From 898cb8835a2b99df2914c60dd871ef7e334a0fdb Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Mon, 26 Nov 2018 21:02:28 +0000 Subject: [PATCH] Make ssh_key and ssh{2,1}_cipher into structs. In commit 884a7df94 I claimed that all my trait-like vtable systems now had the generic object type being a struct rather than a bare vtable pointer (e.g. instead of 'Socket' being a typedef for a pointer to a const Socket_vtable, it's a typedef for a struct _containing_ a vtable pointer). In fact, I missed a few. This commit converts ssh_key, ssh2_cipher and ssh1_cipher into the same form as the rest. --- ssh.h | 56 +++++++++++++++++++----------------- sshaes.c | 20 ++++++------- ssharcf.c | 14 ++++----- sshblowf.c | 34 +++++++++++----------- sshccp.c | 22 +++++++-------- sshdes.c | 81 +++++++++++++++++++++++++++++++++-------------------- sshdss.c | 4 +-- sshdssg.c | 2 +- sshecc.c | 22 +++++++-------- sshecdsag.c | 4 +-- sshrsa.c | 4 +-- sshrsag.c | 2 +- 12 files changed, 145 insertions(+), 120 deletions(-) diff --git a/ssh.h b/ssh.h index 4d5021ce..d3e70ea5 100644 --- a/ssh.h +++ b/ssh.h @@ -395,7 +395,9 @@ typedef void *Bignum; #endif typedef struct ssh_keyalg ssh_keyalg; -typedef const struct ssh_keyalg *ssh_key; +typedef struct ssh_key { + const struct ssh_keyalg *vt; +} ssh_key; struct RSAKey { int bits; @@ -558,7 +560,9 @@ Bignum *dss_gen_k(const char *id_string, Bignum modulus, Bignum private_key, unsigned char *digest, int digest_len); struct ssh2_cipheralg; -typedef const struct ssh2_cipheralg *ssh2_cipher; +typedef struct ssh2_cipher { + const struct ssh2_cipheralg *vt; +} ssh2_cipher; typedef struct { uint32_t h[4]; @@ -630,7 +634,9 @@ void SHA384_Simple(const void *p, int len, unsigned char *output); struct ssh2_macalg; struct ssh1_cipheralg; -typedef const struct ssh1_cipheralg *ssh1_cipher; +typedef struct ssh1_cipher { + const struct ssh1_cipheralg *vt; +} ssh1_cipher; struct ssh1_cipheralg { ssh1_cipher *(*new)(void); @@ -643,10 +649,10 @@ struct ssh1_cipheralg { }; #define ssh1_cipher_new(alg) ((alg)->new()) -#define ssh1_cipher_free(ctx) ((*(ctx))->free(ctx)) -#define ssh1_cipher_sesskey(ctx, key) ((*(ctx))->sesskey(ctx, key)) -#define ssh1_cipher_encrypt(ctx, blk, len) ((*(ctx))->encrypt(ctx, blk, len)) -#define ssh1_cipher_decrypt(ctx, blk, len) ((*(ctx))->decrypt(ctx, blk, len)) +#define ssh1_cipher_free(ctx) ((ctx)->vt->free(ctx)) +#define ssh1_cipher_sesskey(ctx, key) ((ctx)->vt->sesskey(ctx, key)) +#define ssh1_cipher_encrypt(ctx, blk, len) ((ctx)->vt->encrypt(ctx, blk, len)) +#define ssh1_cipher_decrypt(ctx, blk, len) ((ctx)->vt->decrypt(ctx, blk, len)) struct ssh2_cipheralg { ssh2_cipher *(*new)(const struct ssh2_cipheralg *alg); @@ -684,16 +690,16 @@ struct ssh2_cipheralg { }; #define ssh2_cipher_new(alg) ((alg)->new(alg)) -#define ssh2_cipher_free(ctx) ((*(ctx))->free(ctx)) -#define ssh2_cipher_setiv(ctx, iv) ((*(ctx))->setiv(ctx, iv)) -#define ssh2_cipher_setkey(ctx, key) ((*(ctx))->setkey(ctx, key)) -#define ssh2_cipher_encrypt(ctx, blk, len) ((*(ctx))->encrypt(ctx, blk, len)) -#define ssh2_cipher_decrypt(ctx, blk, len) ((*(ctx))->decrypt(ctx, blk, len)) +#define ssh2_cipher_free(ctx) ((ctx)->vt->free(ctx)) +#define ssh2_cipher_setiv(ctx, iv) ((ctx)->vt->setiv(ctx, iv)) +#define ssh2_cipher_setkey(ctx, key) ((ctx)->vt->setkey(ctx, key)) +#define ssh2_cipher_encrypt(ctx, blk, len) ((ctx)->vt->encrypt(ctx, blk, len)) +#define ssh2_cipher_decrypt(ctx, blk, len) ((ctx)->vt->decrypt(ctx, blk, len)) #define ssh2_cipher_encrypt_length(ctx, blk, len, seq) \ - ((*(ctx))->encrypt_length(ctx, blk, len, seq)) + ((ctx)->vt->encrypt_length(ctx, blk, len, seq)) #define ssh2_cipher_decrypt_length(ctx, blk, len, seq) \ - ((*(ctx))->decrypt_length(ctx, blk, len, seq)) -#define ssh2_cipher_alg(ctx) (*(ctx)) + ((ctx)->vt->decrypt_length(ctx, blk, len, seq)) +#define ssh2_cipher_alg(ctx) ((ctx)->vt) struct ssh2_ciphers { int nciphers; @@ -792,20 +798,20 @@ struct ssh_keyalg { #define ssh_key_new_priv(alg, pub, priv) ((alg)->new_priv(alg, pub, priv)) #define ssh_key_new_priv_openssh(alg, bs) ((alg)->new_priv_openssh(alg, bs)) -#define ssh_key_free(key) ((*(key))->freekey(key)) +#define ssh_key_free(key) ((key)->vt->freekey(key)) #define ssh_key_sign(key, data, len, flags, bs) \ - ((*(key))->sign(key, data, len, flags, bs)) -#define ssh_key_verify(key, sig, data) ((*(key))->verify(key, sig, data)) -#define ssh_key_public_blob(key, bs) ((*(key))->public_blob(key, bs)) -#define