mirror of https://github.com/openssl/openssl
Fix "Error finalizing cipher loop" when running openssl speed -evp -decrypt
When using CCM, openssl speed uses the loop function EVP_Update_loop_ccm() which sets a (fake) tag when decrypting. When using -aead (which benchmarks a different sequence than normal, to be comparable to TLS operation), the loop function EVP_Update_loop_aead() is used, which also sets a tag when decrypting. However, when using defaults, the loop function EVP_Update_loop() is used, which does not set a tag on decryption, leading to "Error finalizing cipher loop". To fix this, set a fake tag value if we're doing decryption on an AEAD cipher in EVP_Update_loop(). We don't check the return value: this shouldn't really be able to fail, and if it does, the following EVP_DecryptUpdate() is almost certain to fail, so that can catch it. The decryption is certain to fail (well, almost certain, but with a very low probability of success), but this is no worse than at present. This minimal change means that future benchmarking data should be comparable to previous benchmarking data. (This is benchmarking code: don't write real apps like this!) Fixes #23657 Change-Id: Id581cf30503c1eb766464e315b1f33914040dcf7 Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23757)
This commit is contained in:
parent
6b566687b5
commit
b3be6cc89e
|
@ -846,8 +846,12 @@ static int EVP_Update_loop(void *args)
|
|||
unsigned char *buf = tempargs->buf;
|
||||
EVP_CIPHER_CTX *ctx = tempargs->ctx;
|
||||
int outl, count, rc;
|
||||
unsigned char faketag[16] = { 0xcc };
|
||||
|
||||
if (decrypt) {
|
||||
if (EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) {
|
||||
(void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(faketag), faketag);
|
||||
}
|
||||
for (count = 0; COND(c[D_EVP][testnum]); count++) {
|
||||
rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
|
||||
if (rc != 1) {
|
||||
|
@ -937,7 +941,7 @@ static int EVP_Update_loop_aead(void *args)
|
|||
sizeof(faketag), faketag) > 0
|
||||
&& EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad)) > 0
|
||||
&& EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]) > 0
|
||||
&& EVP_DecryptFinal_ex(ctx, buf + outl, &outl) >0)
|
||||
&& EVP_DecryptFinal_ex(ctx, buf + outl, &outl) > 0)
|
||||
realcount++;
|
||||
}
|
||||
} else {
|
||||
|
|
Loading…
Reference in New Issue