summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2022-09-10 17:39:48 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2022-09-10 17:39:48 +0000
commite9abc577442a31d502290ecaa43c56cda942d780 (patch)
treecfef5b47027b268f14031991aaab976458b071b9
parentc17c9e0ede20475e4356366fc3d28e12bd8e2d2a (diff)
Use correct length for EVP CFB mode ciphers.
The BLOCK_CIPHER_* macros contained a bug where the total length is passed to the underlying cipher implementation, rather than the length of the current chunk. Correct this and use the chunk length instead. Should address the remaining issues reported by Coverity. ok tb@
-rw-r--r--lib/libcrypto/evp/e_bf.c4
-rw-r--r--lib/libcrypto/evp/e_camellia.c20
-rw-r--r--lib/libcrypto/evp/e_cast.c4
-rw-r--r--lib/libcrypto/evp/e_gost2814789.c4
-rw-r--r--lib/libcrypto/evp/e_idea.c4
-rw-r--r--lib/libcrypto/evp/e_rc2.c4
-rw-r--r--lib/libcrypto/evp/e_sm4.c4
7 files changed, 22 insertions, 22 deletions
diff --git a/lib/libcrypto/evp/e_bf.c b/lib/libcrypto/evp/e_bf.c
index 4122f701dad..f97f9ed1e42 100644
--- a/lib/libcrypto/evp/e_bf.c
+++ b/lib/libcrypto/evp/e_bf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_bf.c,v 1.12 2022/09/04 15:45:25 jsing Exp $ */
+/* $OpenBSD: e_bf.c,v 1.13 2022/09/10 17:39:47 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -114,7 +114,7 @@ bf_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in
chunk = inl;
while (inl && inl >= chunk) {
- BF_cfb64_encrypt(in, out, (long)inl, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ BF_cfb64_encrypt(in, out, (long)chunk, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
diff --git a/lib/libcrypto/evp/e_camellia.c b/lib/libcrypto/evp/e_camellia.c
index bff323b9326..3976baaa48a 100644
--- a/lib/libcrypto/evp/e_camellia.c
+++ b/lib/libcrypto/evp/e_camellia.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_camellia.c,v 1.14 2022/09/06 06:17:11 jsing Exp $ */
+/* $OpenBSD: e_camellia.c,v 1.15 2022/09/10 17:39:47 jsing Exp $ */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
@@ -113,7 +113,7 @@ camellia_128_cfb128_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsign
chunk = inl;
while (inl && inl >= chunk) {
- Camellia_cfb128_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Camellia_cfb128_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
@@ -271,7 +271,7 @@ camellia_192_cfb128_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsign
chunk = inl;
while (inl && inl >= chunk) {
- Camellia_cfb128_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Camellia_cfb128_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
@@ -429,7 +429,7 @@ camellia_256_cfb128_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsign
chunk = inl;
while (inl && inl >= chunk) {
- Camellia_cfb128_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Camellia_cfb128_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
@@ -573,7 +573,7 @@ camellia_128_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned
chunk = inl;
while (inl && inl >= chunk) {
- Camellia_cfb1_encrypt(in, out, ((1 == 1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ? inl * 8 : inl), &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Camellia_cfb1_encrypt(in, out, ((1 == 1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ? chunk * 8 : chunk), &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
@@ -617,7 +617,7 @@ camellia_192_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned
chunk = inl;
while (inl && inl >= chunk) {
- Camellia_cfb1_encrypt(in, out, ((1 == 1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ? inl * 8 : inl), &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Camellia_cfb1_encrypt(in, out, ((1 == 1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ? chunk * 8 : chunk), &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
@@ -661,7 +661,7 @@ camellia_256_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned
chunk = inl;
while (inl && inl >= chunk) {
- Camellia_cfb1_encrypt(in, out, ((1 == 1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ? inl * 8 : inl), &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Camellia_cfb1_encrypt(in, out, ((1 == 1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ? chunk * 8 : chunk), &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
