Commit Graph

2830 Commits

Author SHA1 Message Date
Denys Vlasenko
9f00a0fdb1 tls: make RIGHTSHIFTX() in AES-GCM faster
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-12-08 13:34:43 +01:00
Denys Vlasenko
dffc8ff6a6 tls: add ECDHE_PSK and remove ARIA cipher ids
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-27 10:35:10 +01:00
Denys Vlasenko
8a46c74f8d tls: add _anon_ cipher definitions
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 17:33:17 +01:00
Denys Vlasenko
2eb04290f9 tls: enable TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipher
function                                             old     new   delta
static.ciphers                                        30      32      +2

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 16:39:35 +01:00
Denys Vlasenko
60f784027e tls: cipher 009D is not yet supported, don't test for it
function                                             old     new   delta
tls_handshake                                       2116    2108      -8

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 16:30:22 +01:00
Denys Vlasenko
d9f6c3b091 tls: speed up prf_hmac_sha256()
function                                             old     new   delta
hmac_sha_precomputed                                   -      58     +58
prf_hmac_sha256                                      181     222     +41
hmac_sha256                                           68       -     -68
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 1/0 up/down: 99/-68)             Total: 31 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 15:55:41 +01:00
Denys Vlasenko
d4681c7293 tls: simplify hmac_begin()
function                                             old     new   delta
hmac_begin                                           196     158     -38

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 10:33:23 +01:00
Denys Vlasenko
ca7cdd4b03 tls: add support for 8 more cipher ids - all tested to work
function                                             old     new   delta
tls_handshake                                       2059    2116     +57
static.ciphers                                         -      30     +30
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/0 up/down: 87/0)               Total: 87 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26 00:17:10 +01:00
Denys Vlasenko
838b88c044 tls: fix comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 18:52:47 +01:00
Denys Vlasenko
330d7f53f7 tls: add a comment on expanding list of supported ciphers
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 17:27:48 +01:00
Denys Vlasenko
a6192f347f tls: do not leak RSA key
function                                             old     new   delta
tls_handshake                                       1957    2059    +102

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 16:17:26 +01:00
Denys Vlasenko
eb53d01be5 tls: code shrink
function                                             old     new   delta
xwrite_and_update_handshake_hash                      81      80      -1
tls_handshake                                       1987    1957     -30

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 14:45:55 +01:00
Denys Vlasenko
a33b008240 tls: code shrink
function                                             old     new   delta
tls_handshake                                       1993    1987      -6

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 14:28:32 +01:00
Denys Vlasenko
be5ca42e8d tls: code shrink
function                                             old     new   delta
aesgcm_GHASH                                         223     196     -27

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 14:03:59 +01:00
Denys Vlasenko
23d0d8caf4 tls: on x86, use xorbuf_aligned_AES_BLOCK_SIZE() even with non-aligned source
function                                             old     new   delta
aesgcm_GHASH                                         228     223      -5

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 12:02:45 +01:00
Denys Vlasenko
ab3c5e4c44 tls: actually fill in CIPHER_ID3 value in hello message
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 00:53:19 +01:00
Denys Vlasenko
0d18e5cab2 ntpd: do not SEGV on "-p keyno:192.168.1.1", show --help instead
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25 00:42:56 +01:00
Denys Vlasenko
5084bae61a wget: code shrink
function                                             old     new   delta
base64enc                                             53      46      -7

