PBKDF2 computation speedup (15-40%)

This commit contains some optimizations in PKCS5_PBKDF2_HMAC() and
HMAC_CTX_copy() functions which together makes PBKDF2 computations
faster by 15-40% according to my measurements made on x64 Linux with
both asm optimized and no-asm versions of SHA1, SHA256 and SHA512.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1708)

diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index c7b08e164fc13e9ae836c5568ae50d3eb6532856..b9ea1a74007aa52fcf840077256369c6da70e5e6 100644 (file)
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -88,7 +88,6 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
             HMAC_CTX_free(hctx_tpl);
             return 0;
         }
             HMAC_CTX_free(hctx_tpl);
             return 0;
         }

-        HMAC_CTX_reset(hctx);

         memcpy(p, digtmp, cplen);
         for (j = 1; j < iter; j++) {
             if (!HMAC_CTX_copy(hctx, hctx_tpl)) {
         memcpy(p, digtmp, cplen);
         for (j = 1; j < iter; j++) {
             if (!HMAC_CTX_copy(hctx, hctx_tpl)) {


@@ -102,7 +101,6 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
                 HMAC_CTX_free(hctx_tpl);
                 return 0;
             }
                 HMAC_CTX_free(hctx_tpl);
                 return 0;
             }

-            HMAC_CTX_reset(hctx);

             for (k = 0; k < cplen; k++)
                 p[k] ^= digtmp[k];
         }
             for (k = 0; k < cplen; k++)
                 p[k] ^= digtmp[k];
         }

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index ffca891db1cb90e1247a387d40e617ee89ccce5d..3952dd50ade738b4f4a022a6fdb48289eade59bc 100644 (file)
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -157,31 +157,36 @@ void HMAC_CTX_free(HMAC_CTX *ctx)
     }
 }
 
     }
 }
 

-int HMAC_CTX_reset(HMAC_CTX *ctx)
+static int hmac_ctx_alloc_mds(HMAC_CTX *ctx)

 {
 {

-    hmac_ctx_cleanup(ctx);

     if (ctx->i_ctx == NULL)
         ctx->i_ctx = EVP_MD_CTX_new();
     if (ctx->i_ctx == NULL)
     if (ctx->i_ctx == NULL)
         ctx->i_ctx = EVP_MD_CTX_new();
     if (ctx->i_ctx == NULL)

-        goto err;
+        return 0;

     if (ctx->o_ctx == NULL)
         ctx->o_ctx = EVP_MD_CTX_new();
     if (ctx->o_ctx == NULL)
     if (ctx->o_ctx == NULL)
         ctx->o_ctx = EVP_MD_CTX_new();
     if (ctx->o_ctx == NULL)

-        goto err;
+        return 0;

     if (ctx->md_ctx == NULL)
         ctx->md_ctx = EVP_MD_CTX_new();
     if (ctx->md_ctx == NULL)
     if (ctx->md_ctx == NULL)
         ctx->md_ctx = EVP_MD_CTX_new();
     if (ctx->md_ctx == NULL)

-        goto err;
-    ctx->md = NULL;
+        return 0;

     return 1;
     return 1;

- err:
+}
+
+int HMAC_CTX_reset(HMAC_CTX *ctx)
+{

     hmac_ctx_cleanup(ctx);
     hmac_ctx_cleanup(ctx);

-    return 0;
+    if (!hmac_ctx_alloc_mds(ctx)) {
+        hmac_ctx_cleanup(ctx);
+        return 0;
+    }
+    return 1;

 }
 
 int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
 {
 }
 
 int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
 {

-    if (!HMAC_CTX_reset(dctx))
+    if (!hmac_ctx_alloc_mds(dctx))

         goto err;
     if (!EVP_MD_CTX_copy_ex(dctx->i_ctx, sctx->i_ctx))
         goto err;
         goto err;
     if (!EVP_MD_CTX_copy_ex(dctx->i_ctx, sctx->i_ctx))
         goto err;