emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tls: speed up prf_hmac_sha256()

Browse Source 
function                                             old     new   delta
hmac_sha_precomputed                                   -      58     +58
prf_hmac_sha256                                      181     222     +41
hmac_sha256                                           68       -     -68
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 1/0 up/down: 99/-68)             Total: 31 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2018-11-26 15:55:41 +01:00
parent f69f207490
commit d9f6c3b091
1 changed files with 43 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
networking/tls.c
View File

@ -420,29 +420,6 @@ typedef struct hmac_precomputed {
md5sha_ctx_t hashed_key_xor_opad; md5sha_ctx_t hashed_key_xor_opad;
} hmac_precomputed_t; } hmac_precomputed_t;
static unsigned hmac_sha_precomputed_v(
hmac_precomputed_t *pre,
uint8_t *out,
va_list va)
{
uint8_t *text;
unsigned len;
/* pre->hashed_key_xor_ipad contains unclosed "H((key XOR ipad) +" state */
/* pre->hashed_key_xor_opad contains unclosed "H((key XOR opad) +" state */
/* calculate out = H((key XOR ipad) + text) */
while ((text = va_arg(va, uint8_t*)) != NULL) {
unsigned text_size = va_arg(va, unsigned);
md5sha_hash(&pre->hashed_key_xor_ipad, text, text_size);
}
len = sha_end(&pre->hashed_key_xor_ipad, out);
/* out = H((key XOR opad) + out) */
md5sha_hash(&pre->hashed_key_xor_opad, out, len);
return sha_end(&pre->hashed_key_xor_opad, out);
}
typedef void md5sha_begin_func(md5sha_ctx_t *ctx) FAST_FUNC; typedef void md5sha_begin_func(md5sha_ctx_t *ctx) FAST_FUNC;
static void hmac_begin(hmac_precomputed_t *pre, uint8_t *key, unsigned key_size, md5sha_begin_func *begin) static void hmac_begin(hmac_precomputed_t *pre, uint8_t *key, unsigned key_size, md5sha_begin_func *begin)
{ {
@ -485,6 +462,42 @@ static void hmac_begin(hmac_precomputed_t *pre, uint8_t *key, unsigned key_size,
md5sha_hash(&pre->hashed_key_xor_opad, key_xor_opad, SHA_INSIZE); md5sha_hash(&pre->hashed_key_xor_opad, key_xor_opad, SHA_INSIZE);
} }
static unsigned hmac_sha_precomputed_v(
hmac_precomputed_t *pre,
uint8_t *out,
va_list va)
{
uint8_t *text;
unsigned len;
/* pre->hashed_key_xor_ipad contains unclosed "H((key XOR ipad) +" state */
/* pre->hashed_key_xor_opad contains unclosed "H((key XOR opad) +" state */
/* calculate out = H((key XOR ipad) + text) */
while ((text = va_arg(va, uint8_t*)) != NULL) {
unsigned text_size = va_arg(va, unsigned);
md5sha_hash(&pre->hashed_key_xor_ipad, text, text_size);
}
len = sha_end(&pre->hashed_key_xor_ipad, out);
/* out = H((key XOR opad) + out) */
md5sha_hash(&pre->hashed_key_xor_opad, out, len);
return sha_end(&pre->hashed_key_xor_opad, out);
}
static unsigned hmac_sha_precomputed(hmac_precomputed_t *pre_init, uint8_t *out, ...)
{
hmac_precomputed_t pre;
va_list va;
unsigned len;
va_start(va, out);
pre = *pre_init; /* struct copy */
len = hmac_sha_precomputed_v(&pre, out, va);
va_end(va);
return len;
}
static unsigned hmac(tls_state_t *tls, uint8_t *out, uint8_t *key, unsigned key_size, ...) static unsigned hmac(tls_state_t *tls, uint8_t *out, uint8_t *key, unsigned key_size, ...)
{ {
hmac_precomputed_t pre; hmac_precomputed_t pre;
@ -504,21 +517,6 @@ static unsigned hmac(tls_state_t *tls, uint8_t *out, uint8_t *key, unsigned key_
return len; return len;
} }
static unsigned hmac_sha256(/*tls_state_t *tls,*/ uint8_t *out, uint8_t *key, unsigned key_size, ...)
{
hmac_precomputed_t pre;
va_list va;
unsigned len;
va_start(va, key_size);
hmac_begin(&pre, key, key_size, sha256_begin);
len = hmac_sha_precomputed_v(&pre, out, va);
va_end(va);
return len;
}
// RFC 5246: // RFC 5246:
// 5. HMAC and the Pseudorandom Function // 5. HMAC and the Pseudorandom Function
//... //...
@ -563,6 +561,7 @@ static void prf_hmac_sha256(/*tls_state_t *tls,*/
const char *label, const char *label,
uint8_t *seed, unsigned seed_size) uint8_t *seed, unsigned seed_size)
{ {
hmac_precomputed_t pre;
uint8_t a[TLS_MAX_MAC_SIZE]; uint8_t a[TLS_MAX_MAC_SIZE];
uint8_t *out_p = outbuf; uint8_t *out_p = outbuf;
unsigned label_size = strlen(label); unsigned label_size = strlen(label);
@ -570,28 +569,28 @@ static void prf_hmac_sha256(/*tls_state_t *tls,*/
/* In P_hash() calculation, "seed" is "label + seed": */ /* In P_hash() calculation, "seed" is "label + seed": */
#define SEED label, label_size, seed, seed_size #define SEED label, label_size, seed, seed_size
#define SECRET secret, secret_size
#define A a, MAC_size #define A a, MAC_size
hmac_begin(&pre, secret, secret_size, sha256_begin);
/* A(1) = HMAC_hash(secret, seed) */ /* A(1) = HMAC_hash(secret, seed) */
hmac_sha256(/*tls,*/ a, SECRET, SEED, NULL); hmac_sha_precomputed(&pre, a, SEED, NULL);
//TODO: convert hmac to precomputed
for (;;) { for (;;) {
/* HMAC_hash(secret, A(1) + seed) */ /* HMAC_hash(secret, A(1) + seed) */
if (outbuf_size <= MAC_size) { if (outbuf_size <= MAC_size) {
/* Last, possibly incomplete, block */ /* Last, possibly incomplete, block */
/* (use a[] as temp buffer) */ /* (use a[] as temp buffer) */
hmac_sha256(/*tls,*/ a, SECRET, A, SEED, NULL); hmac_sha_precomputed(&pre, a, A, SEED, NULL);
memcpy(out_p, a, outbuf_size); memcpy(out_p, a, outbuf_size);
return; return;
} }
/* Not last block. Store directly to result buffer */ /* Not last block. Store directly to result buffer */
hmac_sha256(/*tls,*/ out_p, SECRET, A, SEED, NULL); hmac_sha_precomputed(&pre, out_p, A, SEED, NULL);
out_p += MAC_size; out_p += MAC_size;
outbuf_size -= MAC_size; outbuf_size -= MAC_size;
/* A(2) = HMAC_hash(secret, A(1)) */ /* A(2) = HMAC_hash(secret, A(1)) */
hmac_sha256(/*tls,*/ a, SECRET, A, NULL); hmac_sha_precomputed(&pre, a, A, NULL);
} }
#undef A #undef A
#undef SECRET #undef SECRET