diff options
author | Jeffrey Walton <noloader@gmail.com> | 2017-08-05 06:05:57 -0400 |
---|---|---|
committer | Jeffrey Walton <noloader@gmail.com> | 2017-08-05 06:05:57 -0400 |
commit | 0357e508e4fd8e8f61e82a48b16adb5c381a740d (patch) | |
tree | fdac41172c7fcc2abc18fc5cb6487dde3a8298ec /poly1305.cpp | |
parent | bf35d58ad79b65462f38935996719076edf822da (diff) | |
download | cryptopp-git-0357e508e4fd8e8f61e82a48b16adb5c381a740d.tar.gz |
Make nonce a class member rather than temporary
Effectively this creates a workspace for encrypting the nonce. The zeroizer will run when the class is destroyed, rather than each invocation of UncheckedSetKey.
Performance went from 3.6 cpb as a temporary to 2.9 cpb as a class member
Diffstat (limited to 'poly1305.cpp')
-rw-r--r-- | poly1305.cpp | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/poly1305.cpp b/poly1305.cpp index f580fc42..9bef7585 100644 --- a/poly1305.cpp +++ b/poly1305.cpp @@ -33,13 +33,13 @@ void Poly1305_Base<T>::UncheckedSetKey(const byte *key, unsigned int length, con ConstByteArrayParameter t;
if (params.GetValue(Name::IV(), t) && t.begin() && t.size())
{
- SecByteBlock nk(16);
- m_cipher.ProcessBlock(t.begin(), nk);
+ // Nonce key is a class member to avoid the zeroizer on a temporary
+ m_cipher.ProcessBlock(t.begin(), m_nk.begin());
- m_n[0] = GetWord<word32>(false, LITTLE_ENDIAN_ORDER, nk + 0);
- m_n[1] = GetWord<word32>(false, LITTLE_ENDIAN_ORDER, nk + 4);
- m_n[2] = GetWord<word32>(false, LITTLE_ENDIAN_ORDER, nk + 8);
- m_n[3] = GetWord<word32>(false, LITTLE_ENDIAN_ORDER, nk + 12);
+ m_n[0] = GetWord<word32>(false, LITTLE_ENDIAN_ORDER, m_nk + 0);
+ m_n[1] = GetWord<word32>(false, LITTLE_ENDIAN_ORDER, m_nk + 4);
+ m_n[2] = GetWord<word32>(false, LITTLE_ENDIAN_ORDER, m_nk + 8);
+ m_n[3] = GetWord<word32>(false, LITTLE_ENDIAN_ORDER, m_nk + 12);
m_used = false;
}
|