upstream commit

small refactor of cipher.c: make ciphercontext opaque to
callers feedback and ok markus@

Upstream-ID: 094849f8be68c3bdad2c0f3dee551ecf7be87f6f

1 files changed, 43 insertions, 45 deletions

diff --git a/packet.c b/packet.c
index d6dad2da..d4221d12 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.234 2016/07/18 11:35:33 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.235 2016/08/03 05:41:57 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -122,10 +122,10 @@ struct session_state {
 	u_int remote_protocol_flags;
 
 	/* Encryption context for receiving data.  Only used for decryption. */
-	struct sshcipher_ctx receive_context;
+	struct sshcipher_ctx *receive_context;
 
 	/* Encryption context for sending data.  Only used for encryption. */
-	struct sshcipher_ctx send_context;
+	struct sshcipher_ctx *send_context;
 
 	/* Buffer for raw input data from the socket. */
 	struct sshbuf *input;
@@ -529,7 +529,6 @@ void
 ssh_packet_close(struct ssh *ssh)
 {
 	struct session_state *state = ssh->state;
-	int r;
 	u_int mode;
 
 	if (!state->initialized)
@@ -573,10 +572,9 @@ ssh_packet_close(struct ssh *ssh)
 				inflateEnd(stream);
 		}
 	}
-	if ((r = cipher_cleanup(&state->send_context)) != 0)
-		error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r));
-	if ((r = cipher_cleanup(&state->receive_context)) != 0)
-		error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r));
+	cipher_free(state->send_context);
+	cipher_free(state->receive_context);
+	state->send_context = state->receive_context = NULL;
 	free(ssh->remote_ipaddr);
 	ssh->remote_ipaddr = NULL;
 	free(ssh->state);
@@ -870,8 +868,8 @@ ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen,
 	    NULL, 0, CIPHER_DECRYPT) != 0))
 		fatal("%s: cipher_init failed: %s", __func__, ssh_err(r));
 	if (!state->cipher_warning_done &&
-	    ((wmsg = cipher_warning_message(&state->send_context)) != NULL ||
-	    (wmsg = cipher_warning_message(&state->send_context)) != NULL)) {
+	    ((wmsg = cipher_warning_message(state->send_context)) != NULL ||
+	    (wmsg = cipher_warning_message(state->send_context)) != NULL)) {
 		error("Warning: %s", wmsg);
 		state->cipher_warning_done = 1;
 	}
@@ -917,7 +915,7 @@ ssh_packet_send1(struct ssh *ssh)
 
 	/* Insert padding. Initialized to zero in packet_start1() */
 	padding = 8 - len % 8;
-	if (!state->send_context.plaintext) {
+	if (!cipher_ctx_is_plaintext(state->send_context)) {
 		cp = sshbuf_mutable_ptr(state->outgoing_packet);
 		if (cp == NULL) {
 			r = SSH_ERR_INTERNAL_ERROR;
@@ -947,7 +945,7 @@ ssh_packet_send1(struct ssh *ssh)
 	if ((r = sshbuf_reserve(state->output,
 	    sshbuf_len(state->outgoing_packet), &cp)) != 0)
 		goto out;
-	if ((r = cipher_crypt(&state->send_context, 0, cp,
+	if ((r = cipher_crypt(state->send_context, 0, cp,
 	    sshbuf_ptr(state->outgoing_packet),
 	    sshbuf_len(state->outgoing_packet), 0, 0)) != 0)
 		goto out;
@@ -978,7 +976,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 	struct sshenc *enc;
 	struct sshmac *mac;
 	struct sshcomp *comp;
-	struct sshcipher_ctx *cc;
+	struct sshcipher_ctx **ccp;
 	u_int64_t *max_blocks;
 	const char *wmsg;
 	int r, crypt_type;
@@ -986,12 +984,12 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 	debug2("set_newkeys: mode %d", mode);
 
