- markus@cvs.openbsd.org 2003/04/12 10:13:57

[cipher.c] hide cipher details; ok djm@
author: Damien Miller <djm@mindrot.org> 2003-05-14 13:41:23 +1000
committer: Damien Miller <djm@mindrot.org> 2003-05-14 13:41:23 +1000
commit: a201bb3f8a55fed2e75a3d6cfcaf3721497c15f3 (patch)
tree: 5e37b6ad6bc773f5e597e941cc98335cbcfffbb1 /cipher.c
parent: c652cac5f75590a4df536fb69713ba506082f5f4 (diff)
1 files changed, 50 insertions, 53 deletions
diff --git a/cipher.c b/cipher.c
index b5d38747e..b6637b645 100644
--- a/cipher.c
+++ b/cipher.c
@@ -35,7 +35,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.62 2002/11/21 22:45:31 markus Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.63 2003/04/12 10:13:57 markus Exp $");
 #include "xmalloc.h"
 #include "log.h"
@@ -395,6 +395,28 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx)
        return (1);
 }
+static void
+ssh1_3des_iv(EVP_CIPHER_CTX *evp, int doset, u_char *iv, int len)
+{
+        struct ssh1_3des_ctx *c;
+        if (len != 24)
+                fatal("%s: bad 3des iv length: %d", __func__, len);
+        if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL)
+                fatal("%s: no 3des context", __func__);
+        if (doset) {
+                debug3("%s: Installed 3DES IV", __func__);
+                memcpy(c->k1.iv, iv, 8);
+                memcpy(c->k2.iv, iv + 8, 8);
+                memcpy(c->k3.iv, iv + 16, 8);
+        } else {
+                debug3("%s: Copying 3DES IV", __func__);
+                memcpy(iv, c->k1.iv, 8);
+                memcpy(iv + 8, c->k2.iv, 8);
+                memcpy(iv + 16, c->k3.iv, 8);
+        }
+}
 static const EVP_CIPHER *
 evp_ssh1_3des(void)
 {
@@ -567,6 +589,19 @@ ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx)
        return (1);
 }
+static void
+ssh_rijndael_iv(EVP_CIPHER_CTX *evp, int doset, u_char * iv, u_int len)
+{
+        struct ssh_rijndael_ctx *c;
+        if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL)
+                fatal("ssh_rijndael_iv: no context");
+        if (doset)
+                memcpy(c->r_iv, iv, len);
+        else
+                memcpy(iv, c->r_iv, len);
+}
 static const EVP_CIPHER *
 evp_rijndael(void)
 {
@@ -611,7 +646,6 @@ void
 cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
 {
        Cipher *c = cc->cipher;
-        u_char *civ = NULL;
        int evplen;
        switch (c->number) {
@@ -624,45 +658,25 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
                if (evplen != len)
                        fatal("%s: wrong iv length %d != %d", __func__,
                            evplen, len);
 #if OPENSSL_VERSION_NUMBER < 0x00907000L
-                if (c->evptype == evp_rijndael) {
+                if (c->evptype == evp_rijndael)
-                        struct ssh_rijndael_ctx *aesc;
+                        ssh_rijndael_iv(&cc->evp, 0, iv, len);
+                else
-                        aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
-                        if (aesc == NULL)
-                                fatal("%s: no rijndael context", __func__);
-                        civ = aesc->r_iv;
-                } else
 #endif
-                {
+                        memcpy(iv, cc->evp.iv, len);
-                        civ = cc->evp.iv;
+                break;
-                }
+        case SSH_CIPHER_3DES:
+                ssh1_3des_iv(&cc->evp, 0, iv, 24);
                break;
-        case SSH_CIPHER_3DES: {
-                struct ssh1_3des_ctx *desc;
-                if (len != 24)
-                        fatal("%s: bad 3des iv length: %d", __func__, len);
-                desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
-                if (desc == NULL)
-                        fatal("%s: no 3des context", __func__);
-                debug3("%s: Copying 3DES IV", __func__);
-                memcpy(iv, desc->k1.iv, 8);
-                memcpy(iv + 8, desc->k2.iv, 8);
