yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-23 05:25:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make tls1_prf and tls12_prf more efficient

Browse source 
Repeatedly allocating a context and setting the key was a waste
This commit is contained in:
Manuel Pégourié-Gonnard 2015-03-26 11:41:28 +01:00
parent 6890c6b64e
commit b7fcca33b9
1 changed files with 53 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

62
library/ssl_tls.c
View file

@ -277,6 +277,10 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
unsigned char tmp[128];
unsigned char h_i[20];
const md_info_t *md_info;
md_context_t md_ctx;
int ret;
md_init( &md_ctx );
if( sizeof( tmp ) < 20 + strlen( label ) + rlen )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
@ -296,12 +300,22 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
if( ( md_info = md_info_from_type( POLARSSL_MD_MD5 ) ) == NULL )
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
md_hmac( md_info, S1, hs, tmp + 20, nb, 4 + tmp );
if( ( ret = md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret );
md_hmac_starts( &md_ctx, S1, hs );
md_hmac_update( &md_ctx, tmp + 20, nb );
md_hmac_finish( &md_ctx, 4 + tmp );
for( i = 0; i < dlen; i += 16 )
{
md_hmac( md_info, S1, hs, 4 + tmp, 16 + nb, h_i );
md_hmac( md_info, S1, hs, 4 + tmp, 16, 4 + tmp );
md_hmac_reset ( &md_ctx );
md_hmac_update( &md_ctx, 4 + tmp, 16 + nb );
md_hmac_finish( &md_ctx, h_i );
md_hmac_reset ( &md_ctx );
md_hmac_update( &md_ctx, 4 + tmp, 16 );
md_hmac_finish( &md_ctx, 4 + tmp );
k = ( i + 16 > dlen ) ? dlen % 16 : 16;
@ -309,18 +323,30 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
dstbuf[i + j] = h_i[j];
}
md_free( &md_ctx );
/*
* XOR out with P_sha1(secret,label+random)[0..dlen]
*/
if( ( md_info = md_info_from_type( POLARSSL_MD_SHA1 ) ) == NULL )
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
md_hmac( md_info, S2, hs, tmp + 20, nb, tmp );
if( ( ret = md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret );
md_hmac_starts( &md_ctx, S2, hs );
md_hmac_update( &md_ctx, tmp + 20, nb );
md_hmac_finish( &md_ctx, tmp );
for( i = 0; i < dlen; i += 20 )
{
md_hmac( md_info, S2, hs, tmp, 20 + nb, h_i );
md_hmac( md_info, S2, hs, tmp, 20, tmp );
md_hmac_reset ( &md_ctx );
md_hmac_update( &md_ctx, tmp, 20 + nb );
md_hmac_finish( &md_ctx, h_i );
md_hmac_reset ( &md_ctx );
md_hmac_update( &md_ctx, tmp, 20 );
md_hmac_finish( &md_ctx, tmp );
k = ( i + 20 > dlen ) ? dlen % 20 : 20;
@ -328,6 +354,8 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] );
}
md_free( &md_ctx );
polarssl_zeroize( tmp, sizeof( tmp ) );
polarssl_zeroize( h_i, sizeof( h_i ) );
@ -347,6 +375,10 @@ static int tls_prf_generic( md_type_t md_type,
unsigned char tmp[128];
unsigned char h_i[POLARSSL_MD_MAX_SIZE];
const md_info_t *md_info;
md_context_t md_ctx;
int ret;
md_init( &md_ctx );
if( ( md_info = md_info_from_type( md_type ) ) == NULL )
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
@ -364,12 +396,22 @@ static int tls_prf_generic( md_type_t md_type,
/*
* Compute P_<hash>(secret, label + random)[0..dlen]
*/
md_hmac( md_info, secret, slen, tmp + md_len, nb, tmp );
if ( ( ret = md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret );
md_hmac_starts( &md_ctx, secret, slen );
md_hmac_update( &md_ctx, tmp + md_len, nb );
md_hmac_finish( &md_ctx, tmp );
for( i = 0; i < dlen; i += md_len )
{
md_hmac( md_info, secret, slen, tmp, md_len + nb, h_i );
md_hmac( md_info, secret, slen, tmp, md_len, tmp );
md_hmac_reset ( &md_ctx );
md_hmac_update( &md_ctx, tmp, md_len + nb );
md_hmac_finish( &md_ctx, h_i );
md_hmac_reset ( &md_ctx );
md_hmac_update( &md_ctx, tmp, md_len );
md_hmac_finish( &md_ctx, tmp );
k = ( i + md_len > dlen ) ? dlen % md_len : md_len;
@ -377,6 +419,8 @@ static int tls_prf_generic( md_type_t md_type,
dstbuf[i + j] = h_i[j];
}
md_free( &md_ctx );
polarssl_zeroize( tmp, sizeof( tmp ) );
polarssl_zeroize( h_i, sizeof( h_i ) );