blake2b.c/blake2s.c: refactor so that smallstack code paths match performance of !smallstack path.

2021-01-29 17:19:42 -06:00
parent a332cf36b5
commit 8c0100e60e
2 changed files with 106 additions and 70 deletions
--- a/wolfcrypt/src/blake2b.c
+++ b/wolfcrypt/src/blake2b.c
@@ -207,31 +207,14 @@ int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key,
  return 0;
 }
-static int blake2b_compress( blake2b_state *S,
+static WC_INLINE int blake2b_compress(
-                             const byte block[BLAKE2B_BLOCKBYTES] )
+    blake2b_state *S,
    const byte block[BLAKE2B_BLOCKBYTES],
    word64* m,
    word64* v)
 {
  int i;
 #ifdef WOLFSSL_SMALL_STACK
  word64* m;
  word64* v;
  m = (word64*)XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  if ( m == NULL ) return MEMORY_E;
  v = (word64*)XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  if ( v == NULL )
  {
    XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
    return MEMORY_E;
  }
 #else
  word64 m[16];
  word64 v[16];
 #endif
  for( i = 0; i < 16; ++i )
    m[i] = load64( block + i * sizeof( m[i] ) );
@@ -287,17 +270,27 @@ static int blake2b_compress( blake2b_state *S,
 #undef G
 #undef ROUND
 #ifdef WOLFSSL_SMALL_STACK
  XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  XFREE(v, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
  return 0;
 }
 /* inlen now in bytes */
 int blake2b_update( blake2b_state *S, const byte *in, word64 inlen )
 {
  int ret = 0;
 #ifdef WOLFSSL_SMALL_STACK
  word64* m;
  word64* v;
  m = (word64*)XMALLOC(sizeof(word64) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  if ( m == NULL ) return MEMORY_E;
  v = &m[16];
 #else
  word64 m[16];
  word64 v[16];
 #endif
  while( inlen > 0 )
  {
    word64 left = S->buflen;
@@ -310,8 +303,8 @@ int blake2b_update( blake2b_state *S, const byte *in, word64 inlen )
      blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
      {
-	int ret = blake2b_compress( S, S->buf );
+	ret = blake2b_compress( S, S->buf, m, v );
-	if (ret < 0) return ret;
+	if (ret < 0) break;
      }
      XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES );
@@ -328,22 +321,40 @@ int blake2b_update( blake2b_state *S, const byte *in, word64 inlen )
    }
  }
-  return 0;
+#ifdef WOLFSSL_SMALL_STACK
  XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
  return ret;
 }
 /* Is this correct? */
 int blake2b_final( blake2b_state *S, byte *out, byte outlen )
 {
  int ret = 0;
  byte buffer[BLAKE2B_OUTBYTES];
  int     i;
 #ifdef WOLFSSL_SMALL_STACK
  word64* m;
  word64* v;
  m = (word64*)XMALLOC(sizeof(word64) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  if ( m == NULL ) return MEMORY_E;
  v = &m[16];
 #else
  word64 m[16];
  word64 v[16];
 #endif
  if( S->buflen > BLAKE2B_BLOCKBYTES )
  {
    blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
    {
-      int ret = blake2b_compress( S, S->buf );
+      ret = blake2b_compress( S, S->buf, m, v );
-      if (ret < 0) return ret;
+      if (ret < 0) goto out;
    }
    S->buflen -= BLAKE2B_BLOCKBYTES;
@@ -355,15 +366,22 @@ int blake2b_final( blake2b_state *S, byte *out, byte outlen )
  XMEMSET( S->buf + S->buflen, 0, (wolfssl_word)(2 * BLAKE2B_BLOCKBYTES - S->buflen) );
         /* Padding */
  {
-    int ret = blake2b_compress( S, S->buf );
+    ret = blake2b_compress( S, S->buf, m, v );
-    if (ret < 0) return ret;
+    if (ret < 0) goto out;
  }
  for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
    store64( buffer + sizeof( S->h[i] ) * i, S->h[i] );
  XMEMCPY( out, buffer, outlen );
-  return 0;
+
 out:
 #ifdef WOLFSSL_SMALL_STACK
  XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
  return ret;
 }
