New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
apps/speed.c: let EVP_Update_loop_ccm behave more like EVP_Update_loop #5246
Conversation
apps/speed.c
Outdated
* CCM does not support streaming. For the purpose of performance measurement, | ||
* each message is encrypted using the same (key,iv)-pair. Do not use this | ||
* code in your application. | ||
*/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I removed this warning because it would be much needed in other places also. Having it only here kind of seems to imply that all other speed tool code is "best practice", which is not true e.g., just resetting counter w/o changing key/iv in generic update loop ...
This needs a rebase. @p-steuer, are you still around and willing? |
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Im still around. Rebased and -f pushed. |
Ping for second reviewer |
Merged. 7da84e0 apps/speed.c: let EVP_Update_loop_ccm behave more like EVP_Update_loop |
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from #5246)
This is a follow-up for my commits fe4f66d which states
This is not true when no aad is processed (which is actually the case for speed tool) because the length is set implicitely. An explicit reset of the length field is needed anyway for speed tool because with the current ccm implementation, the length field is destroyed during update operation (which is okay, since ccm interfaces are to be called once per packet. If the length field was not overwritten, ccm would not need its own loop in speed tool, edit: the last statement is only true for the encrypt case).
This patch makes ccm's update loop behave more like the generic update loop.