[Git][NTPsec/ntpsec][master] 2 commits: Revert "Sigh. Fix missing HMAC_CTX_new in attic/digest-timing"

Hal Murray gitlab at mg.gitlab.com
Mon Mar 5 03:56:03 UTC 2018


Hal Murray pushed to branch master at NTPsec / ntpsec


Commits:
6ddfaba0 by Hal Murray at 2018-03-05T03:54:48Z
Revert "Sigh.  Fix missing HMAC_CTX_new in attic/digest-timing"

This reverts commit 62989fe509d65054790084befe718258bd7dad80.

- - - - -
ddc15c3e by Hal Murray at 2018-03-05T03:54:48Z
Revert "Add HMAC timings to attic/digest-timing"

This reverts commit aa8711e5ce022efe4712ac41524a2a4bf3a595ad.

- - - - -


1 changed file:

- attic/digest-timing.c


Changes:

=====================================
attic/digest-timing.c
=====================================
--- a/attic/digest-timing.c
+++ b/attic/digest-timing.c
@@ -13,16 +13,10 @@
  */
 
 /* This may not be high enough.
- * 0x10000003  1.0.0b fails CMAC
- * 0x1000105fL 1.0.1e works for CMAC
- *
- * The HMAC test could be split out.
- * ??          ??     fails HMAC on Debian/Jessie
- * 0x1000115fL 1.0.1u fails HMAC on NetBSD 7.1
- * 0x100020bfL 1.0.2k fails HMAC on FreeBSD 11
- * An older version of HMAC doesn't have HMAC_CTX_new
+ * 0x10000003  1.0.0b fails
+ * 0x1000105fL 1.0.1e works.
  */
-#define CMAC_VERSION_CUTOFF 0x100020bfL
+#define CMAC_VERSION_CUTOFF 0x10000003
 
 #include <stdint.h>
 #include <stdlib.h>
@@ -33,7 +27,6 @@
 #include <openssl/err.h>
 #if OPENSSL_VERSION_NUMBER > CMAC_VERSION_CUTOFF
 #include <openssl/cmac.h>
-#include <openssl/hmac.h>
 #endif
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -68,7 +61,6 @@ int NUM = 1000000;
 EVP_MD_CTX *ctx;
 #if OPENSSL_VERSION_NUMBER > CMAC_VERSION_CUTOFF
 CMAC_CTX *cmac;
-HMAC_CTX *hmac;
 #endif
 
 static void ssl_init(void)
@@ -78,7 +70,6 @@ static void ssl_init(void)
   ctx = EVP_MD_CTX_new();
 #if OPENSSL_VERSION_NUMBER > CMAC_VERSION_CUTOFF
   cmac = CMAC_CTX_new();
-  hmac = HMAC_CTX_new();
 #endif
 }
 
@@ -128,26 +119,12 @@ static size_t SSL_CMAC(
 ) {
   unsigned char answer[EVP_MAX_MD_SIZE];
   size_t len;
+  CMAC_resume(cmac);
   CMAC_Init(cmac, key, keylength, cipher, NULL);
   CMAC_Update(cmac, pkt, pktlength);
   CMAC_Final(cmac, answer, &len);
   return len;
 }
-
-static size_t SSL_HMAC(
-  const EVP_MD *digest,     /* digest algorithm */
-  uint8_t *key,             /* key pointer */
-  int     keylength,        /* key size */
-  uint8_t *pkt,             /* packet pointer */
-  int     pktlength         /* packet length */
-) {
-  unsigned char answer[EVP_MAX_MD_SIZE];
-  unsigned int len;
-  HMAC_Init_ex(hmac, key, keylength, digest, NULL);
-  HMAC_Update(hmac, pkt, pktlength);
-  HMAC_Final(hmac, answer, &len);
-  return len;
-}
 #endif
 
 static void DoDigest(
@@ -212,35 +189,10 @@ static void DoCMAC(
   }
   clock_gettime(CLOCK_MONOTONIC, &stop);
   fast = (stop.tv_sec-start.tv_sec)*1E9 + (stop.tv_nsec-start.tv_nsec);
-  printf("%10s  %2d %2d %2lu %6.0f  %6.3f\n",
+  printf("%10s  %2d %2d %2lu %6.0f  %6.3f",
     name, keylength, pktlength, digestlength, fast/NUM,  fast/1E9);
-}
 
-static void DoHMAC(
-  const char *name,       /* name of cipher */
-  uint8_t *key,           /* key pointer */
-  int     keylength,      /* key length */
-  uint8_t *pkt,           /* packet pointer */
-  int     pktlength       /* packet length */
-)
-{
-  int type = OBJ_sn2nid(name);
-  const EVP_MD *digest = EVP_get_digestbynid(type);
-  struct timespec start, stop;
-  int i;
-  double fast;
-  unsigned long digestlength = 0;
-
-  if (NULL == digest) return;
-
-  clock_gettime(CLOCK_MONOTONIC, &start);
-  for (i = 0; i < NUM; i++) {
-    digestlength = SSL_HMAC(digest, key, keylength, pkt, pktlength);
-  }
-  clock_gettime(CLOCK_MONOTONIC, &stop);
-  fast = (stop.tv_sec-start.tv_sec)*1E9 + (stop.tv_nsec-start.tv_nsec);
-  printf("%10s  %2d %2d %2lu %6.0f  %6.3f\n",
-    name, keylength, pktlength, digestlength, fast/NUM,  fast/1E9);
+  printf("\n");
 }
 #endif
 
@@ -293,17 +245,6 @@ int main(int argc, char *argv[])
   DoCMAC("CAM-128", EVP_camellia_128_cbc(), key, 16, packet, PACKET_LENGTH);
   DoCMAC("CAM-192", EVP_camellia_192_cbc(), key, 24, packet, PACKET_LENGTH);
   DoCMAC("CAM-256", EVP_camellia_256_cbc(), key, 32, packet, PACKET_LENGTH);
-
-  printf("\n");
-  printf("# KL=key length, PL=packet length, CL=HMAC length\n");
-  printf("# HMAC      KL PL CL  ns/op sec/run\n");
-
-  DoHMAC("MD5",    key,  8, packet, PACKET_LENGTH);
-  DoHMAC("SHA1",   key, 16, packet, PACKET_LENGTH);
-  DoHMAC("SHA256", key, 16, packet, PACKET_LENGTH);
-  DoHMAC("SHA256", key, 20, packet, PACKET_LENGTH);
-  DoHMAC("SHA512", key, 16, packet, PACKET_LENGTH);
-  DoHMAC("SHA512", key, 32, packet, PACKET_LENGTH);
 #endif
 
   return 0;



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/38b6d8713aa60d449136ea07018f5f989bc77c96...ddc15c3e3afff90643c551b74bc50f5661dcd302

---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/38b6d8713aa60d449136ea07018f5f989bc77c96...ddc15c3e3afff90643c551b74bc50f5661dcd302
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20180305/df2ea786/attachment.html>


More information about the vc mailing list