From 646e7cf3d7e7d4231c2d97d27c09fe5fe1d749e2 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Wed, 13 Mar 2002 12:47:54 +1100
Subject: Import of Niels Provos' 20020312 ssh-complete.diff

PAM, Cygwin and OSF SIA will not work for sure
---
 cipher.c | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

(limited to 'cipher.c')

diff --git a/cipher.c b/cipher.c
index 9e8f42f5..5ddf819c 100644
--- a/cipher.c
+++ b/cipher.c
@@ -541,3 +541,43 @@ evp_rijndael(void)
 #endif
 	return (&rijndal_cbc);
 }
+
+/* 
+ * Exports an IV from the CipherContext required to export the key
+ * state back from the unprivileged child to the privileged parent
+ * process.
+ */
+
+void
+cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
+{
+	Cipher *c = cc->cipher;
+	u_char *civ = NULL;
+	int evplen;
+
+	switch (c->number) {
+	case SSH_CIPHER_SSH2:
+		evplen = EVP_CIPHER_CTX_iv_length(&cc->evp);
+		if (evplen == 0)
+			return;
+		if (evplen != len)
+			fatal("%s: wrong iv length %d != %d", __FUNCTION__,
+			    evplen, len);
+
+		if (strncmp(c->name, "aes", 3) == 0) {
+			struct ssh_rijndael_ctx *aesc;
+
+			aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
+			if (aesc == NULL)
+				fatal("ssh_rijndael_cbc: no context");
+			civ = aesc->r_iv;
+		} else {
+			civ = cc->evp.iv;
+		}
+		break;
+	default:
+		fatal("%s: bad cipher %d", __FUNCTION__, c->number);
+	}
+	memcpy(iv, civ, len);
+}
+
-- 
cgit v1.2.3