diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-04-03 04:27:03 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-04-03 15:36:57 +1100 |
commit | eba523f0a130f1cce829e6aecdcefa841f526a1a (patch) | |
tree | af27de3afbd97d4fdcbc2515f0ee5a608bd32af2 | |
parent | ebd29e90129cf18fedfcfe1de86e324228669295 (diff) |
upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as
part of a larger diff at a2k20
OpenBSD-Commit-ID: a4609b7263284f95c9417ef60ed7cdbb7bf52cfd
-rw-r--r-- | cipher-chachapoly.c | 25 | ||||
-rw-r--r-- | cipher-chachapoly.h | 13 | ||||
-rw-r--r-- | cipher.c | 18 | ||||
-rw-r--r-- | regress/Makefile | 3 |
4 files changed, 37 insertions, 22 deletions
diff --git a/cipher-chachapoly.c b/cipher-chachapoly.c index 0899c5ad5..42e8d40b7 100644 --- a/cipher-chachapoly.c +++ b/cipher-chachapoly.c | |||
@@ -14,7 +14,7 @@ | |||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
15 | */ | 15 | */ |
16 | 16 | ||
17 | /* $OpenBSD: cipher-chachapoly.c,v 1.8 2016/08/03 05:41:57 djm Exp $ */ | 17 | /* $OpenBSD: cipher-chachapoly.c,v 1.9 2020/04/03 04:27:03 djm Exp $ */ |
18 | 18 | ||
19 | #include "includes.h" | 19 | #include "includes.h" |
20 | 20 | ||
@@ -28,15 +28,28 @@ | |||
28 | #include "ssherr.h" | 28 | #include "ssherr.h" |
29 | #include "cipher-chachapoly.h" | 29 | #include "cipher-chachapoly.h" |
30 | 30 | ||
31 | int | 31 | struct chachapoly_ctx { |
32 | chachapoly_init(struct chachapoly_ctx *ctx, | 32 | struct chacha_ctx main_ctx, header_ctx; |
33 | const u_char *key, u_int keylen) | 33 | }; |
34 | |||
35 | struct chachapoly_ctx * | ||
36 | chachapoly_new(const u_char *key, u_int keylen) | ||
34 | { | 37 | { |
38 | struct chachapoly_ctx *ctx; | ||
39 | |||
35 | if (keylen != (32 + 32)) /* 2 x 256 bit keys */ | 40 | if (keylen != (32 + 32)) /* 2 x 256 bit keys */ |
36 | return SSH_ERR_INVALID_ARGUMENT; | 41 | return NULL; |
42 | if ((ctx = calloc(1, sizeof(*ctx))) == NULL) | ||
43 | return NULL; | ||
37 | chacha_keysetup(&ctx->main_ctx, key, 256); | 44 | chacha_keysetup(&ctx->main_ctx, key, 256); |
38 | chacha_keysetup(&ctx->header_ctx, key + 32, 256); | 45 | chacha_keysetup(&ctx->header_ctx, key + 32, 256); |
39 | return 0; | 46 | return ctx; |
47 | } | ||
48 | |||
49 | void | ||
50 | chachapoly_free(struct chachapoly_ctx *cpctx) | ||
51 | { | ||
52 | freezero(cpctx, sizeof(*cpctx)); | ||
40 | } | 53 | } |
41 | 54 | ||
42 | /* | 55 | /* |
diff --git a/cipher-chachapoly.h b/cipher-chachapoly.h index b7072be7d..026d2de93 100644 --- a/cipher-chachapoly.h +++ b/cipher-chachapoly.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher-chachapoly.h,v 1.4 2014/06/24 01:13:21 djm Exp $ */ | 1 | /* $OpenBSD: cipher-chachapoly.h,v 1.5 2020/04/03 04:27:03 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) Damien Miller 2013 <djm@mindrot.org> | 4 | * Copyright (c) Damien Miller 2013 <djm@mindrot.org> |
@@ -24,13 +24,12 @@ | |||
24 | 24 | ||
25 | #define CHACHA_KEYLEN 32 /* Only 256 bit keys used here */ | 25 | #define CHACHA_KEYLEN 32 /* Only 256 bit keys used here */ |
26 | 26 | ||
27 | struct chachapoly_ctx { | 27 | struct chachapoly_ctx; |
28 | struct chacha_ctx main_ctx, header_ctx; | 28 | |
29 | }; | 29 | struct chachapoly_ctx *chachapoly_new(const u_char *key, u_int keylen) |
30 | __attribute__((__bounded__(__buffer__, 1, 2))); | ||
31 | void chachapoly_free(struct chachapoly_ctx *cpctx); | ||
30 | 32 | ||
31 | int chachapoly_init(struct chachapoly_ctx *cpctx, | ||
32 | const u_char *key, u_int keylen) | ||
33 | __attribute__((__bounded__(__buffer__, 2, 3))); | ||
34 | int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr, | 33 | int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr, |
35 | u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, | 34 | u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, |
36 | int do_encrypt); | 35 | int do_encrypt); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher.c,v 1.116 2020/03/13 03:17:07 djm Exp $ */ | 1 | /* $OpenBSD: cipher.c,v 1.117 2020/04/03 04:27:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -59,7 +59,7 @@ struct sshcipher_ctx { | |||
