mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 19:45:44 +01:00
Merge enc/dec cipher contexts in ssl transforms
Store the raw encryption and decryption keys in transforms to set them before each cipher operation. Add a config option for this - MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
parent
6f3a987ae3
commit
1175044156
@ -86,6 +86,7 @@
|
|||||||
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
|
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
|
||||||
#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
|
#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
|
||||||
#define MBEDTLS_SSL_DTLS_CONNECTION_ID
|
#define MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||||
|
#define MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
|
||||||
|
|
||||||
/* Compile-time fixed parts of the SSL configuration */
|
/* Compile-time fixed parts of the SSL configuration */
|
||||||
#define MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED
|
#define MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED
|
||||||
|
@ -672,6 +672,11 @@
|
|||||||
#error "MBEDTLS_SSL_TLS_C defined, but neither TLS or DTLS is active"
|
#error "MBEDTLS_SSL_TLS_C defined, but neither TLS or DTLS is active"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_TLS_C) && defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS) && \
|
||||||
|
defined(MBEDTLS_ARC4_C)
|
||||||
|
#error "MBEDTLS_ARC4_C cannot be defined with MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS on"
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \
|
#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \
|
||||||
defined(MBEDTLS_SSL_PROTO_TLS1_1) && !defined(MBEDTLS_SSL_PROTO_TLS1))
|
defined(MBEDTLS_SSL_PROTO_TLS1_1) && !defined(MBEDTLS_SSL_PROTO_TLS1))
|
||||||
#error "Illegal protocol selection"
|
#error "Illegal protocol selection"
|
||||||
|
@ -3284,6 +3284,20 @@
|
|||||||
*/
|
*/
|
||||||
#define MBEDTLS_SSL_TLS_C
|
#define MBEDTLS_SSL_TLS_C
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \def MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
|
||||||
|
* Use one cipher context for both decryption and encryption in ssl transforms.
|
||||||
|
*
|
||||||
|
* This change saves some RAM, but makes the operations last longer:
|
||||||
|
* before every encryption and decryption a key is set on the context.
|
||||||
|
*
|
||||||
|
* This change will not work with MBEDTLS_ARC4_C, since it requires an
|
||||||
|
* additional table and offsets to be saved between cipher calls, and this
|
||||||
|
* contradicts key resetting before each use.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
//#define MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \def MBEDTLS_THREADING_C
|
* \def MBEDTLS_THREADING_C
|
||||||
*
|
*
|
||||||
|
@ -756,9 +756,15 @@ struct mbedtls_ssl_transform
|
|||||||
z_stream ctx_inflate; /*!< decompression context */
|
z_stream ctx_inflate; /*!< decompression context */
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
unsigned char *key_enc;
|
||||||
|
unsigned char *key_dec;
|
||||||
|
unsigned int key_bitlen;
|
||||||
|
mbedtls_cipher_context_t cipher_ctx; /*!< encryption/decryption context */
|
||||||
|
#else
|
||||||
mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */
|
mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */
|
||||||
mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */
|
mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */
|
||||||
|
#endif
|
||||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||||
/* We need the Hello random bytes in order to re-derive keys from the
|
/* We need the Hello random bytes in order to re-derive keys from the
|
||||||
* Master Secret and other session info, see ssl_populate_transform() */
|
* Master Secret and other session info, see ssl_populate_transform() */
|
||||||
|
@ -1563,7 +1563,21 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform,
|
|||||||
iv_copy_len );
|
iv_copy_len );
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx,
|
||||||
|
cipher_info ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
transform->key_enc = mbedtls_calloc( 1, cipher_info->key_bitlen >> 3 );
|
||||||
|
transform->key_dec = mbedtls_calloc( 1, cipher_info->key_bitlen >> 3 );
|
||||||
|
|
||||||
|
memcpy( transform->key_enc, key1, cipher_info->key_bitlen >> 3 );
|
||||||
|
memcpy( transform->key_dec, key2, cipher_info->key_bitlen >> 3 );
|
||||||
|
|
||||||
|
transform->key_bitlen = cipher_info->key_bitlen;
|
||||||
|
#else
|
||||||
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
|
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
|
||||||
cipher_info ) ) != 0 )
|
cipher_info ) ) != 0 )
|
||||||
{
|
{
|
||||||
@ -1593,10 +1607,18 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform,
|
|||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||||
if( cipher_info->mode == MBEDTLS_MODE_CBC )
|
if( cipher_info->mode == MBEDTLS_MODE_CBC )
