[gentoo-commits] gentoo-x86 commit in dev-libs/libgcrypt/files: libgcrypt-1.6.0-gcry_md

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] gentoo-x86 commit in dev-libs/libgcrypt/files: libgcrypt-1.6.0-gcry_md_reset.patch
@ 2014-02-03 18:22 Alon Bar-Lev (alonbl)
  0 siblings, 0 replies; only message in thread
From: Alon Bar-Lev (alonbl) @ 2014-02-03 18:22 UTC (permalink / raw
  To: gentoo-commits

alonbl      14/02/03 18:22:10

  Added:                libgcrypt-1.6.0-gcry_md_reset.patch
  Log:
  fix performance issues, bug#497654, thanks to Alexandre Rostovtsev
  
  (Portage version: 2.2.8-r1/cvs/Linux x86_64, RepoMan options: --force, signed Manifest commit with key BF20DC51)

Revision  Changes    Path
1.1                  dev-libs/libgcrypt/files/libgcrypt-1.6.0-gcry_md_reset.patch

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/libgcrypt/files/libgcrypt-1.6.0-gcry_md_reset.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/libgcrypt/files/libgcrypt-1.6.0-gcry_md_reset.patch?rev=1.1&content-type=text/plain

Index: libgcrypt-1.6.0-gcry_md_reset.patch
===================================================================
From 04cda6b7cc16f3f52c12d9d3e46c56701003496e Mon Sep 17 00:00:00 2001
From: Milan Broz <gmazyland@gmail.com>
Date: Mon, 13 Jan 2014 21:30:42 +0100
Subject: [PATCH] PBKDF2: Use gcry_md_reset to speed up calculation.

* cipher/kdf.c (_gcry_kdf_pkdf2): Use gcry_md_reset
to speed up calculation.
--

Current PBKDF2 implementation uses gcry_md_set_key in every iteration
which is extremely slow (even in comparison with other implementations).

Use gcry_md_reset instead and set key only once.

With this test program:

  char input[32000], salt[8], key[16];
  gcry_kdf_derive(input, sizeof(input), GCRY_KDF_PBKDF2,
                  gcry_md_map_name("sha1"),
                  salt, sizeof(salt), 100000, sizeof(key), key);

running time without patch:
  real    0m11.165s
  user    0m11.136s
  sys     0m0.000s

and with patch applied
  real    0m0.230s
  user    0m0.184s
  sys     0m0.024s

(The problem was found when cryptsetup started to use gcrypt internal PBKDF2
and for very long keyfiles unlocking time increased drastically.
See https://bugzilla.redhat.com/show_bug.cgi?id=1051733)

Signed-off-by: Milan Broz <gmazyland@gmail.com>
---
 cipher/kdf.c |   16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/cipher/kdf.c b/cipher/kdf.c
index 503f068..af0dc48 100644
--- a/cipher/kdf.c
+++ b/cipher/kdf.c
@@ -175,19 +175,21 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
       return ec;
     }
 
+  ec = _gcry_md_setkey (md, passphrase, passphraselen);
+  if (ec)
+    {
+      _gcry_md_close (md);
+      xfree (sbuf);
+      return ec;
+    }
+
   /* Step 3 and 4. */
   memcpy (sbuf, salt, saltlen);
   for (lidx = 1; lidx <= l; lidx++)
     {
       for (iter = 0; iter < iterations; iter++)
         {
-          ec = _gcry_md_setkey (md, passphrase, passphraselen);
-          if (ec)
-            {
-              _gcry_md_close (md);
-              xfree (sbuf);
-              return ec;
-            }
+          _gcry_md_reset (md);
           if (!iter) /* Compute U_1:  */
             {
               sbuf[saltlen]     = (lidx >> 24);
-- 
1.7.10.4






^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2014-02-03 18:22 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-02-03 18:22 [gentoo-commits] gentoo-x86 commit in dev-libs/libgcrypt/files: libgcrypt-1.6.0-gcry_md_reset.patch Alon Bar-Lev (alonbl)

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox