Message 309097 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	christian.heimes, gregory.p.smith
Date	2017-12-27.19:00:28
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1514401228.33.0.213398074469.issue32433@psf.upfronthosting.co.za>
In-reply-to

Content
hmac.HMAC's flexibility comes with a cost. To create the MAC of a message, it has to create between three and four hash instances (inner, outer, key for long keys, result), multiple bound method objects and other temporary objects. For short messages, memory allocation, object handling and GIL release/acquire operations dominate the performance. I propose to provide a fast one-shot HMAC function: hmac.digest(key, msg, digstmod) -> bytes function. A PoC implementation based on OpenSSL's HMAC() function and a pure Python implementation as inlined HMAC showed promising performance improvements. The C implementation is 3 times faster. Standard HMAC: $ ./python -m timeit -n200000 -s "import hmac" -- "hmac.HMAC(b'key', b'message', 'sha256').digest()" 200000 loops, best of 5: 5.38 usec per loop Optimized Python code: $ ./python -m timeit -n 200000 -s "import hmac; hmac._hashopenssl = None" -- "hmac.digest(b'key', b'message', 'sha256')" 200000 loops, best of 5: 3.87 usec per loop OpenSSL HMAC() $ ./python -m timeit -n 200000 -s "import hmac" -- "hmac.digest(b'key', b'message', 'sha256')" 200000 loops, best of 5: 1.82 usec per loop

hmac.HMAC's flexibility comes with a cost. To create the MAC of a message, it has to create between three and four hash instances (inner, outer, key for long keys, result), multiple bound method objects and other temporary objects. For short messages, memory allocation, object handling and GIL release/acquire operations dominate the performance.

I propose to provide a fast one-shot HMAC function: hmac.digest(key, msg, digstmod) -> bytes function. A PoC implementation based on OpenSSL's HMAC() function and a pure Python implementation as inlined HMAC showed promising performance improvements. The C implementation is 3 times faster.

Standard HMAC:
$ ./python -m timeit -n200000 -s "import hmac" -- "hmac.HMAC(b'key', b'message', 'sha256').digest()"
200000 loops, best of 5: 5.38 usec per loop

Optimized Python code:
$ ./python -m timeit -n 200000 -s "import hmac; hmac._hashopenssl = None" -- "hmac.digest(b'key', b'message', 'sha256')"
200000 loops, best of 5: 3.87 usec per loop

OpenSSL HMAC()
$ ./python -m timeit -n 200000 -s "import hmac" -- "hmac.digest(b'key', b'message', 'sha256')"
200000 loops, best of 5: 1.82 usec per loop

History
Date	User	Action	Args
2017-12-27 19:00:28	christian.heimes	set	recipients: + christian.heimes, gregory.p.smith
2017-12-27 19:00:28	christian.heimes	set	messageid: <1514401228.33.0.213398074469.issue32433@psf.upfronthosting.co.za>
2017-12-27 19:00:28	christian.heimes	link	issue32433 messages
2017-12-27 19:00:28	christian.heimes	create