diff options
| author | Adam Langley <alangley@gmail.com> | 2021-06-30 16:33:47 -0700 |
|---|---|---|
| committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2021-07-15 19:18:41 +0000 |
| commit | 7153013019544f0314dfbf61c2a7010a82c8c53a (patch) | |
| tree | 31310dd9ee63dd6cd498c46ee4a87b697dfced32 /tool | |
| parent | 94a608a1f5d4339d95252902a9e9381c2cc1c225 (diff) | |
| download | boringssl-7153013019544f0314dfbf61c2a7010a82c8c53a.zip boringssl-7153013019544f0314dfbf61c2a7010a82c8c53a.tar.gz boringssl-7153013019544f0314dfbf61c2a7010a82c8c53a.tar.bz2 | |
hrss: use less stack space.
The stack consumption of the HRSS functions is causing issues in
stack-constrained environments. Therefore allocate many variables on the
heap. This means that several HRSS_ functions now allocate, and thus can
fail, where they couldn't before. Callers that ignore the return value
and don't have crash-on-failure mallocs will still be safe, although
things will fail to decrypt later on.
Somehow, this actually makes key generation _faster_ on my machine. (I
don't know. Better alignment? Fewer L1 collisions?) The other operations
are slightly slower, as expected.
Before:
Did 17390 HRSS generate operations in 3054088us (5694.0 ops/sec)
Did 225000 HRSS encap operations in 3000512us (74987.2 ops/sec)
Did 87000 HRSS decap operations in 3014525us (28860.3 ops/sec)
After:
Did 21300 HRSS generate operations in 3026637us (7037.5 ops/sec)
Did 221000 HRSS encap operations in 3008911us (73448.5 ops/sec)
Did 84000 HRSS decap operations in 3007622us (27929.0 ops/sec)
Change-Id: I2312df8909af7d8d250c7c483c65038123f21ad9
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48345
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'tool')
| -rw-r--r-- | tool/speed.cc | 35 |
1 files changed, 17 insertions, 18 deletions
diff --git a/tool/speed.cc b/tool/speed.cc index 264334f..2d01f4b 100644 --- a/tool/speed.cc +++ b/tool/speed.cc @@ -896,13 +896,12 @@ static bool SpeedHRSS(const std::string &selected) { TimeResults results; if (!TimeFunction(&results, []() -> bool { - struct HRSS_public_key pub; - struct HRSS_private_key priv; - uint8_t entropy[HRSS_GENERATE_KEY_BYTES]; - RAND_bytes(entropy, sizeof(entropy)); - HRSS_generate_key(&pub, &priv, entropy); - return true; - })) { + struct HRSS_public_key pub; + struct HRSS_private_key priv; + uint8_t entropy[HRSS_GENERATE_KEY_BYTES]; + RAND_bytes(entropy, sizeof(entropy)); + return HRSS_generate_key(&pub, &priv, entropy); + })) { fprintf(stderr, "Failed to time HRSS_generate_key.\n"); return false; } @@ -913,16 +912,17 @@ static bool SpeedHRSS(const std::string &selected) { struct HRSS_private_key priv; uint8_t key_entropy[HRSS_GENERATE_KEY_BYTES]; RAND_bytes(key_entropy, sizeof(key_entropy)); - HRSS_generate_key(&pub, &priv, key_entropy); + if (!HRSS_generate_key(&pub, &priv, key_entropy)) { + return false; + } uint8_t ciphertext[HRSS_CIPHERTEXT_BYTES]; if (!TimeFunction(&results, [&pub, &ciphertext]() -> bool { - uint8_t entropy[HRSS_ENCAP_BYTES]; - uint8_t shared_key[HRSS_KEY_BYTES]; - RAND_bytes(entropy, sizeof(entropy)); - HRSS_encap(ciphertext, shared_key, &pub, entropy); - return true; - })) { + uint8_t entropy[HRSS_ENCAP_BYTES]; + uint8_t shared_key[HRSS_KEY_BYTES]; + RAND_bytes(entropy, sizeof(entropy)); + return HRSS_encap(ciphertext, shared_key, &pub, entropy); + })) { fprintf(stderr, "Failed to time HRSS_encap.\n"); return false; } @@ -930,10 +930,9 @@ static bool SpeedHRSS(const std::string &selected) { results.Print("HRSS encap"); if (!TimeFunction(&results, [&priv, &ciphertext]() -> bool { - uint8_t shared_key[HRSS_KEY_BYTES]; - HRSS_decap(shared_key, &priv, ciphertext, sizeof(ciphertext)); - return true; - })) { + uint8_t shared_key[HRSS_KEY_BYTES]; + return HRSS_decap(shared_key, &priv, ciphertext, sizeof(ciphertext)); + })) { fprintf(stderr, "Failed to time HRSS_encap.\n"); return false; } |