mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-05-29 00:32:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Make redbean ssl handshake go a little faster

Browse source
This commit is contained in:
Justine Tunney 2021-07-03 05:51:04 -07:00
parent 87222aad35
commit 74200a0ea0
6 changed files with 33 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

4
libc/nexgen32e/sha1.S
View file

@ -640,6 +640,9 @@ BSWAP_SHUFB_CTL:
.text .text
sha1_transform_avx2: sha1_transform_avx2:
push %rbp
mov %rsp,%rbp
.profilable
push %rbx push %rbx
push %r12 push %r12
push %r13 push %r13
@ -677,5 +680,6 @@ sha1_transform_avx2:
pop %r13 pop %r13
pop %r12 pop %r12
pop %rbx pop %rbx
pop %rbp
ret ret
.endfn sha1_transform_avx2,globl .endfn sha1_transform_avx2,globl

6
libc/nexgen32e/sha256.S
View file

@ -529,8 +529,11 @@ STACK_SIZE = _RSP + _RSP_SIZE
## arg 3 : Num blocks ## arg 3 : Num blocks
######################################################################## ########################################################################
.text .text
sha256_transform_rorx:
.align 32 .align 32
sha256_transform_rorx:
push %rbp
mov %rsp,%rbp
.profilable
pushq %rbx pushq %rbx
pushq %r12 pushq %r12
pushq %r13 pushq %r13
@ -715,6 +718,7 @@ sha256_transform_rorx:
popq %r13 popq %r13
popq %r12 popq %r12
popq %rbx popq %rbx
pop %rbp
ret ret
.endfn sha256_transform_rorx,globl .endfn sha256_transform_rorx,globl

4
libc/nexgen32e/sha512.S
View file

@ -572,6 +572,9 @@ frame_size = frame_GPRSAVE + GPRSAVE_SIZE
# "blocks" is the message length in SHA512 blocks # "blocks" is the message length in SHA512 blocks
######################################################################## ########################################################################
sha512_transform_rorx: sha512_transform_rorx:
push %rbp
mov %rsp,%rbp
.profilable
# Allocate Stack Space # Allocate Stack Space
mov %rsp, %rax mov %rsp, %rax
sub $frame_size, %rsp sub $frame_size, %rsp
@ -683,6 +686,7 @@ sha512_transform_rorx:
# Restore Stack Pointer # Restore Stack Pointer
mov frame_RSPSAVE(%rsp), %rsp mov frame_RSPSAVE(%rsp), %rsp
pop %rbp
ret ret
.endfn sha512_transform_rorx,globl .endfn sha512_transform_rorx,globl

12
third_party/mbedtls/base64.c vendored
View file

@ -54,9 +54,9 @@ static const unsigned char base64_dec_map[128] =
/* /*
* Constant flow conditional assignment to unsigned char * Constant flow conditional assignment to unsigned char
*/ */
static void mbedtls_base64_cond_assign_uchar( unsigned char * dest, forceinline void mbedtls_base64_cond_assign_uchar( unsigned char * dest,
const unsigned char * const src, const unsigned char * const src,
unsigned char condition ) unsigned char condition )
{ {
/* Generate bitmask from condition, mask will either be 0xFF or 0 */ /* Generate bitmask from condition, mask will either be 0xFF or 0 */
unsigned char mask = ( condition | -condition ); unsigned char mask = ( condition | -condition );
@ -68,8 +68,8 @@ static void mbedtls_base64_cond_assign_uchar( unsigned char * dest,
/* /*
* Constant flow conditional assignment to uint_32 * Constant flow conditional assignment to uint_32
*/ */
static void mbedtls_base64_cond_assign_uint32( uint32_t * dest, const uint32_t src, forceinline void mbedtls_base64_cond_assign_uint32( uint32_t * dest, const uint32_t src,
uint32_t condition ) uint32_t condition )
{ {
/* Generate bitmask from condition, mask will either be 0xFFFFFFFF or 0 */ /* Generate bitmask from condition, mask will either be 0xFFFFFFFF or 0 */
uint32_t mask = ( condition | -condition ); uint32_t mask = ( condition | -condition );
@ -81,7 +81,7 @@ static void mbedtls_base64_cond_assign_uint32( uint32_t * dest, const uint32_t s
/* /*
* Constant flow check for equality * Constant flow check for equality
*/ */
static unsigned char mbedtls_base64_eq( size_t in_a, size_t in_b ) forceinline unsigned char mbedtls_base64_eq( size_t in_a, size_t in_b )
{ {
size_t difference = in_a ^ in_b; size_t difference = in_a ^ in_b;
difference |= -difference; difference |= -difference;