 /* inlen, at least, should be word64. Others can be size_t. */
--- a/wolfcrypt/src/blake2s.c
+++ b/wolfcrypt/src/blake2s.c
@@ -204,31 +204,14 @@ int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key,
  return 0;
 }
-static int blake2s_compress( blake2s_state *S,
+static WC_INLINE int blake2s_compress(
-                             const byte block[BLAKE2S_BLOCKBYTES] )
+    blake2s_state *S,
    const byte block[BLAKE2S_BLOCKBYTES],
    word32* m,
    word32* v)
 {
  int i;
 #ifdef WOLFSSL_SMALL_STACK
  word32* m;
  word32* v;
  m = (word32*)XMALLOC(sizeof(word32) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  if ( m == NULL ) return MEMORY_E;
  v = (word32*)XMALLOC(sizeof(word32) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  if ( v == NULL )
  {
    XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
    return MEMORY_E;
  }
 #else
  word32 m[16];
  word32 v[16];
 #endif
  for( i = 0; i < 16; ++i )
    m[i] = load32( block + i * sizeof( m[i] ) );
@@ -282,17 +265,27 @@ static int blake2s_compress( blake2s_state *S,
 #undef G
 #undef ROUND
 #ifdef WOLFSSL_SMALL_STACK
  XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  XFREE(v, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
  return 0;
 }
 /* inlen now in bytes */
 int blake2s_update( blake2s_state *S, const byte *in, word32 inlen )
 {
  int ret = 0;
 #ifdef WOLFSSL_SMALL_STACK
  word32* m;
  word32* v;
  m = (word32*)XMALLOC(sizeof(word32) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  if ( m == NULL ) return MEMORY_E;
  v = &m[16];
 #else
  word32 m[16];
  word32 v[16];
 #endif
  while( inlen > 0 )
  {
    word32 left = S->buflen;
@@ -305,8 +298,8 @@ int blake2s_update( blake2s_state *S, const byte *in, word32 inlen )
      blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES );
      {
-          int ret= blake2s_compress( S, S->buf );
+          ret= blake2s_compress( S, S->buf, m, v );
-          if (ret < 0) return ret;
+          if (ret < 0) break;
      }
      XMEMCPY( S->buf, S->buf + BLAKE2S_BLOCKBYTES, BLAKE2S_BLOCKBYTES );
@@ -323,22 +316,40 @@ int blake2s_update( blake2s_state *S, const byte *in, word32 inlen )
    }
  }
-  return 0;
+#ifdef WOLFSSL_SMALL_STACK
  XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
  return ret;
 }
 /* Is this correct? */
 int blake2s_final( blake2s_state *S, byte *out, byte outlen )
 {
  int ret = 0;
  int     i;
  byte buffer[BLAKE2S_BLOCKBYTES];
 #ifdef WOLFSSL_SMALL_STACK
  word32* m;
  word32* v;
  m = (word32*)XMALLOC(sizeof(word32) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  if ( m == NULL ) return MEMORY_E;
  v = &m[16];
 #else
  word32 m[16];
  word32 v[16];
 #endif
  if( S->buflen > BLAKE2S_BLOCKBYTES )
  {
    blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES );
    {
-        int ret = blake2s_compress( S, S->buf );
+        ret = blake2s_compress( S, S->buf, m, v );
-        if (ret < 0) return ret;
+        if (ret < 0) goto out;
    }
    S->buflen -= BLAKE2S_BLOCKBYTES;
@@ -350,15 +361,22 @@ int blake2s_final( blake2s_state *S, byte *out, byte outlen )
  XMEMSET( S->buf + S->buflen, 0, (wolfssl_word)(2 * BLAKE2S_BLOCKBYTES - S->buflen) );
         /* Padding */
  {
-      int ret = blake2s_compress( S, S->buf );
+      ret = blake2s_compress( S, S->buf, m, v );
-      if (ret < 0) return ret;
+      if (ret < 0) goto out;
  }
  for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
    store64( buffer + sizeof( S->h[i] ) * i, S->h[i] );
  XMEMCPY( out, buffer, outlen );
-  return 0;
+
 out:
 #ifdef WOLFSSL_SMALL_STACK
  XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
  return ret;
 }
 /* inlen, at least, should be word32. Others can be size_t. */