Skip to content

Commit e49a1cf

Browse files
solardizsolardiz
committed
SSH format: Prefer mbedTLS over OpenSSL for AES-256-CTR
1 parent d06ef0b commit e49a1cf

File tree

1 file changed

+13
-5
lines changed

1 file changed

+13
-5
lines changed

src/ssh_fmt_plug.c

Lines changed: 13 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -182,16 +182,25 @@ static inline int check_padding_and_structure(unsigned char *out, int length, in
182182
return 0;
183183
}
184184

185+
#ifndef MBEDTLS_CIPHER_MODE_CTR
185186
static void handleErrors(void)
186187
{
187188
ERR_print_errors_fp(stderr);
188189
error();
189190
}
191+
#endif
190192

191-
static inline int AES_ctr_decrypt(unsigned char *ciphertext,
192-
int ciphertext_len, unsigned char *key,
193-
unsigned char *iv, unsigned char *plaintext)
193+
static inline void AES_ctr_decrypt(unsigned char *ciphertext,
194+
int ciphertext_len, unsigned char *key,
195+
unsigned char *iv, unsigned char *plaintext)
194196
{
197+
#ifdef MBEDTLS_CIPHER_MODE_CTR
198+
size_t nc_off = 0;
199+
mbedtls_aes_context ctx;
200+
mbedtls_aes_init(&ctx);
201+
mbedtls_aes_setkey_enc(&ctx, key, 256);
202+
mbedtls_aes_crypt_ctr(&ctx, ciphertext_len, &nc_off, iv, iv, ciphertext, plaintext);
203+
#else
195204
EVP_CIPHER_CTX *ctx;
196205

197206
int len;
@@ -215,8 +224,7 @@ static inline int AES_ctr_decrypt(unsigned char *ciphertext,
215224
plaintext_len += len;
216225

217226
EVP_CIPHER_CTX_free(ctx);
218-
219-
return plaintext_len;
227+
#endif
220228
}
221229

222230
static void common_crypt_code(char *password, unsigned char *out, int full_decrypt)

0 commit comments

Comments
 (0)