aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrzej Kurek <andrzej.kurek@arm.com>2020-09-23 14:06:43 +0100
committerGitHub <noreply@github.com>2020-09-23 14:06:43 +0100
commit73680ad5a250f4eb4c0402628af46df8f9b6815d (patch)
tree942a9a8f4a9f59cde221870f949ce8fcde865c29
parentf8d7e0112a038c1892e5c9c2b4af3b90639502f0 (diff)
parent11750441563cf05c700f935947457c7d7bbfd32a (diff)
downloadmbed-tls-baremetal.tar.gz
Merge pull request #3694 from AndrzejKurek/transform-cipher-optimizationbaremetal
Merge enc/dec cipher contexts in ssl transforms
-rw-r--r--configs/baremetal.h1
-rw-r--r--include/mbedtls/check_config.h5
-rw-r--r--include/mbedtls/config.h14
-rw-r--r--include/mbedtls/ssl_internal.h8
-rw-r--r--library/ssl_tls.c209
-rw-r--r--library/version_features.c3
-rw-r--r--programs/ssl/query_config.c8
-rwxr-xr-xscripts/config.pl2
-rw-r--r--tests/suites/test_suite_ssl.function30
9 files changed, 262 insertions, 18 deletions
diff --git a/configs/baremetal.h b/configs/baremetal.h
index 465664279..b63584f1c 100644
--- a/configs/baremetal.h
+++ b/configs/baremetal.h
@@ -86,6 +86,7 @@
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
#define MBEDTLS_SSL_DTLS_CONNECTION_ID
+#define MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
/* Compile-time fixed parts of the SSL configuration */
#define MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 7239557a0..f91f6b498 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -672,6 +672,11 @@
#error "MBEDTLS_SSL_TLS_C defined, but neither TLS or DTLS is active"
#endif
+#if defined(MBEDTLS_SSL_TLS_C) && defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS) && \
+ defined(MBEDTLS_ARC4_C)
+#error "MBEDTLS_ARC4_C cannot be defined with MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS on"
+#endif
+
#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \
defined(MBEDTLS_SSL_PROTO_TLS1_1) && !defined(MBEDTLS_SSL_PROTO_TLS1))
#error "Illegal protocol selection"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index c4d98e42f..1cf868f50 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -3285,6 +3285,20 @@
#define MBEDTLS_SSL_TLS_C
/**
+ * \def MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
+ * Use one cipher context for both decryption and encryption in ssl transforms.
+ *
+ * This change saves some RAM, but makes the operations last longer:
+ * before every encryption and decryption a key is set on the context.
+ *
+ * This change will not work with MBEDTLS_ARC4_C, since it requires an
+ * additional table and offsets to be saved between cipher calls, and this
+ * contradicts key resetting before each use.
+ *
+ */
+//#define MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
+
+/**
* \def MBEDTLS_THREADING_C
*
* Enable the threading abstraction layer.
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 19328d88f..40d246e9d 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -756,9 +756,15 @@ struct mbedtls_ssl_transform
z_stream ctx_inflate; /*!< decompression context */
#endif
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ unsigned char *key_enc;
+ unsigned char *key_dec;
+ unsigned int key_bitlen;
+ mbedtls_cipher_context_t cipher_ctx; /*!< encryption/decryption context */
+#else
mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */
mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */
-
+#endif
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
/* We need the Hello random bytes in order to re-derive keys from the
* Master Secret and other session info, see ssl_populate_transform() */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 4ebfb5c93..2c363fd33 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1563,7 +1563,21 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform,
iv_copy_len );
}
#endif
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx,
+ cipher_info ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
+ return( ret );
+ }
+ transform->key_enc = mbedtls_calloc( 1, cipher_info->key_bitlen >> 3 );
+ transform->key_dec = mbedtls_calloc( 1, cipher_info->key_bitlen >> 3 );
+ memcpy( transform->key_enc, key1, cipher_info->key_bitlen >> 3 );
+ memcpy( transform->key_dec, key2, cipher_info->key_bitlen >> 3 );
+
+ transform->key_bitlen = cipher_info->key_bitlen;
+#else
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
cipher_info ) ) != 0 )
{
@@ -1593,10 +1607,18 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform,
