shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 09:54:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

libcrypto: Use a pointer for EVP_CIPHER_CTX

Browse Source 
This has been made opaque and it needs to be a pointer.

This is for OpenSSL 1.1.0 support.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2016-11-05 16:54:02 +01:00
committed by Andreas Schneider
parent 607c671f67
commit 5d2e9ee66e
3 changed files with 18 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/libssh/crypto.h
View File

@@ -130,7 +130,7 @@ struct ssh_cipher_struct {
struct ssh_3des_key_schedule *des3_key; struct ssh_3des_key_schedule *des3_key;
struct ssh_aes_key_schedule *aes_key; struct ssh_aes_key_schedule *aes_key;
const EVP_CIPHER *cipher; const EVP_CIPHER *cipher;
EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX *ctx;
#endif #endif
unsigned int keysize; /* bytes of key used. != keylen */ unsigned int keysize; /* bytes of key used. != keylen */
/* sets the new key for immediate use */ /* sets the new key for immediate use */

23
src/libcrypto.c
View File

@@ -43,6 +43,7 @@
#include <openssl/hmac.h> #include <openssl/hmac.h>
#include <openssl/opensslv.h> #include <openssl/opensslv.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#include "libcrypto-compat.h"
#ifdef HAVE_OPENSSL_AES_H #ifdef HAVE_OPENSSL_AES_H
#define HAS_AES #define HAS_AES
@@ -430,6 +431,10 @@ void hmac_final(HMACCTX ctx, unsigned char *hashmacbuf, unsigned int *len) {
} }
static void evp_cipher_init(struct ssh_cipher_struct *cipher) { static void evp_cipher_init(struct ssh_cipher_struct *cipher) {
if (cipher->ctx == NULL) {
cipher->ctx = EVP_CIPHER_CTX_new();
}
switch(cipher->ciphertype){ switch(cipher->ciphertype){
case SSH_AES128_CBC: case SSH_AES128_CBC:
cipher->cipher = EVP_aes_128_cbc(); cipher->cipher = EVP_aes_128_cbc();
@@ -480,14 +485,14 @@ static int evp_cipher_set_encrypt_key(struct ssh_cipher_struct *cipher,
int rc; int rc;
evp_cipher_init(cipher); evp_cipher_init(cipher);
EVP_CIPHER_CTX_init(&cipher->ctx); EVP_CIPHER_CTX_init(cipher->ctx);
rc = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, key, IV); rc = EVP_EncryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV);
if (rc != 1){ if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptInit_ex failed"); SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptInit_ex failed");
return SSH_ERROR; return SSH_ERROR;
} }
EVP_CIPHER_CTX_set_padding(&cipher->ctx, 0); EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
return SSH_OK; return SSH_OK;
} }
@@ -497,14 +502,14 @@ static int evp_cipher_set_decrypt_key(struct ssh_cipher_struct *cipher,
int rc; int rc;
evp_cipher_init(cipher); evp_cipher_init(cipher);
EVP_CIPHER_CTX_init(&cipher->ctx); EVP_CIPHER_CTX_init(cipher->ctx);
rc = EVP_DecryptInit_ex(&cipher->ctx, cipher->cipher, NULL, key, IV); rc = EVP_DecryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV);
if (rc != 1){ if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptInit_ex failed"); SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptInit_ex failed");
return SSH_ERROR; return SSH_ERROR;
} }
EVP_CIPHER_CTX_set_padding(&cipher->ctx, 0); EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
return SSH_OK; return SSH_OK;
} }
@@ -517,7 +522,7 @@ static void evp_cipher_encrypt(struct ssh_cipher_struct *cipher,
int outlen = 0; int outlen = 0;
int rc = 0; int rc = 0;
rc = EVP_EncryptUpdate(&cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len); rc = EVP_EncryptUpdate(cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
if (rc != 1){ if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptUpdate failed"); SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptUpdate failed");
return; return;
@@ -535,7 +540,7 @@ static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher,
int outlen = 0; int outlen = 0;
int rc = 0; int rc = 0;
rc = EVP_DecryptUpdate(&cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len); rc = EVP_DecryptUpdate(cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
if (rc != 1){ if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptUpdate failed"); SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptUpdate failed");
return; return;
@@ -547,7 +552,7 @@ static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher,
} }
static void evp_cipher_cleanup(struct ssh_cipher_struct *cipher) { static void evp_cipher_cleanup(struct ssh_cipher_struct *cipher) {
EVP_CIPHER_CTX_cleanup(&cipher->ctx); EVP_CIPHER_CTX_cleanup(cipher->ctx);
} }
#ifndef HAVE_OPENSSL_EVP_AES_CTR #ifndef HAVE_OPENSSL_EVP_AES_CTR

3
src/wrapper.c
View File

@@ -123,6 +123,9 @@ void ssh_cipher_clear(struct ssh_cipher_struct *cipher){
if (cipher->cleanup != NULL){ if (cipher->cleanup != NULL){
cipher->cleanup(cipher); cipher->cleanup(cipher);
} }
#ifdef HAVE_LIBCRYPTO
EVP_CIPHER_CTX_free(cipher->ctx);
#endif
} }
static void cipher_free(struct ssh_cipher_struct *cipher) { static void cipher_free(struct ssh_cipher_struct *cipher) {