From b98530d6e09f4cb34c791b8840e936c1fc1467cf Mon Sep 17 00:00:00 2001 From: Gergely Nagy Date: Thu, 13 Oct 2016 18:50:31 +0200 Subject: [PATCH] PBKDF2 computation speedup (15-40%) This commit contains some optimizations in PKCS5_PBKDF2_HMAC() and HMAC_CTX_copy() functions which together makes PBKDF2 computations faster by 15-40% according to my measurements made on x64 Linux with both asm optimized and no-asm versions of SHA1, SHA256 and SHA512. Reviewed-by: Richard Levitte Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1708) --- crypto/evp/p5_crpt2.c | 2 -- crypto/hmac/hmac.c | 23 ++++++++++++++--------- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index c7b08e164f..b9ea1a7400 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -88,7 +88,6 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, HMAC_CTX_free(hctx_tpl); return 0; } - HMAC_CTX_reset(hctx); memcpy(p, digtmp, cplen); for (j = 1; j < iter; j++) { if (!HMAC_CTX_copy(hctx, hctx_tpl)) { @@ -102,7 +101,6 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, HMAC_CTX_free(hctx_tpl); return 0; } - HMAC_CTX_reset(hctx); for (k = 0; k < cplen; k++) p[k] ^= digtmp[k]; } diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index ffca891db1..3952dd50ad 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -157,31 +157,36 @@ void HMAC_CTX_free(HMAC_CTX *ctx) } } -int HMAC_CTX_reset(HMAC_CTX *ctx) +static int hmac_ctx_alloc_mds(HMAC_CTX *ctx) { - hmac_ctx_cleanup(ctx); if (ctx->i_ctx == NULL) ctx->i_ctx = EVP_MD_CTX_new(); if (ctx->i_ctx == NULL) - goto err; + return 0; if (ctx->o_ctx == NULL) ctx->o_ctx = EVP_MD_CTX_new(); if (ctx->o_ctx == NULL) - goto err; + return 0; if (ctx->md_ctx == NULL) ctx->md_ctx = EVP_MD_CTX_new(); if (ctx->md_ctx == NULL) - goto err; - ctx->md = NULL; + return 0; return 1; - err: +} + +int HMAC_CTX_reset(HMAC_CTX *ctx) +{ hmac_ctx_cleanup(ctx); - return 0; + if (!hmac_ctx_alloc_mds(ctx)) { + hmac_ctx_cleanup(ctx); + return 0; + } + return 1; } int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) { - if (!HMAC_CTX_reset(dctx)) + if (!hmac_ctx_alloc_mds(dctx)) goto err; if (!EVP_MD_CTX_copy_ex(dctx->i_ctx, sctx->i_ctx)) goto err; -- 2.25.1