summaryrefslogtreecommitdiffhomepage
path: root/packet.c
diff options
context:
space:
mode:
authorMatt Johnston <matt@ucc.asn.au>2009-02-25 14:04:02 +0000
committerMatt Johnston <matt@ucc.asn.au>2009-02-25 14:04:02 +0000
commitcca4e1a0809c2798f47115888d4f176bd6c13f29 (patch)
tree1b68a40a677aec7d498848f9e124f4efcf1a2375 /packet.c
parentc04cc62ebf00f170f0713a4beb845a842b5f0bf1 (diff)
- Don't be dumb and encrypt/decrypt in a while() loop - why did I do this??
--HG-- extra : convert_revision : c8e1b84cfe874887ad7df0dd95a00de46dbc0136
Diffstat (limited to 'packet.c')
-rw-r--r--packet.c48
1 files changed, 23 insertions, 25 deletions
diff --git a/packet.c b/packet.c
index 870d5d8..2c98a34 100644
--- a/packet.c
+++ b/packet.c
@@ -240,17 +240,16 @@ void decrypt_packet() {
buf_setpos(ses.decryptreadbuf, blocksize);
/* decrypt it */
- while (ses.readbuf->pos < ses.readbuf->len - macsize) {
- if (ses.keys->recv_crypt_mode->decrypt(
- buf_getptr(ses.readbuf, blocksize),
- buf_getwriteptr(ses.decryptreadbuf, blocksize),
- blocksize,
- &ses.keys->recv_cipher_state) != CRYPT_OK) {
- dropbear_exit("error decrypting");
- }
- buf_incrpos(ses.readbuf, blocksize);
- buf_incrwritepos(ses.decryptreadbuf, blocksize);
+ len = ses.readbuf->len - macsize - ses.readbuf->pos;
+ if (ses.keys->recv_crypt_mode->decrypt(
+ buf_getptr(ses.readbuf, len),
+ buf_getwriteptr(ses.decryptreadbuf, len),
+ len,
+ &ses.keys->recv_cipher_state) != CRYPT_OK) {
+ dropbear_exit("error decrypting");
}
+ buf_incrpos(ses.readbuf, len);
+ buf_incrwritepos(ses.decryptreadbuf, len);
/* check the hmac */
buf_setpos(ses.readbuf, ses.readbuf->len - macsize);
@@ -454,7 +453,7 @@ void encrypt_packet() {
buffer * writebuf; /* the packet which will go on the wire */
buffer * clearwritebuf; /* unencrypted, possibly compressed */
unsigned char type;
- unsigned int clear_len;
+ unsigned int len;
type = ses.writepayload->data[0];
TRACE(("enter encrypt_packet()"))
@@ -474,12 +473,12 @@ void encrypt_packet() {
/* Encrypted packet len is payload+5, then worst case is if we are 3 away
* from a blocksize multiple. In which case we need to pad to the
* multiple, then add another blocksize (or MIN_PACKET_LEN) */
- clear_len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3;
+ len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3;
#ifndef DISABLE_ZLIB
- clear_len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/
+ len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/
#endif
- clearwritebuf = buf_new(clear_len);
+ clearwritebuf = buf_new(len);
buf_setlen(clearwritebuf, PACKET_PAYLOAD_OFF);
buf_setpos(clearwritebuf, PACKET_PAYLOAD_OFF);
@@ -531,17 +530,16 @@ void encrypt_packet() {
writebuf = buf_new(clearwritebuf->len + macsize);
/* encrypt it */
- while (clearwritebuf->pos < clearwritebuf->len) {
- if (ses.keys->trans_crypt_mode->encrypt(
- buf_getptr(clearwritebuf, blocksize),
- buf_getwriteptr(writebuf, blocksize),
- blocksize,
- &ses.keys->trans_cipher_state) != CRYPT_OK) {
- dropbear_exit("error encrypting");
- }
- buf_incrpos(clearwritebuf, blocksize);
- buf_incrwritepos(writebuf, blocksize);
- }
+ len = clearwritebuf->len;
+ if (ses.keys->trans_crypt_mode->encrypt(
+ buf_getptr(clearwritebuf, len),
+ buf_getwriteptr(writebuf, len),
+ len,
+ &ses.keys->trans_cipher_state) != CRYPT_OK) {
+ dropbear_exit("error encrypting");
+ }
+ buf_incrpos(clearwritebuf, len);
+ buf_incrwritepos(writebuf, len);
/* now add a hmac and we're done */
writemac(writebuf, clearwritebuf);