 	if (mode == MODE_OUT) {
-		cc = &state->send_context;
+		ccp = &state->send_context;
 		crypt_type = CIPHER_ENCRYPT;
 		state->p_send.packets = state->p_send.blocks = 0;
 		max_blocks = &state->max_blocks_out;
 	} else {
-		cc = &state->receive_context;
+		ccp = &state->receive_context;
 		crypt_type = CIPHER_DECRYPT;
 		state->p_read.packets = state->p_read.blocks = 0;
 		max_blocks = &state->max_blocks_in;
@@ -1003,8 +1001,8 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 		   (unsigned long long)state->p_read.blocks,
 		   (unsigned long long)state->p_send.bytes,
 		   (unsigned long long)state->p_send.blocks);
-		if ((r = cipher_cleanup(cc)) != 0)
-			return r;
+		cipher_free(*ccp);
+		*ccp = NULL;
 		enc  = &state->newkeys[mode]->enc;
 		mac  = &state->newkeys[mode]->mac;
 		comp = &state->newkeys[mode]->comp;
@@ -1033,11 +1031,11 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 	}
 	mac->enabled = 1;
 	DBG(debug("cipher_init_context: %d", mode));
-	if ((r = cipher_init(cc, enc->cipher, enc->key, enc->key_len,
+	if ((r = cipher_init(ccp, enc->cipher, enc->key, enc->key_len,
 	    enc->iv, enc->iv_len, crypt_type)) != 0)
 		return r;
 	if (!state->cipher_warning_done &&
-	    (wmsg = cipher_warning_message(cc)) != NULL) {
+	    (wmsg = cipher_warning_message(*ccp)) != NULL) {
 		error("Warning: %s", wmsg);
 		state->cipher_warning_done = 1;
 	}
@@ -1259,7 +1257,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	}
 	if ((r = sshbuf_reserve(state->outgoing_packet, padlen, &cp)) != 0)
 		goto out;
-	if (enc && !state->send_context.plaintext) {
+	if (enc && !cipher_ctx_is_plaintext(state->send_context)) {
 		/* random padding */
 		arc4random_buf(cp, padlen);
 	} else {
@@ -1291,7 +1289,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	if ((r = sshbuf_reserve(state->output,
 	    sshbuf_len(state->outgoing_packet) + authlen, &cp)) != 0)
 		goto out;
-	if ((r = cipher_crypt(&state->send_context, state->p_send.seqnr, cp,
+	if ((r = cipher_crypt(state->send_context, state->p_send.seqnr, cp,
 	    sshbuf_ptr(state->outgoing_packet),
 	    len - aadlen, aadlen, authlen)) != 0)
 		goto out;
@@ -1606,7 +1604,7 @@ ssh_packet_read_poll1(struct ssh *ssh, u_char *typep)
 	 * (C)1998 CORE-SDI, Buenos Aires Argentina
 	 * Ariel Futoransky(futo@core-sdi.com)
 	 */
-	if (!state->receive_context.plaintext) {
+	if (!cipher_ctx_is_plaintext(state->receive_context)) {
 		emsg = NULL;
 		switch (detect_attack(&state->deattack,
 		    sshbuf_ptr(state->input), padded_len)) {
@@ -1635,7 +1633,7 @@ ssh_packet_read_poll1(struct ssh *ssh, u_char *typep)
 	sshbuf_reset(state->incoming_packet);
 	if ((r = sshbuf_reserve(state->incoming_packet, padded_len, &p)) != 0)
 		goto out;
-	if ((r = cipher_crypt(&state->receive_context, 0, p,
+	if ((r = cipher_crypt(state->receive_context, 0, p,
 	    sshbuf_ptr(state->input), padded_len, 0, 0)) != 0)
 		goto out;
 
@@ -1733,7 +1731,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 	aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0;
 
 	if (aadlen && state->packlen == 0) {
-		if (cipher_get_length(&state->receive_context,
+		if (cipher_get_length(state->receive_context,
 		    &state->packlen, state->p_read.seqnr,
 		    sshbuf_ptr(state->input), sshbuf_len(state->input)) != 0)
 			return 0;
@@ -1759,7 +1757,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		if ((r = sshbuf_reserve(state->incoming_packet, block_size,
 		    &cp)) != 0)
 			goto out;
-		if ((r = cipher_crypt(&state->receive_context,
+		if ((r = cipher_crypt(state->receive_context,
 		    state->p_send.seqnr, cp, sshbuf_ptr(state->input),
 		    block_size, 0, 0)) != 0)
 			goto out;
@@ -1827,7 +1825,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 	if ((r = sshbuf_reserve(state->incoming_packet, aadlen + need,
 	    &cp)) != 0)
 		goto out;
-	if ((r = cipher_crypt(&state->receive_context, state->p_read.seqnr, cp,
+	if ((r = cipher_crypt(state->receive_context, state->p_read.seqnr, cp,
 	    sshbuf_ptr(state->input), need, aadlen, authlen)) != 0)
 		goto out;
 	if ((r = sshbuf_consume(state->input, aadlen + need + authlen)) != 0)
@@ -2509,8 +2507,8 @@ newkeys_to_blob(struct sshbuf *m, struct ssh *ssh, int mode)
 	enc = &newkey->enc;
 	mac = &newkey->mac;
 	comp = &newkey->comp;
-	cc = (mode == MODE_OUT) ? &ssh->state->send_context :
-	    &ssh->state->receive_context;
+	cc = (mode == MODE_OUT) ? ssh->state->send_context :
+	    ssh->state->receive_context;
 	if ((r = cipher_get_keyiv(cc, enc->iv, enc->iv_len)) != 0)
 		return r;
 	if ((b = sshbuf_new()) == NULL)
@@ -2549,18 +2547,18 @@ ssh_packet_get_state(struct ssh *ssh, struct sshbuf *m)
 	int r, ssh1cipher;
 