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 21:56:21 +01:00
Denys Vlasenko
d2923b3d23 tls: fix is.gd again, fix AES-CBC using decrypt key instead of encrypt
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 21:26:20 +01:00
Denys Vlasenko
03569bc50f tls: speed up xor'ing of aligned 16-byte buffers
function                                             old     new   delta
xorbuf_aligned_AES_BLOCK_SIZE                          -      23     +23
xwrite_encrypted                                     585     580      -5
aesgcm_GHASH                                         233     228      -5
GMULT                                                192     187      -5
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/3 up/down: 23/-15)              Total: 8 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 14:08:29 +01:00
Denys Vlasenko
941440cf16 tls: in AES-GCM decoding, avoid memmove
function                                             old     new   delta
xorbuf3                                                -      36     +36
xorbuf                                                24      12     -12
tls_xread_record                                     656     634     -22
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/2 up/down: 36/-34)              Total: 2 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 13:51:46 +01:00
Denys Vlasenko
985702c892 tls: fix a thinko in GHASH optimization
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24 13:47:44 +01:00
Denys Vlasenko
624066f0cc tls: make tls_get_random() FAST_FUNC
function                                             old     new   delta
tls_handshake                                       1977    1985      +8
tls_get_random                                        32      28      -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 8/-4)                Total: 4 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 19:24:57 +01:00
Denys Vlasenko
26602b85a3 wget: print the final newline only for non-tty output
$ busybox wget URL 2>&1 | cat
Connecting to ....
install.iso          0% |                                | 2629k  0:02:05 ETA
install.iso          7% |**                              | 25.7M  0:00:23 ETA
install.iso         16% |*****                           | 54.1M  0:00:14 ETA
install.iso         20% |******                          | 67.4M  0:00:15 ETA
install.iso         25% |********                        | 81.0M  0:00:14 ETA
install.iso         30% |*********                       | 97.3M  0:00:13 ETA
install.iso         36% |***********                     |  117M  0:00:12 ETA
install.iso         41% |*************                   |  134M  0:00:11 ETA
install.iso         47% |***************                 |  152M  0:00:10 ETA
install.iso         54% |*****************               |  176M  0:00:08 ETA
install.iso         61% |*******************             |  200M  0:00:06 ETA
install.iso         66% |*********************           |  215M  0:00:06 ETA
install.iso         71% |**********************          |  231M  0:00:05 ETA
install.iso         75% |************************        |  244M  0:00:04 ETA
install.iso         79% |*************************       |  257M  0:00:03 ETA
install.iso         84% |***************************     |  275M  0:00:02 ETA
install.iso         91% |*****************************   |  297M  0:00:01 ETA
install.iso         99% |******************************* |  321M  0:00:00 ETA
install.iso        100% |********************************|  323M  0:00:00 ETA
  <-- no empty line here
$

function                                             old     new   delta
bb_progress_update                                   622     632     +10
progress_meter                                       152     158      +6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 16/0)               Total: 16 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 19:14:52 +01:00
Denys Vlasenko
fbf5e6363b tls: code shrink
function                                             old     new   delta
aesgcm_GHASH                                         262     233     -29

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 19:07:05 +01:00
Denys Vlasenko
d496b4002a tls: typo fix in comment
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 19:00:12 +01:00
Denys Vlasenko
25569c3ca9 tls: make local buffers in aesgcm_GHASH() explicitly 32-bit aligned
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 18:55:15 +01:00
Denys Vlasenko
219c9d4b5d tls: code shrink
function                                             old     new   delta
xwrite_encrypted                                     599     585     -14

