diff options
| author | Pauli <pauli@openssl.org> | 2022-01-26 07:04:51 +0300 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2022-02-07 01:45:57 +0300 |
| commit | b30b45b7247d056b569e2b5139f8b503d36e646c (patch) | |
| tree | 8ed00752ca97598a84af7f2b76cd7594eb4d846b /crypto/evp/evp_enc.c | |
| parent | 80ce874a093087b919e1c722427df30f81f5dad5 (diff) | |
evp enc: cache cipher IV length
Instead of doing a heavy params based query every time a context is asked for
its IV length, this value is cached in the context and only queried if it could
have been modified.
Fixes #17064
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17543)
Diffstat (limited to 'crypto/evp/evp_enc.c')
| -rw-r--r-- | crypto/evp/evp_enc.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 1c02cafa16..ff315bd922 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -43,6 +43,7 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx) if (ctx->fetched_cipher != NULL) EVP_CIPHER_free(ctx->fetched_cipher); memset(ctx, 0, sizeof(*ctx)); + ctx->iv_len = -1; return 1; @@ -61,6 +62,7 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx) ENGINE_finish(ctx->engine); #endif memset(ctx, 0, sizeof(*ctx)); + ctx->iv_len = -1; return 1; } @@ -87,6 +89,9 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE) ENGINE *tmpimpl = NULL; #endif + + ctx->iv_len = -1; + /* * enc == 1 means we are encrypting. * enc == 0 means we are decrypting. @@ -1079,12 +1084,14 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) if (arg < 0) return 0; params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &sz); + ctx->iv_len = -1; break; case EVP_CTRL_CCM_SET_L: if (arg < 2 || arg > 8) return 0; sz = 15 - arg; params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &sz); + ctx->iv_len = -1; break; case EVP_CTRL_AEAD_SET_IV_FIXED: params[0] = OSSL_PARAM_construct_octet_string( @@ -1248,8 +1255,10 @@ int EVP_CIPHER_get_params(EVP_CIPHER *cipher, OSSL_PARAM params[]) int EVP_CIPHER_CTX_set_params(EVP_CIPHER_CTX *ctx, const OSSL_PARAM params[]) { - if (ctx->cipher != NULL && ctx->cipher->set_ctx_params != NULL) + if (ctx->cipher != NULL && ctx->cipher->set_ctx_params != NULL) { + ctx->iv_len = -1; return ctx->cipher->set_ctx_params(ctx->algctx, params); + } return 0; } |