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx,
|
||||||
|
MBEDTLS_PADDING_NONE ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
#else
|
||||||
if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc,
|
if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc,
|
||||||
MBEDTLS_PADDING_NONE ) ) != 0 )
|
MBEDTLS_PADDING_NONE ) ) != 0 )
|
||||||
{
|
{
|
||||||
@ -1610,6 +1632,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform,
|
|||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||||
|
|
||||||
@ -2554,9 +2577,11 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||||||
post_avail = rec->buf_len - ( rec->data_len + rec->data_offset );
|
post_avail = rec->buf_len - ( rec->data_len + rec->data_offset );
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload",
|
MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload",
|
||||||
data, rec->data_len );
|
data, rec->data_len );
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx );
|
||||||
|
#else
|
||||||
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc );
|
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc );
|
||||||
|
#endif
|
||||||
if( rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
|
if( rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %u too large, maximum %d",
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %u too large, maximum %d",
|
||||||
@ -2671,7 +2696,25 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
|
||||||
"including %d bytes of padding",
|
"including %d bytes of padding",
|
||||||
rec->data_len, 0 ) );
|
rec->data_len, 0 ) );
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
|
||||||
|
transform->key_enc,
|
||||||
|
transform->key_bitlen,
|
||||||
|
MBEDTLS_ENCRYPT ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx,
|
||||||
|
transform->iv_enc, transform->ivlen,
|
||||||
|
data, rec->data_len,
|
||||||
|
data, &olen ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
#else
|
||||||
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
|
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
|
||||||
transform->iv_enc, transform->ivlen,
|
transform->iv_enc, transform->ivlen,
|
||||||
data, rec->data_len,
|
data, rec->data_len,
|
||||||
@ -2680,7 +2723,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
if( rec->data_len != olen )
|
if( rec->data_len != olen )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||||
@ -2754,7 +2797,27 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||||||
/*
|
/*
|
||||||
* Encrypt and authenticate
|
* Encrypt and authenticate
|
||||||
*/
|
*/
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
|
||||||
|
transform->key_enc,
|
||||||
|
transform->key_bitlen,
|
||||||
|
MBEDTLS_ENCRYPT ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
if( ( ret = mbedtls_cipher_auth_encrypt( &transform->cipher_ctx,
|
||||||
|
iv, transform->ivlen,
|
||||||
|
add_data, add_data_len, /* add data */
|
||||||
|
data, rec->data_len, /* source */
|
||||||
|
data, &rec->data_len, /* destination */
|
||||||
|
data + rec->data_len, transform->taglen ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
#else
|
||||||
if( ( ret = mbedtls_cipher_auth_encrypt( &transform->cipher_ctx_enc,
|
if( ( ret = mbedtls_cipher_auth_encrypt( &transform->cipher_ctx_enc,
|
||||||
iv, transform->ivlen,
|
iv, transform->ivlen,
|
||||||
add_data, add_data_len, /* add data */
|
add_data, add_data_len, /* add data */
|
||||||
@ -2765,7 +2828,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag",
|
MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag",
|
||||||
data + rec->data_len, transform->taglen );
|
data + rec->data_len, transform->taglen );
|
||||||
|
|
||||||
@ -2841,7 +2904,26 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||||||
"including %d bytes of IV and %d bytes of padding",
|
"including %d bytes of IV and %d bytes of padding",
|
||||||
rec->data_len, transform->ivlen,
|
rec->data_len, transform->ivlen,
|
||||||
padlen + 1 ) );
|
padlen + 1 ) );
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
|
||||||
|
transform->key_enc,
|
||||||
|
transform->key_bitlen,
|
||||||
|
MBEDTLS_ENCRYPT ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx,
|
||||||
|
transform->iv_enc,
|
||||||
|
transform->ivlen,
|
||||||
|
data, rec->data_len,
|
||||||
|
data, &olen ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
#else
|
||||||
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
|
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
|
||||||
transform->iv_enc,
|
transform->iv_enc,
|
||||||
transform->ivlen,
|
transform->ivlen,
|
||||||
@ -2851,7 +2933,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
if( rec->data_len != olen )
|
if( rec->data_len != olen )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||||
@ -2866,8 +2948,13 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||||||
/*
|
/*
|
||||||
* Save IV in SSL3 and TLS1
|
* Save IV in SSL3 and TLS1
