oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5: Stash the HMAC context in the krb5_crypto object

Browse Source 
Store the EVP HMAC context in the krb5_crypto object so that we
don't have to allocate it for every hashing operating we perform.
This commit is contained in:
Simon Wilkinson
2018-05-14 14:21:41 +01:00
committed by Jeffrey Altman
parent e50faea7f0
commit b9b8e76376
4 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/krb5/crypto-aes-sha2.c
View File

@@ -74,7 +74,8 @@ SP_HMAC_SHA2_checksum(krb5_context context,
if (ret) if (ret)
return ret; return ret;
ret = _krb5_evp_hmac_iov(context, key, iov, niov, hmac, &hmaclen, md, NULL); ret = _krb5_evp_hmac_iov(context, crypto, key, iov, niov, hmac,
&hmaclen, md, NULL);
if (ret) if (ret)
return ret; return ret;

8
lib/krb5/crypto-evp.c
View File

@@ -114,6 +114,7 @@ out:
krb5_error_code krb5_error_code
_krb5_evp_hmac_iov(krb5_context context, _krb5_evp_hmac_iov(krb5_context context,
krb5_crypto crypto,
struct _krb5_key_data *key, struct _krb5_key_data *key,
const struct krb5_crypto_iov *iov, const struct krb5_crypto_iov *iov,
int niov, int niov,
@@ -126,7 +127,13 @@ _krb5_evp_hmac_iov(krb5_context context,
krb5_data current = {0, 0}; krb5_data current = {0, 0};
int i; int i;
if (crypto != NULL) {
if (crypto->hmacctx == NULL)
crypto->hmacctx = HMAC_CTX_new();
ctx = crypto->hmacctx;
} else {
ctx = HMAC_CTX_new(); ctx = HMAC_CTX_new();
}
if (ctx == NULL) if (ctx == NULL)
return krb5_enomem(context); return krb5_enomem(context);
@@ -150,6 +157,7 @@ _krb5_evp_hmac_iov(krb5_context context,
HMAC_Final(ctx, hmac, hmaclen); HMAC_Final(ctx, hmac, hmaclen);
if (crypto == NULL)
HMAC_CTX_free(ctx); HMAC_CTX_free(ctx);
return 0; return 0;

5
lib/krb5/crypto.c
View File

@@ -329,7 +329,7 @@ _krb5_SP_HMAC_SHA1_checksum(krb5_context context,
unsigned char hmac[EVP_MAX_MD_SIZE]; unsigned char hmac[EVP_MAX_MD_SIZE];
unsigned int hmaclen = sizeof(hmac); unsigned int hmaclen = sizeof(hmac);
ret = _krb5_evp_hmac_iov(context, key, iov, niov, hmac, &hmaclen, ret = _krb5_evp_hmac_iov(context, crypto, key, iov, niov, hmac, &hmaclen,
EVP_sha1(), NULL); EVP_sha1(), NULL);
heim_assert(result->checksum.length <= hmaclen, heim_assert(result->checksum.length <= hmaclen,
@@ -2526,6 +2526,9 @@ krb5_crypto_destroy(krb5_context context,
if (crypto->mdctx) if (crypto->mdctx)
EVP_MD_CTX_destroy(crypto->mdctx); EVP_MD_CTX_destroy(crypto->mdctx);
if (crypto->hmacctx)
HMAC_CTX_free(crypto->hmacctx);
free (crypto); free (crypto);
return 0; return 0;
} }

1
lib/krb5/crypto.h
View File

@@ -205,6 +205,7 @@ struct krb5_crypto_data {
struct _krb5_encryption_type *et; struct _krb5_encryption_type *et;
struct _krb5_key_data key; struct _krb5_key_data key;
EVP_MD_CTX *mdctx; EVP_MD_CTX *mdctx;
HMAC_CTX *hmacctx;
int num_key_usage; int num_key_usage;
struct _krb5_key_usage *key_usage; struct _krb5_key_usage *key_usage;
}; };