* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-/* $OpenBSD: cipher-chachapoly.c,v 1.8 2016/08/03 05:41:57 djm Exp $ */
+/* $OpenBSD: cipher-chachapoly.c,v 1.9 2020/04/03 04:27:03 djm Exp $ */
#include "includes.h"
#include "ssherr.h"
#include "cipher-chachapoly.h"
-int
-chachapoly_init(struct chachapoly_ctx *ctx,
- const u_char *key, u_int keylen)
+struct chachapoly_ctx {
+ struct chacha_ctx main_ctx, header_ctx;
+};
+
+struct chachapoly_ctx *
+chachapoly_new(const u_char *key, u_int keylen)
{
+ struct chachapoly_ctx *ctx;
+
if (keylen != (32 + 32)) /* 2 x 256 bit keys */
- return SSH_ERR_INVALID_ARGUMENT;
+ return NULL;
+ if ((ctx = calloc(1, sizeof(*ctx))) == NULL)
+ return NULL;
chacha_keysetup(&ctx->main_ctx, key, 256);
chacha_keysetup(&ctx->header_ctx, key + 32, 256);
- return 0;
+ return ctx;
+}
+
+void
+chachapoly_free(struct chachapoly_ctx *cpctx)
+{
+ freezero(cpctx, sizeof(*cpctx));
}
/*
-/* $OpenBSD: cipher-chachapoly.h,v 1.4 2014/06/24 01:13:21 djm Exp $ */
+/* $OpenBSD: cipher-chachapoly.h,v 1.5 2020/04/03 04:27:03 djm Exp $ */
/*
* Copyright (c) Damien Miller 2013 <djm@mindrot.org>
#define CHACHA_KEYLEN 32 /* Only 256 bit keys used here */
-struct chachapoly_ctx {
- struct chacha_ctx main_ctx, header_ctx;
-};
+struct chachapoly_ctx;
+
+struct chachapoly_ctx *chachapoly_new(const u_char *key, u_int keylen)
+ __attribute__((__bounded__(__buffer__, 1, 2)));
+void chachapoly_free(struct chachapoly_ctx *cpctx);
-int chachapoly_init(struct chachapoly_ctx *cpctx,
- const u_char *key, u_int keylen)
- __attribute__((__bounded__(__buffer__, 2, 3)));
int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr,
u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen,
int do_encrypt);
-/* $OpenBSD: cipher.c,v 1.116 2020/03/13 03:17:07 djm Exp $ */
+/* $OpenBSD: cipher.c,v 1.117 2020/04/03 04:27:03 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
int plaintext;
int encrypt;
EVP_CIPHER_CTX *evp;
- struct chachapoly_ctx cp_ctx; /* XXX union with evp? */
+ struct chachapoly_ctx *cp_ctx;
struct aesctr_ctx ac_ctx; /* XXX union with evp? */
const struct sshcipher *cipher;
};
cc->cipher = cipher;
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
- ret = chachapoly_init(&cc->cp_ctx, key, keylen);
+ cc->cp_ctx = chachapoly_new(key, keylen);
+ ret = cc->cp_ctx != NULL ? 0 : SSH_ERR_INVALID_ARGUMENT;
goto out;
}
if ((cc->cipher->flags & CFLAG_NONE) != 0) {
const u_char *src, u_int len, u_int aadlen, u_int authlen)
{
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
- return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src,
+ return chachapoly_crypt(cc->cp_ctx, seqnr, dest, src,
len, aadlen, authlen, cc->encrypt);
}
if ((cc->cipher->flags & CFLAG_NONE) != 0) {
const u_char *cp, u_int len)
{
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
- return chachapoly_get_length(&cc->cp_ctx, plenp, seqnr,
+ return chachapoly_get_length(cc->cp_ctx, plenp, seqnr,
cp, len);
if (len < 4)
return SSH_ERR_MESSAGE_INCOMPLETE;
{
if (cc == NULL)
return;
- if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
- explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx));
- else if ((cc->cipher->flags & CFLAG_AESCTR) != 0)
+ if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
+ chachapoly_free(cc->cp_ctx);
+ cc->cp_ctx = NULL;
+ } else if ((cc->cipher->flags & CFLAG_AESCTR) != 0)
explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx));
#ifdef WITH_OPENSSL
EVP_CIPHER_CTX_free(cc->evp);