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
return( ret );
}
-
+#endif
#if defined(MBEDTLS_CIPHER_MODE_CBC)
if( cipher_info->mode == MBEDTLS_MODE_CBC )
{
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx,
+ MBEDTLS_PADDING_NONE ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret );
+ return( ret );
+ }
+#else
if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc,
MBEDTLS_PADDING_NONE ) ) != 0 )
{
@@ -1610,6 +1632,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform,
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret );
return( ret );
}
+#endif
}
#endif /* MBEDTLS_CIPHER_MODE_CBC */
@@ -2554,9 +2577,11 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
post_avail = rec->buf_len - ( rec->data_len + rec->data_offset );
MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload",
data, rec->data_len );
-
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx );
+#else
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc );
-
+#endif
if( rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %u too large, maximum %d",
@@ -2671,7 +2696,25 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
"including %d bytes of padding",
rec->data_len, 0 ) );
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
+ transform->key_enc,
+ transform->key_bitlen,
+ MBEDTLS_ENCRYPT ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+ return( ret );
+ }
+ if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx,
+ transform->iv_enc, transform->ivlen,
+ data, rec->data_len,
+ data, &olen ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
+ return( ret );
+ }
+#else
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
transform->iv_enc, transform->ivlen,
data, rec->data_len,
@@ -2680,7 +2723,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
return( ret );
}
-
+#endif
if( rec->data_len != olen )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
@@ -2754,7 +2797,27 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
/*
* Encrypt and authenticate
*/
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
+ transform->key_enc,
+ transform->key_bitlen,
+ MBEDTLS_ENCRYPT ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+ return( ret );
+ }
+ if( ( ret = mbedtls_cipher_auth_encrypt( &transform->cipher_ctx,
+ iv, transform->ivlen,
+ add_data, add_data_len, /* add data */
+ data, rec->data_len, /* source */
+ data, &rec->data_len, /* destination */
+ data + rec->data_len, transform->taglen ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret );
+ return( ret );
+ }
+#else
if( ( ret = mbedtls_cipher_auth_encrypt( &transform->cipher_ctx_enc,
iv, transform->ivlen,
add_data, add_data_len, /* add data */
@@ -2765,7 +2828,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret );
return( ret );
}
-
+#endif
MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag",
data + rec->data_len, transform->taglen );
@@ -2841,7 +2904,26 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
"including %d bytes of IV and %d bytes of padding",
rec->data_len, transform->ivlen,
padlen + 1 ) );
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
+ transform->key_enc,
+ transform->key_bitlen,
+ MBEDTLS_ENCRYPT ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+ return( ret );
+ }
+ if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx,
+ transform->iv_enc,
+ transform->ivlen,
+ data, rec->data_len,
+ data, &olen ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
+ return( ret );
+ }
+#else
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
transform->iv_enc,
transform->ivlen,
@@ -2851,7 +2933,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
return( ret );
}
-
+#endif
if( rec->data_len != olen )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
@@ -2866,8 +2948,13 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
/*
* Save IV in SSL3 and TLS1
*/
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ mbedtls_platform_memcpy( transform->iv_enc, transform->cipher_ctx.iv,
+ transform->ivlen );
+#else
mbedtls_platform_memcpy( transform->iv_enc, transform->cipher_ctx_enc.iv,
transform->ivlen );
+#endif
}
else
#endif
@@ -2968,8 +3055,11 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
}
data = rec->buf + rec->data_offset;
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx );
+#else
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_dec );
-
+#endif
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/*
* Match record's CID with incoming CID.
