commit c8a06feae6c5fcf25969a4fc300218c7517a032f
author Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com> Mon Feb 07 10:52:47 2022 +0100
committer Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com> Mon Feb 07 10:52:47 2022 +0100
tree 05116d3b794e65e75f2768167749e00a3c13059e
parent 98ef6dca68a20289b070a4b98e23d1606a974e39

ssl_msg.c: Optimize null/stream cipher decryption/encryption

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>

library/ssl_msg.c

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index ac476ec..08b4c63 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -722,37 +722,12 @@
     if( mode == MBEDTLS_MODE_STREAM )
 #endif
     {
-        size_t olen;
-#if !defined(MBEDTLS_USE_PSA_CRYPTO)
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
         MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", "
                                     "including %d bytes of padding",
                                     rec->data_len, 0 ) );
 
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    /* The only stream "cipher" we support is "NULL" */
-    if ( transform->psa_alg != MBEDTLS_SSL_NULL_CIPHER )
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-
-    olen = rec->data_len;
-#else
-        if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
-                                   transform->iv_enc, transform->ivlen,
-                                   data, rec->data_len,
-                                   data, &olen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
-            return( ret );
-        }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-        if( rec->data_len != olen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
+        /* The only supported stream cipher is "NULL",
+         * so there's nothing to do here.*/
     }
     else
 #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */
@@ -1156,33 +1131,8 @@
     if( mode == MBEDTLS_MODE_STREAM )
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
     {
-        padlen = 0;
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    /* The only stream "cipher" we support is "NULL" */
-    if ( transform->psa_alg != MBEDTLS_SSL_NULL_CIPHER )
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-
-    olen = rec->data_len;
-#else
-
-        if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
-                                   transform->iv_dec,
-                                   transform->ivlen,
-                                   data, rec->data_len,
-                                   data, &olen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
-            return( ret );
-        }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-        if( rec->data_len != olen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
+        /* The only supported stream cipher is "NULL",
+         * so there's nothing to do here.*/
     }
     else
 #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */