Re: [PATCH] Use EVP_MAC interface for Poly1305 if supported.

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 10/22/22 6:49 PM, Darren Tucker wrote:
On Sat, 22 Oct 2022 at 07:53, Chris Rapier <rapier@xxxxxxx> wrote:
[...]
I normally wouldn't clutter up the code with library version specific
ifdefs but it might be worth considering.

Instead of ifdefs, you can check if the MAC init succeeded before
calling the EVP functions, else fall back to the existing code path.

As pointed out, this is only in OSSL3. That said, for hpnssh we've been looking at extracting the necessary code/assembly from OSSL3 and incorporating it into our code base to provide this functionality. Maybe. Depends on the complexity of the task.
+       /* fetch the mac and create and initialize the context */
+       if ((mac = EVP_MAC_fetch(NULL, "POLY1305", NULL)) == NULL ||
+           (poly_ctx = EVP_MAC_CTX_new(mac)) == NULL ||

You're initializing the MAC context on every call to this function.
If you initialize the context once, cache it (say, as a static) and
reuse it does it go any faster?

That's a fine question and one I hope to explore today. I also noticed that I'm neglecting to free the the EVP_MAC and the EVP_MAC_CTX. Kind of jumped the gun on that.

Chris
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux