summaryrefslogtreecommitdiff
path: root/src/plugins/lanplus/lanplus_crypt_impl.c
diff options
context:
space:
mode:
authorJörg Frings-Fürst <debian@jff-webhosting.net>2022-09-10 15:44:41 +0200
committerJörg Frings-Fürst <debian@jff-webhosting.net>2022-09-10 15:44:41 +0200
commita9ee361f27e0439530387765924574e5358c8a5c (patch)
tree3104aecc4d574f7d7bbb269223814586277b1797 /src/plugins/lanplus/lanplus_crypt_impl.c
parent82ac6c87ce0b0af2fb8de25d70442fec406bb742 (diff)
New upstream version 1.8.19upstream/1.8.19upstream
Diffstat (limited to 'src/plugins/lanplus/lanplus_crypt_impl.c')
-rw-r--r--src/plugins/lanplus/lanplus_crypt_impl.c60
1 files changed, 38 insertions, 22 deletions
diff --git a/src/plugins/lanplus/lanplus_crypt_impl.c b/src/plugins/lanplus/lanplus_crypt_impl.c
index d5fac37..7603e6d 100644
--- a/src/plugins/lanplus/lanplus_crypt_impl.c
+++ b/src/plugins/lanplus/lanplus_crypt_impl.c
@@ -102,7 +102,7 @@ lanplus_rand(uint8_t * buffer, uint32_t num_bytes)
* param mac specifies the algorithm to be used, currently SHA1, SHA256 and MD5
* are supported
* param key is the key used for HMAC generation
- * param key_len is the lenght of key
+ * param key_len is the length of key
* param d is the data to be MAC'd
* param n is the length of the data at d
* param md is the result of the HMAC algorithm
@@ -164,11 +164,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
uint8_t * output,
uint32_t * bytes_written)
{
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
-
+ EVP_CIPHER_CTX *ctx = NULL;
*bytes_written = 0;
@@ -182,6 +178,18 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
printbuf(input, input_length, "encrypting this data");
}
+ ctx = EVP_CIPHER_CTX_new();
+ if (!ctx) {
+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
+ return;
+ }
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_CIPHER_CTX_init(ctx);
+#else
+ EVP_CIPHER_CTX_reset(ctx);
+#endif
+ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
/*
* The default implementation adds a whole block of padding if the input
@@ -191,28 +199,28 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
{
/* Error */
*bytes_written = 0;
- return;
}
else
{
uint32_t tmplen;
- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
{
+ /* Error */
*bytes_written = 0;
- return; /* Error */
}
else
{
/* Success */
*bytes_written += tmplen;
- EVP_CIPHER_CTX_cleanup(&ctx);
}
}
+ /* performs cleanup and free */
+ EVP_CIPHER_CTX_free(ctx);
}
@@ -239,11 +247,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
uint8_t * output,
uint32_t * bytes_written)
{
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
-
+ EVP_CIPHER_CTX *ctx = NULL;
if (verbose >= 5)
{
@@ -252,12 +256,24 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
printbuf(input, input_length, "decrypting this data");
}
-
*bytes_written = 0;
if (input_length == 0)
return;
+ ctx = EVP_CIPHER_CTX_new();
+ if (!ctx) {
+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
+ return;
+ }
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_CIPHER_CTX_init(ctx);
+#else
+ EVP_CIPHER_CTX_reset(ctx);
+#endif
+ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
+
/*
* The default implementation adds a whole block of padding if the input
* data is perfectly aligned. We would like to keep that from happening.
@@ -266,33 +282,33 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
{
/* Error */
lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
*bytes_written = 0;
- return;
}
else
{
uint32_t tmplen;
- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
{
+ /* Error */
char buffer[1000];
ERR_error_string(ERR_get_error(), buffer);
lprintf(LOG_DEBUG, "the ERR error %s", buffer);
lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
*bytes_written = 0;
- return; /* Error */
}
else
{
/* Success */
*bytes_written += tmplen;
- EVP_CIPHER_CTX_cleanup(&ctx);
}
}
+ /* performs cleanup and free */
+ EVP_CIPHER_CTX_free(ctx);
if (verbose >= 5)
{