libcrypto: refactor EVP_(de|en)crypt
Этот коммит содержится в:
Aris Adamantiadis
родитель
73d8c919b7
Коммит
3c333aa9b4
109
src/libcrypto.c
109
src/libcrypto.c
@ -458,35 +458,38 @@ static void EVP_encrypt(struct ssh_cipher_struct *cipher,
|
|||||||
EVP_CIPHER_CTX_init(&ctx);
|
EVP_CIPHER_CTX_init(&ctx);
|
||||||
|
|
||||||
rc = EVP_EncryptInit_ex(&ctx, evpCipher, NULL, (unsigned char*)cipher->key, cipher->IV);
|
rc = EVP_EncryptInit_ex(&ctx, evpCipher, NULL, (unsigned char*)cipher->key, cipher->IV);
|
||||||
if (rc == 1) {
|
if (rc != 1){
|
||||||
EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptInit_ex failed");
|
||||||
|
goto cleanup;
|
||||||
rc = EVP_EncryptUpdate(&ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
|
|
||||||
if(rc == 1) {
|
|
||||||
datalen += outlen;
|
|
||||||
|
|
||||||
rc = EVP_EncryptFinal_ex(&ctx, (unsigned char *)out + outlen, &outlenfinal);
|
|
||||||
if(rc == 1) {
|
|
||||||
datalen += outlenfinal;
|
|
||||||
|
|
||||||
/* Get size of source buffer from ctx object */
|
|
||||||
ctxIvLen = EVP_CIPHER_CTX_iv_length(&ctx);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Copy updated IV from ctx to ssh struct
|
|
||||||
* There is no access to the post encrypt/decrypt updated iv
|
|
||||||
* from openssl via an API so I'm just accessing it directly.
|
|
||||||
*/
|
|
||||||
memcpy(cipher->IV, ctx.iv, ctxIvLen);
|
|
||||||
} else {
|
|
||||||
printf("EVP_EncryptFinal_ex failed\n");
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
printf("EVP_EncryptUpdate failed\n");
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
printf("EVP_EncryptInit_ex failed\n");
|
|
||||||
}
|
}
|
||||||
|
EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
||||||
|
|
||||||
|
rc = EVP_EncryptUpdate(&ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
|
||||||
|
if (rc != 1){
|
||||||
|
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptUpdate failed");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
datalen += outlen;
|
||||||
|
|
||||||
|
rc = EVP_EncryptFinal_ex(&ctx, (unsigned char *)out + outlen, &outlenfinal);
|
||||||
|
if (rc != 1){
|
||||||
|
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptFinal_ex failed");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
datalen += outlenfinal;
|
||||||
|
|
||||||
|
ctxIvLen = EVP_CIPHER_CTX_iv_length(&ctx);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Copy updated IV from ctx to ssh struct
|
||||||
|
* There is no access to the post encrypt/decrypt updated iv
|
||||||
|
* from openssl via an API so we access it directly.
|
||||||
|
*/
|
||||||
|
if (ctxIvLen > 0){
|
||||||
|
memcpy(cipher->IV, ctx.iv, ctxIvLen);
|
||||||
|
}
|
||||||
|
|
||||||
|
cleanup:
|
||||||
/* Cleanup */
|
/* Cleanup */
|
||||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||||
}
|
}
|
||||||
@ -507,36 +510,38 @@ static void EVP_decrypt(struct ssh_cipher_struct *cipher,
|
|||||||
EVP_CIPHER_CTX_init(&ctx);
|
EVP_CIPHER_CTX_init(&ctx);
|
||||||
|
|
||||||
rc = EVP_DecryptInit_ex(&ctx, evpCipher, NULL, (unsigned char*)cipher->key, cipher->IV);
|
rc = EVP_DecryptInit_ex(&ctx, evpCipher, NULL, (unsigned char*)cipher->key, cipher->IV);
|
||||||
if (rc == 1) {
|
if (rc != 1){
|
||||||
EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptInit_ex failed");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
||||||
|
|
||||||
rc = EVP_DecryptUpdate(&ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
|
rc = EVP_DecryptUpdate(&ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
|
||||||
if (rc == 1) {
|
if (rc != 1){
|
||||||
datalen += outlen;
|
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptUpdate failed");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
datalen += outlen;
|
||||||
|
|
||||||
rc = EVP_DecryptFinal_ex(&ctx, (unsigned char *)out + outlen, &outlenfinal);
|
rc = EVP_DecryptFinal_ex(&ctx, (unsigned char *)out + outlen, &outlenfinal);
|
||||||
if (rc == 1) {
|
if (rc != 1){
|
||||||
datalen += outlenfinal;
|
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptFinal_ex failed");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
datalen += outlenfinal;
|
||||||
|
|
||||||
/* Get size of source buffer from ctx object */
|
ctxIvLen = EVP_CIPHER_CTX_iv_length(&ctx);
|
||||||
ctxIvLen = EVP_CIPHER_CTX_iv_length(&ctx);
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copy updated IV from ctx to ssh struct
|
* Copy updated IV from ctx to ssh struct
|
||||||
* There is no access to the post encrypt/decrypt updated iv
|
* There is no access to the post encrypt/decrypt updated iv
|
||||||
* from openssl via an API so I'm just accessing it directly.
|
* from openssl via an API so we access it directly.
|
||||||
*/
|
*/
|
||||||
memcpy(cipher->IV, ctx.iv, ctxIvLen);
|
if (ctxIvLen > 0){
|
||||||
} else {
|
memcpy(cipher->IV, ctx.iv, ctxIvLen);
|
||||||
printf("EVP_DecryptFinal_ex failed\n");
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
printf("EVP_DecryptUpdate failed\n");
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
printf("EVP_DecryptInit_ex failed\n");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
cleanup:
|
||||||
/* Cleanup */
|
/* Cleanup */
|
||||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||||
}
|
}
|
||||||
|
|||||||
Загрузка…
x
Ссылка в новой задаче
Block a user