59 | int plaintext; | 59 | int plaintext; |
60 | int encrypt; | 60 | int encrypt; |
61 | EVP_CIPHER_CTX *evp; | 61 | EVP_CIPHER_CTX *evp; |
62 | struct chachapoly_ctx cp_ctx; /* XXX union with evp? */ | 62 | struct chachapoly_ctx *cp_ctx; |
63 | struct aesctr_ctx ac_ctx; /* XXX union with evp? */ | 63 | struct aesctr_ctx ac_ctx; /* XXX union with evp? */ |
64 | const struct sshcipher *cipher; | 64 | const struct sshcipher *cipher; |
65 | }; | 65 | }; |
@@ -273,7 +273,8 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, | |||
273 | 273 | ||
274 | cc->cipher = cipher; | 274 | cc->cipher = cipher; |
275 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { | 275 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { |
276 | ret = chachapoly_init(&cc->cp_ctx, key, keylen); | 276 | cc->cp_ctx = chachapoly_new(key, keylen); |
277 | ret = cc->cp_ctx != NULL ? 0 : SSH_ERR_INVALID_ARGUMENT; | ||
277 | goto out; | 278 | goto out; |
278 | } | 279 | } |
279 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { | 280 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { |
@@ -349,7 +350,7 @@ cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest, | |||
349 | const u_char *src, u_int len, u_int aadlen, u_int authlen) | 350 | const u_char *src, u_int len, u_int aadlen, u_int authlen) |
350 | { | 351 | { |
351 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { | 352 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { |
352 | return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src, | 353 | return chachapoly_crypt(cc->cp_ctx, seqnr, dest, src, |
353 | len, aadlen, authlen, cc->encrypt); | 354 | len, aadlen, authlen, cc->encrypt); |
354 | } | 355 | } |
355 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { | 356 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { |
@@ -412,7 +413,7 @@ cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr, | |||
412 | const u_char *cp, u_int len) | 413 | const u_char *cp, u_int len) |
413 | { | 414 | { |
414 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) | 415 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) |
415 | return chachapoly_get_length(&cc->cp_ctx, plenp, seqnr, | 416 | return chachapoly_get_length(cc->cp_ctx, plenp, seqnr, |
416 | cp, len); | 417 | cp, len); |
417 | if (len < 4) | 418 | if (len < 4) |
418 | return SSH_ERR_MESSAGE_INCOMPLETE; | 419 | return SSH_ERR_MESSAGE_INCOMPLETE; |
@@ -425,9 +426,10 @@ cipher_free(struct sshcipher_ctx *cc) | |||
425 | { | 426 | { |
426 | if (cc == NULL) | 427 | if (cc == NULL) |
427 | return; | 428 | return; |
428 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) | 429 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { |
429 | explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx)); | 430 | chachapoly_free(cc->cp_ctx); |
430 | else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) | 431 | cc->cp_ctx = NULL; |
432 | } else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) | ||
431 | explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx)); | 433 | explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx)); |
432 | #ifdef WITH_OPENSSL | 434 | #ifdef WITH_OPENSSL |
433 | EVP_CIPHER_CTX_free(cc->evp); | 435 | EVP_CIPHER_CTX_free(cc->evp); |
diff --git a/regress/Makefile b/regress/Makefile index 774c10d41..8f7b5aa99 100644 --- a/regress/Makefile +++ b/regress/Makefile | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: Makefile,v 1.106 2020/01/31 23:25:08 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.107 2020/04/03 02:33:31 dtucker Exp $ |
2 | 2 | ||
3 | tests: prep file-tests t-exec unit | 3 | tests: prep file-tests t-exec unit |
4 | 4 | ||
@@ -66,6 +66,7 @@ LTESTS= connect \ | |||
66 | cfgparse \ | 66 | cfgparse \ |
67 | cfgmatch \ | 67 | cfgmatch \ |
68 | cfgmatchlisten \ | 68 | cfgmatchlisten \ |
69 | percent \ | ||
69 | addrmatch \ | 70 | addrmatch \ |
70 | localcommand \ | 71 | localcommand \ |
71 | forcecommand \ | 72 | forcecommand \ |