Skip to content

Commit eba523f

Browse files
djmdjmdjmdjm
committed
upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as
part of a larger diff at a2k20 OpenBSD-Commit-ID: a4609b7263284f95c9417ef60ed7cdbb7bf52cfd
1 parent ebd29e9 commit eba523f

File tree

4 files changed

+37
-22
lines changed

4 files changed

+37
-22
lines changed

cipher-chachapoly.c

+19-6
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1515
*/
1616

17-
/* $OpenBSD: cipher-chachapoly.c,v 1.8 2016/08/03 05:41:57 djm Exp $ */
17+
/* $OpenBSD: cipher-chachapoly.c,v 1.9 2020/04/03 04:27:03 djm Exp $ */
1818

1919
#include "includes.h"
2020

@@ -28,15 +28,28 @@
2828
#include "ssherr.h"
2929
#include "cipher-chachapoly.h"
3030

31-
int
32-
chachapoly_init(struct chachapoly_ctx *ctx,
33-
const u_char *key, u_int keylen)
31+
struct chachapoly_ctx {
32+
struct chacha_ctx main_ctx, header_ctx;
33+
};
34+
35+
struct chachapoly_ctx *
36+
chachapoly_new(const u_char *key, u_int keylen)
3437
{
38+
struct chachapoly_ctx *ctx;
39+
3540
if (keylen != (32 + 32)) /* 2 x 256 bit keys */
36-
return SSH_ERR_INVALID_ARGUMENT;
41+
return NULL;
42+
if ((ctx = calloc(1, sizeof(*ctx))) == NULL)
43+
return NULL;
3744
chacha_keysetup(&ctx->main_ctx, key, 256);
3845
chacha_keysetup(&ctx->header_ctx, key + 32, 256);
39-
return 0;
46+
return ctx;
47+
}
48+
49+
void
50+
chachapoly_free(struct chachapoly_ctx *cpctx)
51+
{
52+
freezero(cpctx, sizeof(*cpctx));
4053
}
4154

4255
/*

cipher-chachapoly.h

+6-7
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
/* $OpenBSD: cipher-chachapoly.h,v 1.4 2014/06/24 01:13:21 djm Exp $ */
1+
/* $OpenBSD: cipher-chachapoly.h,v 1.5 2020/04/03 04:27:03 djm Exp $ */
22

33
/*
44
* Copyright (c) Damien Miller 2013 <[email protected]>
@@ -24,13 +24,12 @@
2424

2525
#define CHACHA_KEYLEN 32 /* Only 256 bit keys used here */
2626

27-
struct chachapoly_ctx {
28-
struct chacha_ctx main_ctx, header_ctx;
29-
};
27+
struct chachapoly_ctx;
28+
29+
struct chachapoly_ctx *chachapoly_new(const u_char *key, u_int keylen)
30+
__attribute__((__bounded__(__buffer__, 1, 2)));
31+
void chachapoly_free(struct chachapoly_ctx *cpctx);
3032

31-
int chachapoly_init(struct chachapoly_ctx *cpctx,
32-
const u_char *key, u_int keylen)
33-
__attribute__((__bounded__(__buffer__, 2, 3)));
3433
int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr,
3534
u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen,
3635
int do_encrypt);

cipher.c

+10-8
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
/* $OpenBSD: cipher.c,v 1.116 2020/03/13 03:17:07 djm Exp $ */
1+
/* $OpenBSD: cipher.c,v 1.117 2020/04/03 04:27:03 djm Exp $ */
22
/*
33
* Author: Tatu Ylonen <[email protected]>
44
* Copyright (c) 1995 Tatu Ylonen <[email protected]>, Espoo, Finland
@@ -59,7 +59,7 @@ struct sshcipher_ctx {
5959
int plaintext;
6060
int encrypt;
6161
EVP_CIPHER_CTX *evp;
62-
struct chachapoly_ctx cp_ctx; /* XXX union with evp? */
62+
struct chachapoly_ctx *cp_ctx;
6363
struct aesctr_ctx ac_ctx; /* XXX union with evp? */
6464
const struct sshcipher *cipher;
6565
};
@@ -273,7 +273,8 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher,
273273

274274
cc->cipher = cipher;
275275
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
276-
ret = chachapoly_init(&cc->cp_ctx, key, keylen);
276+
cc->cp_ctx = chachapoly_new(key, keylen);
277+
ret = cc->cp_ctx != NULL ? 0 : SSH_ERR_INVALID_ARGUMENT;
277278
goto out;
278279
}
279280
if ((cc->cipher->flags & CFLAG_NONE) != 0) {
@@ -349,7 +350,7 @@ cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest,
349350
const u_char *src, u_int len, u_int aadlen, u_int authlen)
350351
{
351352
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
352-
return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src,
353+
return chachapoly_crypt(cc->cp_ctx, seqnr, dest, src,
353354
len, aadlen, authlen, cc->encrypt);
354355
}
355356
if ((cc->cipher->flags & CFLAG_NONE) != 0) {
@@ -412,7 +413,7 @@ cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr,
412413
const u_char *cp, u_int len)
413414
{
414415
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
415-
return chachapoly_get_length(&cc->cp_ctx, plenp, seqnr,
416+
return chachapoly_get_length(cc->cp_ctx, plenp, seqnr,
416417
cp, len);
417418
if (len < 4)
418419
return SSH_ERR_MESSAGE_INCOMPLETE;
@@ -425,9 +426,10 @@ cipher_free(struct sshcipher_ctx *cc)
425426
{
426427
if (cc == NULL)
427428
return;
428-
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
429-
explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx));
430-
else if ((cc->cipher->flags & CFLAG_AESCTR) != 0)
429+
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
430+
chachapoly_free(cc->cp_ctx);
431+
cc->cp_ctx = NULL;
432+
} else if ((cc->cipher->flags & CFLAG_AESCTR) != 0)
431433
explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx));
432434
#ifdef WITH_OPENSSL
433435
EVP_CIPHER_CTX_free(cc->evp);

regress/Makefile

+2-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# $OpenBSD: Makefile,v 1.106 2020/01/31 23:25:08 djm Exp $
1+
# $OpenBSD: Makefile,v 1.107 2020/04/03 02:33:31 dtucker Exp $
22

33
tests: prep file-tests t-exec unit
44

@@ -66,6 +66,7 @@ LTESTS= connect \
6666
cfgparse \
6767
cfgmatch \
6868
cfgmatchlisten \
69+
percent \
6970
addrmatch \
7071
localcommand \
7172
forcecommand \

0 commit comments

Comments
 (0)