From c3ae1336fbefda2e71c68149d831b576ab001ac9 Mon Sep 17 00:00:00 2001 From: Anderson Toshiyuki Sasaki Date: Fri, 11 Dec 2020 12:21:48 +0100 Subject: [PATCH] packet_crypt: Move secure_memcmp() to a shared source Move the secure_memcmp() function to a shared source to make it available internally for other crypto implementations. Signed-off-by: Anderson Toshiyuki Sasaki Reviewed-by: Jakub Jelen --- include/libssh/crypto.h | 2 ++ src/CMakeLists.txt | 1 + src/crypto_common.c | 34 ++++++++++++++++++++++++++++++++++ src/packet_crypt.c | 11 ----------- 4 files changed, 37 insertions(+), 11 deletions(-) create mode 100644 src/crypto_common.c diff --git a/include/libssh/crypto.h b/include/libssh/crypto.h index ede71661..67d98392 100644 --- a/include/libssh/crypto.h +++ b/include/libssh/crypto.h @@ -213,4 +213,6 @@ int sshkdf_derive_key(struct ssh_crypto_struct *crypto, int key_type, unsigned char *output, size_t requested_len); +int secure_memcmp(const void *s1, const void *s2, size_t n); + #endif /* _CRYPTO_H_ */ diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index dd765de1..f07a8933 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -112,6 +112,7 @@ set(libssh_SRCS config.c connect.c connector.c + crypto_common.c curve25519.c dh.c ecdh.c diff --git a/src/crypto_common.c b/src/crypto_common.c new file mode 100644 index 00000000..8213ddb9 --- /dev/null +++ b/src/crypto_common.c @@ -0,0 +1,34 @@ +/* + * This file is part of the SSH Library + * + * Copyright (c) 2020 by Anderson Toshiyuki Sasaki - Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#include "config.h" +#include "libssh/crypto.h" + +int secure_memcmp(const void *s1, const void *s2, size_t n) +{ + int rc = 0; + const unsigned char *p1 = s1; + const unsigned char *p2 = s2; + for (; n > 0; --n) { + rc |= *p1++ ^ *p2++; + } + return (rc != 0); +} + diff --git a/src/packet_crypt.c b/src/packet_crypt.c index c2f7ab02..734ccafc 100644 --- a/src/packet_crypt.c +++ b/src/packet_crypt.c @@ -216,17 +216,6 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) return crypto->hmacbuf; } -static int secure_memcmp(const void *s1, const void *s2, size_t n) -{ - int rc = 0; - const unsigned char *p1 = s1; - const unsigned char *p2 = s2; - for (; n > 0; --n) { - rc |= *p1++ ^ *p2++; - } - return (rc != 0); -} - /** * @internal *