tls: tidy up recently added ECDSA code

function                                             old     new   delta
tls_handshake                                       1935    1930      -5
static.OID_ECDSA_KEY_ALG                              21      11     -10
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-15)             Total: -15 bytes
   text	   data	    bss	    dec	    hex	filename
 950036	    477	   7296	 957809	  e9d71	busybox_old
 950048	    477	   7296	 957821	  e9d7d	busybox_unstripped

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/networking/tls.c b/networking/tls.c
index 694fbf34db4b12c826ec7dda6a442b7111faef76..20343bc0a92074ee43615ce8f25f172cbccd5749 100644 (file)
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -966,6 +966,13 @@ static int tls_xread_record(tls_state_t *tls, const char *expected)
        return sz;
 }
 
+static void binary_to_pstm(pstm_int *pstm_n, uint8_t *bin_ptr, unsigned len)
+{
+       pstm_init_for_read_unsigned_bin(/*pool:*/ NULL, pstm_n, len);
+       pstm_read_unsigned_bin(pstm_n, bin_ptr, len);
+       //return bin_ptr + len;
+}
+
 /*
  * DER parsing routines
  */
@@ -1031,15 +1038,6 @@ static uint8_t *skip_der_item(uint8_t *der, uint8_t *end)
        return new_der;
 }
 
-//
-static void binary_to_pstm(pstm_int *pstm_n, uint8_t *bin_ptr, unsigned len)
-{
-       pstm_init_for_read_unsigned_bin(/*pool:*/ NULL, pstm_n, len);
-       pstm_read_unsigned_bin(pstm_n, bin_ptr, len);
-       //return bin_ptr + len;
-}
-//
-
 static void der_binary_to_pstm(pstm_int *pstm_n, uint8_t *der, uint8_t *end)
 {
        uint8_t *bin_ptr;
@@ -1047,9 +1045,6 @@ static void der_binary_to_pstm(pstm_int *pstm_n, uint8_t *der, uint8_t *end)
 
        dbg_der("binary bytes:%u, first:0x%02x\n", len, bin_ptr[0]);
        binary_to_pstm(pstm_n, bin_ptr, len);
-       //pstm_init_for_read_unsigned_bin(/*pool:*/ NULL, pstm_n, len);
-       //pstm_read_unsigned_bin(pstm_n, bin_ptr, len);
-       ////return bin_ptr + len;
 }
 
 static void find_key_in_der_cert(tls_state_t *tls, uint8_t *der, int len)
@@ -1180,18 +1175,19 @@ static void find_key_in_der_cert(tls_state_t *tls, uint8_t *der, int len)
        { /* check subjectPublicKeyInfo.algorithm */
                static const uint8_t OID_RSA_KEY_ALG[] = {
                        0x30,0x0d, // SEQ 13 bytes
-                       0x06,0x09, 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01, // OID RSA_KEY_ALG 42.134.72.134.247.13.1.1.1
+                       0x06,0x09, 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01, //OID_RSA_KEY_ALG 42.134.72.134.247.13.1.1.1
                        //0x05,0x00, // NULL
                };
                static const uint8_t OID_ECDSA_KEY_ALG[] = {
                        0x30,0x13, // SEQ 0x13 bytes
                        0x06,0x07, 0x2a,0x86,0x48,0xce,0x3d,0x02,0x01,      //OID_ECDSA_KEY_ALG 42.134.72.206.61.2.1
-                       0x06,0x08, 0x2a,0x86,0x48,0xce,0x3d,0x03,0x01,0x07, //OID_EC_prime256v1 42.134.72.206.61.3.1.7
-                       //rfc3279:
+               //allow any curve code for now...
+               //      0x06,0x08, 0x2a,0x86,0x48,0xce,0x3d,0x03,0x01,0x07, //OID_EC_prime256v1 42.134.72.206.61.3.1.7
+                       //RFC 3279:
                        //42.134.72.206.61.3     is ellipticCurve
                        //42.134.72.206.61.3.0   is c-TwoCurve
                        //42.134.72.206.61.3.1   is primeCurve
-                       //42.134.72.206.61.3.1.7 is prime256v1
+                       //42.134.72.206.61.3.1.7 is curve_secp256r1
                };
                if (memcmp(der, OID_RSA_KEY_ALG, sizeof(OID_RSA_KEY_ALG)) == 0) {
                        dbg("RSA key\n");
@@ -1210,7 +1206,7 @@ static void find_key_in_der_cert(tls_state_t *tls, uint8_t *der, int len)
                /* skip subjectPublicKeyInfo.algorithm */
                der = skip_der_item(der, end);
                /* enter subjectPublicKeyInfo.publicKey */
-//             die_if_not_this_der_type(der, end, 0x03); /* must be BITSTRING */
+               //die_if_not_this_der_type(der, end, 0x03); /* must be BITSTRING */
                der = enter_der_item(der, &end);
 
                dbg("key bytes:%u, first:0x%02x\n", (int)(end - der), der[0]);
@@ -1233,6 +1229,11 @@ static void find_key_in_der_cert(tls_state_t *tls, uint8_t *der, int len)
                tls->hsd->server_rsa_pub_key.size = pstm_unsigned_bin_size(&tls->hsd->server_rsa_pub_key.N);
                dbg("server_rsa_pub_key.size:%d\n", tls->hsd->server_rsa_pub_key.size);
        }
+       /* else: ECDSA key. It is not used for generating encryption keys,
+        * it is used only to sign the EC public key (which comes in ServerKey message).
+        * Since we do not verify cert validity, verifying signature on EC public key
+        * wouldn't add any security. Thus, we do nothing here.
+        */
 }
 
 /*
@@ -1376,7 +1377,7 @@ static void send_client_hello_and_alloc_hsd(tls_state_t *tls, const char *sni)
                ptr[8] = sni_len;         //name len
                ptr = mempcpy(&ptr[9], sni, sni_len);
        }
-       mempcpy(ptr, supported_groups, sizeof(supported_groups));
+       memcpy(ptr, supported_groups, sizeof(supported_groups));
 
        dbg(">> CLIENT_HELLO\n");
        /* Can hash it only when we know which MAC hash to use */
@@ -1550,7 +1551,7 @@ static void process_server_key(tls_state_t *tls, int len)
        /* So far we only support curve_x25519 */
        move_from_unaligned32(t32, keybuf);
        if (t32 != htonl(0x03001d20))
-               tls_error_die(tls);
+               bb_error_msg_and_die("elliptic curve is not x25519");
 
        memcpy(tls->hsd->ecc_pub_key32, keybuf + 4, 32);
        dbg("got eccPubKey\n");
@@ -1575,6 +1576,7 @@ static void send_empty_client_cert(tls_state_t *tls)
        //record->cert_chain_len24_hi = 0;
        //record->cert_chain_len24_mid = 0;
        //record->cert_chain_len24_lo = 0;
+       // same as above:
        memcpy(record, empty_client_cert, sizeof(empty_client_cert));
 
        dbg(">> CERTIFICATE\n");