diff options
| author | Arvind Sankar <nivedita@alum.mit.edu> | 2020-10-25 10:31:17 -0400 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2020-10-30 17:35:03 +1100 |
| commit | b8399819b2dd6f29195ed7535217b66c01b1e57d (patch) | |
| tree | 5c7ef309f029a74a63ed469a3dc2d45e0116e2c9 /lib/crypto/chacha20poly1305-selftest.c | |
| parent | 7a4295f6c9d54e082474667e552a227606b4a085 (diff) | |
crypto: lib/sha256 - Clear W[] in sha256_update() instead of sha256_transform()
The temporary W[] array is currently zeroed out once every call to
sha256_transform(), i.e. once every 64 bytes of input data. Moving it to
sha256_update() instead so that it is cleared only once per update can
save about 2-3% of the total time taken to compute the digest, with a
reasonable memset() implementation, and considerably more (~20%) with a
bad one (eg the x86 purgatory currently uses a memset() coded in C).
Signed-off-by: Arvind Sankar <nivedita@alum.mit.edu>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'lib/crypto/chacha20poly1305-selftest.c')
0 files changed, 0 insertions, 0 deletions