From ee4722ce71b58c51dd357248d185d4dd4d9ba067 Mon Sep 17 00:00:00 2001 From: Samuel Neves Date: Wed, 22 Nov 2017 21:10:59 +0000 Subject: blake2s: hmac space optimization Signed-off-by: Samuel Neves Signed-off-by: Jason A. Donenfeld --- src/crypto/blake2s.c | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) (limited to 'src') diff --git a/src/crypto/blake2s.c b/src/crypto/blake2s.c index 3e13277..d0a121a 100644 --- a/src/crypto/blake2s.c +++ b/src/crypto/blake2s.c @@ -257,39 +257,35 @@ void __blake2s_final(struct blake2s_state *state) void blake2s_hmac(u8 *out, const u8 *in, const u8 *key, const size_t outlen, const size_t inlen, const size_t keylen) { struct blake2s_state state; - u8 o_key[BLAKE2S_BLOCKBYTES] __aligned(__alignof__(u32)) = { 0 }; - u8 i_key[BLAKE2S_BLOCKBYTES] __aligned(__alignof__(u32)) = { 0 }; + u8 x_key[BLAKE2S_BLOCKBYTES] __aligned(__alignof__(u32)) = { 0 }; u8 i_hash[BLAKE2S_OUTBYTES] __aligned(__alignof__(u32)); int i; if (keylen > BLAKE2S_BLOCKBYTES) { blake2s_init(&state, BLAKE2S_OUTBYTES); blake2s_update(&state, key, keylen); - blake2s_final(&state, o_key, BLAKE2S_OUTBYTES); - memcpy(i_key, o_key, BLAKE2S_OUTBYTES); - } else { - memcpy(o_key, key, keylen); - memcpy(i_key, key, keylen); - } + blake2s_final(&state, x_key, BLAKE2S_OUTBYTES); + } else + memcpy(x_key, key, keylen); - for (i = 0; i < BLAKE2S_BLOCKBYTES; ++i) { - o_key[i] ^= 0x5c; - i_key[i] ^= 0x36; - } + for (i = 0; i < BLAKE2S_BLOCKBYTES; ++i) + x_key[i] ^= 0x36; blake2s_init(&state, BLAKE2S_OUTBYTES); - blake2s_update(&state, i_key, BLAKE2S_BLOCKBYTES); + blake2s_update(&state, x_key, BLAKE2S_BLOCKBYTES); blake2s_update(&state, in, inlen); blake2s_final(&state, i_hash, BLAKE2S_OUTBYTES); + for (i = 0; i < BLAKE2S_BLOCKBYTES; ++i) + x_key[i] ^= 0x5c ^ 0x36; + blake2s_init(&state, BLAKE2S_OUTBYTES); - blake2s_update(&state, o_key, BLAKE2S_BLOCKBYTES); + blake2s_update(&state, x_key, BLAKE2S_BLOCKBYTES); blake2s_update(&state, i_hash, BLAKE2S_OUTBYTES); blake2s_final(&state, i_hash, BLAKE2S_OUTBYTES); memcpy(out, i_hash, outlen); - memzero_explicit(o_key, BLAKE2S_BLOCKBYTES); - memzero_explicit(i_key, BLAKE2S_BLOCKBYTES); + memzero_explicit(x_key, BLAKE2S_BLOCKBYTES); memzero_explicit(i_hash, BLAKE2S_OUTBYTES); } -- cgit v1.2.3