-                memcpy(iv + 16, desc->k3.iv, 8);
-                return;
-        }
        default:
                fatal("%s: bad cipher %d", __func__, c->number);
        }
-        memcpy(iv, civ, len);
 }
 void
 cipher_set_keyiv(CipherContext *cc, u_char *iv)
 {
        Cipher *c = cc->cipher;
-        u_char *div = NULL;
        int evplen = 0;
        switch (c->number) {
@@ -672,36 +686,19 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
                evplen = EVP_CIPHER_CTX_iv_length(&cc->evp);
                if (evplen == 0)
                        return;
 #if OPENSSL_VERSION_NUMBER < 0x00907000L
-                if (c->evptype == evp_rijndael) {
+                if (c->evptype == evp_rijndael)
-                        struct ssh_rijndael_ctx *aesc;
+                        ssh_rijndael_iv(&cc->evp, 1, iv, evplen);
+                else
-                        aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
-                        if (aesc == NULL)
-                                fatal("%s: no rijndael context", __func__);
-                        div = aesc->r_iv;
-                } else
 #endif
-                {
+                        memcpy(cc->evp.iv, iv, evplen);
-                        div = cc->evp.iv;
+                break;
-                }
+        case SSH_CIPHER_3DES:
+                ssh1_3des_iv(&cc->evp, 1, iv, 24);
                break;
-        case SSH_CIPHER_3DES: {
-                struct ssh1_3des_ctx *desc;
-                desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
-                if (desc == NULL)
-                        fatal("%s: no 3des context", __func__);
-                debug3("%s: Installed 3DES IV", __func__);
-                memcpy(desc->k1.iv, iv, 8);
-                memcpy(desc->k2.iv, iv + 8, 8);
-                memcpy(desc->k3.iv, iv + 16, 8);
-                return;
-        }
        default:
                fatal("%s: bad cipher %d", __func__, c->number);
        }
-        memcpy(div, iv, evplen);
 }
 #if OPENSSL_VERSION_NUMBER < 0x00907000L
author	Damien Miller <djm@mindrot.org>	2003-05-14 13:41:23 +1000
committer	Damien Miller <djm@mindrot.org>	2003-05-14 13:41:23 +1000
commit	a201bb3f8a55fed2e75a3d6cfcaf3721497c15f3 (patch)
tree	5e37b6ad6bc773f5e597e941cc98335cbcfffbb1 /cipher.c
parent	c652cac5f75590a4df536fb69713ba506082f5f4 (diff)

diff --git a/cipher.c b/cipher.c index b5d38747e..b6637b645 100644 --- a/cipher.c +++ b/cipher.c
@@ -35,7 +35,7 @@
35	*/	35	*/
36		36
37	#include "includes.h"	37	#include "includes.h"
38	RCSID("$OpenBSD: cipher.c,v 1.62 2002/11/21 22:45:31 markus Exp $");	38	RCSID("$OpenBSD: cipher.c,v 1.63 2003/04/12 10:13:57 markus Exp $");
39		39
40	#include "xmalloc.h"	40	#include "xmalloc.h"
41	#include "log.h"	41	#include "log.h"
@@ -395,6 +395,28 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx)
395	return (1);	395	return (1);
396	}	396	}
397		397
		398	static void
		399	ssh1_3des_iv(EVP_CIPHER_CTX evp, int doset, u_char iv, int len)
		400	{
		401	struct ssh1_3des_ctx *c;
		402
		403	if (len != 24)
		404	fatal("%s: bad 3des iv length: %d", __func__, len);
		405	if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL)
		406	fatal("%s: no 3des context", __func__);
		407	if (doset) {
		408	debug3("%s: Installed 3DES IV", __func__);
		409	memcpy(c->k1.iv, iv, 8);
		410	memcpy(c->k2.iv, iv + 8, 8);
		411	memcpy(c->k3.iv, iv + 16, 8);
		412	} else {
		413	debug3("%s: Copying 3DES IV", __func__);
		414	memcpy(iv, c->k1.iv, 8);
		415	memcpy(iv + 8, c->k2.iv, 8);
		416	memcpy(iv + 16, c->k3.iv, 8);
		417	}
		418	}
		419
398	static const EVP_CIPHER *	420	static const EVP_CIPHER *
399	evp_ssh1_3des(void)	421	evp_ssh1_3des(void)
400	{	422	{
@@ -567,6 +589,19 @@ ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx)
567	return (1);	589	return (1);
568	}	590	}
569		591
		592	static void
		593	ssh_rijndael_iv(EVP_CIPHER_CTX evp, int doset, u_char iv, u_int len)
		594	{
		595	struct ssh_rijndael_ctx *c;
