busybox

x/busybox

mirror of https://git.busybox.net/busybox synced 2026-02-22 10:12:18 +00:00

Author	SHA1	Message	Date
Denys Vlasenko	22b66febbd	tls: server: fix incorrect key_block assignments - now works against openssl s_client function old new delta privRsaEncryptSignedElement - 236 +236 tls_handshake_as_server 2033 2264 +231 .rodata 108079 108301 +222 initialize_aes_keys - 77 +77 xwrite_encrypted 507 506 -1 tls_handshake 1519 1500 -19 derive_master_secret_and_keys 154 123 -31 ------------------------------------------------------------------------------ (add/remove: 2/0 grow/shrink: 2/3 up/down: 766/-51) Total: 715 bytes Totoal growth compared to code before TLS server code: function old new delta tls_handshake_as_server - 2264 +2264 .rodata 107074 108301 +1227 psRsaCrypt - 577 +577 load_rsa_priv_key - 282 +282 ssl_server_main - 279 +279 privRsaEncryptSignedElement - 236 +236 ssl_client_main 137 363 +226 psRsaDecryptPriv - 171 +171 set_cipher_parameters - 161 +161 derive_master_secret_and_keys - 123 +123 packed_usage 36034 36146 +112 sp_ecc_make_key_256 - 103 +103 send_finished - 94 +94 get_change_cipher_spec - 88 +88 initialize_aes_keys - 77 +77 static.BLOCK_NAMES - 70 +70 curve_P256_compute_premaster - 65 +65 der_binary_to_pstm - 50 +50 curve_x25519_generate_keypair - 44 +44 get_finished - 42 +42 get_outbuf_fill_handshake_record - 37 +37 client_hello_ciphers - 32 +32 curve_P256_generate_keypair - 27 +27 sp_256_from_bin_8 - 26 +26 tls_xread_record 681 704 +23 curve_x25519_compute_premaster - 15 +15 applet_names 2870 2881 +11 applet_main 1652 1656 +4 xwrite_encrypted 507 506 -1 xwrite_and_update_handshake_hash 76 59 -17 sp_256_point_from_bin2x32 70 43 -27 curve_x25519_compute_pubkey_and_premaster 71 39 -32 curve_P256_compute_pubkey_and_premaster 167 65 -102 psRsaEncryptPub 395 199 -196 tls_handshake 2069 1500 -569 ------------------------------------------------------------------------------ (add/remove: 23/0 grow/shrink: 6/7 up/down: 6466/-944) Total: 5522 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2026-02-15 15:26:31 +01:00
Denys Vlasenko	7773faa878	tls: make ECDHE_RSA work against our client (openssl s_client not yet) function old new delta tls_handshake_as_server 1601 2033 +432 sp_ecc_make_key_256 - 103 +103 curve_P256_compute_premaster - 65 +65 .rodata 108023 108079 +56 curve_x25519_generate_keypair - 44 +44 tls_get_zeroed_outbuf - 28 +28 curve_P256_generate_keypair - 27 +27 sp_256_from_bin_8 - 26 +26 curve_x25519_compute_premaster - 15 +15 tls_xread_record 708 704 -4 tls_handshake 1530 1519 -11 get_outbuf_fill_handshake_record 51 37 -14 sp_256_point_from_bin2x32 70 43 -27 curve_x25519_compute_pubkey_and_premaster 71 39 -32 curve_P256_compute_pubkey_and_premaster 167 65 -102 ------------------------------------------------------------------------------ (add/remove: 7/0 grow/shrink: 2/6 up/down: 796/-190) Total: 606 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2026-02-15 15:16:26 +01:00
Denys Vlasenko	8289b34626	tls: document PSTM_64BIT + PSTM_X86_64 optimizations better Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2026-02-08 08:30:03 +01:00
