xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

devssl: allocate cipher states in secret memory

Browse source
This commit is contained in:
cinap_lenrek 2016-08-27 20:37:14 +02:00
parent 0ac260b18a
commit 7250c438bb
1 changed files with 22 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

82
sys/src/9/port/devssl.c
View file

@ -373,14 +373,10 @@ sslclose(Chan *c)
sslhangup(s); sslhangup(s);
if(s->c) if(s->c)
cclose(s->c); cclose(s->c);
if(s->in.secret) secfree(s->in.secret);
free(s->in.secret); secfree(s->out.secret);
if(s->out.secret) secfree(s->in.state);
free(s->out.secret); secfree(s->out.state);
if(s->in.state)
free(s->in.state);
if(s->out.state)
free(s->out.state);
free(s); free(s);
} }
@ -826,10 +822,8 @@ sslput(Dstate *s, Block * volatile b)
static void static void
setsecret(OneWay *w, uchar *secret, int n) setsecret(OneWay *w, uchar *secret, int n)
{ {
if(w->secret) secfree(w->secret);
free(w->secret); w->secret = secalloc(n);
w->secret = smalloc(n);
memmove(w->secret, secret, n); memmove(w->secret, secret, n);
w->slen = n; w->slen = n;
} }
@ -837,12 +831,8 @@ setsecret(OneWay *w, uchar *secret, int n)
static void static void
initDESkey(OneWay *w) initDESkey(OneWay *w)
{ {
if(w->state){ secfree(w->state);
free(w->state); w->state = secalloc(sizeof(DESstate));
w->state = 0;
}
w->state = smalloc(sizeof(DESstate));
if(w->slen >= 16) if(w->slen >= 16)
setupDESstate(w->state, w->secret, w->secret+8); setupDESstate(w->state, w->secret, w->secret+8);
else if(w->slen >= 8) else if(w->slen >= 8)
@ -860,11 +850,6 @@ initDESkey_40(OneWay *w)
{ {
uchar key[8]; uchar key[8];
if(w->state){
free(w->state);
w->state = 0;
}
if(w->slen >= 8){ if(w->slen >= 8){
memmove(key, w->secret, 8); memmove(key, w->secret, 8);
key[0] &= 0x0f; key[0] &= 0x0f;
@ -872,25 +857,14 @@ initDESkey_40(OneWay *w)
key[4] &= 0x0f; key[4] &= 0x0f;
key[6] &= 0x0f; key[6] &= 0x0f;
} }
initDESkey(w);
w->state = smalloc(sizeof(DESstate));
if(w->slen >= 16)
setupDESstate(w->state, key, w->secret+8);
else if(w->slen >= 8)
setupDESstate(w->state, key, 0);
else
error("secret too short");
} }
static void static void
initRC4key(OneWay *w) initRC4key(OneWay *w)
{ {
if(w->state){ secfree(w->state);
free(w->state); w->state = secalloc(sizeof(RC4state));
w->state = 0;
}
w->state = smalloc(sizeof(RC4state));
setupRC4state(w->state, w->secret, w->slen); setupRC4state(w->state, w->secret, w->slen);
} }
@ -901,16 +875,9 @@ initRC4key(OneWay *w)
static void static void
initRC4key_40(OneWay *w) initRC4key_40(OneWay *w)
{ {
if(w->state){
free(w->state);
w->state = 0;
}
if(w->slen > 5) if(w->slen > 5)
w->slen = 5; w->slen = 5;
initRC4key(w);
w->state = smalloc(sizeof(RC4state));
setupRC4state(w->state, w->secret, w->slen);
} }
/* /*
@ -920,16 +887,9 @@ initRC4key_40(OneWay *w)
static void static void
initRC4key_128(OneWay *w) initRC4key_128(OneWay *w)
{ {
if(w->state){
free(w->state);
w->state = 0;
}
if(w->slen > 16) if(w->slen > 16)
w->slen = 16; w->slen = 16;
initRC4key(w);
w->state = smalloc(sizeof(RC4state));
setupRC4state(w->state, w->secret, w->slen);
} }
@ -1177,27 +1137,29 @@ sslwrite(Chan *c, void *a, long n, vlong)
break; break;
case Csin: case Csin:
p = cb->f[1]; p = cb->f[1];
m = (strlen(p)*3)/2; m = (strlen(p)*3)/2 + 1;
x = smalloc(m); x = secalloc(m);
t = dec64(x, m, p, strlen(p)); t = dec64(x, m, p, strlen(p));
memset(p, 0, strlen(p));
if(t <= 0){ if(t <= 0){
free(x); secfree(x);
error(Ebadarg); error(Ebadarg);
} }
setsecret(&s->in, x, t); setsecret(&s->in, x, t);
free(x); secfree(x);
break; break;
case Csout: case Csout:
p = cb->f[1]; p = cb->f[1];
m = (strlen(p)*3)/2 + 1; m = (strlen(p)*3)/2 + 1;
x = smalloc(m); x = secalloc(m);
t = dec64(x, m, p, strlen(p)); t = dec64(x, m, p, strlen(p));
memset(p, 0, strlen(p));
if(t <= 0){ if(t <= 0){
free(x); secfree(x);
error(Ebadarg); error(Ebadarg);
} }
setsecret(&s->out, x, t); setsecret(&s->out, x, t);
free(x); secfree(x);
break; break;
} }
poperror(); poperror();