@@ -2985,6 +3075,25 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
if( mode == MBEDTLS_MODE_STREAM )
{
padlen = 0;
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
+ transform->key_dec,
+ transform->key_bitlen,
+ MBEDTLS_DECRYPT ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+ return( ret );
+ }
+ if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx,
+ transform->iv_dec,
+ transform->ivlen,
+ data, rec->data_len,
+ data, &olen ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
+ return( ret );
+ }
+#else
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
transform->iv_dec,
transform->ivlen,
@@ -2994,7 +3103,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
return( ret );
}
-
+#endif
if( rec->data_len != olen )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
@@ -3082,6 +3191,31 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
/*
* Decrypt and authenticate
*/
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
+ transform->key_dec,
+ transform->key_bitlen,
+ MBEDTLS_DECRYPT ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+ return( ret );
+ }
+ if( ( ret = mbedtls_cipher_auth_decrypt( &transform->cipher_ctx,
+ iv, transform->ivlen,
+ add_data, add_data_len,
+ data, rec->data_len,
+ data, &olen,
+ data + rec->data_len,
+ transform->taglen ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret );
+
+ if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
+ return( MBEDTLS_ERR_SSL_INVALID_MAC );
+
+ return( ret );
+ }
+#else
if( ( ret = mbedtls_cipher_auth_decrypt( &transform->cipher_ctx_dec,
iv, transform->ivlen,
add_data, add_data_len,
@@ -3097,6 +3231,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
return( ret );
}
+#endif
+
auth_done++;
/* Double-check that AEAD decryption doesn't change content length. */
@@ -3239,7 +3375,23 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
/* We still have data_len % ivlen == 0 and data_len >= ivlen here. */
-
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx,
+ transform->key_dec,
+ transform->key_bitlen,
+ MBEDTLS_DECRYPT ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+ return( ret );
+ }
+ if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx,
+ transform->iv_dec, transform->ivlen,
+ data, rec->data_len, data, &olen ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
+ return( ret );
+ }
+#else
if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
transform->iv_dec, transform->ivlen,
data, rec->data_len, data, &olen ) ) != 0 )
@@ -3247,7 +3399,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
return( ret );
}
-
+#endif
/* Double-check that length hasn't changed during decryption. */
if( rec->data_len != olen )
{
@@ -3266,8 +3418,13 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
* of the records; in other words, IVs are maintained across
* record decryptions.
*/
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ mbedtls_platform_memcpy( transform->iv_dec, transform->cipher_ctx.iv,
+ transform->ivlen );
+#else
mbedtls_platform_memcpy( transform->iv_dec, transform->cipher_ctx_dec.iv,
transform->ivlen );
+#endif
}
#endif
@@ -8495,9 +8652,12 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform )
{
memset( transform, 0, sizeof(mbedtls_ssl_transform) );
-
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ mbedtls_cipher_init( &transform->cipher_ctx );
+#else
mbedtls_cipher_init( &transform->cipher_ctx_enc );
mbedtls_cipher_init( &transform->cipher_ctx_dec );
+#endif
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
mbedtls_md_init( &transform->md_ctx_enc );
@@ -9866,8 +10026,11 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL )
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
#endif
-
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx ) )
+#else
switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
+#endif
{
#if defined(MBEDTLS_GCM_C) || \
defined(MBEDTLS_CCM_C) || \
@@ -9898,10 +10061,13 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
case MBEDTLS_MODE_CBC:
{
size_t block_size;
-
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ block_size = mbedtls_cipher_get_block_size(
+ &transform->cipher_ctx );
+#else
block_size = mbedtls_cipher_get_block_size(
&transform->cipher_ctx_enc );
-
+#endif
/* Expansion due to the addition of the MAC. */
transform_expansion += transform->maclen;
@@ -11371,8 +11537,13 @@ static int ssl_write_split( mbedtls_ssl_context *ssl,
mbedtls_ssl_ver_gt(
mbedtls_ssl_get_minor_ver( ssl ),
MBEDTLS_SSL_MINOR_VERSION_1 ) ||
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx )
+ != MBEDTLS_MODE_CBC )
+#else
mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc )
!= MBEDTLS_MODE_CBC )
+#endif
{
return( ssl_write_real( ssl, buf, len ) );
}
@@ -11486,10 +11657,16 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform )
