SERVER-104133 Avoid calling HMAC_CTX_reset() on every HMAC computation (#38091)

GitOrigin-RevId: b60fc6875b5fb4b63cc0dbbd8dda0d6d6277921a

Author: erwee

src/mongo/crypto/fle_crypto.cpp

@@ -450,17 +450,18 @@ class ESCCollectionCommon {
     /**
      * Generate the _id value for an anchor record
      */
-    static PrfBlock generateAnchorId(const TagToken& tagToken, uint64_t apos);
+    static PrfBlock generateAnchorId(HmacContext* context, const TagToken& tagToken, uint64_t apos);
 
     /**
      * Generate the _id value for a null anchor record
      */
-    static PrfBlock generateNullAnchorId(const TagToken& tagToken);
+    static PrfBlock generateNullAnchorId(HmacContext* context, const TagToken& tagToken);
 
     /**
      * Calculate AnchorBinaryHops as described in OST.
      */
-    static boost::optional<uint64_t> anchorBinaryHops(const FLEStateCollectionReader& reader,
+    static boost::optional<uint64_t> anchorBinaryHops(HmacContext* context,
+                                                      const FLEStateCollectionReader& reader,
                                                       const TagToken& tagToken,
                                                       const ValueToken& valueToken,
                                                       FLEStatusSection::EmuBinaryTracker& tracker);
@@ -489,6 +490,7 @@ class ESCCollectionCommon {
      * padding cleanup.
      */
     static FLEEdgeCountInfo getEdgeCountInfoForPaddingCleanupCommon(
+        HmacContext* hmacCtx,
         const FLEStateCollectionReader& reader,
         const TagToken& tagToken,
         const ValueToken& valueToken,
@@ -505,21 +507,24 @@ class ESCCollection
     /**
      * Generate the _id value
      */
-    static PrfBlock generateId(const ESCTwiceDerivedTagToken& tagToken,
+    static PrfBlock generateId(HmacContext* context,
+                               const ESCTwiceDerivedTagToken& tagToken,
                                boost::optional<uint64_t> index);
 
     /**
      * Generate a null document which will be the "first" document for a given field.
      */
-    static BSONObj generateNullDocument(const ESCTwiceDerivedTagToken& tagToken,
+    static BSONObj generateNullDocument(HmacContext* context,
+                                        const ESCTwiceDerivedTagToken& tagToken,
                                         const ESCTwiceDerivedValueToken& valueToken,
                                         uint64_t pos,
                                         uint64_t count);
 
     /**
      * Generate a insert ESC document.
      */
-    static BSONObj generateInsertDocument(const ESCTwiceDerivedTagToken& tagToken,
+    static BSONObj generateInsertDocument(HmacContext* context,
+                                          const ESCTwiceDerivedTagToken& tagToken,
                                           const ESCTwiceDerivedValueToken& valueToken,
                                           uint64_t index,
                                           uint64_t count);
@@ -528,6 +533,7 @@ class ESCCollection
      * Generate a compaction placeholder ESC document.
      */
     static BSONObj generateCompactionPlaceholderDocument(
+        HmacContext* context,
         const ESCTwiceDerivedTagToken& tagToken,
         const ESCTwiceDerivedValueToken& valueToken,
         uint64_t index,
@@ -556,26 +562,31 @@ class ESCCollection
     /**
      * Generate the _id value for a non-anchor record
      */
-    static PrfBlock generateNonAnchorId(const ESCTwiceDerivedTagToken& tagToken, uint64_t cpos);
+    static PrfBlock generateNonAnchorId(HmacContext* context,
+                                        const ESCTwiceDerivedTagToken& tagToken,
+                                        uint64_t cpos);
 
     /**
      * Generate a non-anchor ESC document for inserts.
      */
-    static BSONObj generateNonAnchorDocument(const ESCTwiceDerivedTagToken& tagToken,
+    static BSONObj generateNonAnchorDocument(HmacContext* context,
+                                             const ESCTwiceDerivedTagToken& tagToken,
                                              uint64_t cpos);
 
     /**
      * Generate an anchor ESC document for compacts.
      */
-    static BSONObj generateAnchorDocument(const ESCTwiceDerivedTagToken& tagToken,
+    static BSONObj generateAnchorDocument(HmacContext* context,
+                                          const ESCTwiceDerivedTagToken& tagToken,
                                           const ESCTwiceDerivedValueToken& valueToken,
                                           uint64_t apos,
                                           uint64_t cpos);
 
