kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
eb2c2cdf17
boringssl/crypto/fipsmodule
History
David Benjamin eb2c2cdf17 Always define GHASH. 
There is a C implementation of gcm_ghash_4bit to pair with
gcm_gmult_4bit. It's even slightly faster per the numbers below (x86_64
OPENSSL_NO_ASM build), but, more importantly, we trim down the
combinatorial explosion of GCM implementations and free up complexity
budget for potentially using bsaes better in the future.

Old:
Did 2557000 AES-128-GCM (16 bytes) seal operations in 1000057us (2556854.3 ops/sec): 40.9 MB/s
Did 94000 AES-128-GCM (1350 bytes) seal operations in 1009613us (93105.0 ops/sec): 125.7 MB/s
Did 17000 AES-128-GCM (8192 bytes) seal operations in 1024768us (16589.1 ops/sec): 135.9 MB/s
Did 2511000 AES-256-GCM (16 bytes) seal operations in 1000196us (2510507.9 ops/sec): 40.2 MB/s
Did 84000 AES-256-GCM (1350 bytes) seal operations in 1000412us (83965.4 ops/sec): 113.4 MB/s
Did 15000 AES-256-GCM (8192 bytes) seal operations in 1046963us (14327.2 ops/sec): 117.4 MB/s

New:
Did 2739000 AES-128-GCM (16 bytes) seal operations in 1000322us (2738118.3 ops/sec): 43.8 MB/s
Did 100000 AES-128-GCM (1350 bytes) seal operations in 1008190us (99187.7 ops/sec): 133.9 MB/s
Did 17000 AES-128-GCM (8192 bytes) seal operations in 1006360us (16892.6 ops/sec): 138.4 MB/s
Did 2546000 AES-256-GCM (16 bytes) seal operations in 1000150us (2545618.2 ops/sec): 40.7 MB/s
Did 86000 AES-256-GCM (1350 bytes) seal operations in 1000970us (85916.7 ops/sec): 116.0 MB/s
Did 14850 AES-256-GCM (8192 bytes) seal operations in 1023459us (14509.6 ops/sec): 118.9 MB/s

While I'm here, tighten up some of the functions and align the ctr32 and
non-ctr32 paths.

Bug: 256
Change-Id: Id4df699cefc8630dd5a350d44f927900340f5e60
Reviewed-on: https://boringssl-review.googlesource.com/c/34869
Reviewed-by: Adam Langley <agl@google.com>
2019-02-14 17:30:55 +00:00
..
aes Patch out unused aesni-x86_64 functions. 2019-02-11 20:25:22 +00:00
bn Add ABI tests for x86_64-mont5.pl. 2019-02-11 19:27:13 +00:00
cipher Don't use bsaes over vpaes for CTR-DRBG. 2019-02-01 18:03:39 +00:00
des Move OPENSSL_FALLTHROUGH to internal headers. 2018-01-29 18:17:57 +00:00
digest Match OpenSSL's EVP_MD_CTX_reset return value. 2018-05-29 17:07:16 +00:00
ec Test and fix an ABI issue with small parameters. 2019-01-28 21:09:40 +00:00
ecdh Clean up EC_POINT to byte conversions. 2018-11-13 17:27:59 +00:00
ecdsa Modernize OPENSSL_COMPILE_ASSERT, part 2. 2018-11-14 16:06:37 +00:00
hmac
md4
md5 Add ABI tests for MD5. 2019-01-08 18:01:07 +00:00
modes Always define GHASH. 2019-02-14 17:30:55 +00:00
policydocs Include details about latest FIPS certification. 2018-11-05 19:03:25 +00:00
rand Unwind RDRAND functions correctly on Windows. 2019-02-12 20:24:27 +00:00
rsa Add start of infrastructure for checking constant-time properties. 2018-12-18 22:43:02 +00:00
self_check Always print some diagnostic information when POST fails. 2018-09-28 19:33:38 +00:00
sha Remove union from |SHA512_CTX|. 2019-01-22 23:36:46 +00:00
tls Fix include path. 2018-05-08 16:26:05 +00:00
bcm.c Always print some diagnostic information when POST fails. 2018-09-28 19:33:38 +00:00
CMakeLists.txt Add a constant-time pshufb-based GHASH implementation. 2019-01-24 17:19:21 +00:00
delocate.h Use a pool of |rand_state| objects. 2018-07-06 21:25:37 +00:00
FIPS.md Include details about latest FIPS certification. 2018-11-05 19:03:25 +00:00
intcheck1.png
intcheck2.png
intcheck3.png
is_fips.c Add some more compatibility functions. 2018-05-08 20:51:15 +00:00