diff options
Diffstat (limited to 'cipher.c')
-rw-r--r-- | cipher.c | 26 |
1 files changed, 13 insertions, 13 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher.c,v 1.114 2020/01/23 10:24:29 dtucker Exp $ */ | 1 | /* $OpenBSD: cipher.c,v 1.117 2020/04/03 04:27:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -59,7 +59,7 @@ struct sshcipher_ctx { | |||
59 | int plaintext; | 59 | int plaintext; |
60 | int encrypt; | 60 | int encrypt; |
61 | EVP_CIPHER_CTX *evp; | 61 | EVP_CIPHER_CTX *evp; |
62 | struct chachapoly_ctx cp_ctx; /* XXX union with evp? */ | 62 | struct chachapoly_ctx *cp_ctx; |
63 | struct aesctr_ctx ac_ctx; /* XXX union with evp? */ | 63 | struct aesctr_ctx ac_ctx; /* XXX union with evp? */ |
64 | const struct sshcipher *cipher; | 64 | const struct sshcipher *cipher; |
65 | }; | 65 | }; |
@@ -273,7 +273,8 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, | |||
273 | 273 | ||
274 | cc->cipher = cipher; | 274 | cc->cipher = cipher; |
275 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { | 275 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { |
276 | ret = chachapoly_init(&cc->cp_ctx, key, keylen); | 276 | cc->cp_ctx = chachapoly_new(key, keylen); |
277 | ret = cc->cp_ctx != NULL ? 0 : SSH_ERR_INVALID_ARGUMENT; | ||
277 | goto out; | 278 | goto out; |
278 | } | 279 | } |
279 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { | 280 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { |
@@ -328,8 +329,7 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, | |||
328 | #ifdef WITH_OPENSSL | 329 | #ifdef WITH_OPENSSL |
329 | EVP_CIPHER_CTX_free(cc->evp); | 330 | EVP_CIPHER_CTX_free(cc->evp); |
330 | #endif /* WITH_OPENSSL */ | 331 | #endif /* WITH_OPENSSL */ |
331 | explicit_bzero(cc, sizeof(*cc)); | 332 | freezero(cc, sizeof(*cc)); |
332 | free(cc); | ||
333 | } | 333 | } |
334 | } | 334 | } |
335 | return ret; | 335 | return ret; |
@@ -338,7 +338,7 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, | |||
338 | /* | 338 | /* |
339 | * cipher_crypt() operates as following: | 339 | * cipher_crypt() operates as following: |
340 | * Copy 'aadlen' bytes (without en/decryption) from 'src' to 'dest'. | 340 | * Copy 'aadlen' bytes (without en/decryption) from 'src' to 'dest'. |
341 | * Theses bytes are treated as additional authenticated data for | 341 | * These bytes are treated as additional authenticated data for |
342 | * authenticated encryption modes. | 342 | * authenticated encryption modes. |
343 | * En/Decrypt 'len' bytes at offset 'aadlen' from 'src' to 'dest'. | 343 | * En/Decrypt 'len' bytes at offset 'aadlen' from 'src' to 'dest'. |
344 | * Use 'authlen' bytes at offset 'len'+'aadlen' as the authentication tag. | 344 | * Use 'authlen' bytes at offset 'len'+'aadlen' as the authentication tag. |
@@ -350,7 +350,7 @@ cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest, | |||
350 | const u_char *src, u_int len, u_int aadlen, u_int authlen) | 350 | const u_char *src, u_int len, u_int aadlen, u_int authlen) |
351 | { | 351 | { |
352 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { | 352 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { |
353 | return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src, | 353 | return chachapoly_crypt(cc->cp_ctx, seqnr, dest, src, |
354 | len, aadlen, authlen, cc->encrypt); | 354 | len, aadlen, authlen, cc->encrypt); |
355 | } | 355 | } |
356 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { | 356 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { |
@@ -413,7 +413,7 @@ cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr, | |||
413 | const u_char *cp, u_int len) | 413 | const u_char *cp, u_int len) |
414 | { | 414 | { |
415 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) | 415 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) |
416 | return chachapoly_get_length(&cc->cp_ctx, plenp, seqnr, | 416 | return chachapoly_get_length(cc->cp_ctx, plenp, seqnr, |
417 | cp, len); | 417 | cp, len); |
418 | if (len < 4) | 418 | if (len < 4) |
419 | return SSH_ERR_MESSAGE_INCOMPLETE; | 419 | return SSH_ERR_MESSAGE_INCOMPLETE; |
@@ -426,16 +426,16 @@ cipher_free(struct sshcipher_ctx *cc) | |||
426 | { | 426 | { |
427 | if (cc == NULL) | 427 | if (cc == NULL) |
428 | return; | 428 | return; |
429 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) | 429 | if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { |
430 | explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx)); | 430 | chachapoly_free(cc->cp_ctx); |
431 | else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) | 431 | cc->cp_ctx = NULL; |
432 | } else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) | ||
432 | explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx)); | 433 | explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx)); |
433 | #ifdef WITH_OPENSSL | 434 | #ifdef WITH_OPENSSL |
434 | EVP_CIPHER_CTX_free(cc->evp); | 435 | EVP_CIPHER_CTX_free(cc->evp); |
435 | cc->evp = NULL; | 436 | cc->evp = NULL; |
436 | #endif | 437 | #endif |
437 | explicit_bzero(cc, sizeof(*cc)); | 438 | freezero(cc, sizeof(*cc)); |
438 | free(cc); | ||
439 | } | 439 | } |
440 | 440 | ||
441 | /* | 441 | /* |