From d0e55a465779554d354343601161aa11f69353b6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Jun 2018 12:03:30 +0200 Subject: [PATCH] ssl_decrypt_buf: remove code for hashes that aren't used in TLS --- library/ssl_tls.c | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 8e855a120..4d50497cd 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2013,22 +2013,11 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) size_t j, extra_run = 0; switch( ssl->transform_in->ciphersuite_info->mac ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - /* no size prepended, 64-byte compression blocks */ - extra_run = ( 13 + ssl->in_msglen + padlen ) / 64 - - ( 13 + ssl->in_msglen ) / 64; - break; -#endif -#if defined(MBEDTLS_MD4_C) || defined(MBEDTLS_MD5_C) || \ - case MBEDTLS_MD_MD4: - defined(MBEDTLS_SHA1_C) || defined(MBEDTLS_SHA256_C) \ - defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_MD5_C) || defined(MBEDTLS_SHA1_C) || \ + defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_MD5: case MBEDTLS_MD_SHA1: - case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - case MBEDTLS_MD_RIPEMD160: /* 8 bytes of message size, 64-byte compression blocks */ extra_run = ( 13 + ssl->in_msglen + padlen + 8 ) / 64 - ( 13 + ssl->in_msglen + 8 ) / 64; @@ -2036,7 +2025,6 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) #endif #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA384: - case MBEDTLS_MD_SHA512: /* 16 bytes of message size, 128-byte compression blocks */ extra_run = ( 13 + ssl->in_msglen + padlen + 16 ) / 128 - ( 13 + ssl->in_msglen + 16 ) / 128;