|
||||||
*/
|
*/
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
mbedtls_platform_memcpy( transform->iv_enc, transform->cipher_ctx.iv,
|
||||||
|
transform->ivlen );
|
||||||
|
#else
|
||||||
mbedtls_platform_memcpy( transform->iv_enc, transform->cipher_ctx_enc.iv,
|
mbedtls_platform_memcpy( transform->iv_enc, transform->cipher_ctx_enc.iv,
|
||||||
transform->ivlen );
|
transform->ivlen );
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
@ -2968,8 +3055,11 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||||||
}
|
}
|
||||||
|
|
||||||
data = rec->buf + rec->data_offset;
|
data = rec->buf + rec->data_offset;
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx );
|
||||||
|
#else
|
||||||
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_dec );
|
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_dec );
|
||||||
|
#endif
|
||||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||||
/*
|
/*
|
||||||
* Match record's CID with incoming CID.
|
* Match record's CID with incoming CID.
|
||||||
@ -2985,6 +3075,25 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||||||
if( mode == MBEDTLS_MODE_STREAM )
|
if( mode == MBEDTLS_MODE_STREAM )
|
||||||
{
|
{
|
||||||
padlen = 0;
|
padlen = 0;
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
|
||||||
|
transform->key_dec,
|
||||||
|
transform->key_bitlen,
|
||||||
|
MBEDTLS_DECRYPT ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx,
|
||||||
|
transform->iv_dec,
|
||||||
|
transform->ivlen,
|
||||||
|
data, rec->data_len,
|
||||||
|
data, &olen ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
#else
|
||||||
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
|
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
|
||||||
transform->iv_dec,
|
transform->iv_dec,
|
||||||
transform->ivlen,
|
transform->ivlen,
|
||||||
@ -2994,7 +3103,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
if( rec->data_len != olen )
|
if( rec->data_len != olen )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||||
@ -3082,6 +3191,31 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||||||
/*
|
/*
|
||||||
* Decrypt and authenticate
|
* Decrypt and authenticate
|
||||||
*/
|
*/
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
|
||||||
|
transform->key_dec,
|
||||||
|
transform->key_bitlen,
|
||||||
|
MBEDTLS_DECRYPT ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
if( ( ret = mbedtls_cipher_auth_decrypt( &transform->cipher_ctx,
|
||||||
|
iv, transform->ivlen,
|
||||||
|
add_data, add_data_len,
|
||||||
|
data, rec->data_len,
|
||||||
|
data, &olen,
|
||||||
|
data + rec->data_len,
|
||||||
|
transform->taglen ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret );
|
||||||
|
|
||||||
|
if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
|
||||||
|
return( MBEDTLS_ERR_SSL_INVALID_MAC );
|
||||||
|
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
#else
|
||||||
if( ( ret = mbedtls_cipher_auth_decrypt( &transform->cipher_ctx_dec,
|
if( ( ret = mbedtls_cipher_auth_decrypt( &transform->cipher_ctx_dec,
|
||||||
iv, transform->ivlen,
|
iv, transform->ivlen,
|
||||||
add_data, add_data_len,
|
add_data, add_data_len,
|
||||||
@ -3097,6 +3231,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||||||
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
auth_done++;
|
auth_done++;
|
||||||
|
|
||||||
/* Double-check that AEAD decryption doesn't change content length. */
|
/* Double-check that AEAD decryption doesn't change content length. */
|
||||||
@ -3239,7 +3375,23 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||||
|
|
||||||
/* We still have data_len % ivlen == 0 and data_len >= ivlen here. */
|
/* We still have data_len % ivlen == 0 and data_len >= ivlen here. */
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
|
||||||
|
transform->key_dec,
|
||||||
|
transform->key_bitlen,
|
||||||
|
MBEDTLS_DECRYPT ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx,
|
||||||
|
transform->iv_dec, transform->ivlen,
|
||||||
|
data, rec->data_len, data, &olen ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
#else
|
||||||
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
|
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
|
||||||
transform->iv_dec, transform->ivlen,
|
transform->iv_dec, transform->ivlen,
|
||||||
data, rec->data_len, data, &olen ) ) != 0 )
|
data, rec->data_len, data, &olen ) ) != 0 )
|
||||||
@ -3247,7 +3399,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
/* Double-check that length hasn't changed during decryption. */
|
/* Double-check that length hasn't changed during decryption. */
|
||||||
if( rec->data_len != olen )
|
if( rec->data_len != olen )
|
||||||
{
|
{
|
||||||
@ -3266,8 +3418,13 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||||||
* of the records; in other words, IVs are maintained across
|
* of the records; in other words, IVs are maintained across
|
||||||
* record decryptions.
