crypt: use hard-wired cipher block sizes consistently
Этот коммит содержится в:
Kamil Dudka
родитель
bfbb5a4dc7
Коммит
5d567faecc
@ -96,11 +96,12 @@ crypt_init(LIBSSH2_SESSION * session,
|
||||
|
||||
static int
|
||||
crypt_encrypt(LIBSSH2_SESSION * session, unsigned char *block,
|
||||
void **abstract)
|
||||
size_t blocksize, void **abstract)
|
||||
{
|
||||
struct crypt_ctx *cctx = *(struct crypt_ctx **) abstract;
|
||||
(void) session;
|
||||
return _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block);
|
||||
return _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block,
|
||||
blocksize);
|
||||
}
|
||||
|
||||
static int
|
||||
@ -248,7 +249,8 @@ crypt_init_arcfour128(LIBSSH2_SESSION * session,
|
||||
unsigned char block[8];
|
||||
size_t discard = 1536;
|
||||
for (; discard; discard -= 8)
|
||||
_libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block);
|
||||
_libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block,
|
||||
method->blocksize);
|
||||
}
|
||||
|
||||
return rc;
|
||||
|
||||
@ -103,7 +103,7 @@ int _libssh2_cipher_init(_libssh2_cipher_ctx * h,
|
||||
|
||||
int _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
|
||||
_libssh2_cipher_type(algo),
|
||||
int encrypt, unsigned char *block);
|
||||
int encrypt, unsigned char *block, size_t blocksize);
|
||||
|
||||
int _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
|
||||
unsigned char **method,
|
||||
|
||||
@ -553,17 +553,11 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
|
||||
int
|
||||
_libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
|
||||
_libssh2_cipher_type(algo),
|
||||
int encrypt, unsigned char *block)
|
||||
int encrypt, unsigned char *block, size_t blklen)
|
||||
{
|
||||
int cipher = _libssh2_gcry_cipher (algo);
|
||||
size_t blklen = gcry_cipher_get_algo_blklen(cipher);
|
||||
int ret;
|
||||
|
||||
if (blklen == 1) {
|
||||
/* Hack for arcfour. */
|
||||
blklen = 8;
|
||||
}
|
||||
|
||||
if (encrypt) {
|
||||
ret = gcry_cipher_encrypt(*ctx, block, blklen, block, blklen);
|
||||
} else {
|
||||
|
||||
@ -883,7 +883,7 @@ struct _LIBSSH2_CRYPT_METHOD
|
||||
int *free_iv, unsigned char *secret, int *free_secret,
|
||||
int encrypt, void **abstract);
|
||||
int (*crypt) (LIBSSH2_SESSION * session, unsigned char *block,
|
||||
void **abstract);
|
||||
size_t blocksize, void **abstract);
|
||||
int (*dtor) (LIBSSH2_SESSION * session, void **abstract);
|
||||
|
||||
_libssh2_cipher_type(algo);
|
||||
|
||||
@ -181,18 +181,13 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
|
||||
int
|
||||
_libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
|
||||
_libssh2_cipher_type(algo),
|
||||
int encrypt, unsigned char *block)
|
||||
int encrypt, unsigned char *block, size_t blocksize)
|
||||
{
|
||||
int blocksize = ctx->cipher->block_size;
|
||||
unsigned char buf[EVP_MAX_BLOCK_LENGTH];
|
||||
int ret;
|
||||
(void) algo;
|
||||
(void) encrypt;
|
||||
|
||||
if (blocksize == 1) {
|
||||
/* Hack for arcfour. */
|
||||
blocksize = 8;
|
||||
}
|
||||
ret = EVP_Cipher(ctx, buf, block, blocksize);
|
||||
if (ret == 1) {
|
||||
memcpy(block, buf, blocksize);
|
||||
|
||||
@ -139,7 +139,7 @@ decrypt(LIBSSH2_SESSION * session, unsigned char *source,
|
||||
assert((len % blocksize) == 0);
|
||||
|
||||
while (len >= blocksize) {
|
||||
if (session->remote.crypt->crypt(session, source,
|
||||
if (session->remote.crypt->crypt(session, source, blocksize,
|
||||
&session->remote.crypt_abstract)) {
|
||||
LIBSSH2_FREE(session, p->payload);
|
||||
return LIBSSH2_ERROR_DECRYPT;
|
||||
@ -846,6 +846,7 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
|
||||
for(i = 0; i < packet_length; i += session->local.crypt->blocksize) {
|
||||
unsigned char *ptr = &p->outbuf[i];
|
||||
if (session->local.crypt->crypt(session, ptr,
|
||||
session->local.crypt->blocksize,
|
||||
&session->local.crypt_abstract))
|
||||
return LIBSSH2_ERROR_ENCRYPT; /* encryption failure */
|
||||
}
|
||||
|
||||
Загрузка…
x
Ссылка в новой задаче
Block a user