Mercurial > dropbear
view libtomcrypt/src/encauth/ocb/ocb_decrypt_verify_memory.c @ 1851:7f549ee3df48
Use HOME before /etc/passwd to find id_dropbear (#137)
Currently dbclient uses the value of HOME by default when looking for
~/.ssh/known_hosts, falling back to /etc/passwd if HOME is not set (so
that people can work around broken values in /etc/passwd).
However, when locating the default authentication key (defaults to
~/.ssh/id_dropbear), paths not starting with / are always prefixed with
the value from /etc/passwd.
Make the behaviour consistent by adjusting expand_homedir_path to use
the value of HOME, falling back to /etc/passwd if HOME is not set.
author | Matt Robinson <git@nerdoftheherd.com> |
---|---|
date | Tue, 19 Oct 2021 06:02:47 +0100 |
parents | 6dba84798cd5 |
children |
line wrap: on
line source
/* LibTomCrypt, modular cryptographic library -- Tom St Denis * * LibTomCrypt is a library that provides various cryptographic * algorithms in a highly modular and flexible manner. * * The library is free for all purposes without any express * guarantee it works. */ /** @file ocb_decrypt_verify_memory.c OCB implementation, helper to decrypt block of memory, by Tom St Denis */ #include "tomcrypt.h" #ifdef LTC_OCB_MODE /** Decrypt and compare the tag with OCB. @param cipher The index of the cipher desired @param key The secret key @param keylen The length of the secret key (octets) @param nonce The session nonce (length of the block size of the block cipher) @param ct The ciphertext @param ctlen The length of the ciphertext (octets) @param pt [out] The plaintext @param tag The tag to compare against @param taglen The length of the tag (octets) @param stat [out] The result of the tag comparison (1==valid, 0==invalid) @return CRYPT_OK if successful regardless of the tag comparison */ int ocb_decrypt_verify_memory(int cipher, const unsigned char *key, unsigned long keylen, const unsigned char *nonce, const unsigned char *ct, unsigned long ctlen, unsigned char *pt, const unsigned char *tag, unsigned long taglen, int *stat) { int err; ocb_state *ocb; LTC_ARGCHK(key != NULL); LTC_ARGCHK(nonce != NULL); LTC_ARGCHK(pt != NULL); LTC_ARGCHK(ct != NULL); LTC_ARGCHK(tag != NULL); LTC_ARGCHK(stat != NULL); /* allocate memory */ ocb = XMALLOC(sizeof(ocb_state)); if (ocb == NULL) { return CRYPT_MEM; } if ((err = ocb_init(ocb, cipher, key, keylen, nonce)) != CRYPT_OK) { goto LBL_ERR; } while (ctlen > (unsigned long)ocb->block_len) { if ((err = ocb_decrypt(ocb, ct, pt)) != CRYPT_OK) { goto LBL_ERR; } ctlen -= ocb->block_len; pt += ocb->block_len; ct += ocb->block_len; } err = ocb_done_decrypt(ocb, ct, ctlen, pt, tag, taglen, stat); LBL_ERR: #ifdef LTC_CLEAN_STACK zeromem(ocb, sizeof(ocb_state)); #endif XFREE(ocb); return err; } #endif /* ref: $Format:%D$ */ /* git commit: $Format:%H$ */ /* commit time: $Format:%ai$ */