Denys Vlasenko
55578f2fb7
tls: fix the case of sp_256_mont_tpl_10() leaving striay high bits
...
It has no effect on correctness, but interferes with compating internal state
of different implementations.
function old new delta
sp_256_proj_point_dbl_10 443 451 +8
static.sp_256_mont_sub_10 46 49 +3
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 11/0) Total: 11 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-05 19:46:39 +02:00
Denys Vlasenko
074b33bf16
tls: simplify sp_256_ecc_gen_k_10, cosmetic changes
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 14:33:38 +02:00
Denys Vlasenko
6b69ab68b4
tls: make x25519 key generation code more similar to P256
...
function old new delta
curve_x25519_compute_pubkey_and_premaster - 74 +74
tls_handshake 2146 2072 -74
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/1 up/down: 74/-74) Total: 0 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 13:46:36 +02:00
Denys Vlasenko
f18a1fd6f3
tls: implement secp256r1 elliptic curve (aka P256)
...
function old new delta
sp_256_mod_mul_norm_10 - 1439 +1439
sp_256_ecc_mulmod_10 - 1363 +1363
sp_256_proj_point_dbl_10 - 490 +490
p256_base - 244 +244
static.sp_256_mont_sqr_10 - 234 +234
static.sp_256_mont_mul_10 - 214 +214
curve_P256_compute_pubkey_and_premaster - 197 +197
static.sp_256_mont_reduce_10 - 176 +176
static.sp_256_from_bin - 149 +149
sp_256_to_bin - 148 +148
tls_handshake 2046 2146 +100
static.sp_256_mul_add_10 - 82 +82
.rodata 103275 103336 +61
static.sp_256_mont_sub_10 - 52 +52
static.sp_256_mont_dbl_10 - 52 +52
static.sp_256_cmp_10 - 43 +43
p256_mod - 40 +40
static.sp_256_cond_sub_10 - 32 +32
p256_mod_2 - 32 +32
sp_256_norm_10 - 31 +31
sp_256_cmp_equal_10 - 30 +30
sp_256_add_10 - 22 +22
addr_mask - 8 +8
------------------------------------------------------------------------------
(add/remove: 22/0 grow/shrink: 2/0 up/down: 5239/0) Total: 5239 bytes
text data bss dec hex filename
1018192 559 5020 1023771 f9f1b busybox_old
1023431 559 5020 1029010 fb392 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 13:30:09 +02:00
James Byrne
6937487be7
libbb: reduce the overhead of single parameter bb_error_msg() calls
...
Back in 2007, commit 0c97c9d437
("'simple' error message functions by
Loic Grenie") introduced bb_simple_perror_msg() to allow for a lower
overhead call to bb_perror_msg() when only a string was being printed
with no parameters. This saves space for some CPU architectures because
it avoids the overhead of a call to a variadic function. However there
has never been a simple version of bb_error_msg(), and since 2007 many
new calls to bb_perror_msg() have been added that only take a single
parameter and so could have been using bb_simple_perror_message().
This changeset introduces 'simple' versions of bb_info_msg(),
bb_error_msg(), bb_error_msg_and_die(), bb_herror_msg() and
bb_herror_msg_and_die(), and replaces all calls that only take a
single parameter, or use something like ("%s", arg), with calls to the
corresponding 'simple' version.
Since it is likely that single parameter calls to the variadic functions
may be accidentally reintroduced in the future a new debugging config
option WARN_SIMPLE_MSG has been introduced. This uses some macro magic
which will cause any such calls to generate a warning, but this is
turned off by default to avoid use of the unpleasant macros in normal
circumstances.
This is a large changeset due to the number of calls that have been
replaced. The only files that contain changes other than simple
substitution of function calls are libbb.h, libbb/herror_msg.c,
libbb/verror_msg.c and libbb/xfuncs_printf.c. In miscutils/devfsd.c,
networking/udhcp/common.h and util-linux/mdev.c additonal macros have
been added for logging so that single parameter and multiple parameter
logging variants exist.
The amount of space saved varies considerably by architecture, and was
found to be as follows (for 'defconfig' using GCC 7.4):
Arm: -92 bytes
MIPS: -52 bytes
PPC: -1836 bytes
x86_64: -938 bytes
Note that for the MIPS architecture only an exception had to be made
disabling the 'simple' calls for 'udhcp' (in networking/udhcp/common.h)
because it made these files larger on MIPS.
Signed-off-by: James Byrne <james.byrne@origamienergy.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2019-07-02 11:35:03 +02:00
Denys Vlasenko
03569bc50f
tls: speed up xor'ing of aligned 16-byte buffers
...
function old new delta
xorbuf_aligned_AES_BLOCK_SIZE - 23 +23
xwrite_encrypted 585 580 -5
aesgcm_GHASH 233 228 -5
GMULT 192 187 -5
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/3 up/down: 23/-15) Total: 8 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 14:08:29 +01:00
Denys Vlasenko
941440cf16
tls: in AES-GCM decoding, avoid memmove
...
function old new delta
xorbuf3 - 36 +36
xorbuf 24 12 -12
tls_xread_record 656 634 -22
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/2 up/down: 36/-34) Total: 2 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 13:51:46 +01:00
Denys Vlasenko
624066f0cc
tls: make tls_get_random() FAST_FUNC
...
