Skip MAC computation/check when GCM is used

This commit is contained in:
Manuel Pégourié-Gonnard 2013-10-25 19:31:25 +02:00
parent 65ea372f9b
commit 7109624aef

View file

@ -973,8 +973,14 @@ static int ssl_encrypt_buf( ssl_context *ssl )
SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
/*
* Add MAC then encrypt
* Add MAC before encrypt, except for GCM
*/
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
( defined(POLARSSL_CIPHER_MODE_CBC) && \
( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
if( ssl->transform_out->cipher_ctx_enc.cipher_info->mode !=
POLARSSL_MODE_GCM )
{
#if defined(POLARSSL_SSL_PROTO_SSL3)
if( ssl->minor_ver == SSL_MINOR_VERSION_0 )
{
@ -1004,10 +1010,16 @@ static int ssl_encrypt_buf( ssl_context *ssl )
}
SSL_DEBUG_BUF( 4, "computed mac",
ssl->out_msg + ssl->out_msglen, ssl->transform_out->maclen );
ssl->out_msg + ssl->out_msglen,
ssl->transform_out->maclen );
ssl->out_msglen += ssl->transform_out->maclen;
}
#endif /* GCM not the only option */
/*
* Encrypt
*/
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
if( ssl->transform_out->cipher_ctx_enc.cipher_info->mode ==
POLARSSL_MODE_STREAM )
@ -1634,8 +1646,14 @@ static int ssl_decrypt_buf( ssl_context *ssl )
ssl->in_msg, ssl->in_msglen );
/*
* Always compute the MAC (RFC4346, CBCTIME).
* Always compute the MAC (RFC4346, CBCTIME), except for GCM of course
*/
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
( defined(POLARSSL_CIPHER_MODE_CBC) && \
( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
if( ssl->transform_in->cipher_ctx_dec.cipher_info->mode !=
POLARSSL_MODE_GCM )
{
ssl->in_msglen -= ( ssl->transform_in->maclen + padlen );
ssl->in_hdr[3] = (unsigned char)( ssl->in_msglen >> 8 );
@ -1712,6 +1730,8 @@ static int ssl_decrypt_buf( ssl_context *ssl )
*/
if( correct == 0 )
return( POLARSSL_ERR_SSL_INVALID_MAC );
}
#endif /* GCM not the only option */
if( ssl->in_msglen == 0 )
{