aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2016-11-05 16:54:02 +0100
committerAndreas Schneider <asn@cryptomilk.org>2016-11-07 11:46:47 +0100
commit5d2e9ee66efb6bae9941987cc09a98867ae9ba6d (patch)
tree3bd9711a38fff89c6d927af87f8b175936166b8c
parent607c671f67de2443e39ef571122c0c0e0d150e3a (diff)
downloadlibssh-5d2e9ee66efb6bae9941987cc09a98867ae9ba6d.tar.gz
libssh-5d2e9ee66efb6bae9941987cc09a98867ae9ba6d.tar.xz
libssh-5d2e9ee66efb6bae9941987cc09a98867ae9ba6d.zip
libcrypto: Use a pointer for EVP_CIPHER_CTX
This has been made opaque and it needs to be a pointer. This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--include/libssh/crypto.h2
-rw-r--r--src/libcrypto.c23
-rw-r--r--src/wrapper.c3
3 files changed, 18 insertions, 10 deletions
diff --git a/include/libssh/crypto.h b/include/libssh/crypto.h
index 102c8d7e..4c79c8ca 100644
--- a/include/libssh/crypto.h
+++ b/include/libssh/crypto.h
@@ -130,7 +130,7 @@ struct ssh_cipher_struct {
struct ssh_3des_key_schedule *des3_key;
struct ssh_aes_key_schedule *aes_key;
const EVP_CIPHER *cipher;
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
#endif
unsigned int keysize; /* bytes of key used. != keylen */
/* sets the new key for immediate use */
diff --git a/src/libcrypto.c b/src/libcrypto.c
index 622b4470..10956b6f 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -43,6 +43,7 @@
#include <openssl/hmac.h>
#include <openssl/opensslv.h>
#include <openssl/rand.h>
+#include "libcrypto-compat.h"
#ifdef HAVE_OPENSSL_AES_H
#define HAS_AES
@@ -430,6 +431,10 @@ void hmac_final(HMACCTX ctx, unsigned char *hashmacbuf, unsigned int *len) {
}
static void evp_cipher_init(struct ssh_cipher_struct *cipher) {
+ if (cipher->ctx == NULL) {
+ cipher->ctx = EVP_CIPHER_CTX_new();
+ }
+
switch(cipher->ciphertype){
case SSH_AES128_CBC:
cipher->cipher = EVP_aes_128_cbc();
@@ -480,14 +485,14 @@ static int evp_cipher_set_encrypt_key(struct ssh_cipher_struct *cipher,
int rc;
evp_cipher_init(cipher);
- EVP_CIPHER_CTX_init(&cipher->ctx);
+ EVP_CIPHER_CTX_init(cipher->ctx);
- rc = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, key, IV);
+ rc = EVP_EncryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV);
if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptInit_ex failed");
return SSH_ERROR;
}
- EVP_CIPHER_CTX_set_padding(&cipher->ctx, 0);
+ EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
return SSH_OK;
}
@@ -497,14 +502,14 @@ static int evp_cipher_set_decrypt_key(struct ssh_cipher_struct *cipher,
int rc;
evp_cipher_init(cipher);
- EVP_CIPHER_CTX_init(&cipher->ctx);
+ EVP_CIPHER_CTX_init(cipher->ctx);
- rc = EVP_DecryptInit_ex(&cipher->ctx, cipher->cipher, NULL, key, IV);
+ rc = EVP_DecryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV);
if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptInit_ex failed");
return SSH_ERROR;
}
- EVP_CIPHER_CTX_set_padding(&cipher->ctx, 0);
+ EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
return SSH_OK;
}
@@ -517,7 +522,7 @@ static void evp_cipher_encrypt(struct ssh_cipher_struct *cipher,
int outlen = 0;
int rc = 0;
- rc = EVP_EncryptUpdate(&cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
+ rc = EVP_EncryptUpdate(cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptUpdate failed");
return;
@@ -535,7 +540,7 @@ static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher,
int outlen = 0;
int rc = 0;
- rc = EVP_DecryptUpdate(&cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
+ rc = EVP_DecryptUpdate(cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len);
if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptUpdate failed");
return;
@@ -547,7 +552,7 @@ static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher,
}
static void evp_cipher_cleanup(struct ssh_cipher_struct *cipher) {
- EVP_CIPHER_CTX_cleanup(&cipher->ctx);
+ EVP_CIPHER_CTX_cleanup(cipher->ctx);
}
#ifndef HAVE_OPENSSL_EVP_AES_CTR
diff --git a/src/wrapper.c b/src/wrapper.c
index a7511f0a..af166dae 100644
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -123,6 +123,9 @@ void ssh_cipher_clear(struct ssh_cipher_struct *cipher){
if (cipher->cleanup != NULL){
cipher->cleanup(cipher);
}
+#ifdef HAVE_LIBCRYPTO
+ EVP_CIPHER_CTX_free(cipher->ctx);
+#endif
}
static void cipher_free(struct ssh_cipher_struct *cipher) {