function old new delta
tls_handshake 1977 1985 +8
tls_get_random 32 28 -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 8/-4) Total: 4 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 19:24:57 +01:00
Denys Vlasenko
83e5c627e1
tls: add support for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher
...
function old new delta
xwrite_encrypted 209 605 +396
GHASH - 395 +395
aes_encrypt_1 - 382 +382
GMULT - 192 +192
tls_xread_record 489 659 +170
aes_encrypt_one_block - 65 +65
aesgcm_setkey - 58 +58
FlattenSzInBits - 52 +52
tls_handshake 1890 1941 +51
xwrite_and_update_handshake_hash 46 81 +35
xorbuf - 24 +24
aes_setkey - 16 +16
psRsaEncryptPub 413 421 +8
stty_main 1221 1227 +6
ssl_client_main 138 143 +5
next_token 841 845 +4
spawn_ssl_client 218 219 +1
volume_id_probe_hfs_hfsplus 564 563 -1
read_package_field 232 230 -2
i2cdetect_main 674 672 -2
fail_hunk 139 136 -3
parse_expr 891 883 -8
curve25519 802 793 -9
aes_cbc_decrypt 971 958 -13
xwrite_handshake_record 43 - -43
aes_cbc_encrypt 644 172 -472
------------------------------------------------------------------------------
(add/remove: 9/1 grow/shrink: 9/8 up/down: 1860/-553) Total: 1307 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 17:48:07 +01:00
Denys Vlasenko
bddb6545a9
tls: add support for ECDHE-ECDSA-AES-128-CBC-SHA and x25519 curve
...
function old new delta
curve25519 - 835 +835
tls_handshake 1619 1935 +316
xc_diffadd - 230 +230
fe_mul__distinct - 149 +149
lm_sub - 103 +103
lm_add - 82 +82
fe_mul_c - 74 +74
fe_select - 45 +45
static.f25519_one - 32 +32
static.basepoint9 - 32 +32
static.OID_ECDSA_KEY_ALG - 21 +21
static.OID_RSA_KEY_ALG - 13 +13
static.supported_groups - 8 +8
static.empty_client_cert - 7 +7
der_binary_to_pstm 40 42 +2
static.expected 13 - -13
------------------------------------------------------------------------------
(add/remove: 14/1 grow/shrink: 2/0 up/down: 1949/-13) Total: 1936 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 02:17:54 +01:00
Denys Vlasenko
79376ecdbd
tls: fix pstm asm constraint problem
...
function old new delta
pstm_sqr_comba 551 475 -76
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15 17:13:08 +02:00
Denys Vlasenko
9887f93eef
tls: fix build problem on non-static i386
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15 13:42:19 +02:00
Denys Vlasenko
432f1ae2ff
tls: tested PSTM_X86_64, not enabling it - too large
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-19 16:32:38 +01:00
Denys Vlasenko
6b1b004845
tls: commented out psPool_t use
...
function old new delta
psAesEncrypt 159 162 +3
der_binary_to_pstm 42 40 -2
xwrite_and_hash 437 434 -3
xread_tls_block 446 443 -3
pstm_div_2d 449 444 -5
psAesDecrypt 179 174 -5
pstm_init_size 52 45 -7
pstm_init 46 39 -7
pstm_to_unsigned_bin 165 157 -8
tls_main 1265 1256 -9
pstm_mulmod 132 123 -9
pstm_mod 125 116 -9
pstm_init_copy 93 84 -9
psAesInitKey 840 825 -15
send_client_key_exchange 362 342 -20
psAesInit 103 80 -23
psRsaEncryptPub 429 403 -26
psAesDecryptBlock 1211 1184 -27
psAesEncryptBlock 1223 1193 -30
pstm_exptmod 1582 1524 -58
pstm_div 1557 1472 -85
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/20 up/down: 3/-360) Total: -357 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-19 15:51:00 +01:00
Denys Vlasenko
b7e9ae6e9f
tls: added AES code and made it compile. not used yet
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-18 17:20:27 +01:00
Denys Vlasenko
936e83e694
tls: add sha256 hmac and prf code
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-16 04:25:01 +01:00
Denys Vlasenko
11d0096516
tls: format and send CLIENT_KEY_EXCHANGE
...
$ ./busybox tls kernel.org
insize:0 tail:0
got block len:74
got HANDSHAKE
got SERVER_HELLO
insize:79 tail:4265
got block len:4392
got HANDSHAKE
got CERTIFICATE
entered der @0x8b217a7:0x30 len:1452 inner_byte @0x8b217ab:0x30
entered der @0x8b217ab:0x30 len:1172 inner_byte @0x8b217af:0xa0
skipped der 0xa0, next byte 0x02
skipped der 0x02, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
entered der @0x8b218b4:0x30 len:418 inner_byte @0x8b218b8:0x30
skipped der 0x30, next byte 0x03
entered der @0x8b218c7:0x03 len:399 inner_byte @0x8b218cb:0x00
key bytes:399, first:0x00
entered der @0x8b218cc:0x30 len:394 inner_byte @0x8b218d0:0x02
binary bytes:385, first:0x00
skipped der 0x02, next byte 0x02
binary bytes:3, first:0x01
server_rsa_pub_key.size:384
insize:4397 tail:9
got block len:4
got SERVER_HELLO_DONE
insize:9 tail:0
^C
Next step: send CHANGE_CIPHER_SPEC... and actually implement it.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 00:12:42 +01:00