|
* record decryptions.
|
||||||
*/
|
*/
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
mbedtls_platform_memcpy( transform->iv_dec, transform->cipher_ctx.iv,
|
||||||
|
transform->ivlen );
|
||||||
|
#else
|
||||||
mbedtls_platform_memcpy( transform->iv_dec, transform->cipher_ctx_dec.iv,
|
mbedtls_platform_memcpy( transform->iv_dec, transform->cipher_ctx_dec.iv,
|
||||||
transform->ivlen );
|
transform->ivlen );
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -8495,9 +8652,12 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
|
|||||||
void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform )
|
void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform )
|
||||||
{
|
{
|
||||||
memset( transform, 0, sizeof(mbedtls_ssl_transform) );
|
memset( transform, 0, sizeof(mbedtls_ssl_transform) );
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
mbedtls_cipher_init( &transform->cipher_ctx );
|
||||||
|
#else
|
||||||
mbedtls_cipher_init( &transform->cipher_ctx_enc );
|
mbedtls_cipher_init( &transform->cipher_ctx_enc );
|
||||||
mbedtls_cipher_init( &transform->cipher_ctx_dec );
|
mbedtls_cipher_init( &transform->cipher_ctx_dec );
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
||||||
mbedtls_md_init( &transform->md_ctx_enc );
|
mbedtls_md_init( &transform->md_ctx_enc );
|
||||||
@ -9866,8 +10026,11 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
|
|||||||
if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL )
|
if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL )
|
||||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||||
#endif
|
#endif
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx ) )
|
||||||
|
#else
|
||||||
switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
|
switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
|
||||||
|
#endif
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_GCM_C) || \
|
#if defined(MBEDTLS_GCM_C) || \
|
||||||
defined(MBEDTLS_CCM_C) || \
|
defined(MBEDTLS_CCM_C) || \
|
||||||
@ -9898,10 +10061,13 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
|
|||||||
case MBEDTLS_MODE_CBC:
|
case MBEDTLS_MODE_CBC:
|
||||||
{
|
{
|
||||||
size_t block_size;
|
size_t block_size;
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
block_size = mbedtls_cipher_get_block_size(
|
||||||
|
&transform->cipher_ctx );
|
||||||
|
#else
|
||||||
block_size = mbedtls_cipher_get_block_size(
|
block_size = mbedtls_cipher_get_block_size(
|
||||||
&transform->cipher_ctx_enc );
|
&transform->cipher_ctx_enc );
|
||||||
|
#endif
|
||||||
/* Expansion due to the addition of the MAC. */
|
/* Expansion due to the addition of the MAC. */
|
||||||
transform_expansion += transform->maclen;
|
transform_expansion += transform->maclen;
|
||||||
|
|
||||||
@ -11371,8 +11537,13 @@ static int ssl_write_split( mbedtls_ssl_context *ssl,
|
|||||||
mbedtls_ssl_ver_gt(
|
mbedtls_ssl_ver_gt(
|
||||||
mbedtls_ssl_get_minor_ver( ssl ),
|
mbedtls_ssl_get_minor_ver( ssl ),
|
||||||
MBEDTLS_SSL_MINOR_VERSION_1 ) ||
|
MBEDTLS_SSL_MINOR_VERSION_1 ) ||
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx )
|
||||||
|
!= MBEDTLS_MODE_CBC )
|
||||||
|
#else
|
||||||
mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc )
|
mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc )
|
||||||
!= MBEDTLS_MODE_CBC )
|
!= MBEDTLS_MODE_CBC )
|
||||||
|
#endif
|
||||||
{
|
{
|
||||||
return( ssl_write_real( ssl, buf, len ) );
|
return( ssl_write_real( ssl, buf, len ) );
|
||||||
}
|
}
|
||||||
@ -11486,10 +11657,16 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform )
|
|||||||
deflateEnd( &transform->ctx_deflate );
|
deflateEnd( &transform->ctx_deflate );
|
||||||
inflateEnd( &transform->ctx_inflate );
|
inflateEnd( &transform->ctx_inflate );
