- Added reset functionality for HMAC context. Speed-up for some use-cases.
diff --git a/ChangeLog b/ChangeLog
index 0fe3ea7..3b11f4e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,7 +7,7 @@
* Added support for GeneralizedTime in X509 parsing
* Added cert_app program to allow easy reading and
printing of X509 certificates from file or SSL
- connection.
+ connection.
Changes
* Added const correctness for main code base
@@ -16,11 +16,13 @@
* Changed symmetric cipher functions to
identical interface (returning int result values)
* Changed ARC4 to use seperate input/output buffer
+ * Added reset function for HMAC context as speed-up
+ for specific use-cases
Bug fixes
* Fixed bug resulting in failure to send the last
certificate in the chain in ssl_write_certificate() and
- ssl_write_certificate_request() (found by fatbob)
+ ssl_write_certificate_request() (found by fatbob)
* Added small fixes for compiler warnings on a Mac
(found by Frank de Brabander)
* Fixed algorithmic bug in mpi_is_prime() (found by
diff --git a/include/polarssl/md2.h b/include/polarssl/md2.h
index 37eef0a..71040eb 100644
--- a/include/polarssl/md2.h
+++ b/include/polarssl/md2.h
@@ -113,6 +113,13 @@
void md2_hmac_finish( md2_context *ctx, unsigned char output[16] );
/**
+ * \brief MD2 HMAC context reset
+ *
+ * \param ctx HMAC context to be reset
+ */
+void md2_hmac_reset( md2_context *ctx );
+
+/**
* \brief Output = HMAC-MD2( hmac key, input buffer )
*
* \param key HMAC secret key
diff --git a/include/polarssl/md4.h b/include/polarssl/md4.h
index c590736..24b90ec 100644
--- a/include/polarssl/md4.h
+++ b/include/polarssl/md4.h
@@ -112,6 +112,13 @@
void md4_hmac_finish( md4_context *ctx, unsigned char output[16] );
/**
+ * \brief MD4 HMAC context reset
+ *
+ * \param ctx HMAC context to be reset
+ */
+void md4_hmac_reset( md4_context *ctx );
+
+/**
* \brief Output = HMAC-MD4( hmac key, input buffer )
*
* \param key HMAC secret key
diff --git a/include/polarssl/md5.h b/include/polarssl/md5.h
index 2f62ed1..ac28a0b 100644
--- a/include/polarssl/md5.h
+++ b/include/polarssl/md5.h
@@ -114,6 +114,13 @@
void md5_hmac_finish( md5_context *ctx, unsigned char output[16] );
/**
+ * \brief MD5 HMAC context reset
+ *
+ * \param ctx HMAC context to be reset
+ */
+void md5_hmac_reset( md5_context *ctx );
+
+/**
* \brief Output = HMAC-MD5( hmac key, input buffer )
*
* \param key HMAC secret key
diff --git a/include/polarssl/sha1.h b/include/polarssl/sha1.h
index ec08450..060f720 100644
--- a/include/polarssl/sha1.h
+++ b/include/polarssl/sha1.h
@@ -112,6 +112,13 @@
void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] );
/**
+ * \brief SHA-1 HMAC context reset
+ *
+ * \param ctx HMAC context to be reset
+ */
+void sha1_hmac_reset( sha1_context *ctx );
+
+/**
* \brief Output = HMAC-SHA-1( hmac key, input buffer )
*
* \param key HMAC secret key
diff --git a/include/polarssl/sha2.h b/include/polarssl/sha2.h
index 8b65e9f..d9f3855 100644
--- a/include/polarssl/sha2.h
+++ b/include/polarssl/sha2.h
@@ -119,6 +119,13 @@
void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] );
