diff options
| author |   djm <djm@openbsd.org> | 2016-08-03 05:41:57 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2016-08-03 05:41:57 +0000 |
| commit | 32a036ab72850c918d7aa521e7844be59c6a3b4a (patch) | |
| tree | d17afd0c858172c581b8428e455b47f58ba834ce /usr.bin/ssh/sshkey.c | |
| parent | Fix bug introduced in rev 1.467 which causes "buffer_get_bignum_ret: (diff) | |
| download | wireguard-openbsd-32a036ab72850c918d7aa521e7844be59c6a3b4a.tar.xz wireguard-openbsd-32a036ab72850c918d7aa521e7844be59c6a3b4a.zip | |
small refactor of cipher.c: make ciphercontext opaque to callers
feedback and ok markus@
Diffstat (limited to 'usr.bin/ssh/sshkey.c')
| -rw-r--r-- | usr.bin/ssh/sshkey.c | 37 |
1 files changed, 14 insertions, 23 deletions
diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c index 2c97cf23499..f570afb8b3e 100644 --- a/usr.bin/ssh/sshkey.c +++ b/usr.bin/ssh/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.35 2016/06/19 07:48:02 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.36 2016/08/03 05:41:57 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -2979,13 +2979,11 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, size_t i, pubkeylen, keylen, ivlen, blocksize, authlen; u_int check; int r = SSH_ERR_INTERNAL_ERROR; - struct sshcipher_ctx ciphercontext; + struct sshcipher_ctx *ciphercontext = NULL; const struct sshcipher *cipher; const char *kdfname = KDFNAME; struct sshbuf *encoded = NULL, *encrypted = NULL, *kdf = NULL; - memset(&ciphercontext, 0, sizeof(ciphercontext)); - if (rounds <= 0) rounds = DEFAULT_ROUNDS; if (passphrase == NULL || !strlen(passphrase)) { @@ -3072,7 +3070,7 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, if ((r = sshbuf_reserve(encoded, sshbuf_len(encrypted) + authlen, &cp)) != 0) goto out; - if ((r = cipher_crypt(&ciphercontext, 0, cp, + if ((r = cipher_crypt(ciphercontext, 0, cp, sshbuf_ptr(encrypted), sshbuf_len(encrypted), 0, authlen)) != 0) goto out; @@ -3104,7 +3102,7 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, sshbuf_free(kdf); sshbuf_free(encoded); sshbuf_free(encrypted); - cipher_cleanup(&ciphercontext); + cipher_free(ciphercontext); explicit_bzero(salt, sizeof(salt)); if (key != NULL) { explicit_bzero(key, keylen + ivlen); @@ -3133,12 +3131,11 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, size_t i, keylen = 0, ivlen = 0, authlen = 0, slen = 0; struct sshbuf *encoded = NULL, *decoded = NULL; struct sshbuf *kdf = NULL, *decrypted = NULL; - struct sshcipher_ctx ciphercontext; + struct sshcipher_ctx *ciphercontext = NULL; struct sshkey *k = NULL; u_char *key = NULL, *salt = NULL, *dp, pad, last; u_int blocksize, rounds, nkeys, encrypted_len, check1, check2; - memset(&ciphercontext, 0, sizeof(ciphercontext)); if (keyp != NULL) *keyp = NULL; if (commentp != NULL) @@ -3267,7 +3264,7 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, (r = cipher_init(&ciphercontext, cipher, key, keylen, key + keylen, ivlen, 0)) != 0) goto out; - if ((r = cipher_crypt(&ciphercontext, 0, dp, sshbuf_ptr(decoded), + if ((r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(decoded), encrypted_len, 0, authlen)) != 0) { /* an integrity error here indicates an incorrect passphrase */ if (r == SSH_ERR_MAC_INVALID) @@ -3321,7 +3318,7 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, } out: pad = 0; - cipher_cleanup(&ciphercontext); + cipher_free(ciphercontext); free(ciphername); free(kdfname); free(comment); @@ -3355,7 +3352,7 @@ sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob, struct sshbuf *buffer = NULL, *encrypted = NULL; u_char buf[8]; int r, cipher_num; - struct sshcipher_ctx ciphercontext; + struct sshcipher_ctx *ciphercontext = NULL; const struct sshcipher *cipher; u_char *cp; @@ -3425,16 +3422,14 @@ sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob, if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, CIPHER_ENCRYPT)) != 0) goto out; - if ((r = cipher_crypt(&ciphercontext, 0, cp, + if ((r = cipher_crypt(ciphercontext, 0, cp, sshbuf_ptr(buffer), sshbuf_len(buffer), 0, 0)) != 0) goto out; - if ((r = cipher_cleanup(&ciphercontext)) != 0) - goto out; r = sshbuf_putb(blob, encrypted); out: - explicit_bzero(&ciphercontext, sizeof(ciphercontext)); + cipher_free(ciphercontext); explicit_bzero(buf, sizeof(buf)); sshbuf_free(buffer); sshbuf_free(encrypted); @@ -3598,7 +3593,7 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, struct sshbuf *decrypted = NULL, *copy = NULL; u_char *cp; char *comment = NULL; - struct sshcipher_ctx ciphercontext; + struct sshcipher_ctx *ciphercontext = NULL; const struct sshcipher *cipher; struct sshkey *prv = NULL; @@ -3656,12 +3651,8 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, CIPHER_DECRYPT)) != 0) goto out; - if ((r = cipher_crypt(&ciphercontext, 0, cp, - sshbuf_ptr(copy), sshbuf_len(copy), 0, 0)) != 0) { - cipher_cleanup(&ciphercontext); - goto out; - } - if ((r = cipher_cleanup(&ciphercontext)) != 0) + if ((r = cipher_crypt(ciphercontext, 0, cp, + sshbuf_ptr(copy), sshbuf_len(copy), 0, 0)) != 0) goto out; if ((r = sshbuf_get_u16(decrypted, &check1)) != 0 || @@ -3698,7 +3689,7 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, comment = NULL; } out: - explicit_bzero(&ciphercontext, sizeof(ciphercontext)); + cipher_free(ciphercontext); free(comment); sshkey_free(prv); sshbuf_free(copy); |