gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

add an optimized implementation of HKDF-Expand-Label

Browse Source 
The standard library uses cryptobyte.Builder in hkdfExpandLabel. This
costs quite a bit of performance. Using an optimized implementation
speeds up the initialization of the AEAD used for the Initial encryption
level by ~15%.
This commit is contained in:
Marten Seemann
2020-04-06 11:33:11 +07:00
parent 0e608bfb08
commit 816019b94e
4 changed files with 66 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/handshake/header_protector.go
View File

@@ -38,7 +38,7 @@ type aesHeaderProtector struct {
var _ headerProtector = &aesHeaderProtector{}
func newAESHeaderProtector(suite *qtls.CipherSuiteTLS13, trafficSecret []byte, isLongHeader bool) headerProtector {
hpKey := qtls.HkdfExpandLabel(suite.Hash, trafficSecret, []byte{}, "quic hp", suite.KeyLen)
hpKey := hkdfExpandLabel(suite.Hash, trafficSecret, []byte{}, "quic hp", suite.KeyLen)
block, err := aes.NewCipher(hpKey)
if err != nil {
panic(fmt.Sprintf("error creating new AES cipher: %s", err))
@@ -83,7 +83,7 @@ type chachaHeaderProtector struct {
var _ headerProtector = &chachaHeaderProtector{}
func newChaChaHeaderProtector(suite *qtls.CipherSuiteTLS13, trafficSecret []byte, isLongHeader bool) headerProtector {
hpKey := qtls.HkdfExpandLabel(suite.Hash, trafficSecret, []byte{}, "quic hp", suite.KeyLen)
hpKey := hkdfExpandLabel(suite.Hash, trafficSecret, []byte{}, "quic hp", suite.KeyLen)
p := &chachaHeaderProtector{
isLongHeader: isLongHeader,