Denys Vlasenko
9f00a0fdb1
tls: make RIGHTSHIFTX() in AES-GCM faster
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-12-08 13:34:43 +01:00
Denys Vlasenko
dffc8ff6a6
tls: add ECDHE_PSK and remove ARIA cipher ids
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-27 10:35:10 +01:00
Denys Vlasenko
8a46c74f8d
tls: add _anon_ cipher definitions
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 17:33:17 +01:00
Denys Vlasenko
2eb04290f9
tls: enable TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipher
...
function old new delta
static.ciphers 30 32 +2
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 16:39:35 +01:00
Denys Vlasenko
60f784027e
tls: cipher 009D is not yet supported, don't test for it
...
function old new delta
tls_handshake 2116 2108 -8
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 16:30:22 +01:00
Denys Vlasenko
d9f6c3b091
tls: speed up prf_hmac_sha256()
...
function old new delta
hmac_sha_precomputed - 58 +58
prf_hmac_sha256 181 222 +41
hmac_sha256 68 - -68
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 1/0 up/down: 99/-68) Total: 31 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 15:55:41 +01:00
Denys Vlasenko
d4681c7293
tls: simplify hmac_begin()
...
function old new delta
hmac_begin 196 158 -38
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 10:33:23 +01:00
Denys Vlasenko
ca7cdd4b03
tls: add support for 8 more cipher ids - all tested to work
...
function old new delta
tls_handshake 2059 2116 +57
static.ciphers - 30 +30
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/0 up/down: 87/0) Total: 87 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 00:17:10 +01:00
Denys Vlasenko
838b88c044
tls: fix comments
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 18:52:47 +01:00
Denys Vlasenko
330d7f53f7
tls: add a comment on expanding list of supported ciphers
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 17:27:48 +01:00
Denys Vlasenko
a6192f347f
tls: do not leak RSA key
...
function old new delta
tls_handshake 1957 2059 +102
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 16:17:26 +01:00
Denys Vlasenko
eb53d01be5
tls: code shrink
...
function old new delta
xwrite_and_update_handshake_hash 81 80 -1
tls_handshake 1987 1957 -30
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 14:45:55 +01:00
Denys Vlasenko
a33b008240
tls: code shrink
...
function old new delta
tls_handshake 1993 1987 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 14:28:32 +01:00
Denys Vlasenko
be5ca42e8d
tls: code shrink
...
function old new delta
aesgcm_GHASH 223 196 -27
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 14:03:59 +01:00
Denys Vlasenko
23d0d8caf4
tls: on x86, use xorbuf_aligned_AES_BLOCK_SIZE() even with non-aligned source
...
function old new delta
aesgcm_GHASH 228 223 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 12:02:45 +01:00
Denys Vlasenko
ab3c5e4c44
tls: actually fill in CIPHER_ID3 value in hello message
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 00:53:19 +01:00
Denys Vlasenko
0d18e5cab2
ntpd: do not SEGV on "-p keyno:192.168.1.1", show --help instead
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 00:42:56 +01:00
Denys Vlasenko
5084bae61a
wget: code shrink
...
function old new delta
base64enc 53 46 -7
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 21:56:21 +01:00
Denys Vlasenko
d2923b3d23
tls: fix is.gd again, fix AES-CBC using decrypt key instead of encrypt
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 21:26:20 +01:00
Denys Vlasenko
03569bc50f
tls: speed up xor'ing of aligned 16-byte buffers
...
function old new delta
xorbuf_aligned_AES_BLOCK_SIZE - 23 +23
xwrite_encrypted 585 580 -5
aesgcm_GHASH 233 228 -5
GMULT 192 187 -5
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/3 up/down: 23/-15) Total: 8 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 14:08:29 +01:00
Denys Vlasenko
941440cf16
tls: in AES-GCM decoding, avoid memmove
...
function old new delta
xorbuf3 - 36 +36
xorbuf 24 12 -12
tls_xread_record 656 634 -22
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/2 up/down: 36/-34) Total: 2 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 13:51:46 +01:00
Denys Vlasenko
985702c892
tls: fix a thinko in GHASH optimization
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 13:47:44 +01:00
Denys Vlasenko
624066f0cc
tls: make tls_get_random() FAST_FUNC
...
function old new delta
tls_handshake 1977 1985 +8
tls_get_random 32 28 -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 8/-4) Total: 4 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 19:24:57 +01:00
Denys Vlasenko
26602b85a3
wget: print the final newline only for non-tty output
...
$ busybox wget URL 2>&1 | cat
Connecting to ....
install.iso 0% | | 2629k 0:02:05 ETA
install.iso 7% |** | 25.7M 0:00:23 ETA
install.iso 16% |***** | 54.1M 0:00:14 ETA
install.iso 20% |****** | 67.4M 0:00:15 ETA
install.iso 25% |******** | 81.0M 0:00:14 ETA
install.iso 30% |********* | 97.3M 0:00:13 ETA
install.iso 36% |*********** | 117M 0:00:12 ETA
install.iso 41% |************* | 134M 0:00:11 ETA
install.iso 47% |*************** | 152M 0:00:10 ETA
install.iso 54% |***************** | 176M 0:00:08 ETA
install.iso 61% |******************* | 200M 0:00:06 ETA
install.iso 66% |********************* | 215M 0:00:06 ETA
install.iso 71% |********************** | 231M 0:00:05 ETA
install.iso 75% |************************ | 244M 0:00:04 ETA
install.iso 79% |************************* | 257M 0:00:03 ETA
install.iso 84% |*************************** | 275M 0:00:02 ETA
install.iso 91% |***************************** | 297M 0:00:01 ETA
install.iso 99% |******************************* | 321M 0:00:00 ETA
install.iso 100% |********************************| 323M 0:00:00 ETA
<-- no empty line here
$
function old new delta
bb_progress_update 622 632 +10
progress_meter 152 158 +6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 16/0) Total: 16 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 19:14:52 +01:00
Denys Vlasenko
fbf5e6363b
tls: code shrink
...
function old new delta
aesgcm_GHASH 262 233 -29
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 19:07:05 +01:00
Denys Vlasenko
d496b4002a
tls: typo fix in comment
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 19:00:12 +01:00
Denys Vlasenko
25569c3ca9
tls: make local buffers in aesgcm_GHASH() explicitly 32-bit aligned
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 18:55:15 +01:00
Denys Vlasenko
219c9d4b5d
tls: code shrink
...
function old new delta
xwrite_encrypted 599 585 -14
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 18:48:20 +01:00
Denys Vlasenko
ecc9090cfc
tls: simplify aesgcm_GHASH()
...
function old new delta
xwrite_encrypted 604 599 -5
FlattenSzInBits 52 - -52
aesgcm_GHASH 395 262 -133
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/2 up/down: 0/-190) Total: -190 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 18:31:26 +01:00
Denys Vlasenko
5e4236d226
tls: in AES-CBC code, do not set key for every record - do it once
...
function old new delta
aes_setkey 16 212 +196
tls_handshake 1941 1977 +36
aes_encrypt_1 382 396 +14
xwrite_encrypted 605 604 -1
tls_xread_record 659 656 -3
aes_encrypt_one_block 65 59 -6
aes_cbc_encrypt 172 121 -51
aesgcm_setkey 58 - -58
aes_cbc_decrypt 958 881 -77
KeyExpansion 188 - -188
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 3/5 up/down: 246/-384) Total: -138 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 18:02:44 +01:00
Denys Vlasenko
83e5c627e1
tls: add support for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher
...
function old new delta
xwrite_encrypted 209 605 +396
GHASH - 395 +395
aes_encrypt_1 - 382 +382
GMULT - 192 +192
tls_xread_record 489 659 +170
aes_encrypt_one_block - 65 +65
aesgcm_setkey - 58 +58
FlattenSzInBits - 52 +52
tls_handshake 1890 1941 +51
xwrite_and_update_handshake_hash 46 81 +35
xorbuf - 24 +24
aes_setkey - 16 +16
psRsaEncryptPub 413 421 +8
stty_main 1221 1227 +6
ssl_client_main 138 143 +5
next_token 841 845 +4
spawn_ssl_client 218 219 +1
volume_id_probe_hfs_hfsplus 564 563 -1
read_package_field 232 230 -2
i2cdetect_main 674 672 -2
fail_hunk 139 136 -3
parse_expr 891 883 -8
curve25519 802 793 -9
aes_cbc_decrypt 971 958 -13
xwrite_handshake_record 43 - -43
aes_cbc_encrypt 644 172 -472
------------------------------------------------------------------------------
(add/remove: 9/1 grow/shrink: 9/8 up/down: 1860/-553) Total: 1307 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 17:48:07 +01:00
Denys Vlasenko
4e46b98a45
tls: add comment, no code changes
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-18 19:50:24 +01:00
Denys Vlasenko
fe836d8455
tls: code shrink
...
function old new delta
spawn_ssl_client 219 218 -1
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-14 11:35:36 +01:00
Denys Vlasenko
dbe95682b4
wget: print "TLS certificate validation not implemented" only once on redirects
...
function old new delta
spawn_ssl_client 209 219 +10
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 12:00:19 +01:00
Denys Vlasenko
d5a0405a6f
tls: code shrink
...
function old new delta
tls_get_zeroed_outbuf - 28 +28
static.empty_client_cert 7 - -7
tls_handshake 1930 1890 -40
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 0/1 up/down: 28/-47) Total: -19 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 11:58:53 +01:00
Denys Vlasenko
de7b5bb59a
tls: tidy up recently added ECDSA code
...
function old new delta
tls_handshake 1935 1930 -5
static.OID_ECDSA_KEY_ALG 21 11 -10
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-15) Total: -15 bytes
text data bss dec hex filename
950036 477 7296 957809 e9d71 busybox_old
950048 477 7296 957821 e9d7d busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 11:44:32 +01:00
Denys Vlasenko
375fc78d51
tls: code shrink
...
