 0) { - psTraceCrypto("Bad parameters to psAesDecrypt\n"); - return PS_ARG_FAIL; - } +//bbox +// if (pt == NULL || ct == NULL || ctx == NULL || (len & 0x7) != 0) { +// psTraceCrypto("Bad parameters to psAesDecrypt\n"); +// return PS_ARG_FAIL; +// } + if ((len & 0x7) != 0) + bb_error_msg_and_die("AES len:%d", len); /* is blocklen valid? @@ -1221,14 +1228,15 @@ int32 psAesInitKey(const unsigned char *key, uint32 keylen, psAesKey_t *skey) int32 i, j; uint32 temp, *rk, *rrk; - if (key == NULL || skey == NULL) { - psTraceCrypto("Bad args to psAesInitKey\n"); - return PS_ARG_FAIL; - } +//bbox +// if (key == NULL || skey == NULL) { +// psTraceCrypto("Bad args to psAesInitKey\n"); +// return PS_ARG_FAIL; +// } if (keylen != 16 && keylen != 24 && keylen != 32) { psTraceCrypto("Invalid AES key length\n"); - ///bbox return CRYPT_INVALID_KEYSIZE; + //bbox return CRYPT_INVALID_KEYSIZE; //unreachable anyway return PS_ARG_FAIL; } @@ -1398,9 +1406,10 @@ void psAesEncryptBlock(const unsigned char *pt, unsigned char *ct, uint32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; int32 Nr, r; - if (pt == NULL || ct == NULL || skey == NULL) { - return; - } +//bbox +// if (pt == NULL || ct == NULL || skey == NULL) { +// return; +// } Nr = skey->Nr; rk = skey->eK; @@ -1562,9 +1571,10 @@ void psAesDecryptBlock(const unsigned char *ct, unsigned char *pt, uint32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; int32 Nr, r; - if (pt == NULL || ct == NULL || skey == NULL) { - return; - } +//bbox +// if (pt == NULL || ct == NULL || skey == NULL) { +// return; +// } Nr = skey->Nr; rk = skey->dK; diff --git a/networking/tls_pstm.c b/networking/tls_pstm.c index f802baa15..acd800307 100644 --- a/networking/tls_pstm.c +++ b/networking/tls_pstm.c @@ -6,7 +6,7 @@ #include "tls.h" /* The file is taken almost verbatim from matrixssl-3-7-2b-open/crypto/math/. - * Changes are flagged with ///bbox + * Changes are flagged with //bbox */ /** @@ -43,7 +43,7 @@ */ /******************************************************************************/ -///bbox +//bbox //#include "../cryptoApi.h" #ifndef DISABLE_PSTM @@ -55,21 +55,21 @@ static int32 pstm_mul_2d(pstm_int *a, int16 b, pstm_int *c); */ int32 pstm_init_size(psPool_t *pool, pstm_int * a, uint32 size) { -///bbox +//bbox // uint16 x; /* alloc mem */ - a->dp = xzalloc(sizeof (pstm_digit) * size);///bbox - a->pool = pool; + a->dp = xzalloc(sizeof (pstm_digit) * size);//bbox +//bbox a->pool = pool; a->used = 0; a->alloc = (int16)size; a->sign = PSTM_ZPOS; /* zero the digits */ -///bbox +//bbox // for (x = 0; x < size; x++) { // a->dp[x] = 0; // } @@ -82,16 +82,16 @@ int32 pstm_init_size(psPool_t *pool, pstm_int * a, uint32 size) */ int32 pstm_init(psPool_t *pool, pstm_int * a) { -///bbox +//bbox // int32 i; /* allocate memory required and clear it */ - a->dp = xzalloc(sizeof (pstm_digit) * PSTM_DEFAULT_INIT);///bbox + a->dp = xzalloc(sizeof (pstm_digit) * PSTM_DEFAULT_INIT);//bbox /* set the digits to zero */ -///bbox +//bbox // for (i = 0; i < PSTM_DEFAULT_INIT; i++) { // a->dp[i] = 0; // } @@ -99,7 +99,7 @@ int32 pstm_init(psPool_t *pool, pstm_int * a) set the used to zero, allocated digits to the default precision and sign to positive */ - a->pool = pool; +//bbox a->pool = pool; a->used = 0; a->alloc = PSTM_DEFAULT_INIT; a->sign = PSTM_ZPOS; @@ -126,7 +126,7 @@ int32 pstm_grow(pstm_int * a, int16 size) We store the return in a temporary variable in case the operation failed we don't want to overwrite the dp member of a. */ - tmp = xrealloc(a->dp, sizeof (pstm_digit) * size);///bbox + tmp = xrealloc(a->dp, sizeof (pstm_digit) * size);//bbox /* reallocation succeeded so set a->dp */ @@ -1622,7 +1622,7 @@ int32 pstm_exptmod(psPool_t *pool, pstm_int *G, pstm_int *X, pstm_int *P, Pre-allocated digit. Used for mul, sqr, AND reduce */ paDlen = ((M[1].used + 3) * 2) * sizeof(pstm_digit); - paD = xzalloc(paDlen);///bbox + paD = xzalloc(paDlen);//bbox /* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times */ @@ -1941,6 +1941,9 @@ int32 pstm_cmp_d(pstm_int *a, pstm_digit b) in cases where dQ > dP. The values must be switched and a new qP must be calculated using this function */ +//bbox: pool unused +#define pstm_invmod_slow(pool, a, b, c) \ + pstm_invmod_slow( a, b, c) static int32 pstm_invmod_slow(psPool_t *pool, pstm_int * a, pstm_int * b, pstm_int * c) { diff --git a/networking/tls_pstm.h b/networking/tls_pstm.h index de03e3f92..3a0fd8ce6 100644 --- a/networking/tls_pstm.h +++ b/networking/tls_pstm.h @@ -4,7 +4,7 @@ * Licensed under GPLv2, see file LICENSE in this source tree. */ /* The file is taken almost verbatim from matrixssl-3-7-2b-open/crypto/math/. - * Changes are flagged with ///bbox + * Changes are flagged with //bbox */ /** @@ -124,7 +124,7 @@ typedef struct { int16 used, alloc, sign; pstm_digit *dp; - psPool_t *pool; +//bbox psPool_t *pool; } pstm_int; /******************************************************************************/ @@ -140,15 +140,27 @@ extern void pstm_set(pstm_int *a, pstm_digit b); extern void pstm_zero(pstm_int * a); +//bbox: pool unused +#define pstm_init(pool, a) \ + pstm_init( a) extern int32 pstm_init(psPool_t *pool, pstm_int * a); +//bbox: pool unused +#define pstm_init_size(pool, a, size) \ + pstm_init_size( a, size) extern int32 pstm_init_size(psPool_t *pool, pstm_int * a, uint32 size); +//bbox: pool unused +#define pstm_init_copy(pool, a, b, toSqr) \ + pstm_init_copy( a, b, toSqr) extern int32 pstm_init_copy(psPool_t *pool, pstm_int * a, pstm_int * b, int16 toSqr); extern int16 pstm_count_bits (pstm_int * a); +//bbox: pool unused +#define pstm_init_for_read_unsigned_bin(pool, a, len) \ + pstm_init_for_read_unsigned_bin( a, len) extern int32 pstm_init_for_read_unsigned_bin(psPool_t *pool, pstm_int *a, uint32 len); @@ -178,9 +190,15 @@ extern void pstm_rshd(pstm_int *a, int16 x); extern int32 pstm_lshd(pstm_int * a, int16 b); +//bbox: pool unused +#define pstm_div(pool, a, b, c, d) \ + pstm_div( a, b, c, d) extern int32 pstm_div(psPool_t *pool, pstm_int *a, pstm_int *b, pstm_int *c, pstm_int *d); +//bbox: pool unused +#define pstm_div_2d(pool, a, b, c, d) \ + pstm_div_2d( a, b, c, d) extern int32 pstm_div_2d(psPool_t *pool, pstm_int *a, int16 b, pstm_int *c, pstm_int *d); @@ -190,15 +208,27 @@ extern int32 s_pstm_sub(pstm_int *a, pstm_int *b, pstm_int *c); extern int32 pstm_sub(pstm_int *a, pstm_int *b, pstm_int *c); +//bbox: pool unused +#define pstm_sub_d(pool, a, b, c) \ + pstm_sub_d( a, b, c) extern int32 pstm_sub_d(psPool_t *pool, pstm_int *a, pstm_digit b, pstm_int *c); extern int32 pstm_mul_2(pstm_int * a, pstm_int * b); +//bbox: pool unused +#define pstm_mod(pool, a, b, c) \ + pstm_mod( a, b, c) extern int32 pstm_mod(psPool_t *pool, pstm_int *a, pstm_int *b, pstm_int *c); +//bbox: pool unused +#define pstm_mulmod(pool, a, b, c, d) \ + pstm_mulmod( a, b, c, d) extern int32 pstm_mulmod(psPool_t *pool, pstm_int *a, pstm_int *b, pstm_int *c, pstm_int *d); +//bbox: pool unused +#define pstm_exptmod(pool, G, X, P, Y) \ + pstm_exptmod( G, X, P, Y) extern int32 pstm_exptmod(psPool_t *pool, pstm_int *G, pstm_int *X, pstm_int *P, pstm_int *Y); @@ -206,15 +236,21 @@ extern int32 pstm_2expt(pstm_int *a, int16 b); extern int32 pstm_add(pstm_int *a, pstm_int *b, pstm_int *c); +//bbox: pool unused +#define pstm_to_unsigned_bin(pool, a, b) \ + pstm_to_unsigned_bin( a, b) extern int32 pstm_to_unsigned_bin(psPool_t *pool, pstm_int *a, unsigned char *b); +//bbox: pool unused +#define pstm_to_unsigned_bin_nr(pool, a, b) \ + pstm_to_unsigned_bin_nr( a, b) extern int32 pstm_to_unsigned_bin_nr(psPool_t *pool, pstm_int *a, unsigned char *b); extern int32 pstm_montgomery_setup(pstm_int *a, pstm_digit *rho); -///bbox: pool unused +//bbox: pool unused #define pstm_montgomery_reduce(pool, a, m, mp, paD, paDlen) \ pstm_montgomery_reduce( a, m, mp, paD, paDlen) extern int32 pstm_montgomery_reduce(psPool_t *pool, pstm_int *a, pstm_int *m, @@ -225,7 +261,7 @@ extern int32 pstm_montgomery_reduce(psPool_t *pool, pstm_int *a, pstm_int *m, extern int32 pstm_mul_comba(psPool_t *pool, pstm_int *A, pstm_int *B, pstm_int *C, pstm_digit *paD, uint32 paDlen); -///bbox: pool unused +//bbox: pool unused #define pstm_sqr_comba(pool, A, B, paD, paDlen) \ pstm_sqr_comba( A, B, paD, paDlen) extern int32 pstm_sqr_comba(psPool_t *pool, pstm_int *A, pstm_int *B, @@ -237,6 +273,9 @@ extern int32 pstm_montgomery_calc_normalization(pstm_int *a, pstm_int *b); extern int32 pstm_mul_d(pstm_int *a, pstm_digit b, pstm_int *c); +//bbox: pool unused +#define pstm_invmod(pool, a, b, c) \ + pstm_invmod( a, b, c) extern int32 pstm_invmod(psPool_t *pool, pstm_int * a, pstm_int * b, pstm_int * c); diff --git a/networking/tls_pstm_montgomery_reduce.c b/networking/tls_pstm_montgomery_reduce.c index e9ae81c53..dc2fe0a48 100644 --- a/networking/tls_pstm_montgomery_reduce.c +++ b/networking/tls_pstm_montgomery_reduce.c @@ -6,7 +6,7 @@ #include "tls.h" /* The file is taken almost verbatim from matrixssl-3-7-2b-open/crypto/math/. - * Changes are flagged with ///bbox + * Changes are flagged with //bbox */ /** @@ -43,7 +43,7 @@ */ /******************************************************************************/ -///bbox +//bbox //#include "../cryptoApi.h" #ifndef DISABLE_PSTM @@ -357,7 +357,7 @@ int32 pstm_montgomery_reduce(psPool_t *pool, pstm_int *a, pstm_int *m, c = paD; memset(c, 