deflateEnd( &transform->ctx_deflate );
inflateEnd( &transform->ctx_inflate );
#endif
-
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ mbedtls_cipher_free( &transform->cipher_ctx );
+ if( transform->key_dec != NULL )
+ mbedtls_free( transform->key_dec );
+ if( transform->key_enc != NULL )
+ mbedtls_free( transform->key_enc );
+#else
mbedtls_cipher_free( &transform->cipher_ctx_enc );
mbedtls_cipher_free( &transform->cipher_ctx_dec );
-
+#endif
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
mbedtls_md_free( &transform->md_ctx_enc );
mbedtls_md_free( &transform->md_ctx_dec );
diff --git a/library/version_features.c b/library/version_features.c
index 84cb8a62b..ec4a692a0 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -792,6 +792,9 @@ static const char *features[] = {
#if defined(MBEDTLS_SSL_TLS_C)
"MBEDTLS_SSL_TLS_C",
#endif /* MBEDTLS_SSL_TLS_C */
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ "MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS",
+#endif /* MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS */
#if defined(MBEDTLS_THREADING_C)
"MBEDTLS_THREADING_C",
#endif /* MBEDTLS_THREADING_C */
diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c
index af77ed553..e8fd6341a 100644
--- a/programs/ssl/query_config.c
+++ b/programs/ssl/query_config.c
@@ -2154,6 +2154,14 @@ int query_config( const char *config )
}
#endif /* MBEDTLS_SSL_TLS_C */
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ if( strcmp( "MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS */
+
#if defined(MBEDTLS_THREADING_C)
if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 )
{
diff --git a/scripts/config.pl b/scripts/config.pl
index b63dc7766..5d2b28ee2 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -57,6 +57,7 @@
# MBEDTLS_AES_ONLY_ENCRYPT
# MBEDTLS_AES_SCA_COUNTERMEASURES
# MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
+# MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
# and any symbol beginning _ALT
#
# The baremetal configuration excludes options that require a library or
@@ -140,6 +141,7 @@ MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
MBEDTLS_AES_ONLY_ENCRYPT
MBEDTLS_AES_SCA_COUNTERMEASURES
MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
+MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
_ALT\s*$
);
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 9873dd828..a689d4580 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -68,15 +68,41 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
memset( key0, 0x1, keylen );
memset( key1, 0x2, keylen );
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ t_in->key_enc = mbedtls_calloc( 1, keylen );
+ t_in->key_dec = mbedtls_calloc( 1, keylen );
+
+ t_out->key_enc = mbedtls_calloc( 1, keylen );
+ t_out->key_dec = mbedtls_calloc( 1, keylen );
+
+ memcpy( t_in->key_enc, key0, keylen);
+ memcpy( t_in->key_dec, key1, keylen);
+ t_in->key_bitlen = cipher_info->key_bitlen;
+
+ memcpy( t_out->key_enc, key1, keylen);
+ memcpy( t_out->key_dec, key0, keylen);
+ t_out->key_bitlen = cipher_info->key_bitlen;
+
+ /* Setup cipher contexts */
+ CHK( mbedtls_cipher_setup( &t_in->cipher_ctx, cipher_info ) == 0 );
+ CHK( mbedtls_cipher_setup( &t_out->cipher_ctx, cipher_info ) == 0 );
+#else
/* Setup cipher contexts */
CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_enc, cipher_info ) == 0 );
CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_dec, cipher_info ) == 0 );
CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_enc, cipher_info ) == 0 );
CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_dec, cipher_info ) == 0 );
+#endif
#if defined(MBEDTLS_CIPHER_MODE_CBC)
if( cipher_info->mode == MBEDTLS_MODE_CBC )
{
+#if defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
+ CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx,
+ MBEDTLS_PADDING_NONE ) == 0 );
+ CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx,
+ MBEDTLS_PADDING_NONE ) == 0 );
+#else
CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_enc,
MBEDTLS_PADDING_NONE ) == 0 );
CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_dec,
@@ -85,9 +111,11 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
MBEDTLS_PADDING_NONE ) == 0 );
CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_dec,
MBEDTLS_PADDING_NONE ) == 0 );
+#endif
}
#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if !defined(MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS)
CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_enc, key0,
keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_dec, key1,
@@ -96,7 +124,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_dec, key0,
keylen << 3, MBEDTLS_DECRYPT ) == 0 );
-
+#endif
/* Setup MAC contexts */
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
if( cipher_info->mode == MBEDTLS_MODE_CBC ||