/**
+ * \brief SHA-256 HMAC context reset
+ *
+ * \param ctx HMAC context to be reset
+ */
+void sha2_hmac_reset( sha2_context *ctx );
+
+/**
* \brief Output = HMAC-SHA-256( hmac key, input buffer )
*
* \param key HMAC secret key
diff --git a/include/polarssl/sha4.h b/include/polarssl/sha4.h
index 3a14c91..eb35f04 100644
--- a/include/polarssl/sha4.h
+++ b/include/polarssl/sha4.h
@@ -127,6 +127,13 @@
void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] );
/**
+ * \brief SHA-512 HMAC context reset
+ *
+ * \param ctx HMAC context to be reset
+ */
+void sha4_hmac_reset( sha4_context *ctx );
+
+/**
* \brief Output = HMAC-SHA-512( hmac key, input buffer )
*
* \param key HMAC secret key
diff --git a/library/md2.c b/library/md2.c
index 061ebbe..3a0d1f5 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -261,6 +261,15 @@
}
/*
+ * MD2 HMAC context reset
+ */
+void md2_hmac_reset( md2_context *ctx )
+{
+ md2_starts( ctx );
+ md2_update( ctx, ctx->ipad, 64 );
+}
+
+/*
* output = HMAC-MD2( hmac key, input buffer )
*/
void md2_hmac( const unsigned char *key, int keylen,
diff --git a/library/md4.c b/library/md4.c
index 251e63f..564a7f9 100644
--- a/library/md4.c
+++ b/library/md4.c
@@ -357,6 +357,15 @@
}
/*
+ * MD4 HMAC context reset
+ */
+void md4_hmac_reset( md4_context *ctx )
+{
+ md4_starts( ctx );
+ md4_update( ctx, ctx->ipad, 64 );
+}
+
+/*
* output = HMAC-MD4( hmac key, input buffer )
*/
void md4_hmac( const unsigned char *key, int keylen,
diff --git a/library/md5.c b/library/md5.c
index ca994b9..5ab3383 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -376,6 +376,15 @@
}
/*
+ * MD5 HMAC context reset
+ */
+void md5_hmac_reset( md5_context *ctx )
+{
+ md5_starts( ctx );
+ md5_update( ctx, ctx->ipad, 64 );
+}
+
+/*
* output = HMAC-MD5( hmac key, input buffer )
*/
void md5_hmac( const unsigned char *key, int keylen,
diff --git a/library/sha1.c b/library/sha1.c
index f811131..7f8ec63 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -411,6 +411,15 @@
}
/*
+ * SHA1 HMAC context reset
+ */
+void sha1_hmac_reset( sha1_context *ctx )
+{
+ sha1_starts( ctx );
+ sha1_update( ctx, ctx->ipad, 64 );
+}
+
+/*
* output = HMAC-SHA-1( hmac key, input buffer )
*/
void sha1_hmac( const unsigned char *key, int keylen,
diff --git a/library/sha2.c b/library/sha2.c
index 87f02ea..8f920ce 100644
--- a/library/sha2.c
+++ b/library/sha2.c
@@ -418,6 +418,15 @@
}
/*
+ * SHA-256 HMAC context reset
+ */
+void sha2_hmac_reset( sha2_context *ctx )
+{
+ sha2_starts( ctx, ctx->is224 );
+ sha2_update( ctx, ctx->ipad, 64 );
+}
+
+/*
* output = HMAC-SHA-256( hmac key, input buffer )
*/
void sha2_hmac( const unsigned char *key, int keylen,
diff --git a/library/sha4.c b/library/sha4.c
index c214543..699cca7 100644
--- a/library/sha4.c
+++ b/library/sha4.c
@@ -417,6 +417,15 @@
}
/*
+ * SHA-512 HMAC context reset
+ */
+void sha4_hmac_reset( sha4_context *ctx )
+{
+ sha4_starts( ctx, ctx->is384 );
+ sha4_update( ctx, ctx->ipad, 128 );
+}
+
+/*
* output = HMAC-SHA-512( hmac key, input buffer )
*/
void sha4_hmac( const unsigned char *key, int keylen,