diff options
| author | Jakub Jelen <jjelen@redhat.com> | 2016-11-05 16:54:02 +0100 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2016-11-07 11:46:47 +0100 |
| commit | 5d2e9ee66efb6bae9941987cc09a98867ae9ba6d (patch) | |
| tree | 3bd9711a38fff89c6d927af87f8b175936166b8c | |
| parent | 607c671f67de2443e39ef571122c0c0e0d150e3a (diff) | |
| download | libssh-5d2e9ee66efb6bae9941987cc09a98867ae9ba6d.tar.gz libssh-5d2e9ee66efb6bae9941987cc09a98867ae9ba6d.tar.xz libssh-5d2e9ee66efb6bae9941987cc09a98867ae9ba6d.zip | |
libcrypto: Use a pointer for EVP_CIPHER_CTX
This has been made opaque and it needs to be a pointer.
This is for OpenSSL 1.1.0 support.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
| -rw-r--r-- | include/libssh/crypto.h | 2 | ||||
| -rw-r--r-- | src/libcrypto.c | 23 | ||||
| -rw-r--r-- | src/wrapper.c | 3 |
3 files changed, 18 insertions, 10 deletions
diff --git a/include/libssh/crypto.h b/include/libssh/crypto.h index 102c8d7e..4c79c8ca 100644 --- a/include/libssh/crypto.h +++ b/include/libssh/crypto.h @@ -130,7 +130,7 @@ struct ssh_cipher_struct { struct ssh_3des_key_schedule *des3_key; struct ssh_aes_key_schedule *aes_key; const EVP_CIPHER *cipher; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; #endif unsigned int keysize; /* bytes of key used. != keylen */ /* sets the new key for immediate use */ diff --git a/src/libcrypto.c b/src/libcrypto.c index 622b4470..10956b6f 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -43,6 +43,7 @@ #include <openssl/hmac.h> #include <openssl/opensslv.h> #include <openssl/rand.h> +#include "libcrypto-compat.h" #ifdef HAVE_OPENSSL_AES_H #define HAS_AES @@ -430,6 +431,10 @@ void hmac_final(HMACCTX ctx, unsigned char *hashmacbuf, unsigned int *len) { } static void evp_cipher_init(struct ssh_cipher_struct *cipher) { + if (cipher->ctx == NULL) { + cipher->ctx = EVP_CIPHER_CTX_new(); + } + switch(cipher->ciphertype){ case SSH_AES128_CBC: cipher->cipher = EVP_aes_128_cbc(); @@ -480,14 +485,14 @@ static int evp_cipher_set_encrypt_key(struct ssh_cipher_struct *cipher, int rc; evp_cipher_init(cipher); - EVP_CIPHER_CTX_init(&cipher->ctx); + EVP_CIPHER_CTX_init(cipher->ctx); - rc = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, key, IV); + rc = EVP_EncryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV); if (rc != 1){ SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptInit_ex failed"); return SSH_ERROR; } - EVP_CIPHER_CTX_set_padding(&cipher->ctx, 0); + EVP_CIPHER_CTX_set_padding(cipher->ctx, 0); return SSH_OK; } @@ -497,14 +502,14 @@ static int evp_cipher_set_decrypt_key(struct ssh_cipher_struct *cipher, int rc; evp_cipher_init(cipher); - EVP_CIPHER_CTX_init(&cipher->ctx); + EVP_CIPHER_CTX_init(cipher->ctx); - rc = EVP_DecryptInit_ex(&cipher->ctx, cipher->cipher, NULL, key, IV); + rc = EVP_DecryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV); if (rc != 1){ SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptInit_ex failed"); return SSH_ERROR; } - EVP_CIPHER_CTX_set_padding(&cipher->ctx, 0); + EVP_CIPHER_CTX_set_padding(cipher->ctx, 0); return SSH_OK; } @@ -517,7 +522,7 @@ static void evp_cipher_encrypt(struct ssh_cipher_struct *cipher, int outlen = 0; int rc = 0; - rc = EVP_EncryptUpdate(&cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len); + rc = EVP_EncryptUpdate(cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len); if (rc != 1){ SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptUpdate failed"); return; @@ -535,7 +540,7 @@ static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher, int outlen = 0; int rc = 0; - rc = EVP_DecryptUpdate(&cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len); + rc = EVP_DecryptUpdate(cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len); if (rc != 1){ SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptUpdate failed"); return; @@ -547,7 +552,7 @@ static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher, } static void evp_cipher_cleanup(struct ssh_cipher_struct *cipher) { - EVP_CIPHER_CTX_cleanup(&cipher->ctx); + EVP_CIPHER_CTX_cleanup(cipher->ctx); } #ifndef HAVE_OPENSSL_EVP_AES_CTR diff --git a/src/wrapper.c b/src/wrapper.c index a7511f0a..af166dae 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -123,6 +123,9 @@ void ssh_cipher_clear(struct ssh_cipher_struct *cipher){ if (cipher->cleanup != NULL){ cipher->cleanup(cipher); } +#ifdef HAVE_LIBCRYPTO + EVP_CIPHER_CTX_free(cipher->ctx); +#endif } static void cipher_free(struct ssh_cipher_struct *cipher) { |