ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-01 19:34:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

- Don't be dumb and encrypt/decrypt in a while() loop - why did I do this??

Browse Source 
--HG--
extra : convert_revision : c8e1b84cfe874887ad7df0dd95a00de46dbc0136
This commit is contained in:
Matt Johnston 2009-02-25 14:04:02 +00:00
parent c04cc62ebf
commit cca4e1a080
1 changed files with 22 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
packet.c
View File

@ -240,17 +240,16 @@ void decrypt_packet() {
buf_setpos(ses.decryptreadbuf, blocksize);
/* decrypt it */
while (ses.readbuf->pos < ses.readbuf->len - macsize) {
if (ses.keys->recv_crypt_mode->decrypt(
buf_getptr(ses.readbuf, blocksize),
buf_getwriteptr(ses.decryptreadbuf, blocksize),
blocksize,
&ses.keys->recv_cipher_state) != CRYPT_OK) {
dropbear_exit("error decrypting");
}
buf_incrpos(ses.readbuf, blocksize);
buf_incrwritepos(ses.decryptreadbuf, blocksize);
len = ses.readbuf->len - macsize - ses.readbuf->pos;
if (ses.keys->recv_crypt_mode->decrypt(
buf_getptr(ses.readbuf, len),
buf_getwriteptr(ses.decryptreadbuf, len),
len,
&ses.keys->recv_cipher_state) != CRYPT_OK) {
dropbear_exit("error decrypting");
}
buf_incrpos(ses.readbuf, len);
buf_incrwritepos(ses.decryptreadbuf, len);
/* check the hmac */
buf_setpos(ses.readbuf, ses.readbuf->len - macsize);
@ -454,7 +453,7 @@ void encrypt_packet() {
buffer * writebuf; /* the packet which will go on the wire */
buffer * clearwritebuf; /* unencrypted, possibly compressed */
unsigned char type;
unsigned int clear_len;
unsigned int len;
type = ses.writepayload->data[0];
TRACE(("enter encrypt_packet()"))
@ -474,12 +473,12 @@ void encrypt_packet() {
/* Encrypted packet len is payload+5, then worst case is if we are 3 away
* from a blocksize multiple. In which case we need to pad to the
* multiple, then add another blocksize (or MIN_PACKET_LEN) */
clear_len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3;
len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3;
#ifndef DISABLE_ZLIB
clear_len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/
len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/
#endif
clearwritebuf = buf_new(clear_len);
clearwritebuf = buf_new(len);
buf_setlen(clearwritebuf, PACKET_PAYLOAD_OFF);
buf_setpos(clearwritebuf, PACKET_PAYLOAD_OFF);
@ -531,17 +530,16 @@ void encrypt_packet() {
writebuf = buf_new(clearwritebuf->len + macsize);
/* encrypt it */
while (clearwritebuf->pos < clearwritebuf->len) {
if (ses.keys->trans_crypt_mode->encrypt(
buf_getptr(clearwritebuf, blocksize),
buf_getwriteptr(writebuf, blocksize),
blocksize,
&ses.keys->trans_cipher_state) != CRYPT_OK) {
dropbear_exit("error encrypting");
}
buf_incrpos(clearwritebuf, blocksize);
buf_incrwritepos(writebuf, blocksize);
len = clearwritebuf->len;
if (ses.keys->trans_crypt_mode->encrypt(
buf_getptr(clearwritebuf, len),
buf_getwriteptr(writebuf, len),
len,
&ses.keys->trans_cipher_state) != CRYPT_OK) {
dropbear_exit("error encrypting");
}
buf_incrpos(clearwritebuf, len);
buf_incrwritepos(writebuf, len);
/* now add a hmac and we're done */
writemac(writebuf, clearwritebuf);