upstream commit

make non-OpenSSL aes-ctr work on sshd w/ privsep; ok markus@
author: djm@openbsd.org <djm@openbsd.org> 2015-01-14 10:29:45 +0000
committer: Damien Miller <djm@mindrot.org> 2015-01-14 21:32:55 +1100
commit: 540e891191b98b89ee90aacf5b14a4a68635e763 (patch)
tree: 326b80921b50da318e33354159418cfb49a4b9bc /cipher.c
parent: 60c2c4ea5e1ad0ddfe8b2877b78ed5143be79c53 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/cipher.c b/cipher.c
index 638ca2d97..02dae6f9f 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.99 2014/06/24 01:13:21 djm Exp $ */
+/* $OpenBSD: cipher.c,v 1.100 2015/01/14 10:29:45 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -512,6 +512,8 @@ cipher_get_keyiv_len(const struct sshcipher_ctx *cc)
                ivlen = 24;
        else if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
                ivlen = 0;
+        else if ((cc->cipher->flags & CFLAG_AESCTR) != 0)
+                ivlen = sizeof(cc->ac_ctx.ctr);
 #ifdef WITH_OPENSSL
        else
                ivlen = EVP_CIPHER_CTX_iv_length(&cc->evp);
@@ -532,6 +534,12 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
                        return SSH_ERR_INVALID_ARGUMENT;
                return 0;
        }
+        if ((cc->cipher->flags & CFLAG_AESCTR) != 0) {
+                if (len != sizeof(cc->ac_ctx.ctr))
+                        return SSH_ERR_INVALID_ARGUMENT;
+                memcpy(iv, cc->ac_ctx.ctr, len);
+                return 0;
+        }
        if ((cc->cipher->flags & CFLAG_NONE) != 0)
                return 0;
author	djm@openbsd.org <djm@openbsd.org>	2015-01-14 10:29:45 +0000
committer	Damien Miller <djm@mindrot.org>	2015-01-14 21:32:55 +1100
commit	540e891191b98b89ee90aacf5b14a4a68635e763 (patch)
tree	326b80921b50da318e33354159418cfb49a4b9bc /cipher.c
parent	60c2c4ea5e1ad0ddfe8b2877b78ed5143be79c53 (diff)