From 7da84e0f0088fc9d575039fb173f12af0ae25832 Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Fri, 2 Feb 2018 11:09:25 +0100
Subject: [PATCH] apps/speed.c: let EVP_Update_loop_ccm behave more like
 EVP_Update_loop

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5246)
---
 apps/speed.c | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index 181873cca3..2c792bd150 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -903,14 +903,18 @@ static int EVP_Update_loop(void *args)
     if (decrypt) {
         for (count = 0; COND(nb_iter); count++) {
             rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
-            if (rc != 1)
+            if (rc != 1) {
+                /* reset iv in case of counter overflow */
                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
+            }
         }
     } else {
         for (count = 0; COND(nb_iter); count++) {
             rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
-            if (rc != 1)
+            if (rc != 1) {
+                /* reset iv in case of counter overflow */
                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
+            }
         }
     }
     if (decrypt)
@@ -937,20 +941,24 @@ static int EVP_Update_loop_ccm(void *args)
 #endif
     if (decrypt) {
         for (count = 0; COND(nb_iter); count++) {
-            EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
             EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
-            EVP_DecryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
+            /* reset iv */
+            EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
+            /* counter is reset on every update */
             EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
-            EVP_DecryptFinal_ex(ctx, buf, &outl);
         }
     } else {
         for (count = 0; COND(nb_iter); count++) {
-            EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
+            /* restore iv length field */
             EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
+            /* counter is reset on every update */
             EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
-            EVP_EncryptFinal_ex(ctx, buf, &outl);
         }
     }
+    if (decrypt)
+        EVP_DecryptFinal_ex(ctx, buf, &outl);
+    else
+        EVP_EncryptFinal_ex(ctx, buf, &outl);
     return count;
 }
 
-- 
2.25.1