crypto_openssl: call EVP_EncryptFinal_ex only if needed

author Damjan Marion <damarion@cisco.com>

Wed, 20 Mar 2019 15:28:51 +0000 (16:28 +0100)

committer Neale Ranns <nranns@cisco.com>

Wed, 20 Mar 2019 17:23:59 +0000 (17:23 +0000)
author Damjan Marion <damarion@cisco.com>
Wed, 20 Mar 2019 15:28:51 +0000 (16:28 +0100)
committer Neale Ranns <nranns@cisco.com>
Wed, 20 Mar 2019 17:23:59 +0000 (17:23 +0000)
diff --git a/src/plugins/crypto_openssl/main.c b/src/plugins/crypto_openssl/main.c

index b4679ee..09d7267 100644 (file)
--- a/src/plugins/crypto_openssl/main.c
+++ b/src/plugins/crypto_openssl/main.c
@@ -69,7 +69,8 @@ openssl_ops_enc_cbc (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
  
        EVP_EncryptInit_ex (ctx, cipher, NULL, op->key, op->iv);
        EVP_EncryptUpdate (ctx, op->dst, &out_len, op->src, op->len);
-      EVP_EncryptFinal_ex (ctx, op->dst + out_len, &out_len);
+      if (out_len < op->len)
+       EVP_EncryptFinal_ex (ctx, op->dst + out_len, &out_len);
        op->status = VNET_CRYPTO_OP_STATUS_COMPLETED;
      }
    return n_ops;
@@ -90,7 +91,8 @@ openssl_ops_dec_cbc (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
  
        EVP_DecryptInit_ex (ctx, cipher, NULL, op->key, op->iv);
        EVP_DecryptUpdate (ctx, op->dst, &out_len, op->src, op->len);
-      EVP_DecryptFinal_ex (ctx, op->dst + out_len, &out_len);
+      if (out_len < op->len)
+       EVP_DecryptFinal_ex (ctx, op->dst + out_len, &out_len);
        op->status = VNET_CRYPTO_OP_STATUS_COMPLETED;
      }
    return n_ops;
author	Damjan Marion <damarion@cisco.com>
	Wed, 20 Mar 2019 15:28:51 +0000 (16:28 +0100)
committer	Neale Ranns <nranns@cisco.com>
	Wed, 20 Mar 2019 17:23:59 +0000 (17:23 +0000)