Denys Vlasenko	c305c81c94	libbb: introduce and use block-XOR functions On x86_64, they can be done in 16-byte blocks 64-bit: function old new delta xorbuf_3 - 84 +84 xorbuf64_3_aligned64 - 58 +58 smix1 687 712 +25 xwrite_encrypted 520 534 +14 xorbuf16_aligned_long - 13 +13 tls_xread_record 733 742 +9 xorbuf 21 13 -8 xorbuf_aligned_AES_BLOCK_SIZE 15 - -15 blockmix 814 762 -52 blockmix_salsa8 317 198 -119 blockmix_xor_save 1620 1499 -121 blockmix_xor 1543 1322 -221 ------------------------------------------------------------------------------ (add/remove: 4/1 grow/shrink: 3/5 up/down: 203/-536) Total: -333 bytes 32-bit: function old new delta xorbuf_3 - 76 +76 xorbuf64_3_aligned64 - 36 +36 xorbuf16_aligned_long - 23 +23 xwrite_encrypted 499 507 +8 tls_xread_record 646 650 +4 xorbuf 22 11 -11 xorbuf_aligned_AES_BLOCK_SIZE 23 - -23 blockmix 1083 938 -145 blockmix_salsa8 415 210 -205 blockmix_salsa8_xor 601 163 -438 blockmix_xor 2103 1533 -570 blockmix_xor_save 2614 1859 -755 ------------------------------------------------------------------------------ (add/remove: 4/1 grow/shrink: 2/6 up/down: 147/-2147) Total: -2000 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2025-07-09 07:00:59 +02:00
Denys Vlasenko	74ee3f2f73	tls: remove unused tls_symmetric.h (was used by old "big" AES code) Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2021-10-11 13:46:30 +02:00
Denys Vlasenko	55578f2fb7	tls: fix the case of sp_256_mont_tpl_10() leaving striay high bits It has no effect on correctness, but interferes with compating internal state of different implementations. function old new delta sp_256_proj_point_dbl_10 443 451 +8 static.sp_256_mont_sub_10 46 49 +3 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/0 up/down: 11/0) Total: 11 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2021-10-05 19:46:39 +02:00
Denys Vlasenko	074b33bf16	tls: simplify sp_256_ecc_gen_k_10, cosmetic changes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2021-04-26 14:33:38 +02:00
Denys Vlasenko	6b69ab68b4	tls: make x25519 key generation code more similar to P256 function old new delta curve_x25519_compute_pubkey_and_premaster - 74 +74 tls_handshake 2146 2072 -74 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/1 up/down: 74/-74) Total: 0 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2021-04-26 13:46:36 +02:00
Denys Vlasenko	f18a1fd6f3	tls: implement secp256r1 elliptic curve (aka P256) function old new delta sp_256_mod_mul_norm_10 - 1439 +1439 sp_256_ecc_mulmod_10 - 1363 +1363 sp_256_proj_point_dbl_10 - 490 +490 p256_base - 244 +244 static.sp_256_mont_sqr_10 - 234 +234 static.sp_256_mont_mul_10 - 214 +214 curve_P256_compute_pubkey_and_premaster - 197 +197 static.sp_256_mont_reduce_10 - 176 +176 static.sp_256_from_bin - 149 +149 sp_256_to_bin - 148 +148 tls_handshake 2046 2146 +100 static.sp_256_mul_add_10 - 82 +82 .rodata 103275 103336 +61 static.sp_256_mont_sub_10 - 52 +52 static.sp_256_mont_dbl_10 - 52 +52 static.sp_256_cmp_10 - 43 +43 p256_mod - 40 +40 static.sp_256_cond_sub_10 - 32 +32 p256_mod_2 - 32 +32 sp_256_norm_10 - 31 +31 sp_256_cmp_equal_10 - 30 +30 sp_256_add_10 - 22 +22 addr_mask - 8 +8 ------------------------------------------------------------------------------ (add/remove: 22/0 grow/shrink: 2/0 up/down: 5239/0) Total: 5239 bytes text data bss dec hex filename 1018192 559 5020 1023771 f9f1b busybox_old 1023431 559 5020 1029010 fb392 busybox_unstripped Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2021-04-26 13:30:09 +02:00
James Byrne	6937487be7	libbb: reduce the overhead of single parameter bb_error_msg() calls Back in 2007, commit `0c97c9d437` ("'simple' error message functions by Loic Grenie") introduced bb_simple_perror_msg() to allow for a lower overhead call to bb_perror_msg() when only a string was being printed with no parameters. This saves space for some CPU architectures because it avoids the overhead of a call to a variadic function. However there has never been a simple version of bb_error_msg(), and since 2007 many new calls to bb_perror_msg() have been