mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 19:21:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ssl_msg.c: Optimize null/stream cipher decryption/encryption

Browse Source 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemyslaw Stekiel 2022-02-07 10:52:47 +01:00
parent 98ef6dca68
commit c8a06feae6
1 changed files with 4 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
library/ssl_msg.c
View File

@ -722,37 +722,12 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
if( mode == MBEDTLS_MODE_STREAM ) if( mode == MBEDTLS_MODE_STREAM )
#endif #endif
{ {
size_t olen;
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", "
"including %d bytes of padding", "including %d bytes of padding",
rec->data_len, 0 ) ); rec->data_len, 0 ) );
#if defined(MBEDTLS_USE_PSA_CRYPTO) /* The only supported stream cipher is "NULL",
/* The only stream "cipher" we support is "NULL" */ * so there's nothing to do here.*/
if ( transform->psa_alg != MBEDTLS_SSL_NULL_CIPHER )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
olen = rec->data_len;
#else
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
transform->iv_enc, transform->ivlen,
data, rec->data_len,
data, &olen ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
return( ret );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( rec->data_len != olen )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
} }
else else
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */
@ -1156,33 +1131,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
if( mode == MBEDTLS_MODE_STREAM ) if( mode == MBEDTLS_MODE_STREAM )
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
{ {
padlen = 0; /* The only supported stream cipher is "NULL",
* so there's nothing to do here.*/
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/* The only stream "cipher" we support is "NULL" */
if ( transform->psa_alg != MBEDTLS_SSL_NULL_CIPHER )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
olen = rec->data_len;
#else
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
transform->iv_dec,
transform->ivlen,
data, rec->data_len,
data, &olen ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
return( ret );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( rec->data_len != olen )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
} }
else else
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */