summaryrefslogtreecommitdiff
path: root/cipher-3des1.c
diff options
context:
space:
mode:
Diffstat (limited to 'cipher-3des1.c')
-rw-r--r--cipher-3des1.c57
1 files changed, 19 insertions, 38 deletions
diff --git a/cipher-3des1.c b/cipher-3des1.c
index b2823592b4550..2753f9a0e1472 100644
--- a/cipher-3des1.c
+++ b/cipher-3des1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher-3des1.c,v 1.10 2014/02/02 03:44:31 djm Exp $ */
+/* $OpenBSD: cipher-3des1.c,v 1.11 2014/07/02 04:59:06 djm Exp $ */
/*
* Copyright (c) 2003 Markus Friedl. All rights reserved.
*
@@ -29,13 +29,11 @@
#include <openssl/evp.h>
-#include <stdarg.h>
#include <string.h>
#include "xmalloc.h"
#include "log.h"
-
-#include "openbsd-compat/openssl-compat.h"
+#include "ssherr.h"
/*
* This is used by SSH1:
@@ -57,7 +55,7 @@ struct ssh1_3des_ctx
};
const EVP_CIPHER * evp_ssh1_3des(void);
-void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
+int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
static int
ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
@@ -67,11 +65,12 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
u_char *k1, *k2, *k3;
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {
- c = xcalloc(1, sizeof(*c));
+ if ((c = calloc(1, sizeof(*c))) == NULL)
+ return 0;
EVP_CIPHER_CTX_set_app_data(ctx, c);
}
if (key == NULL)
- return (1);
+ return 1;
if (enc == -1)
enc = ctx->encrypt;
k1 = k2 = k3 = (u_char *) key;
@@ -85,44 +84,29 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
EVP_CIPHER_CTX_init(&c->k1);
EVP_CIPHER_CTX_init(&c->k2);
EVP_CIPHER_CTX_init(&c->k3);
-#ifdef SSH_OLD_EVP
- EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc);
- EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc);
- EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc);
-#else
if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||
EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||
EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {
explicit_bzero(c, sizeof(*c));
free(c);
EVP_CIPHER_CTX_set_app_data(ctx, NULL);
- return (0);
+ return 0;
}
-#endif
- return (1);
+ return 1;
}
static int
-ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src,
- LIBCRYPTO_EVP_INL_TYPE len)
+ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, size_t len)
{
struct ssh1_3des_ctx *c;
- if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {
- error("ssh1_3des_cbc: no context");
- return (0);
- }
-#ifdef SSH_OLD_EVP
- EVP_Cipher(&c->k1, dest, (u_char *)src, len);
- EVP_Cipher(&c->k2, dest, dest, len);
- EVP_Cipher(&c->k3, dest, dest, len);
-#else
+ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL)
+ return 0;
if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 ||
EVP_Cipher(&c->k2, dest, dest, len) == 0 ||
EVP_Cipher(&c->k3, dest, dest, len) == 0)
- return (0);
-#endif
- return (1);
+ return 0;
+ return 1;
}
static int
@@ -138,29 +122,28 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx)
free(c);
EVP_CIPHER_CTX_set_app_data(ctx, NULL);
}
- return (1);
+ return 1;
}
-void
+int
ssh1_3des_iv(EVP_CIPHER_CTX *evp, int doset, u_char *iv, int len)
{
struct ssh1_3des_ctx *c;
if (len != 24)
- fatal("%s: bad 3des iv length: %d", __func__, len);
+ return SSH_ERR_INVALID_ARGUMENT;
if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL)
- fatal("%s: no 3des context", __func__);
+ return SSH_ERR_INTERNAL_ERROR;
if (doset) {
- debug3("%s: Installed 3DES IV", __func__);
memcpy(c->k1.iv, iv, 8);
memcpy(c->k2.iv, iv + 8, 8);
memcpy(c->k3.iv, iv + 16, 8);
} else {
- debug3("%s: Copying 3DES IV", __func__);
memcpy(iv, c->k1.iv, 8);
memcpy(iv + 8, c->k2.iv, 8);
memcpy(iv + 16, c->k3.iv, 8);
}
+ return 0;
}
const EVP_CIPHER *
@@ -176,8 +159,6 @@ evp_ssh1_3des(void)
ssh1_3des.init = ssh1_3des_init;
ssh1_3des.cleanup = ssh1_3des_cleanup;
ssh1_3des.do_cipher = ssh1_3des_cbc;
-#ifndef SSH_OLD_EVP
ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH;
-#endif
- return (&ssh1_3des);
+ return &ssh1_3des;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-12 17:16:28 +0000