From 982119b4958606af7b1a3df535565148ab9e4a95 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Tue, 15 May 2018 10:43:17 +1000 Subject: [PATCH] Only cache messages when required. --- src/internal.c | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/src/internal.c b/src/internal.c index a45c7d54d..1ec9f1b38 100644 --- a/src/internal.c +++ b/src/internal.c @@ -6053,18 +6053,26 @@ static int Ed25519Update(WOLFSSL* ssl, const byte* data, int sz) int ret = 0; byte* msgs; - if (!IsAtLeastTLSv1_3(ssl->version) || ssl->options.downgrade) { - msgs = (byte*)XREALLOC(ssl->hsHashes->messages, - ssl->hsHashes->length + sz, ssl->heap, - DYNAMIC_TYPE_HASHES); - if (msgs == NULL) - ret = MEMORY_E; - if (ret == 0) { - ssl->hsHashes->messages = msgs; - XMEMCPY(msgs + ssl->hsHashes->length, data, sz); - ssl->hsHashes->prevLen = ssl->hsHashes->length; - ssl->hsHashes->length += sz; - } + if (!IsAtLeastTLSv1_2(ssl)) + return 0; + if (IsAtLeastTLSv1_3(ssl->version) && !ssl->options.downgrade) + return 0; + if (ssl->options.side == WOLFSSL_CLIENT_END && + ssl->buffers.keyType != ed25519_sa_algo) + return 0; + if (ssl->options.side == WOLFSSL_SERVER_END && (ssl->options.resuming || + !ssl->options.verifyPeer)) + return 0; + + msgs = (byte*)XREALLOC(ssl->hsHashes->messages, ssl->hsHashes->length + sz, + ssl->heap, DYNAMIC_TYPE_HASHES); + if (msgs == NULL) + ret = MEMORY_E; + if (ret == 0) { + ssl->hsHashes->messages = msgs; + XMEMCPY(msgs + ssl->hsHashes->length, data, sz); + ssl->hsHashes->prevLen = ssl->hsHashes->length; + ssl->hsHashes->length += sz; } return ret;