@@ -704,7 +704,7 @@ camellia_128_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned
chunk = inl;
while (inl && inl >= chunk) {
- Camellia_cfb8_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Camellia_cfb8_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
@@ -746,7 +746,7 @@ camellia_192_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned
chunk = inl;
while (inl && inl >= chunk) {
- Camellia_cfb8_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Camellia_cfb8_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
@@ -788,7 +788,7 @@ camellia_256_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned
chunk = inl;
while (inl && inl >= chunk) {
- Camellia_cfb8_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Camellia_cfb8_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
diff --git a/lib/libcrypto/evp/e_cast.c b/lib/libcrypto/evp/e_cast.c
index e654962c756..f5654d9f3e1 100644
--- a/lib/libcrypto/evp/e_cast.c
+++ b/lib/libcrypto/evp/e_cast.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_cast.c,v 1.11 2022/09/04 15:45:25 jsing Exp $ */
+/* $OpenBSD: e_cast.c,v 1.12 2022/09/10 17:39:47 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -114,7 +114,7 @@ cast5_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char
chunk = inl;
while (inl && inl >= chunk) {
- CAST_cfb64_encrypt(in, out, (long)inl, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ CAST_cfb64_encrypt(in, out, (long)chunk, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
diff --git a/lib/libcrypto/evp/e_gost2814789.c b/lib/libcrypto/evp/e_gost2814789.c
index f4b903b9130..cff66e8c79c 100644
--- a/lib/libcrypto/evp/e_gost2814789.c
+++ b/lib/libcrypto/evp/e_gost2814789.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_gost2814789.c,v 1.9 2022/09/06 06:17:11 jsing Exp $ */
+/* $OpenBSD: e_gost2814789.c,v 1.10 2022/09/10 17:39:47 jsing Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
@@ -213,7 +213,7 @@ gost2814789_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned
chunk = inl;
while (inl && inl >= chunk) {
- Gost2814789_cfb64_encrypt(in, out, inl, &((EVP_GOST2814789_CTX *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ Gost2814789_cfb64_encrypt(in, out, chunk, &((EVP_GOST2814789_CTX *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
diff --git a/lib/libcrypto/evp/e_idea.c b/lib/libcrypto/evp/e_idea.c
index c7f2b30a44f..8696fb24507 100644
--- a/lib/libcrypto/evp/e_idea.c
+++ b/lib/libcrypto/evp/e_idea.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_idea.c,v 1.15 2022/09/04 15:45:25 jsing Exp $ */
+/* $OpenBSD: e_idea.c,v 1.16 2022/09/10 17:39:47 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -172,7 +172,7 @@ idea_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *
chunk = inl;
while (inl && inl >= chunk) {
- idea_cfb64_encrypt(in, out, (long)inl, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ idea_cfb64_encrypt(in, out, (long)chunk, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
diff --git a/lib/libcrypto/evp/e_rc2.c b/lib/libcrypto/evp/e_rc2.c
index 72e582d5e01..4f92365e7e7 100644
--- a/lib/libcrypto/evp/e_rc2.c
+++ b/lib/libcrypto/evp/e_rc2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_rc2.c,v 1.17 2022/09/04 15:45:25 jsing Exp $ */
+/* $OpenBSD: e_rc2.c,v 1.18 2022/09/10 17:39:47 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -116,7 +116,7 @@ rc2_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *i
chunk = inl;
while (inl && inl >= chunk) {
- RC2_cfb64_encrypt(in, out, (long)inl, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ RC2_cfb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
diff --git a/lib/libcrypto/evp/e_sm4.c b/lib/libcrypto/evp/e_sm4.c
index 4fecae9671d..11e9a74d69c 100644
--- a/lib/libcrypto/evp/e_sm4.c
+++ b/lib/libcrypto/evp/e_sm4.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_sm4.c,v 1.5 2022/09/06 06:17:11 jsing Exp $ */
+/* $OpenBSD: e_sm4.c,v 1.6 2022/09/10 17:39:47 jsing Exp $ */
/*
* Copyright (c) 2017, 2019 Ribose Inc
*
@@ -99,7 +99,7 @@ sm4_cfb128_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *
chunk = inl;
while (inl && inl >= chunk) {
- sm4_cfb128_encrypt(in, out, inl, &((EVP_SM4_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
+ sm4_cfb128_encrypt(in, out, chunk, &((EVP_SM4_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;