|
||||||
#endif
|
#endif
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
mbedtls_cipher_free( &transform->cipher_ctx );
|
||||||
|
if( transform->key_dec != NULL )
|
||||||
|
mbedtls_free( transform->key_dec );
|
||||||
|
if( transform->key_enc != NULL )
|
||||||
|
mbedtls_free( transform->key_enc );
|
||||||
|
#else
|
||||||
mbedtls_cipher_free( &transform->cipher_ctx_enc );
|
mbedtls_cipher_free( &transform->cipher_ctx_enc );
|
||||||
mbedtls_cipher_free( &transform->cipher_ctx_dec );
|
mbedtls_cipher_free( &transform->cipher_ctx_dec );
|
||||||
|
#endif
|
||||||
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
||||||
mbedtls_md_free( &transform->md_ctx_enc );
|
mbedtls_md_free( &transform->md_ctx_enc );
|
||||||
mbedtls_md_free( &transform->md_ctx_dec );
|
mbedtls_md_free( &transform->md_ctx_dec );
|
||||||
|
@ -792,6 +792,9 @@ static const char *features[] = {
|
|||||||
#if defined(MBEDTLS_SSL_TLS_C)
|
#if defined(MBEDTLS_SSL_TLS_C)
|
||||||
"MBEDTLS_SSL_TLS_C",
|
"MBEDTLS_SSL_TLS_C",
|
||||||
#endif /* MBEDTLS_SSL_TLS_C */
|
#endif /* MBEDTLS_SSL_TLS_C */
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
"MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS",
|
||||||
|
#endif /* MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS */
|
||||||
#if defined(MBEDTLS_THREADING_C)
|
#if defined(MBEDTLS_THREADING_C)
|
||||||
"MBEDTLS_THREADING_C",
|
"MBEDTLS_THREADING_C",
|
||||||
#endif /* MBEDTLS_THREADING_C */
|
#endif /* MBEDTLS_THREADING_C */
|
||||||
|
@ -2154,6 +2154,14 @@ int query_config( const char *config )
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_TLS_C */
|
#endif /* MBEDTLS_SSL_TLS_C */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
if( strcmp( "MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS", config ) == 0 )
|
||||||
|
{
|
||||||
|
MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS );
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
#endif /* MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS */
|
||||||
|
|
||||||
#if defined(MBEDTLS_THREADING_C)
|
#if defined(MBEDTLS_THREADING_C)
|
||||||
if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 )
|
if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 )
|
||||||
{
|
{
|
||||||
|
@ -57,6 +57,7 @@
|
|||||||
# MBEDTLS_AES_ONLY_ENCRYPT
|
# MBEDTLS_AES_ONLY_ENCRYPT
|
||||||
# MBEDTLS_AES_SCA_COUNTERMEASURES
|
# MBEDTLS_AES_SCA_COUNTERMEASURES
|
||||||
# MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
|
# MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
|
||||||
|
# MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
|
||||||
# and any symbol beginning _ALT
|
# and any symbol beginning _ALT
|
||||||
#
|
#
|
||||||
# The baremetal configuration excludes options that require a library or
|
# The baremetal configuration excludes options that require a library or
|
||||||
@ -140,6 +141,7 @@ MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
|
|||||||
MBEDTLS_AES_ONLY_ENCRYPT
|
MBEDTLS_AES_ONLY_ENCRYPT
|
||||||
MBEDTLS_AES_SCA_COUNTERMEASURES
|
MBEDTLS_AES_SCA_COUNTERMEASURES
|
||||||
MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
|
MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
|
||||||
|
MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
|
||||||
_ALT\s*$
|
_ALT\s*$
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -68,15 +68,41 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
|
|||||||
memset( key0, 0x1, keylen );
|
memset( key0, 0x1, keylen );
|
||||||
memset( key1, 0x2, keylen );
|
memset( key1, 0x2, keylen );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
t_in->key_enc = mbedtls_calloc( 1, keylen );
|
||||||
|
t_in->key_dec = mbedtls_calloc( 1, keylen );
|
||||||
|
|
||||||
|