5
third_party/mbedtls/everest.c vendored
View file

@ -36,6 +36,11 @@ asm(".include \"libc/disclaimer.inc\"");
#if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) #if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
#ifdef memcpy
#undef memcpy
#endif
#define memcpy(x,y,z) __builtin_memcpy(x,y,z)
#define load64_le(b) READ64LE(b) #define load64_le(b) READ64LE(b)
#define store64_le(b, i) WRITE64LE(b, i) #define store64_le(b, i) WRITE64LE(b, i)

20
tool/net/redbean.c
View file

@ -149,6 +149,7 @@ STATIC_YOINK("usr/share/ssl/root/verisign.pem");
#define HASH_LOAD_FACTOR /* 1. / */ 4 #define HASH_LOAD_FACTOR /* 1. / */ 4
#define read(F, P, N) readv(F, &(struct iovec){P, N}, 1) #define read(F, P, N) readv(F, &(struct iovec){P, N}, 1)
#define write(F, P, N) writev(F, &(struct iovec){P, N}, 1)
#define LockInc(P) asm volatile("lock incq\t%0" : "=m"(*(P))) #define LockInc(P) asm volatile("lock incq\t%0" : "=m"(*(P)))
#define AppendCrlf(P) mempcpy(P, "\r\n", 2) #define AppendCrlf(P) mempcpy(P, "\r\n", 2)
#define HasHeader(H) (!!msg.headers[H].a) #define HasHeader(H) (!!msg.headers[H].a)
@ -363,13 +364,6 @@ static const char kCounterNames[] =
#undef C #undef C
; ;
static mbedtls_entropy_context ent = {
.source_count = 1,
.source = {{.f_source = mbedtls_hardware_poll,
.threshold = MBEDTLS_ENTROPY_MIN_HARDWARE,
.strong = MBEDTLS_ENTROPY_SOURCE_STRONG}},
};
typedef ssize_t (*reader_f)(int, void *, size_t); typedef ssize_t (*reader_f)(int, void *, size_t);
typedef ssize_t (*writer_f)(int, struct iovec *, int); typedef ssize_t (*writer_f)(int, struct iovec *, int);
@ -1399,8 +1393,6 @@ static bool TlsSetup(void) {
inbuf.n -= amtread; inbuf.n -= amtread;
inbuf.c = amtread; inbuf.c = amtread;
amtread = 0; amtread = 0;
mbedtls_ssl_setup(&ssl, &conf);
mbedtls_ssl_set_bio(&ssl, &client, TlsSend, 0, TlsRecv);
for (;;) { for (;;) {
if (!(r = mbedtls_ssl_handshake(&ssl))) { if (!(r = mbedtls_ssl_handshake(&ssl))) {
LockInc(&shared->c.sslhandshakes); LockInc(&shared->c.sslhandshakes);
@ -1468,11 +1460,16 @@ static bool TlsSetup(void) {
} }
} }
static int GetEntropy(void *c, unsigned char *p, size_t n) {
CHECK_EQ(n, getrandom(p, n, 0));
return 0;
}
static void InitializeRng(mbedtls_ctr_drbg_context *r) { static void InitializeRng(mbedtls_ctr_drbg_context *r) {
volatile unsigned char b[64]; volatile unsigned char b[64];
mbedtls_ctr_drbg_init(r); mbedtls_ctr_drbg_init(r);
CHECK(getrandom(b, 64, 0) == 64); CHECK(getrandom(b, 64, 0) == 64);
CHECK(!mbedtls_ctr_drbg_seed(r, mbedtls_entropy_func, &ent, b, 64)); CHECK(!mbedtls_ctr_drbg_seed(r, GetEntropy, 0, b, 64));
mbedtls_platform_zeroize(b, 64); mbedtls_platform_zeroize(b, 64);
} }
@ -5452,7 +5449,6 @@ static void HandleConnection(size_t i) {
case 0: case 0:
meltdown = false; meltdown = false;
connectionclose = false; connectionclose = false;
ReseedRng(&rng, "child");
if (funtrace && !IsTiny()) { if (funtrace && !IsTiny()) {
ftrace_install(); ftrace_install();
} }
@ -5696,6 +5692,8 @@ void RedBean(int argc, char *argv[]) {
mbedtls_ssl_conf_dbg(&conf, TlsDebug, 0); mbedtls_ssl_conf_dbg(&conf, TlsDebug, 0);
LoadCertificates(); LoadCertificates();
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &rng); mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &rng);
mbedtls_ssl_setup(&ssl, &conf);
mbedtls_ssl_set_bio(&ssl, &client, TlsSend, 0, TlsRecv);
#endif #endif
if (launchbrowser) { if (launchbrowser) {
LaunchBrowser(launchbrowser); LaunchBrowser(launchbrowser);