     /**
      * Generate a null anchor ESC document for cleanups.
      */
-    static BSONObj generateNullAnchorDocument(const ESCTwiceDerivedTagToken& tagToken,
+    static BSONObj generateNullAnchorDocument(HmacContext* context,
+                                              const ESCTwiceDerivedTagToken& tagToken,
                                               const ESCTwiceDerivedValueToken& valueToken,
                                               uint64_t apos,
                                               uint64_t cpos);
@@ -596,10 +607,12 @@ class ESCCollection
      *    (x > 0) means non-null anchors exist without a null anchor OR new non-null anchors
      *            have been added since the last-recorded apos in the null anchor.
      */
-    static EmuBinaryResult emuBinaryV2(const FLEStateCollectionReader& reader,
+    static EmuBinaryResult emuBinaryV2(HmacContext* context,
+                                       const FLEStateCollectionReader& reader,
                                        const ESCTwiceDerivedTagToken& tagToken,
                                        const ESCTwiceDerivedValueToken& valueToken);
-    static boost::optional<uint64_t> binaryHops(const FLEStateCollectionReader& reader,
+    static boost::optional<uint64_t> binaryHops(HmacContext* context,
+                                                const FLEStateCollectionReader& reader,
                                                 const ESCTwiceDerivedTagToken& tagToken,
                                                 const ESCTwiceDerivedValueToken& valueToken,
                                                 boost::optional<uint64_t> x,
@@ -624,15 +637,20 @@ class ESCCollection
 class ESCCollectionAnchorPadding
     : public ESCCollectionCommon<AnchorPaddingKeyToken, AnchorPaddingValueToken> {
 public:
-    static PrfBlock generateNullAnchorId(const AnchorPaddingKeyToken& tagToken);
-    static PrfBlock generateAnchorId(const AnchorPaddingKeyToken& tagToken, uint64_t apos);
-
-    static BSONObj generateNullAnchorDocument(const AnchorPaddingKeyToken& keyToken,
+    static PrfBlock generateNullAnchorId(HmacContext* context,
+                                         const AnchorPaddingKeyToken& tagToken);
+    static PrfBlock generateAnchorId(HmacContext* context,
+                                     const AnchorPaddingKeyToken& tagToken,
+                                     uint64_t apos);
+
+    static BSONObj generateNullAnchorDocument(HmacContext* context,
+                                              const AnchorPaddingKeyToken& keyToken,
                                               const AnchorPaddingValueToken& valueToken,
                                               uint64_t apos,
                                               uint64_t /* cpos ignored */);
 
-    static BSONObj generatePaddingDocument(const AnchorPaddingKeyToken& keyToken,
+    static BSONObj generatePaddingDocument(HmacContext* context,
+                                           const AnchorPaddingKeyToken& keyToken,
                                            const AnchorPaddingValueToken& valueToken,
                                            uint64_t apos);
 };
@@ -745,12 +763,15 @@ class ECCCollection {
     /**
      * Generate the _id value
      */
-    static PrfBlock generateId(ECCTwiceDerivedTagToken tagToken, boost::optional<uint64_t> index);
+    static PrfBlock generateId(HmacContext* context,
+                               ECCTwiceDerivedTagToken tagToken,
+                               boost::optional<uint64_t> index);
 
     /**
      * Generate a null document which will be the "first" document for a given field.
      */
-    static BSONObj generateNullDocument(ECCTwiceDerivedTagToken tagToken,
+    static BSONObj generateNullDocument(HmacContext* context,
+                                        ECCTwiceDerivedTagToken tagToken,
                                         ECCTwiceDerivedValueToken valueToken,
                                         uint64_t count);
 
@@ -759,15 +780,17 @@ class ECCCollection {
      *
      * Note: it is stored as (count, count)
      */
-    static BSONObj generateDocument(ECCTwiceDerivedTagToken tagToken,
+    static BSONObj generateDocument(HmacContext* context,
+                                    ECCTwiceDerivedTagToken tagToken,
                                     ECCTwiceDerivedValueToken valueToken,
                                     uint64_t index,
                                     uint64_t count);
 
     /**
      * Generate a regular ECC document for (start, end)
      */
-    static BSONObj generateDocument(ECCTwiceDerivedTagToken tagToken,
+    static BSONObj generateDocument(HmacContext* context,
+                                    ECCTwiceDerivedTagToken tagToken,
                                     ECCTwiceDerivedValueToken valueToken,
                                     uint64_t index,
                                     uint64_t start,
@@ -776,7 +799,8 @@ class ECCCollection {
     /**
      * Generate a compaction ECC document.
      */
-    static BSONObj generateCompactionDocument(ECCTwiceDerivedTagToken tagToken,
+    static BSONObj generateCompactionDocument(HmacContext* context,
+                                              ECCTwiceDerivedTagToken tagToken,
                                               ECCTwiceDerivedValueToken valueToken,
                                               uint64_t index);
 
@@ -1604,6 +1628,8 @@ class FLEUtil {
     /**
      * Compute HMAC-SHA-256
      */
+    static PrfBlock prf(HmacContext* hmacCtx, ConstDataRange key, uint64_t value, int64_t value2);
+
     static PrfBlock prf(HmacContext* hmacCtx, ConstDataRange key, ConstDataRange cdr);
 
     static PrfBlock prf(HmacContext* hmacCtx, ConstDataRange key, uint64_t value);