oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5: Add EVP iovec encryption routines

Browse Source 
Add iovec routines for both padded CBC, and CTS EVP based encryption.

These routines go to great lengths to minimise the number of times
we call EVP_Cipher. With some EVP implementations (such as OpenSSL's
AES-NI) there is a significant entrance and exit overhead from this
routine, due to the use of SIMD vectors for the ivec.
This commit is contained in:
Simon Wilkinson
2018-05-14 14:25:55 +01:00
committed by Jeffrey Altman
parent 57f7373583
commit c611a23d77
3 changed files with 383 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/krb5/crypto-des3.c
View File

@@ -198,7 +198,7 @@ struct _krb5_encryption_type _krb5_enctype_des3_cbc_md5 = {
&_krb5_checksum_rsa_md5_des3,
0,
_krb5_evp_encrypt,
NULL,
_krb5_evp_encrypt_iov,
0,
NULL
};
@@ -216,7 +216,7 @@ struct _krb5_encryption_type _krb5_enctype_des3_cbc_sha1 = {
&_krb5_checksum_hmac_sha1_des3,
F_DERIVED | F_RFC3961_ENC | F_RFC3961_KDF,
_krb5_evp_encrypt,
NULL,
_krb5_evp_encrypt_iov,
16,
DES3_prf
};
@@ -234,7 +234,7 @@ struct _krb5_encryption_type _krb5_enctype_old_des3_cbc_sha1 = {
&_krb5_checksum_hmac_sha1_des3,
0,
_krb5_evp_encrypt,
NULL,
_krb5_evp_encrypt_iov,
0,
NULL
};
@@ -252,7 +252,7 @@ struct _krb5_encryption_type _krb5_enctype_des3_cbc_none = {
NULL,
F_PSEUDO,
_krb5_evp_encrypt,
NULL,
_krb5_evp_encrypt_iov,
0,
NULL
};