		596
		597	if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL)
		598	fatal("ssh_rijndael_iv: no context");
		599	if (doset)
		600	memcpy(c->r_iv, iv, len);
		601	else
		602	memcpy(iv, c->r_iv, len);
		603	}
		604
570	static const EVP_CIPHER *	605	static const EVP_CIPHER *
571	evp_rijndael(void)	606	evp_rijndael(void)
572	{	607	{
@@ -611,7 +646,6 @@ void
611	cipher_get_keyiv(CipherContext cc, u_char iv, u_int len)	646	cipher_get_keyiv(CipherContext cc, u_char iv, u_int len)
612	{	647	{
613	Cipher *c = cc->cipher;	648	Cipher *c = cc->cipher;
614	u_char *civ = NULL;
615	int evplen;	649	int evplen;
616		650
617	switch (c->number) {	651	switch (c->number) {
@@ -624,45 +658,25 @@ cipher_get_keyiv(CipherContext cc, u_char iv, u_int len)
624	if (evplen != len)	658	if (evplen != len)
625	fatal("%s: wrong iv length %d != %d", __func__,	659	fatal("%s: wrong iv length %d != %d", __func__,
626	evplen, len);	660	evplen, len);
627
628	#if OPENSSL_VERSION_NUMBER < 0x00907000L	661	#if OPENSSL_VERSION_NUMBER < 0x00907000L
629	if (c->evptype == evp_rijndael) {	662	if (c->evptype == evp_rijndael)
630	struct ssh_rijndael_ctx *aesc;	663	ssh_rijndael_iv(&cc->evp, 0, iv, len);
631		664	else
632	aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
633	if (aesc == NULL)
634	fatal("%s: no rijndael context", __func__);
635	civ = aesc->r_iv;
636	} else
637	#endif	665	#endif
638	{	666	memcpy(iv, cc->evp.iv, len);
639	civ = cc->evp.iv;	667	break;
640	}	668	case SSH_CIPHER_3DES:
		669	ssh1_3des_iv(&cc->evp, 0, iv, 24);
641	break;	670	break;
642	case SSH_CIPHER_3DES: {
643	struct ssh1_3des_ctx *desc;
644	if (len != 24)
645	fatal("%s: bad 3des iv length: %d", __func__, len);
646	desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
647	if (desc == NULL)
648	fatal("%s: no 3des context", __func__);
649	debug3("%s: Copying 3DES IV", __func__);
650	memcpy(iv, desc->k1.iv, 8);
651	memcpy(iv + 8, desc->k2.iv, 8);
652	memcpy(iv + 16, desc->k3.iv, 8);
653	return;
654	}
655	default:	671	default:
656	fatal("%s: bad cipher %d", __func__, c->number);	672	fatal("%s: bad cipher %d", __func__, c->number);
657	}	673	}
658	memcpy(iv, civ, len);
659	}	674	}
660		675
661	void	676	void
662	cipher_set_keyiv(CipherContext cc, u_char iv)	677	cipher_set_keyiv(CipherContext cc, u_char iv)
663	{	678	{
664	Cipher *c = cc->cipher;	679	Cipher *c = cc->cipher;
665	u_char *div = NULL;
666	int evplen = 0;	680	int evplen = 0;
667		681
668	switch (c->number) {	682	switch (c->number) {
@@ -672,36 +686,19 @@ cipher_set_keyiv(CipherContext cc, u_char iv)
672	evplen = EVP_CIPHER_CTX_iv_length(&cc->evp);	686	evplen = EVP_CIPHER_CTX_iv_length(&cc->evp);
673	if (evplen == 0)	687	if (evplen == 0)
674	return;	688	return;
675
676	#if OPENSSL_VERSION_NUMBER < 0x00907000L	689	#if OPENSSL_VERSION_NUMBER < 0x00907000L
677	if (c->evptype == evp_rijndael) {	690	if (c->evptype == evp_rijndael)
678	struct ssh_rijndael_ctx *aesc;	691	ssh_rijndael_iv(&cc->evp, 1, iv, evplen);
679		692	else
680	aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
681	if (aesc == NULL)
682	fatal("%s: no rijndael context", __func__);
683	div = aesc->r_iv;
684	} else
685	#endif	693	#endif
686	{	694	memcpy(cc->evp.iv, iv, evplen);
687	div = cc->evp.iv;	695	break;
688	}	696	case SSH_CIPHER_3DES:
		697	ssh1_3des_iv(&cc->evp, 1, iv, 24);
689	break;	698	break;
690	case SSH_CIPHER_3DES: {
691	struct ssh1_3des_ctx *desc;
692	desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
693	if (desc == NULL)
694	fatal("%s: no 3des context", __func__);
695	debug3("%s: Installed 3DES IV", __func__);
696	memcpy(desc->k1.iv, iv, 8);
697	memcpy(desc->k2.iv, iv + 8, 8);
698	memcpy(desc->k3.iv, iv + 16, 8);
699	return;
700	}
701	default:	699	default:
702	fatal("%s: bad cipher %d", __func__, c->number);	700	fatal("%s: bad cipher %d", __func__, c->number);
703	}	701	}
704	memcpy(div, iv, evplen);
705	}	702	}
706		703
707	#if OPENSSL_VERSION_NUMBER < 0x00907000L	704	#if OPENSSL_VERSION_NUMBER < 0x00907000L