[git commit] libbb/yescrypt: code shrink

Denys Vlasenko vda.linux at googlemail.com
Wed Jul 9 08:38:11 UTC 2025 

commit: https://git.busybox.net/busybox/commit/?id=95f169f3bb07528c9302c604ff2a1f40b41a98d8
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master

function                                             old     new   delta
static.yescrypt_kdf32_body                           847     823     -24
yescrypt_r                                           805     767     -38
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-62)             Total: -62 bytes

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 libbb/yescrypt/alg-yescrypt-common.c | 19 ++++++++++++-------
 libbb/yescrypt/alg-yescrypt-kdf.c    | 24 ++++++++++++++++--------
 2 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/libbb/yescrypt/alg-yescrypt-common.c b/libbb/yescrypt/alg-yescrypt-common.c
index e48be6581..1c063b895 100644
--- a/libbb/yescrypt/alg-yescrypt-common.c
+++ b/libbb/yescrypt/alg-yescrypt-common.c
@@ -23,8 +23,8 @@
 #define decode64_uint32(dst, src, min) \
 ({ \
 	uint32_t d32 = a2i64(*(src)); \
-        if (d32 > 47) \
-                goto fail; \
+	if (d32 > 47) \
+		goto fail; \
 	*(dst) = d32 + (min); \
 	++src; \
 })
@@ -292,8 +292,12 @@ char *yescrypt_r(
 		const uint8_t *setting,
 		char *buf, size_t buflen)
 {
-	yescrypt_ctx_t yctx[1];
-	unsigned char hashbin32[32];
+	struct {
+		yescrypt_ctx_t yctx[1];
+		unsigned char hashbin32[32];
+	} u;
+#define yctx      u.yctx
+#define hashbin32 u.hashbin32
 	char *dst;
 	const uint8_t *src, *saltend;
 	size_t need, prefixlen;
@@ -375,7 +379,7 @@ char *yescrypt_r(
 
 	prefixlen = saltend - setting;
 	need = prefixlen + 1 + YESCRYPT_HASH_LEN + 1;
-	if (need > buflen || need < prefixlen)
+	if (need > buflen /*overflow is quite unlikely: || need < prefixlen*/)
 		goto fail;
 
 	if (yescrypt_kdf32(yctx, passwd, passwdlen, hashbin32)) {
@@ -390,10 +394,11 @@ char *yescrypt_r(
 		goto fail;
  ret:
 	free_region(yctx->local);
-	explicit_bzero(yctx, sizeof(yctx));
-	explicit_bzero(hashbin32, sizeof(hashbin32));
+	explicit_bzero(&u, sizeof(u));
 	return buf;
  fail:
 	buf = NULL;
 	goto ret;
+#undef yctx
+#undef hashbin32
 }
diff --git a/libbb/yescrypt/alg-yescrypt-kdf.c b/libbb/yescrypt/alg-yescrypt-kdf.c
index 112862ec9..29d9efc07 100644
--- a/libbb/yescrypt/alg-yescrypt-kdf.c
+++ b/libbb/yescrypt/alg-yescrypt-kdf.c
@@ -915,8 +915,13 @@ static int yescrypt_kdf32_body(
 	size_t B_size, V_size, XY_size, need;
 	uint8_t *B, *S;
 	salsa20_blk_t *V, *XY;
-	uint8_t sha256[32];
-	uint8_t dk[sizeof(sha256)], *dkp = buf32;
+	struct {
+		uint8_t sha256[32];
+		uint8_t dk[32];
+	} u;
+#define sha256 u.sha256
+#define dk     u.dk
+	uint8_t *dkp = buf32;
 	uint32_t r, p;
 
 	/* Sanity-check parameters */
@@ -1083,15 +1088,16 @@ static int yescrypt_kdf32_body(
 			size_t clen = /*buflen:*/32;
 			if (clen > sizeof(dk))
 				clen = sizeof(dk);
-			sha256_block(sha256, sizeof(sha256), dk);
-			memcpy(buf32, dk, clen);
+			if (sizeof(dk) != 32) { /* not true, optimize it out */
+				sha256_block(sha256, sizeof(sha256), dk);
+				memcpy(buf32, dk, clen);
+			} else {
+				sha256_block(sha256, sizeof(sha256), buf32);
+			}
 		}
 	}
 
-	if (flags) {
-		explicit_bzero(sha256, sizeof(sha256));
-		explicit_bzero(dk, sizeof(dk));
-	}
+	explicit_bzero(&u, sizeof(u));
 
 	/* Success! */
 	return 0;
@@ -1099,6 +1105,8 @@ static int yescrypt_kdf32_body(
  out_EINVAL:
 	//bbox does not need this: errno = EINVAL;
 	return -1;
+#undef sha256
+#undef dk
 }
 
 /**

More information about the busybox-cvs mailing list