added that only take a single parameter and so could have been using bb_simple_perror_message(). This changeset introduces 'simple' versions of bb_info_msg(), bb_error_msg(), bb_error_msg_and_die(), bb_herror_msg() and bb_herror_msg_and_die(), and replaces all calls that only take a single parameter, or use something like ("%s", arg), with calls to the corresponding 'simple' version. Since it is likely that single parameter calls to the variadic functions may be accidentally reintroduced in the future a new debugging config option WARN_SIMPLE_MSG has been introduced. This uses some macro magic which will cause any such calls to generate a warning, but this is turned off by default to avoid use of the unpleasant macros in normal circumstances. This is a large changeset due to the number of calls that have been replaced. The only files that contain changes other than simple substitution of function calls are libbb.h, libbb/herror_msg.c, libbb/verror_msg.c and libbb/xfuncs_printf.c. In miscutils/devfsd.c, networking/udhcp/common.h and util-linux/mdev.c additonal macros have been added for logging so that single parameter and multiple parameter logging variants exist. The amount of space saved varies considerably by architecture, and was found to be as follows (for 'defconfig' using GCC 7.4): Arm: -92 bytes MIPS: -52 bytes PPC: -1836 bytes x86_64: -938 bytes Note that for the MIPS architecture only an exception had to be made disabling the 'simple' calls for 'udhcp' (in networking/udhcp/common.h) because it made these files larger on MIPS. Signed-off-by: James Byrne <james.byrne@origamienergy.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2019-07-02 11:35:03 +02:00
Denys Vlasenko	03569bc50f	tls: speed up xor'ing of aligned 16-byte buffers function old new delta xorbuf_aligned_AES_BLOCK_SIZE - 23 +23 xwrite_encrypted 585 580 -5 aesgcm_GHASH 233 228 -5 GMULT 192 187 -5 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/3 up/down: 23/-15) Total: 8 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2018-11-24 14:08:29 +01:00
Denys Vlasenko	941440cf16	tls: in AES-GCM decoding, avoid memmove function old new delta xorbuf3 - 36 +36 xorbuf 24 12 -12 tls_xread_record 656 634 -22 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/2 up/down: 36/-34) Total: 2 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2018-11-24 13:51:46 +01:00
Denys Vlasenko	624066f0cc	tls: make tls_get_random() FAST_FUNC function old new delta tls_handshake 1977 1985 +8 tls_get_random 32 28 -4 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/1 up/down: 8/-4) Total: 4 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2018-11-23 19:24:57 +01:00
Denys Vlasenko	83e5c627e1	tls: add support for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher function old new delta xwrite_encrypted 209 605 +396 GHASH - 395 +395 aes_encrypt_1 - 382 +382 GMULT - 192 +192 tls_xread_record 489 659 +170 aes_encrypt_one_block - 65 +65 aesgcm_setkey - 58 +58 FlattenSzInBits - 52 +52 tls_handshake 1890 1941 +51 xwrite_and_update_handshake_hash 46 81 +35 xorbuf - 24 +24 aes_setkey - 16 +16 psRsaEncryptPub 413 421 +8 stty_main 1221 1227 +6 ssl_client_main 138 143 +5 next_token 841 845 +4 spawn_ssl_client 218 219 +1 volume_id_probe_hfs_hfsplus 564 563 -1 read_package_field 232 230 -2 i2cdetect_main 674 672 -2 fail_hunk 139 136 -3 parse_expr 891 883 -8 curve25519 802 793 -9 aes_cbc_decrypt 971 958 -13 xwrite_handshake_record 43 - -43 aes_cbc_encrypt 644 172 -472 ------------------------------------------------------------------------------ (add/remove: 9/1 grow/shrink: 9/8 up/down: 1860/-553) Total: 1307 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2018-11-23 17:48:07 +01:00
