登录 注册
开源 企业版 高校版 私有云 模力方舟 Gitee AI
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 0 Fork 23

Apricity/libssh

forked from src-openEuler/libssh 
代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
项目仓库所选许可证以仓库主分支所使用许可证为准
克隆/下载
backport-kdf-Avoid-endianess-issues.patch 4.71 KB
一键复制 编辑 原始数据 按行查看 历史
Apricity 提交于 2022-10-20 10:25 +08:00 . backport some patches from upstream community
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125
From 915df080588ce815c80da804780438ce9b2ac390 Mon Sep 17 00:00:00 2001

From: Andreas Schneider <[email protected]>

Date: Wed, 7 Sep 2022 12:40:00 +0200

Subject: [PATCH] kdf: Avoid endianess issues



The key_type is only a letter, if we use and `int` and then cast it to

(const char *) we will end up with a 0 value on big endian.



Signed-off-by: Andreas Schneider <[email protected]>

Reviewed-by: Anderson Toshiyuki Sasaki <[email protected]>

---

 include/libssh/crypto.h  | 2 +-

 include/libssh/wrapper.h | 2 +-

 src/kdf.c                | 5 ++---

 src/libcrypto.c          | 4 ++--

 src/libgcrypt.c          | 2 +-

 src/libmbedcrypto.c      | 2 +-

 6 files changed, 8 insertions(+), 9 deletions(-)



diff --git a/include/libssh/crypto.h b/include/libssh/crypto.h

index f40d76b9..1d73613b 100644

--- a/include/libssh/crypto.h

+++ b/include/libssh/crypto.h

@@ -219,7 +219,7 @@ struct ssh_cipher_struct {

 const struct ssh_cipher_struct *ssh_get_chacha20poly1305_cipher(void);

 int sshkdf_derive_key(struct ssh_crypto_struct *crypto,

                       unsigned char *key, size_t key_len,

-                      int key_type, unsigned char *output,

+                      uint8_t key_type, unsigned char *output,

                       size_t requested_len);

 

 #endif /* _CRYPTO_H_ */

diff --git a/include/libssh/wrapper.h b/include/libssh/wrapper.h

index fd57cdb1..f4a33d2d 100644

--- a/include/libssh/wrapper.h

+++ b/include/libssh/wrapper.h

@@ -103,7 +103,7 @@ size_t hmac_digest_len(enum ssh_hmac_e type);

 

 int ssh_kdf(struct ssh_crypto_struct *crypto,

             unsigned char *key, size_t key_len,

-            int key_type, unsigned char *output,

+            uint8_t key_type, unsigned char *output,

             size_t requested_len);

 

 int crypt_set_algorithms_client(ssh_session session);

diff --git a/src/kdf.c b/src/kdf.c

index a88c92f8..44f06631 100644

--- a/src/kdf.c

+++ b/src/kdf.c

@@ -116,14 +116,13 @@ static void ssh_mac_final(unsigned char *md, ssh_mac_ctx ctx)

 

 int sshkdf_derive_key(struct ssh_crypto_struct *crypto,

                       unsigned char *key, size_t key_len,

-                      int key_type, unsigned char *output,

+                      uint8_t key_type, unsigned char *output,

                       size_t requested_len)

 {

     /* Can't use VLAs with Visual Studio, so allocate the biggest

      * digest buffer we can possibly need */

     unsigned char digest[DIGEST_MAX_LEN];

     size_t output_len = crypto->digest_len;

-    char letter = key_type;

     ssh_mac_ctx ctx;

 

     if (DIGEST_MAX_LEN < crypto->digest_len) {

@@ -137,7 +136,7 @@ int sshkdf_derive_key(struct ssh_crypto_struct *crypto,

 

     ssh_mac_update(ctx, key, key_len);

     ssh_mac_update(ctx, crypto->secret_hash, crypto->digest_len);

-    ssh_mac_update(ctx, &letter, 1);

+    ssh_mac_update(ctx, &key_type, 1);

     ssh_mac_update(ctx, crypto->session_id, crypto->session_id_len);

     ssh_mac_final(digest, ctx);

 

diff --git a/src/libcrypto.c b/src/libcrypto.c

index 5fef5209..468b63f0 100644

--- a/src/libcrypto.c

+++ b/src/libcrypto.c

@@ -214,7 +214,7 @@ static const char *sshkdf_digest_to_md(enum ssh_kdf_digest digest_type)

 

 int ssh_kdf(struct ssh_crypto_struct *crypto,

             unsigned char *key, size_t key_len,

-            int key_type, unsigned char *output,

+            uint8_t key_type, unsigned char *output,

             size_t requested_len)

 {

     EVP_KDF_CTX *ctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF);

@@ -330,7 +330,7 @@ out:

 #else

 int ssh_kdf(struct ssh_crypto_struct *crypto,

             unsigned char *key, size_t key_len,

-            int key_type, unsigned char *output,

+            uint8_t key_type, unsigned char *output,

             size_t requested_len)

 {

     return sshkdf_derive_key(crypto, key, key_len,

diff --git a/src/libgcrypt.c b/src/libgcrypt.c

index b8b86593..da5588ad 100644

--- a/src/libgcrypt.c

+++ b/src/libgcrypt.c

@@ -124,7 +124,7 @@ void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen)

 

 int ssh_kdf(struct ssh_crypto_struct *crypto,

             unsigned char *key, size_t key_len,

-            int key_type, unsigned char *output,

+            uint8_t key_type, unsigned char *output,

             size_t requested_len)

 {

     return sshkdf_derive_key(crypto, key, key_len,

diff --git a/src/libmbedcrypto.c b/src/libmbedcrypto.c

index c8137ce0..6d84bd51 100644

--- a/src/libmbedcrypto.c

+++ b/src/libmbedcrypto.c

@@ -127,7 +127,7 @@ void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen)

 

 int ssh_kdf(struct ssh_crypto_struct *crypto,

             unsigned char *key, size_t key_len,

-            int key_type, unsigned char *output,

+            uint8_t key_type, unsigned char *output,

             size_t requested_len)

 {

     return sshkdf_derive_key(crypto, key, key_len,

-- 

2.33.0
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/zengwefeng/libssh.git
[email protected]:zengwefeng/libssh.git
zengwefeng
libssh
libssh
master
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
仓库举报
回到顶部