aboutsummaryrefslogtreecommitdiff
path: root/src/gnsrecord
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2018-04-25 16:41:22 +0200
committerChristian Grothoff <christian@grothoff.org>2018-04-25 16:41:22 +0200
commit303334e67262bb6121dfbd245c66535f259d08af (patch)
tree1a92109915ffe63b7e2815edc6a6355f4065a48c /src/gnsrecord
parent3c62493eb1aaa74812bbb79431686d99652417f4 (diff)
downloadgnunet-303334e67262bb6121dfbd245c66535f259d08af.tar.gz
gnunet-303334e67262bb6121dfbd245c66535f259d08af.zip
enable caching private->public key mapping in memory to improve CPU consumption for large zone insertions
Diffstat (limited to 'src/gnsrecord')
-rw-r--r--src/gnsrecord/gnsrecord_crypto.c108
1 files changed, 99 insertions, 9 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c
index dd628ea76..27c83b90e 100644
--- a/src/gnsrecord/gnsrecord_crypto.c
+++ b/src/gnsrecord/gnsrecord_crypto.c
@@ -72,6 +72,7 @@ derive_block_aes_key (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
72 * Sign name and records 72 * Sign name and records
73 * 73 *
74 * @param key the private key 74 * @param key the private key
75 * @param pkey associated public key
75 * @param expire block expiration 76 * @param expire block expiration
76 * @param label the name for the records 77 * @param label the name for the records
77 * @param rd record data 78 * @param rd record data
@@ -79,17 +80,17 @@ derive_block_aes_key (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
79 * @return NULL on error (block too large) 80 * @return NULL on error (block too large)
80 */ 81 */
81struct GNUNET_GNSRECORD_Block * 82struct GNUNET_GNSRECORD_Block *
82GNUNET_GNSRECORD_block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, 83block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
83 struct GNUNET_TIME_Absolute expire, 84 const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey,
84 const char *label, 85 struct GNUNET_TIME_Absolute expire,
85 const struct GNUNET_GNSRECORD_Data *rd, 86 const char *label,
86 unsigned int rd_count) 87 const struct GNUNET_GNSRECORD_Data *rd,
88 unsigned int rd_count)
87{ 89{
88 size_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, 90 size_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count,
89 rd); 91 rd);
90 char payload[sizeof (uint32_t) + payload_len]; 92 char payload[sizeof (uint32_t) + payload_len];
91 struct GNUNET_GNSRECORD_Block *block; 93 struct GNUNET_GNSRECORD_Block *block;
92 struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
93 struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; 94 struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey;
94 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 95 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
95 struct GNUNET_CRYPTO_SymmetricSessionKey skey; 96 struct GNUNET_CRYPTO_SymmetricSessionKey skey;
@@ -139,12 +140,10 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
139 "gns"); 140 "gns");
140 GNUNET_CRYPTO_ecdsa_key_get_public (dkey, 141 GNUNET_CRYPTO_ecdsa_key_get_public (dkey,
141 &block->derived_key); 142 &block->derived_key);
142 GNUNET_CRYPTO_ecdsa_key_get_public (key,
143 &pkey);
144 derive_block_aes_key (&iv, 143 derive_block_aes_key (&iv,
145 &skey, 144 &skey,
146 label, 145 label,
147 &pkey); 146 pkey);
148 GNUNET_break (payload_len + sizeof (uint32_t) == 147 GNUNET_break (payload_len + sizeof (uint32_t) ==
149 GNUNET_CRYPTO_symmetric_encrypt (payload, 148 GNUNET_CRYPTO_symmetric_encrypt (payload,
150 payload_len + sizeof (uint32_t), 149 payload_len + sizeof (uint32_t),
@@ -167,6 +166,97 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
167 166
168 167
169/** 168/**
169 * Sign name and records
170 *
171 * @param key the private key
172 * @param expire block expiration
173 * @param label the name for the records
174 * @param rd record data
175 * @param rd_count number of records
176 * @return NULL on error (block too large)
177 */
178struct GNUNET_GNSRECORD_Block *
179GNUNET_GNSRECORD_block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
180 struct GNUNET_TIME_Absolute expire,
181 const char *label,
182 const struct GNUNET_GNSRECORD_Data *rd,
183 unsigned int rd_count)
184{
185 struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
186
187 GNUNET_CRYPTO_ecdsa_key_get_public (key,
188 &pkey);
189 return block_create (key,
190 &pkey,
191 expire,
192 label,
193 rd,
194 rd_count);
195}
196
197
198/**
199 * Line in cache mapping private keys to public keys.
200 */
201struct KeyCacheLine
202{
203 /**
204 * A private key.
205 */
206 struct GNUNET_CRYPTO_EcdsaPrivateKey key;
207
208 /**
209 * Associated public key.
210 */
211 struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
212
213};
214
215
216/**
217 * Sign name and records, cache derived public key (also keeps the
218 * private key in static memory, so do not use this function if
219 * keeping the private key in the process'es RAM is a major issue).
220 *
221 * @param key the private key
222 * @param expire block expiration
223 * @param label the name for the records
224 * @param rd record data
225 * @param rd_count number of records
226 * @return NULL on error (block too large)
227 */
228struct GNUNET_GNSRECORD_Block *
229GNUNET_GNSRECORD_block_create2 (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
230 struct GNUNET_TIME_Absolute expire,
231 const char *label,
232 const struct GNUNET_GNSRECORD_Data *rd,
233 unsigned int rd_count)
234{
235#define CSIZE 64
236 static struct KeyCacheLine cache[CSIZE];
237 struct KeyCacheLine *line;
238
239 line = &cache[(*(unsigned int *) key) ^ CSIZE];
240 if (0 != memcmp (&line->key,
241 key,
242 sizeof (*key)))
243 {
244 /* cache miss, recompute */
245 line->key = *key;
246 GNUNET_CRYPTO_ecdsa_key_get_public (key,
247 &line->pkey);
248 }
249 return block_create (key,
250 &line->pkey,
251 expire,
252 label,
253 rd,
254 rd_count);
255}
256
257
258
259/**
170 * Check if a signature is valid. This API is used by the GNS Block 260 * Check if a signature is valid. This API is used by the GNS Block
171 * to validate signatures received from the network. 261 * to validate signatures received from the network.
172 * 262 *