OERV-RUNTIME/boringssl
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
2c8fdd59191f9247af7174d739d29a9d20da41f2
boringssl/include/openssl/blake2.h
Adam Langley 5622da92e1 Pack SHA-512 and BLAKE2b a little more tightly. 
Honestly, we don't actually need to support hashing more than 2**64
bytes on a single machine, so we certainly don't need to support 2**128
bytes. Thus pack these structures a little better by supporting only
2**96 bytes. This removes 8 bytes from these structures and thus 24
bytes from an HMAC_CTX.

It's possible to pack SHA-512 even tighter: the final byte of the block
buffer isn't used between calls. It can be repurposed to store the
buffer length (in the lower seven bits) and an "is SHA-384" flag in the
MSB. That saves another eight bytes.

But the same trick doesn't work for BLAKE2b because it hashes in a
"final block" flag and thus needs to know whether there's more data
coming before hashing a block. Thus it uses all 128 bytes for storage.

So while we can pack SHA-512 tighter, BLAKE2b would still keep
EVP_MAX_MD_DATA_SIZE the same.

Pleasingly, this seems net-positive on benchmarks. (Or, at least, not
negative.)

Before:

Did 49145000 SHA-512 (16 bytes) operations in 5000055us (9828891.9 ops/sec): 157.3 MB/s
Did 17905000 SHA-512 (256 bytes) operations in 5000134us (3580904.0 ops/sec): 916.7 MB/s
Did 5091000 SHA-512 (1350 bytes) operations in 5000183us (1018162.7 ops/sec): 1374.5 MB/s
Did 871000 SHA-512 (8192 bytes) operations in 5004110us (174056.9 ops/sec): 1425.9 MB/s
Did 440000 SHA-512 (16384 bytes) operations in 5008994us (87842.0 ops/sec): 1439.2 MB/s

After:

Did 50435000 SHA-512 (16 bytes) operations in 5000060us (10086879.0 ops/sec): 161.4 MB/s
Did 18218000 SHA-512 (256 bytes) operations in 5000068us (3643550.4 ops/sec): 932.7 MB/s
Did 5126000 SHA-512 (1350 bytes) operations in 5000588us (1025079.5 ops/sec): 1383.9 MB/s
Did 872000 SHA-512 (8192 bytes) operations in 5002028us (174329.3 ops/sec): 1428.1 MB/s
Did 440000 SHA-512 (16384 bytes) operations in 5004069us (87928.4 ops/sec): 1440.6 MB/s

Change-Id: Ib996d82cff3e959993a9e553a688766c2e9052fb
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/79508
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
2025-06-05 14:47:57 -07:00

61 lines
1.9 KiB
C
Raw Blame History

// Copyright 2021 The BoringSSL Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef OPENSSL_HEADER_BLAKE2_H
#define OPENSSL_HEADER_BLAKE2_H
#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
#endif
#define BLAKE2B256_DIGEST_LENGTH (256 / 8)
#define BLAKE2B_CBLOCK 128
struct blake2b_state_st {
uint64_t h[8];
uint64_t t_low;
uint32_t t_high;
uint32_t block_used;
uint8_t block[BLAKE2B_CBLOCK];
};
// BLAKE2B256_Init initialises |b2b| to perform a BLAKE2b-256 hash. There are no
// pointers inside |b2b| thus release of |b2b| is purely managed by the caller.
OPENSSL_EXPORT void BLAKE2B256_Init(BLAKE2B_CTX *b2b);
// BLAKE2B256_Update appends |len| bytes from |data| to the digest being
// calculated by |b2b|.
OPENSSL_EXPORT void BLAKE2B256_Update(BLAKE2B_CTX *b2b, const void *data,
size_t len);
// BLAKE2B256_Final completes the digest calculated by |b2b| and writes
// |BLAKE2B256_DIGEST_LENGTH| bytes to |out|.
OPENSSL_EXPORT void BLAKE2B256_Final(uint8_t out[BLAKE2B256_DIGEST_LENGTH],
BLAKE2B_CTX *b2b);
// BLAKE2B256 writes the BLAKE2b-256 digset of |len| bytes from |data| to
// |out|.
OPENSSL_EXPORT void BLAKE2B256(const uint8_t *data, size_t len,
uint8_t out[BLAKE2B256_DIGEST_LENGTH]);
#if defined(__cplusplus)
} // extern C
#endif
#endif // OPENSSL_HEADER_BLAKE2_H
Reference in New Issue View Git Blame Copy Permalink