0x0, paDlen); } else { - c = xzalloc(2*pa+1);///bbox + c = xzalloc(2*pa+1);//bbox } /* copy the input */ oldused = a->used; diff --git a/networking/tls_pstm_mul_comba.c b/networking/tls_pstm_mul_comba.c index 7967231df..47cbb9618 100644 --- a/networking/tls_pstm_mul_comba.c +++ b/networking/tls_pstm_mul_comba.c @@ -6,7 +6,7 @@ #include "tls.h" /* The file is taken almost verbatim from matrixssl-3-7-2b-open/crypto/math/. - * Changes are flagged with ///bbox + * Changes are flagged with //bbox */ /** @@ -43,7 +43,7 @@ */ /******************************************************************************/ -///bbox +//bbox //#include "../cryptoApi.h" #ifndef DISABLE_PSTM @@ -222,7 +222,7 @@ asm( \ /******************************************************************************/ /* generic PxQ multiplier */ -///bbox: pool unused +//bbox: pool unused #define pstm_mul_comba_gen(pool, A, B, C, paD, paDlen) \ pstm_mul_comba_gen( A, B, C, paD, paDlen) static int32 pstm_mul_comba_gen(psPool_t *pool, pstm_int *A, pstm_int *B, @@ -250,13 +250,13 @@ static int32 pstm_mul_comba_gen(psPool_t *pool, pstm_int *A, pstm_int *B, if (paD != NULL) { if (paDlen < (sizeof(pstm_digit) * pa)) { paDfail = 1; /* have a paD but it's not large enough */ - dst = xzalloc(sizeof(pstm_digit) * pa);///bbox + dst = xzalloc(sizeof(pstm_digit) * pa);//bbox } else { dst = paD; memset(dst, 0x0, paDlen); } } else { - dst = xzalloc(sizeof(pstm_digit) * pa);///bbox + dst = xzalloc(sizeof(pstm_digit) * pa);//bbox } for (ix = 0; ix < pa; ix++) { diff --git a/networking/tls_pstm_sqr_comba.c b/networking/tls_pstm_sqr_comba.c index 378e0647b..36cb9ea97 100644 --- a/networking/tls_pstm_sqr_comba.c +++ b/networking/tls_pstm_sqr_comba.c @@ -6,7 +6,7 @@ #include "tls.h" /* The file is taken almost verbatim from matrixssl-3-7-2b-open/crypto/math/. - * Changes are flagged with ///bbox + * Changes are flagged with //bbox */ /** @@ -43,7 +43,7 @@ */ /******************************************************************************/ -///bbox +//bbox //#include "../cryptoApi.h" #ifndef DISABLE_PSTM @@ -439,7 +439,7 @@ asm( \ /* Non-unrolled comba squarer */ -///bbox: pool unused +//bbox: pool unused #define pstm_sqr_comba_gen(pool, A, B, paD, paDlen) \ pstm_sqr_comba_gen( A, B, paD, paDlen) static int32 pstm_sqr_comba_gen(psPool_t *pool, pstm_int *A, pstm_int *B, @@ -470,13 +470,13 @@ static int32 pstm_sqr_comba_gen(psPool_t *pool, pstm_int *A, pstm_int *B, if (paD != NULL) { if (paDlen < (sizeof(pstm_digit) * pa)) { paDfail = 1; /* have a paD, but it's not big enough */ - dst = xzalloc(sizeof(pstm_digit) * pa);///bbox + dst = xzalloc(sizeof(pstm_digit) * pa);//bbox } else { dst = paD; memset(dst, 0x0, paDlen); } } else { - dst = xzalloc(sizeof(pstm_digit) * pa);///bbox + dst = xzalloc(sizeof(pstm_digit) * pa);//bbox } for (ix = 0; ix < pa; ix++) { diff --git a/networking/tls_rsa.c b/networking/tls_rsa.c index df711865c..60c54248e 100644 --- a/networking/tls_rsa.c +++ b/networking/tls_rsa.c @@ -8,12 +8,12 @@ /* The code below is taken from parts of * matrixssl-3-7-2b-open/crypto/pubkey/pkcs.c * matrixssl-3-7-2b-open/crypto/pubkey/rsa.c - * and (so far) almost not modified. Changes are flagged with ///bbox + * and (so far) almost not modified. Changes are flagged with //bbox */ #define pkcs1Pad(in, inlen, out, outlen, cryptType, userPtr) \ pkcs1Pad(in, inlen, out, outlen, cryptType) -static ///bbox +static //bbox int32 pkcs1Pad(unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen, int32 cryptType, void *userPtr) { @@ -57,8 +57,8 @@ int32 pkcs1Pad(unsigned char *in, uint32 inlen, unsigned char *out, } #define psRsaCrypt(pool, in, inlen, out, outlen, key, type, data) \ - psRsaCrypt(pool, in, inlen, out, outlen, key, type) -static ///bbox + psRsaCrypt( in, inlen, out, outlen, key, type) +static //bbox int32 psRsaCrypt(psPool_t *pool, const unsigned char *in, uint32 inlen, unsigned char *out, uint32 *outlen, psRsaKey_t *key, int32 type, void *data) @@ -67,10 +67,11 @@ int32 psRsaCrypt(psPool_t *pool, const unsigned char *in, uint32 inlen, int32 res; uint32 x; - if (in == NULL || out == NULL || outlen == NULL || key == NULL) { - psTraceCrypto("NULL parameter error in psRsaCrypt\n"); - return PS_ARG_FAIL; - } +//bbox +// if (in == NULL || out == NULL || outlen == NULL || key == NULL) { +// psTraceCrypto("NULL parameter error in psRsaCrypt\n"); +// return PS_ARG_FAIL; +// } tmp.dp = tmpa.dp = tmpb.dp = NULL; @@ -187,7 +188,8 @@ int32 psRsaEncryptPub(psPool_t *pool, psRsaKey_t *key, size = key->size; if (outlen < size) { - psTraceCrypto("Error on bad outlen parameter to psRsaEncryptPub: outlen:%d < size:%d", outlen, size); +//bbox psTraceCrypto("Error on bad outlen parameter to psRsaEncryptPub\n"); + bb_error_msg_and_die("RSA crypt outlen:%d < size:%d", outlen, size); return PS_ARG_FAIL; } diff --git a/networking/tls_rsa.h b/networking/tls_rsa.h index 93f469e83..c464ed552 100644 --- a/networking/tls_rsa.h +++ b/networking/tls_rsa.h @@ -10,11 +10,11 @@ typedef struct { pstm_int e, d, N, qP, dP, dQ, p, q; uint32 size; /* Size of the key in bytes */ int32 optimized; /* 1 for optimized */ - psPool_t *pool; +//bbox psPool_t *pool; } psRsaKey_t; #define psRsaEncryptPub(pool, key, in, inlen, out, outlen, data) \ - psRsaEncryptPub(pool, key, in, inlen, out, outlen) + psRsaEncryptPub( key, in, inlen, out, outlen) int32 psRsaEncryptPub(psPool_t *pool, psRsaKey_t *key, unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen, void *data); diff --git a/networking/tls_symmetric.h b/networking/tls_symmetric.h index 712ee600c..b6b55c78c 100644 --- a/networking/tls_symmetric.h +++ b/networking/tls_symmetric.h @@ -6,7 +6,7 @@ /* The part below is a section of matrixssl-3-7-2b-open/crypto/cryptolib.h - * Changes are flagged with ///bbox + * Changes are flagged with //bbox * TODO: * Take a look at "roll %%cl" part... rotates by constant use fewer registers, * and on many Intel CPUs rotates by %cl are slower: they take 2 cycles, not 1. @@ -299,7 +299,7 @@ x = (((uint64)((y)[0] & 255))<<56)|(((uint64)((y)[1] & 255))<<48)| \ /* The part below is taken almost verbatim from matrixssl-3-7-2b-open/crypto/symmetric/. - * Changes are flagged with ///bbox + * Changes are flagged with //bbox */ /** -- cgit v1.2.3