[openssl/openssl] c91d55: Fix "Error finalizing cipher loop" when running op...
Tom Cosgrove
noreply at github.com
Tue Apr 9 18:34:57 UTC 2024
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: c91d55d4c54cc15df8458df33e33a3e7067b0d65
https://github.com/openssl/openssl/commit/c91d55d4c54cc15df8458df33e33a3e7067b0d65
Author: Tom Cosgrove <tom.cosgrove at arm.com>
Date: 2024-04-09 (Tue, 09 Apr 2024)
Changed paths:
M apps/speed.c
Log Message:
-----------
Fix "Error finalizing cipher loop" when running openssl speed -evp -decrypt
When using CCM, openssl speed uses the loop function EVP_Update_loop_ccm() which
sets a (fake) tag when decrypting. When using -aead (which benchmarks a different
sequence than normal, to be comparable to TLS operation), the loop function
EVP_Update_loop_aead() is used, which also sets a tag when decrypting.
However, when using defaults, the loop function EVP_Update_loop() is used, which
does not set a tag on decryption, leading to "Error finalizing cipher loop".
To fix this, set a fake tag value if we're doing decryption on an AEAD cipher in
EVP_Update_loop(). We don't check the return value: this shouldn't really be able
to fail, and if it does, the following EVP_DecryptUpdate() is almost certain to
fail, so that can catch it.
The decryption is certain to fail (well, almost certain, but with a very low
probability of success), but this is no worse than at present. This minimal
change means that future benchmarking data should be comparable to previous
benchmarking data.
(This is benchmarking code: don't write real apps like this!)
Fixes #23657
Change-Id: Id581cf30503c1eb766464e315b1f33914040dcf7
Reviewed-by: Paul Yang <kaishen.yy at antfin.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23757)
(cherry picked from commit b3be6cc89e4dcfafe8f8be97e9519c26af2d19f5)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list