diff options
| -rw-r--r-- | crypto.c | 17 | ||||
| -rw-r--r-- | crypto_backend.h | 3 | ||||
| -rw-r--r-- | crypto_openssl.c | 18 | ||||
| -rw-r--r-- | crypto_polarssl.c | 18 |
4 files changed, 19 insertions, 37 deletions
@@ -438,12 +438,26 @@ init_key_ctx (struct key_ctx *ctx, struct key *key, const struct key_type *kt, int enc, const char *prefix) { + struct gc_arena gc = gc_new (); CLEAR (*ctx); if (kt->cipher && kt->cipher_length > 0) { + ALLOC_OBJ(ctx->cipher, cipher_ctx_t); cipher_ctx_init (ctx->cipher, key->cipher, kt->cipher_length, - kt->cipher, enc, prefix); + kt->cipher, enc); + + msg (D_HANDSHAKE, "%s: Cipher '%s' initialized with %d bit key", + prefix, + cipher_kt_name(kt->cipher), + kt->cipher_length *8); + + dmsg (D_SHOW_KEYS, "%s: CIPHER KEY: %s", prefix, + format_hex (key->cipher, kt->cipher_length, 0, &gc)); + dmsg (D_CRYPTO_DEBUG, "%s: CIPHER block_size=%d iv_size=%d", + prefix, + cipher_kt_block_size(kt->cipher), + cipher_kt_iv_size(kt->cipher)); } if (kt->digest && kt->hmac_length > 0) { @@ -451,6 +465,7 @@ init_key_ctx (struct key_ctx *ctx, struct key *key, hmac_ctx_init (ctx->hmac, key->hmac, kt->hmac_length, kt->digest, prefix); } + gc_free (&gc); } void diff --git a/crypto_backend.h b/crypto_backend.h index 71c3f47..25d985b 100644 --- a/crypto_backend.h +++ b/crypto_backend.h @@ -236,10 +236,9 @@ bool cipher_kt_mode (const cipher_kt_t *cipher_kt); * @param kt Static cipher parameters to use * @param enc Whether to encrypt or decrypt (either * \c POLARSSL_OP_ENCRYPT or \c POLARSSL_OP_DECRYPT). - * @param prefix Prefix to use for output. */ void cipher_ctx_init (cipher_ctx_t *ctx, uint8_t *key, int key_len, - const cipher_kt_t *kt, int enc, const char *prefix); + const cipher_kt_t *kt, int enc); /** * Cleanup the specified context. diff --git a/crypto_openssl.c b/crypto_openssl.c index 0981117..b94451a 100644 --- a/crypto_openssl.c +++ b/crypto_openssl.c @@ -571,10 +571,8 @@ cipher_kt_mode (const EVP_CIPHER *cipher_kt) void cipher_ctx_init (EVP_CIPHER_CTX *ctx, uint8_t *key, int key_len, - const EVP_CIPHER *kt, int enc, const char *prefix) + const EVP_CIPHER *kt, int enc) { - struct gc_arena gc = gc_new (); - ASSERT(NULL != kt && NULL != ctx); CLEAR (*ctx); @@ -589,22 +587,8 @@ cipher_ctx_init (EVP_CIPHER_CTX *ctx, uint8_t *key, int key_len, if (!EVP_CipherInit_ov (ctx, NULL, key, NULL, enc)) msg (M_SSLERR, "EVP cipher init #2"); - msg (D_HANDSHAKE, "%s: Cipher '%s' initialized with %d bit key", - prefix, - OBJ_nid2sn (EVP_CIPHER_CTX_nid (ctx)), - EVP_CIPHER_CTX_key_length (ctx) * 8); - /* make sure we used a big enough key */ ASSERT (EVP_CIPHER_CTX_key_length (ctx) <= key_len); - - dmsg (D_SHOW_KEYS, "%s: CIPHER KEY: %s", prefix, - format_hex (key, key_len, 0, &gc)); - dmsg (D_CRYPTO_DEBUG, "%s: CIPHER block_size=%d iv_size=%d", - prefix, - EVP_CIPHER_CTX_block_size (ctx), - EVP_CIPHER_CTX_iv_length (ctx)); - - gc_free (&gc); } void diff --git a/crypto_polarssl.c b/crypto_polarssl.c index 9c36478..368e8f8 100644 --- a/crypto_polarssl.c +++ b/crypto_polarssl.c @@ -329,10 +329,8 @@ cipher_kt_mode (const cipher_info_t *cipher_kt) void cipher_ctx_init (cipher_context_t *ctx, uint8_t *key, int key_len, - const cipher_info_t *kt, int enc, const char *prefix) + const cipher_info_t *kt, int enc) { - struct gc_arena gc = gc_new (); - ASSERT(NULL != kt && NULL != ctx); CLEAR (*ctx); @@ -343,22 +341,8 @@ cipher_ctx_init (cipher_context_t *ctx, uint8_t *key, int key_len, if (0 != cipher_setkey(ctx, key, key_len*8, enc)) msg (M_FATAL, "PolarSSL cipher set key"); - msg (D_HANDSHAKE, "%s: Cipher '%s' initialized with %d bit key", - prefix, - cipher_kt_name(kt), - cipher_get_key_size(ctx)); - /* make sure we used a big enough key */ ASSERT (ctx->key_length <= key_len*8); - - dmsg (D_SHOW_KEYS, "%s: CIPHER KEY: %s", prefix, - format_hex (key, key_len, 0, &gc)); - dmsg (D_CRYPTO_DEBUG, "%s: CIPHER block_size=%d iv_size=%d", - prefix, - cipher_get_block_size(ctx), - cipher_get_iv_size(ctx)); - - gc_free (&gc); } void cipher_ctx_cleanup (cipher_context_t *ctx) |