Mercurial > dropbear
comparison packet.c @ 530:22a0d8355c2c
merge of 'a101cbd046507cf723e6362a49196dbd4b924042'
and 'c8e1b84cfe874887ad7df0dd95a00de46dbc0136'
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 26 Feb 2009 12:18:34 +0000 |
| parents | da6340a60039 378a6389f88e |
| children | c67c8c0c6c35 |
comparison
equal
deleted
inserted
replaced
| 529:da6340a60039 | 530:22a0d8355c2c |
|---|---|
| 247 buf_resize(ses.decryptreadbuf, ses.readbuf->len - macsize); | 247 buf_resize(ses.decryptreadbuf, ses.readbuf->len - macsize); |
| 248 buf_setlen(ses.decryptreadbuf, ses.decryptreadbuf->size); | 248 buf_setlen(ses.decryptreadbuf, ses.decryptreadbuf->size); |
| 249 buf_setpos(ses.decryptreadbuf, blocksize); | 249 buf_setpos(ses.decryptreadbuf, blocksize); |
| 250 | 250 |
| 251 /* decrypt it */ | 251 /* decrypt it */ |
| 252 while (ses.readbuf->pos < ses.readbuf->len - macsize) { | 252 len = ses.readbuf->len - macsize - ses.readbuf->pos; |
| 253 if (ses.keys->recv_crypt_mode->decrypt( | 253 if (ses.keys->recv_crypt_mode->decrypt( |
| 254 buf_getptr(ses.readbuf, blocksize), | 254 buf_getptr(ses.readbuf, len), |
| 255 buf_getwriteptr(ses.decryptreadbuf, blocksize), | 255 buf_getwriteptr(ses.decryptreadbuf, len), |
| 256 blocksize, | 256 len, |
| 257 &ses.keys->recv_cipher_state) != CRYPT_OK) { | 257 &ses.keys->recv_cipher_state) != CRYPT_OK) { |
| 258 dropbear_exit("error decrypting"); | 258 dropbear_exit("error decrypting"); |
| 259 } | 259 } |
| 260 buf_incrpos(ses.readbuf, blocksize); | 260 buf_incrpos(ses.readbuf, len); |
| 261 buf_incrwritepos(ses.decryptreadbuf, blocksize); | 261 buf_incrwritepos(ses.decryptreadbuf, len); |
| 262 } | |
| 263 | 262 |
| 264 /* check the hmac */ | 263 /* check the hmac */ |
| 265 buf_setpos(ses.readbuf, ses.readbuf->len - macsize); | 264 buf_setpos(ses.readbuf, ses.readbuf->len - macsize); |
| 266 if (checkmac(ses.readbuf, ses.decryptreadbuf) != DROPBEAR_SUCCESS) { | 265 if (checkmac(ses.readbuf, ses.decryptreadbuf) != DROPBEAR_SUCCESS) { |
| 267 dropbear_exit("Integrity error"); | 266 dropbear_exit("Integrity error"); |
| 461 unsigned char padlen; | 460 unsigned char padlen; |
| 462 unsigned char blocksize, macsize; | 461 unsigned char blocksize, macsize; |
| 463 buffer * writebuf; /* the packet which will go on the wire */ | 462 buffer * writebuf; /* the packet which will go on the wire */ |
| 464 buffer * clearwritebuf; /* unencrypted, possibly compressed */ | 463 buffer * clearwritebuf; /* unencrypted, possibly compressed */ |
| 465 unsigned char type; | 464 unsigned char type; |
| 466 unsigned int clear_len; | 465 unsigned int len; |
| 467 | 466 |
| 468 type = ses.writepayload->data[0]; | 467 type = ses.writepayload->data[0]; |
| 469 TRACE(("enter encrypt_packet()")) | 468 TRACE(("enter encrypt_packet()")) |
| 470 TRACE(("encrypt_packet type is %d", type)) | 469 TRACE(("encrypt_packet type is %d", type)) |
| 471 | 470 |
| 481 macsize = ses.keys->trans_algo_mac->hashsize; | 480 macsize = ses.keys->trans_algo_mac->hashsize; |
| 482 | 481 |
| 483 /* Encrypted packet len is payload+5, then worst case is if we are 3 away | 482 /* Encrypted packet len is payload+5, then worst case is if we are 3 away |
| 484 * from a blocksize multiple. In which case we need to pad to the | 483 * from a blocksize multiple. In which case we need to pad to the |
| 485 * multiple, then add another blocksize (or MIN_PACKET_LEN) */ | 484 * multiple, then add another blocksize (or MIN_PACKET_LEN) */ |
| 486 clear_len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3; | 485 len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3; |
| 487 | 486 |
| 488 #ifndef DISABLE_ZLIB | 487 #ifndef DISABLE_ZLIB |
| 489 clear_len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/ | 488 len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/ |
| 490 #endif | 489 #endif |
| 491 clearwritebuf = buf_new(clear_len); | 490 clearwritebuf = buf_new(len); |
| 492 buf_setlen(clearwritebuf, PACKET_PAYLOAD_OFF); | 491 buf_setlen(clearwritebuf, PACKET_PAYLOAD_OFF); |
| 493 buf_setpos(clearwritebuf, PACKET_PAYLOAD_OFF); | 492 buf_setpos(clearwritebuf, PACKET_PAYLOAD_OFF); |
| 494 | 493 |
| 495 buf_setpos(ses.writepayload, 0); | 494 buf_setpos(ses.writepayload, 0); |
| 496 | 495 |
| 538 /* create a new writebuffer, this is freed when it has been put on the | 537 /* create a new writebuffer, this is freed when it has been put on the |
| 539 * wire by writepacket() */ | 538 * wire by writepacket() */ |
| 540 writebuf = buf_new(clearwritebuf->len + macsize); | 539 writebuf = buf_new(clearwritebuf->len + macsize); |
| 541 | 540 |
| 542 /* encrypt it */ | 541 /* encrypt it */ |
| 543 while (clearwritebuf->pos < clearwritebuf->len) { | 542 len = clearwritebuf->len; |
| 544 if (ses.keys->trans_crypt_mode->encrypt( | 543 if (ses.keys->trans_crypt_mode->encrypt( |
| 545 buf_getptr(clearwritebuf, blocksize), | 544 buf_getptr(clearwritebuf, len), |
| 546 buf_getwriteptr(writebuf, blocksize), | 545 buf_getwriteptr(writebuf, len), |
| 547 blocksize, | 546 len, |
| 548 &ses.keys->trans_cipher_state) != CRYPT_OK) { | 547 &ses.keys->trans_cipher_state) != CRYPT_OK) { |
| 549 dropbear_exit("error encrypting"); | 548 dropbear_exit("error encrypting"); |
| 550 } | 549 } |
| 551 buf_incrpos(clearwritebuf, blocksize); | 550 buf_incrpos(clearwritebuf, len); |
| 552 buf_incrwritepos(writebuf, blocksize); | 551 buf_incrwritepos(writebuf, len); |
| 553 } | |
| 554 | 552 |
| 555 /* now add a hmac and we're done */ | 553 /* now add a hmac and we're done */ |
| 556 writemac(writebuf, clearwritebuf); | 554 writemac(writebuf, clearwritebuf); |
| 557 | 555 |
| 558 /* clearwritebuf is finished with */ | 556 /* clearwritebuf is finished with */ |