t_out->key_enc = mbedtls_calloc( 1, keylen );
|
||||||
|
t_out->key_dec = mbedtls_calloc( 1, keylen );
|
||||||
|
|
||||||
|
memcpy( t_in->key_enc, key0, keylen);
|
||||||
|
memcpy( t_in->key_dec, key1, keylen);
|
||||||
|
t_in->key_bitlen = cipher_info->key_bitlen;
|
||||||
|
|
||||||
|
memcpy( t_out->key_enc, key1, keylen);
|
||||||
|
memcpy( t_out->key_dec, key0, keylen);
|
||||||
|
t_out->key_bitlen = cipher_info->key_bitlen;
|
||||||
|
|
||||||
|
/* Setup cipher contexts */
|
||||||
|
CHK( mbedtls_cipher_setup( &t_in->cipher_ctx, cipher_info ) == 0 );
|
||||||
|
CHK( mbedtls_cipher_setup( &t_out->cipher_ctx, cipher_info ) == 0 );
|
||||||
|
#else
|
||||||
/* Setup cipher contexts */
|
/* Setup cipher contexts */
|
||||||
CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_enc, cipher_info ) == 0 );
|
CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_enc, cipher_info ) == 0 );
|
||||||
CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_dec, cipher_info ) == 0 );
|
CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_dec, cipher_info ) == 0 );
|
||||||
CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_enc, cipher_info ) == 0 );
|
CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_enc, cipher_info ) == 0 );
|
||||||
CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_dec, cipher_info ) == 0 );
|
CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_dec, cipher_info ) == 0 );
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||||
if( cipher_info->mode == MBEDTLS_MODE_CBC )
|
if( cipher_info->mode == MBEDTLS_MODE_CBC )
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
|
CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx,
|
||||||
|
MBEDTLS_PADDING_NONE ) == 0 );
|
||||||
|
CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx,
|
||||||
|
MBEDTLS_PADDING_NONE ) == 0 );
|
||||||
|
#else
|
||||||
CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_enc,
|
CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_enc,
|
||||||
MBEDTLS_PADDING_NONE ) == 0 );
|
MBEDTLS_PADDING_NONE ) == 0 );
|
||||||
CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_dec,
|
CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_dec,
|
||||||
@ -85,9 +111,11 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
|
|||||||
MBEDTLS_PADDING_NONE ) == 0 );
|
MBEDTLS_PADDING_NONE ) == 0 );
|
||||||
CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_dec,
|
CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_dec,
|
||||||
MBEDTLS_PADDING_NONE ) == 0 );
|
MBEDTLS_PADDING_NONE ) == 0 );
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
|
||||||
CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_enc, key0,
|
CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_enc, key0,
|
||||||
keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
|
keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
|
||||||
CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_dec, key1,
|
CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_dec, key1,
|
||||||
@ -96,7 +124,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
|
|||||||
keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
|
keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
|
||||||
CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_dec, key0,
|
CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_dec, key0,
|
||||||
keylen << 3, MBEDTLS_DECRYPT ) == 0 );
|
keylen << 3, MBEDTLS_DECRYPT ) == 0 );
|
||||||
|
#endif
|
||||||
/* Setup MAC contexts */
|
/* Setup MAC contexts */
|
||||||
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
||||||
if( cipher_info->mode == MBEDTLS_MODE_CBC ||
|
if( cipher_info->mode == MBEDTLS_MODE_CBC ||
|
||||||
|
Loading…
Reference in New Issue
Block a user