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 18:48:20 +01:00
Denys Vlasenko
ecc9090cfc tls: simplify aesgcm_GHASH()
function                                             old     new   delta
xwrite_encrypted                                     604     599      -5
FlattenSzInBits                                       52       -     -52
aesgcm_GHASH                                         395     262    -133
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/2 up/down: 0/-190)           Total: -190 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 18:31:26 +01:00
Denys Vlasenko
5e4236d226 tls: in AES-CBC code, do not set key for every record - do it once
function                                             old     new   delta
aes_setkey                                            16     212    +196
tls_handshake                                       1941    1977     +36
aes_encrypt_1                                        382     396     +14
xwrite_encrypted                                     605     604      -1
tls_xread_record                                     659     656      -3
aes_encrypt_one_block                                 65      59      -6
aes_cbc_encrypt                                      172     121     -51
aesgcm_setkey                                         58       -     -58
aes_cbc_decrypt                                      958     881     -77
KeyExpansion                                         188       -    -188
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 3/5 up/down: 246/-384)         Total: -138 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 18:02:44 +01:00
Denys Vlasenko
83e5c627e1 tls: add support for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher
function                                             old     new   delta
xwrite_encrypted                                     209     605    +396
GHASH                                                  -     395    +395
aes_encrypt_1                                          -     382    +382
GMULT                                                  -     192    +192
tls_xread_record                                     489     659    +170
aes_encrypt_one_block                                  -      65     +65
aesgcm_setkey                                          -      58     +58
FlattenSzInBits                                        -      52     +52
tls_handshake                                       1890    1941     +51
xwrite_and_update_handshake_hash                      46      81     +35
xorbuf                                                 -      24     +24
aes_setkey                                             -      16     +16
psRsaEncryptPub                                      413     421      +8
stty_main                                           1221    1227      +6
ssl_client_main                                      138     143      +5
next_token                                           841     845      +4
spawn_ssl_client                                     218     219      +1
volume_id_probe_hfs_hfsplus                          564     563      -1
read_package_field                                   232     230      -2
i2cdetect_main                                       674     672      -2
fail_hunk                                            139     136      -3
parse_expr                                           891     883      -8
curve25519                                           802     793      -9
aes_cbc_decrypt                                      971     958     -13
xwrite_handshake_record                               43       -     -43
aes_cbc_encrypt                                      644     172    -472
------------------------------------------------------------------------------
(add/remove: 9/1 grow/shrink: 9/8 up/down: 1860/-553)        Total: 1307 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23 17:48:07 +01:00
Denys Vlasenko
4e46b98a45 tls: add comment, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-18 19:50:24 +01:00
Denys Vlasenko
fe836d8455 tls: code shrink
function                                             old     new   delta
spawn_ssl_client                                     219     218      -1

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-14 11:35:36 +01:00
Denys Vlasenko
dbe95682b4 wget: print "TLS certificate validation not implemented" only once on redirects
function                                             old     new   delta
spawn_ssl_client                                     209     219     +10

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 12:00:19 +01:00
Denys Vlasenko
d5a0405a6f tls: code shrink
function                                             old     new   delta
tls_get_zeroed_outbuf                                  -      28     +28
static.empty_client_cert                               7       -      -7
tls_handshake                                       1930    1890     -40
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 0/1 up/down: 28/-47)            Total: -19 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 11:58:53 +01:00
Denys Vlasenko
de7b5bb59a tls: tidy up recently added ECDSA code
function                                             old     new   delta
tls_handshake                                       1935    1930      -5
static.OID_ECDSA_KEY_ALG                              21      11     -10
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-15)             Total: -15 bytes
   text	   data	    bss	    dec	    hex	filename
 950036	    477	   7296	 957809	  e9d71	busybox_old
 950048	    477	   7296	 957821	  e9d7d	busybox_unstripped

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 11:44:32 +01:00
Denys Vlasenko
375fc78d51 tls: code shrink
function                                             old     new   delta
static.f25519_one                                     32       -     -32
curve25519                                           835     802     -33
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/1 up/down: 0/-65)             Total: -65 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 03:15:15 +01:00
Denys Vlasenko
bddb6545a9 tls: add support for ECDHE-ECDSA-AES-128-CBC-SHA and x25519 curve
function                                             old     new   delta
curve25519                                             -     835    +835
tls_handshake                                       1619    1935    +316
xc_diffadd                                             -     230    +230
fe_mul__distinct                                       -     149    +149
lm_sub                                                 -     103    +103
lm_add                                                 -      82     +82
fe_mul_c                                               -      74     +74
fe_select                                              -      45     +45
static.f25519_one                                      -      32     +32
static.basepoint9                                      -      32     +32
static.OID_ECDSA_KEY_ALG                               -      21     +21
static.OID_RSA_KEY_ALG                                 -      13     +13
static.supported_groups                                -       8      +8
static.empty_client_cert                               -       7      +7
der_binary_to_pstm                                    40      42      +2
static.expected                                       13       -     -13
------------------------------------------------------------------------------
(add/remove: 14/1 grow/shrink: 2/0 up/down: 1949/-13)        Total: 1936 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13 02:17:54 +01:00
Denys Vlasenko
084bac472b tls: code shrink
function                                             old     new   delta
tls_handshake                                       1643    1619     -24

