Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL
ok dtucker@
This commit is contained in:
parent
a9ff3950b8
commit
315d2a4e67
8
cipher.c
8
cipher.c
|
@ -617,7 +617,7 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
|
||||||
return SSH_ERR_INVALID_ARGUMENT;
|
return SSH_ERR_INVALID_ARGUMENT;
|
||||||
#ifndef OPENSSL_HAVE_EVPCTR
|
#ifndef OPENSSL_HAVE_EVPCTR
|
||||||
if (c->evptype == evp_aes_128_ctr)
|
if (c->evptype == evp_aes_128_ctr)
|
||||||
ssh_aes_ctr_iv(&cc->evp, 0, iv, len);
|
ssh_aes_ctr_iv(cc->evp, 0, iv, len);
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
if (cipher_authlen(c)) {
|
if (cipher_authlen(c)) {
|
||||||
|
@ -659,6 +659,12 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv)
|
||||||
evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
|
evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
|
||||||
if (evplen <= 0)
|
if (evplen <= 0)
|
||||||
return SSH_ERR_LIBCRYPTO_ERROR;
|
return SSH_ERR_LIBCRYPTO_ERROR;
|
||||||
|
#ifndef OPENSSL_HAVE_EVPCTR
|
||||||
|
/* XXX iv arg is const, but ssh_aes_ctr_iv isn't */
|
||||||
|
if (c->evptype == evp_aes_128_ctr)
|
||||||
|
ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen);
|
||||||
|
else
|
||||||
|
#endif
|
||||||
if (cipher_authlen(c)) {
|
if (cipher_authlen(c)) {
|
||||||
/* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */
|
/* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */
|
||||||
if (!EVP_CIPHER_CTX_ctrl(cc->evp,
|
if (!EVP_CIPHER_CTX_ctrl(cc->evp,
|
||||||
|
|
Loading…
Reference in New Issue