Denys Vlasenko	bddb6545a9	tls: add support for ECDHE-ECDSA-AES-128-CBC-SHA and x25519 curve function old new delta curve25519 - 835 +835 tls_handshake 1619 1935 +316 xc_diffadd - 230 +230 fe_mul__distinct - 149 +149 lm_sub - 103 +103 lm_add - 82 +82 fe_mul_c - 74 +74 fe_select - 45 +45 static.f25519_one - 32 +32 static.basepoint9 - 32 +32 static.OID_ECDSA_KEY_ALG - 21 +21 static.OID_RSA_KEY_ALG - 13 +13 static.supported_groups - 8 +8 static.empty_client_cert - 7 +7 der_binary_to_pstm 40 42 +2 static.expected 13 - -13 ------------------------------------------------------------------------------ (add/remove: 14/1 grow/shrink: 2/0 up/down: 1949/-13) Total: 1936 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2018-11-13 02:17:54 +01:00
Denys Vlasenko	79376ecdbd	tls: fix pstm asm constraint problem function old new delta pstm_sqr_comba 551 475 -76 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2017-07-15 17:13:08 +02:00
Denys Vlasenko	9887f93eef	tls: fix build problem on non-static i386 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2017-07-15 13:42:19 +02:00
Denys Vlasenko	432f1ae2ff	tls: tested PSTM_X86_64, not enabling it - too large Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2017-01-19 16:32:38 +01:00
Denys Vlasenko	6b1b004845	tls: commented out psPool_t use function old new delta psAesEncrypt 159 162 +3 der_binary_to_pstm 42 40 -2 xwrite_and_hash 437 434 -3 xread_tls_block 446 443 -3 pstm_div_2d 449 444 -5 psAesDecrypt 179 174 -5 pstm_init_size 52 45 -7 pstm_init 46 39 -7 pstm_to_unsigned_bin 165 157 -8 tls_main 1265 1256 -9 pstm_mulmod 132 123 -9 pstm_mod 125 116 -9 pstm_init_copy 93 84 -9 psAesInitKey 840 825 -15 send_client_key_exchange 362 342 -20 psAesInit 103 80 -23 psRsaEncryptPub 429 403 -26 psAesDecryptBlock 1211 1184 -27 psAesEncryptBlock 1223 1193 -30 pstm_exptmod 1582 1524 -58 pstm_div 1557 1472 -85 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/20 up/down: 3/-360) Total: -357 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2017-01-19 15:51:00 +01:00
Denys Vlasenko	b7e9ae6e9f	tls: added AES code and made it compile. not used yet Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2017-01-18 17:20:27 +01:00
Denys Vlasenko	936e83e694	tls: add sha256 hmac and prf code Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2017-01-16 04:25:01 +01:00
Denys Vlasenko	11d0096516	tls: format and send CLIENT_KEY_EXCHANGE $ ./busybox tls kernel.org insize:0 tail:0 got block len:74 got HANDSHAKE got SERVER_HELLO insize:79 tail:4265 got block len:4392 got HANDSHAKE got CERTIFICATE entered der @0x8b217a7:0x30 len:1452 inner_byte @0x8b217ab:0x30 entered der @0x8b217ab:0x30 len:1172 inner_byte @0x8b217af:0xa0 skipped der 0xa0, next byte 0x02 skipped der 0x02, next byte 0x30 skipped der 0x30, next byte 0x30 skipped der 0x30, next byte 0x30 skipped der 0x30, next byte 0x30 skipped der 0x30, next byte 0x30 entered der @0x8b218b4:0x30 len:418 inner_byte @0x8b218b8:0x30 skipped der 0x30, next byte 0x03 entered der @0x8b218c7:0x03 len:399 inner_byte @0x8b218cb:0x00 key bytes:399, first:0x00 entered der @0x8b218cc:0x30 len:394 inner_byte @0x8b218d0:0x02 binary bytes:385, first:0x00 skipped der 0x02, next byte 0x02 binary bytes:3, first:0x01 server_rsa_pub_key.size:384 insize:4397 tail:9 got block len:4 got SERVER_HELLO_DONE insize:9 tail:0 ^C Next step: send CHANGE_CIPHER_SPEC... and actually implement it. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>	2017-01-15 00:12:42 +01:00

22 commits