diff options
| author |   Samuel Neves <sneves@dei.uc.pt> | 2017-11-22 21:10:59 +0000 |
|---|---|---|
| committer |   Jason A. Donenfeld <Jason@zx2c4.com> | 2017-11-22 22:55:50 +0100 |
| commit | 988e6ed549bd239883df867b922a5547bf295f67 (patch) | |
| tree | 0e9b88195281ba9b34f366d49857a88b358b2520 /src/crypto/blake2s.c | |
| parent | blake2s: AVX512F+VL implementation (diff) | |
| download | wireguard-monolithic-historical-988e6ed549bd239883df867b922a5547bf295f67.tar.xz wireguard-monolithic-historical-988e6ed549bd239883df867b922a5547bf295f67.zip | |
blake2s: hmac space optimization
Signed-off-by: Samuel Neves <sneves@dei.uc.pt>
Diffstat (limited to 'src/crypto/blake2s.c')
| -rw-r--r-- | src/crypto/blake2s.c | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/src/crypto/blake2s.c b/src/crypto/blake2s.c index 3e13277..d0a121a 100644 --- a/src/crypto/blake2s.c +++ b/src/crypto/blake2s.c @@ -257,39 +257,35 @@ void __blake2s_final(struct blake2s_state *state) void blake2s_hmac(u8 *out, const u8 *in, const u8 *key, const size_t outlen, const size_t inlen, const size_t keylen) { struct blake2s_state state; - u8 o_key[BLAKE2S_BLOCKBYTES] __aligned(__alignof__(u32)) = { 0 }; - u8 i_key[BLAKE2S_BLOCKBYTES] __aligned(__alignof__(u32)) = { 0 }; + u8 x_key[BLAKE2S_BLOCKBYTES] __aligned(__alignof__(u32)) = { 0 }; u8 i_hash[BLAKE2S_OUTBYTES] __aligned(__alignof__(u32)); int i; if (keylen > BLAKE2S_BLOCKBYTES) { blake2s_init(&state, BLAKE2S_OUTBYTES); blake2s_update(&state, key, keylen); - blake2s_final(&state, o_key, BLAKE2S_OUTBYTES); - memcpy(i_key, o_key, BLAKE2S_OUTBYTES); - } else { - memcpy(o_key, key, keylen); - memcpy(i_key, key, keylen); - } + blake2s_final(&state, x_key, BLAKE2S_OUTBYTES); + } else + memcpy(x_key, key, keylen); - for (i = 0; i < BLAKE2S_BLOCKBYTES; ++i) { - o_key[i] ^= 0x5c; - i_key[i] ^= 0x36; - } + for (i = 0; i < BLAKE2S_BLOCKBYTES; ++i) + x_key[i] ^= 0x36; blake2s_init(&state, BLAKE2S_OUTBYTES); - blake2s_update(&state, i_key, BLAKE2S_BLOCKBYTES); + blake2s_update(&state, x_key, BLAKE2S_BLOCKBYTES); blake2s_update(&state, in, inlen); blake2s_final(&state, i_hash, BLAKE2S_OUTBYTES); + for (i = 0; i < BLAKE2S_BLOCKBYTES; ++i) + x_key[i] ^= 0x5c ^ 0x36; + blake2s_init(&state, BLAKE2S_OUTBYTES); - blake2s_update(&state, o_key, BLAKE2S_BLOCKBYTES); + blake2s_update(&state, x_key, BLAKE2S_BLOCKBYTES); blake2s_update(&state, i_hash, BLAKE2S_OUTBYTES); blake2s_final(&state, i_hash, BLAKE2S_OUTBYTES); memcpy(out, i_hash, outlen); - memzero_explicit(o_key, BLAKE2S_BLOCKBYTES); - memzero_explicit(i_key, BLAKE2S_BLOCKBYTES); + memzero_explicit(x_key, BLAKE2S_BLOCKBYTES); memzero_explicit(i_hash, BLAKE2S_OUTBYTES); } |