emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tls: in AES-CBC code, do not set key for every record - do it once

Browse Source 
function                                             old     new   delta
aes_setkey                                            16     212    +196
tls_handshake                                       1941    1977     +36
aes_encrypt_1                                        382     396     +14
xwrite_encrypted                                     605     604      -1
tls_xread_record                                     659     656      -3
aes_encrypt_one_block                                 65      59      -6
aes_cbc_encrypt                                      172     121     -51
aesgcm_setkey                                         58       -     -58
aes_cbc_decrypt                                      958     881     -77
KeyExpansion                                         188       -    -188
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 3/5 up/down: 246/-384)         Total: -138 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko
2018-11-23 18:02:44 +01:00
parent 83e5c627e1
commit 5e4236d226
5 changed files with 28 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
networking/tls_aesgcm.c
View File

@@ -136,13 +136,3 @@ void FAST_FUNC aesgcm_GHASH(byte* h, const byte* a, unsigned aSz, const byte* c,
/* Copy the result into s. */
XMEMCPY(s, x, sSz);
}
void FAST_FUNC aesgcm_setkey(uint8_t H[16], struct tls_aes *aes, const byte* key, unsigned len)
{
byte iv[AES_BLOCK_SIZE];
aes_setkey(aes, key, len);
memset(iv, 0, AES_BLOCK_SIZE);
aes_encrypt_one_block(aes, iv, H);
}