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-05 00:19:15 +01:00
Denys Vlasenko
5df3b12241 tls: reorder a few more cipher ids
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-04 21:25:41 +01:00
Denys Vlasenko
b29d045581 tls: move TLS_AES_128_GCM_SHA256 definition up
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-04 21:18:29 +01:00
Denys Vlasenko
9b0ce4d608 tls: add more cipher ids, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-04 20:53:54 +01:00
Denys Vlasenko
9d05ad087e udhcpc: code shrink
function                                             old     new   delta
perform_release                                      112     172     +60
send_release                                          81       -     -81
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 1/0 up/down: 60/-81)            Total: -21 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-03 23:34:35 +01:00
Denys Vlasenko
63d053d8c3 ntpd: default to FEATURE_NTP_AUTH=y
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-10-30 23:07:26 +01:00
Denys Vlasenko
c05aa6a776 udhcpc: ensure at least one unicast renew attempt
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-10-30 11:56:18 +01:00
Brandon P. Enochs
a541314b1f ntpd: add support for MD5/SHA1 message authentication
Add support for MD5 message authentication as described in RFC 5905.
This patch also supports SHA1 authentication.

The key file format is the same file format as used by ntpd.
The configuration file format follows standard Unix conventions
(# comments) with lines consist of the following fields separated by whitespace:
<key identifier, [1,65535]> <SHA1|MD5> <an ASCII string of up to 20 characters|an octet string [a-zA-F0-9] of up to 40 characters>.

https://www.ietf.org/rfc/rfc5905.txt

function                                             old     new   delta
ntp_init                                             473     987    +514
hash                                                   -     125    +125
recv_and_process_peer_pkt                            889     961     +72
packed_usage                                       33066   33130     +64
ntpd_main                                           1226    1277     +51
find_key_entry                                         -      29     +29
add_peers                                            195     207     +12
recv_and_process_client_pkt                          509     514      +5
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 6/0 up/down: 872/0)             Total: 872 bytes

Signed-off-by: Brandon P. Enochs <enochs.brandon@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-10-27 18:57:37 +02:00
Denys Vlasenko
4329116b6d nbd-client: support newstyle protocol, -b, -d, -p, -N
Recognize the "newstyle" protocol and switch to it automatically.
Add options for setting blocksize (-b) and for disconnecting
a nbd device (-d).

function                                             old     new   delta
nbdclient_main                                       492    1179    +687
static.long_options                                    -      80     +80
print_direc                                          438     457     +19
brctl_main                                          1169    1183     +14
bb_strtoll                                            84      89      +5
packed_usage                                       33082   33066     -16
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 4/1 up/down: 805/-16)           Total: 789 bytes

Signed-off-by: Elvira Khabirova <lineprinter@altlinux.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-10-24 15:52:04 +02:00
Bernhard Reutner-Fischer
7effa31cd4 brctl: use a single buffer for brname and ifname
function                                             old     new   delta
brctl_main                                          1681    1675      -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-6)               Total: -6 bytes

Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
2018-10-01 22:45:36 +02:00
Brandon Maier
14454b3071 ifupdown: support "source-directory" stanza
Support the "source-directory" stanza from ifupdown[1]. source-directory
will include all files in the named directory. Similar to the Busybox
version of the "source" stanza, this version of source-directory does
not currently support shell wildcards.

We only check that the stanza starts with "source-dir" as ifupdown does[2].

[1] https://manpages.debian.org/stretch/ifupdown/interfaces.5.en.html#INCLUDING_OTHER_FILES
[2] https://salsa.debian.org/debian/ifupdown/blob/0.8.33/config.c#L498

function                                             old     new   delta
read_interfaces                                     1150    1241     +91

Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-09-30 13:23:05 +02:00
Denys Vlasenko
aae428f0bf udhcpc: give SIGUSR1-induced renew one chance of unicast renew
The caps were inconsistent: timeout to renew was capped at 20 seconds,
and any renews with timeout <= 60 seconds were forced to broadcast.

function                                             old     new   delta
udhcpc_main                                         2683    2680      -3

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-09-28 14:44:09 +02:00