function old new delta
static.f25519_one 32 - -32
curve25519 835 802 -33
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/1 up/down: 0/-65) Total: -65 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 03:15:15 +01:00
Denys Vlasenko
bddb6545a9
tls: add support for ECDHE-ECDSA-AES-128-CBC-SHA and x25519 curve
...
function old new delta
curve25519 - 835 +835
tls_handshake 1619 1935 +316
xc_diffadd - 230 +230
fe_mul__distinct - 149 +149
lm_sub - 103 +103
lm_add - 82 +82
fe_mul_c - 74 +74
fe_select - 45 +45
static.f25519_one - 32 +32
static.basepoint9 - 32 +32
static.OID_ECDSA_KEY_ALG - 21 +21
static.OID_RSA_KEY_ALG - 13 +13
static.supported_groups - 8 +8
static.empty_client_cert - 7 +7
der_binary_to_pstm 40 42 +2
static.expected 13 - -13
------------------------------------------------------------------------------
(add/remove: 14/1 grow/shrink: 2/0 up/down: 1949/-13) Total: 1936 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 02:17:54 +01:00
Denys Vlasenko
084bac472b
tls: code shrink
...
function old new delta
tls_handshake 1643 1619 -24
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-05 00:19:15 +01:00
Denys Vlasenko
5df3b12241
tls: reorder a few more cipher ids
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-04 21:25:41 +01:00
Denys Vlasenko
b29d045581
tls: move TLS_AES_128_GCM_SHA256 definition up
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-04 21:18:29 +01:00
Denys Vlasenko
9b0ce4d608
tls: add more cipher ids, no code changes
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-04 20:53:54 +01:00
Denys Vlasenko
9d05ad087e
udhcpc: code shrink
...
function old new delta
perform_release 112 172 +60
send_release 81 - -81
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 1/0 up/down: 60/-81) Total: -21 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-03 23:34:35 +01:00
Denys Vlasenko
63d053d8c3
ntpd: default to FEATURE_NTP_AUTH=y
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-10-30 23:07:26 +01:00
Denys Vlasenko
c05aa6a776
udhcpc: ensure at least one unicast renew attempt
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-10-30 11:56:18 +01:00
Brandon P. Enochs
a541314b1f
ntpd: add support for MD5/SHA1 message authentication
...
Add support for MD5 message authentication as described in RFC 5905.
This patch also supports SHA1 authentication.
The key file format is the same file format as used by ntpd.
The configuration file format follows standard Unix conventions
(# comments) with lines consist of the following fields separated by whitespace:
<key identifier, [1,65535]> <SHA1|MD5> <an ASCII string of up to 20 characters|an octet string [a-zA-F0-9] of up to 40 characters>.
https://www.ietf.org/rfc/rfc5905.txt
function old new delta
ntp_init 473 987 +514
hash - 125 +125
recv_and_process_peer_pkt 889 961 +72
packed_usage 33066 33130 +64
ntpd_main 1226 1277 +51
find_key_entry - 29 +29
add_peers 195 207 +12
recv_and_process_client_pkt 509 514 +5
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 6/0 up/down: 872/0) Total: 872 bytes
Signed-off-by: Brandon P. Enochs <enochs.brandon@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-10-27 18:57:37 +02:00
Denys Vlasenko
4329116b6d
nbd-client: support newstyle protocol, -b, -d, -p, -N
...
Recognize the "newstyle" protocol and switch to it automatically.
Add options for setting blocksize (-b) and for disconnecting
a nbd device (-d).
function old new delta
nbdclient_main 492 1179 +687
static.long_options - 80 +80
print_direc 438 457 +19
brctl_main 1169 1183 +14
bb_strtoll 84 89 +5
packed_usage 33082 33066 -16
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 4/1 up/down: 805/-16) Total: 789 bytes
Signed-off-by: Elvira Khabirova <lineprinter@altlinux.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-10-24 15:52:04 +02:00
Bernhard Reutner-Fischer
7effa31cd4
brctl: use a single buffer for brname and ifname
...
function old new delta
brctl_main 1681 1675 -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-6) Total: -6 bytes
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
2018-10-01 22:45:36 +02:00
Brandon Maier
14454b3071
ifupdown: support "source-directory" stanza
...
Support the "source-directory" stanza from ifupdown[1]. source-directory
will include all files in the named directory. Similar to the Busybox
version of the "source" stanza, this version of source-directory does
not currently support shell wildcards.
We only check that the stanza starts with "source-dir" as ifupdown does[2].
[1] https://manpages.debian.org/stretch/ifupdown/interfaces.5.en.html#INCLUDING_OTHER_FILES
[2] https://salsa.debian.org/debian/ifupdown/blob/0.8.33/config.c#L498
function old new delta
read_interfaces 1150 1241 +91
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-09-30 13:23:05 +02:00
Denys Vlasenko
aae428f0bf
udhcpc: give SIGUSR1-induced renew one chance of unicast renew
...
The caps were inconsistent: timeout to renew was capped at 20 seconds,
and any renews with timeout <= 60 seconds were forced to broadcast.
function old new delta
udhcpc_main 2683 2680 -3
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-09-28 14:44:09 +02:00