 	if (!compat20) {
-		ssh1cipher = cipher_get_number(state->receive_context.cipher);
-		slen = cipher_get_keyiv_len(&state->send_context);
-		rlen = cipher_get_keyiv_len(&state->receive_context);
+		ssh1cipher = cipher_ctx_get_number(state->receive_context);
+		slen = cipher_get_keyiv_len(state->send_context);
+		rlen = cipher_get_keyiv_len(state->receive_context);
 		if ((r = sshbuf_put_u32(m, state->remote_protocol_flags)) != 0 ||
 		    (r = sshbuf_put_u32(m, ssh1cipher)) != 0 ||
 		    (r = sshbuf_put_string(m, state->ssh1_key, state->ssh1_keylen)) != 0 ||
 		    (r = sshbuf_put_u32(m, slen)) != 0 ||
 		    (r = sshbuf_reserve(m, slen, &p)) != 0 ||
-		    (r = cipher_get_keyiv(&state->send_context, p, slen)) != 0 ||
+		    (r = cipher_get_keyiv(state->send_context, p, slen)) != 0 ||
 		    (r = sshbuf_put_u32(m, rlen)) != 0 ||
 		    (r = sshbuf_reserve(m, rlen, &p)) != 0 ||
-		    (r = cipher_get_keyiv(&state->receive_context, p, rlen)) != 0)
+		    (r = cipher_get_keyiv(state->receive_context, p, rlen)) != 0)
 			return r;
 	} else {
 		if ((r = kex_to_blob(m, ssh->kex)) != 0 ||
@@ -2579,17 +2577,17 @@ ssh_packet_get_state(struct ssh *ssh, struct sshbuf *m)
 			return r;
 	}
 
-	slen = cipher_get_keycontext(&state->send_context, NULL);
-	rlen = cipher_get_keycontext(&state->receive_context, NULL);
+	slen = cipher_get_keycontext(state->send_context, NULL);
+	rlen = cipher_get_keycontext(state->receive_context, NULL);
 	if ((r = sshbuf_put_u32(m, slen)) != 0 ||
 	    (r = sshbuf_reserve(m, slen, &p)) != 0)
 		return r;
-	if (cipher_get_keycontext(&state->send_context, p) != (int)slen)
+	if (cipher_get_keycontext(state->send_context, p) != (int)slen)
 		return SSH_ERR_INTERNAL_ERROR;
 	if ((r = sshbuf_put_u32(m, rlen)) != 0 ||
 	    (r = sshbuf_reserve(m, rlen, &p)) != 0)
 		return r;
-	if (cipher_get_keycontext(&state->receive_context, p) != (int)rlen)
+	if (cipher_get_keycontext(state->receive_context, p) != (int)rlen)
 		return SSH_ERR_INTERNAL_ERROR;
 
 	if ((r = ssh_packet_get_compress_state(m, ssh)) != 0 ||
@@ -2735,11 +2733,11 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m)
 			return SSH_ERR_KEY_UNKNOWN_CIPHER;
 		ssh_packet_set_encryption_key(ssh, ssh1key, ssh1keylen,
 		    (int)ssh1cipher);
-		if (cipher_get_keyiv_len(&state->send_context) != (int)slen ||
-		    cipher_get_keyiv_len(&state->receive_context) != (int)rlen)
+		if (cipher_get_keyiv_len(state->send_context) != (int)slen ||
+		    cipher_get_keyiv_len(state->receive_context) != (int)rlen)
 			return SSH_ERR_INVALID_FORMAT;
-		if ((r = cipher_set_keyiv(&state->send_context, ivout)) != 0 ||
-		    (r = cipher_set_keyiv(&state->receive_context, ivin)) != 0)
+		if ((r = cipher_set_keyiv(state->send_context, ivout)) != 0 ||
+		    (r = cipher_set_keyiv(state->receive_context, ivin)) != 0)
 			return r;
 	} else {
 		if ((r = kex_from_blob(m, &ssh->kex)) != 0 ||
@@ -2769,11 +2767,11 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m)
 	if ((r = sshbuf_get_string_direct(m, &keyout, &slen)) != 0 ||
 	    (r = sshbuf_get_string_direct(m, &keyin, &rlen)) != 0)
 		return r;
-	if (cipher_get_keycontext(&state->send_context, NULL) != (int)slen ||
-	    cipher_get_keycontext(&state->receive_context, NULL) != (int)rlen)
+	if (cipher_get_keycontext(state->send_context, NULL) != (int)slen ||
+	    cipher_get_keycontext(state->receive_context, NULL) != (int)rlen)
 		return SSH_ERR_INVALID_FORMAT;
-	cipher_set_keycontext(&state->send_context, keyout);
-	cipher_set_keycontext(&state->receive_context, keyin);
+	cipher_set_keycontext(state->send_context, keyout);
+	cipher_set_keycontext(state->receive_context, keyin);
 
 	if ((r = ssh_packet_set_compress_state(ssh, m)) != 0 ||
 	    (r = ssh_packet_set_postauth(ssh)) != 0)