diff options
Diffstat (limited to 'lib/lanplus/lanplus_crypt_impl.c')
| -rw-r--r-- | lib/lanplus/lanplus_crypt_impl.c | 56 |
1 files changed, 38 insertions, 18 deletions
diff --git a/lib/lanplus/lanplus_crypt_impl.c b/lib/lanplus/lanplus_crypt_impl.c index d12ad9c..1daf230 100644 --- a/lib/lanplus/lanplus_crypt_impl.c +++ b/lib/lanplus/lanplus_crypt_impl.c @@ -196,10 +196,17 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv, { int nwritten = 0; int inlen = 0; + EVP_CIPHER_CTX *pctx; +#ifdef SSL11 + EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); + pctx = ctx; +#else EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); - EVP_CIPHER_CTX_set_padding(&ctx, 0); + pctx = &ctx; +#endif + EVP_CIPHER_CTX_init(pctx); + EVP_EncryptInit_ex(pctx, EVP_aes_128_cbc(), NULL, key, iv); + EVP_CIPHER_CTX_set_padding(pctx, 0); *bytes_written = 0; if (input_length == 0) return; @@ -219,28 +226,29 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv, assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); inlen = input_length; - if(!EVP_EncryptUpdate(&ctx, output, &nwritten, input, inlen)) + if(!EVP_EncryptUpdate(pctx, output, &nwritten, input, inlen)) { - /* Error */ - *bytes_written = 0; - return; + *bytes_written = 0; /* Error */ } else { int tmplen; - if(!EVP_EncryptFinal_ex(&ctx, output + nwritten, &tmplen)) + if(!EVP_EncryptFinal_ex(pctx, output + nwritten, &tmplen)) { - *bytes_written = 0; - return; /* Error */ + *bytes_written = 0; /* Error */ } else { /* Success */ *bytes_written = nwritten + tmplen; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_cleanup(pctx); } } +#ifdef SSL11 + EVP_CIPHER_CTX_free(ctx); +#endif + return; } @@ -268,10 +276,17 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv, { int nwritten = 0; int inlen = 0; + EVP_CIPHER_CTX *pctx; +#ifdef SSL11 + EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); + pctx = ctx; +#else EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); - EVP_CIPHER_CTX_set_padding(&ctx, 0); + pctx = &ctx; +#endif + EVP_CIPHER_CTX_init(pctx); + EVP_DecryptInit_ex(pctx, EVP_aes_128_cbc(), NULL, key, iv); + EVP_CIPHER_CTX_set_padding(pctx, 0); if (verbose >= 5) { @@ -291,7 +306,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv, assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); inlen = input_length; - if (!EVP_DecryptUpdate(&ctx, output, &nwritten, input, inlen)) + if (!EVP_DecryptUpdate(pctx, output, &nwritten, input, inlen)) { /* Error */ lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); @@ -302,20 +317,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv, { int tmplen; - if (!EVP_DecryptFinal_ex(&ctx, output + nwritten, &tmplen)) + if (!EVP_DecryptFinal_ex(pctx, output + nwritten, &tmplen)) { char buffer[1000]; ERR_error_string(ERR_get_error(), buffer); lprintf(LOG_DEBUG, "the ERR error %s", buffer); lprintf(LOG_DEBUG, "ERROR: decrypt final failed"); *bytes_written = 0; - return; /* Error */ + goto evpfin2; } else { /* Success */ *bytes_written = nwritten + tmplen; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_cleanup(pctx); } } @@ -324,4 +339,9 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv, lprintf(LOG_DEBUG, "Decrypted %d encrypted bytes",input_length); printbuf(output, *bytes_written, "Decrypted this data"); } +evpfin2: +#ifdef SSL11 + EVP_CIPHER_CTX_free(ctx); +#endif + return; } |