ssh_key_private_blob(key, bs) ((*(key))->private_blob(key, bs)) -#define ssh_key_openssh_blob(key, bs) ((*(key))->openssh_blob(key, bs)) -#define ssh_key_cache_str(key) ((*(key))->cache_str(key)) + ((key)->vt->sign(key, data, len, flags, bs)) +#define ssh_key_verify(key, sig, data) ((key)->vt->verify(key, sig, data)) +#define ssh_key_public_blob(key, bs) ((key)->vt->public_blob(key, bs)) +#define ssh_key_private_blob(key, bs) ((key)->vt->private_blob(key, bs)) +#define ssh_key_openssh_blob(key, bs) ((key)->vt->openssh_blob(key, bs)) +#define ssh_key_cache_str(key) ((key)->vt->cache_str(key)) #define ssh_key_public_bits(alg, blob) ((alg)->pubkey_bits(alg, blob)) -#define ssh_key_alg(key) (*(key)) -#define ssh_key_ssh_id(key) ((*(key))->ssh_id) -#define ssh_key_cache_id(key) ((*(key))->cache_id) +#define ssh_key_alg(key) (key)->vt +#define ssh_key_ssh_id(key) ((key)->vt->ssh_id) +#define ssh_key_cache_id(key) ((key)->vt->cache_id) /* * Enumeration of signature flags from draft-miller-ssh-agent-02 diff --git a/sshaes.c b/sshaes.c index fad9ff4f..c7e7ff6a 100644 --- a/sshaes.c +++ b/sshaes.c @@ -1042,50 +1042,50 @@ void aes256_decrypt_pubkey(const void *key, void *blk, int len) struct aes_ssh2_ctx { AESContext context; - ssh2_cipher vt; + ssh2_cipher ciph; }; ssh2_cipher *aes_ssh2_new(const struct ssh2_cipheralg *alg) { struct aes_ssh2_ctx *ctx = snew(struct aes_ssh2_ctx); - ctx->vt = alg; - return &ctx->vt; + ctx->ciph.vt = alg; + return &ctx->ciph; } static void aes_ssh2_free(ssh2_cipher *cipher) { - struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, vt); + struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, ciph); smemclr(ctx, sizeof(*ctx)); sfree(ctx); } static void aes_ssh2_setiv(ssh2_cipher *cipher, const void *iv) { - struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, vt); + struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, ciph); aes_iv(&ctx->context, iv); } static void aes_ssh2_setkey(ssh2_cipher *cipher, const void *key) { - struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, vt); - aes_setup(&ctx->context, key, ctx->vt->padded_keybytes); + struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, ciph); + aes_setup(&ctx->context, key, ctx->ciph.vt->padded_keybytes); } static void aes_ssh2_encrypt(ssh2_cipher *cipher, void *blk, int len) { - struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, vt); + struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, ciph); aes_encrypt_cbc(blk, len, &ctx->context); } static void aes_ssh2_decrypt(ssh2_cipher *cipher, void *blk, int len) { - struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, vt); + struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, ciph); aes_decrypt_cbc(blk, len, &ctx->context); } static void aes_ssh2_sdctr_method(ssh2_cipher *cipher, void *blk, int len) { - struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, vt); + struct aes_ssh2_ctx *ctx = container_of(cipher, struct aes_ssh2_ctx, ciph); aes_sdctr(blk, len, &ctx->context); } diff --git a/ssharcf.c b/ssharcf.c index fe1282fa..fd20f001 100644 --- a/ssharcf.c +++ b/ssharcf.c @@ -9,7 +9,7 @@ typedef struct { unsigned char i, j, s[256]; - ssh2_cipher vt; + ssh2_cipher ciph; } ArcfourContext; static void arcfour_block(void *handle, void *vblk, int len) @@ -65,13 +65,13 @@ static void arcfour_setkey(ArcfourContext *ctx, unsigned char const *key, static ssh2_cipher *arcfour_new(const struct ssh2_cipheralg *alg) { ArcfourContext *ctx = snew(ArcfourContext); - ctx->vt = alg; - return &ctx->vt; + ctx->ciph.vt = alg; + return &ctx->ciph; } static void arcfour_free(ssh2_cipher *cipher) { - ArcfourContext *ctx = container_of(cipher, ArcfourContext, vt); + ArcfourContext *ctx = container_of(cipher, ArcfourContext, ciph); smemclr(ctx, sizeof(*ctx)); sfree(ctx); } @@ -92,14 +92,14 @@ static void arcfour_ssh2_setiv(ssh2_cipher *cipher, const void *key) static void arcfour_ssh2_setkey(ssh2_cipher *cipher, const void *key) { - ArcfourContext *ctx = container_of(cipher, ArcfourContext, vt); - arcfour_setkey(ctx, key, ctx->vt->padded_keybytes); + ArcfourContext *ctx = container_of(cipher, ArcfourContext, ciph); + arcfour_setkey(ctx, key, ctx->ciph.vt->padded_keybytes); arcfour_stir(ctx); } static void arcfour_ssh2_block(ssh2_cipher *cipher, void *blk, int len) { - ArcfourContext *ctx = container_of(cipher, ArcfourContext, vt); + ArcfourContext *ctx = container_of(cipher, ArcfourContext, ciph); arcfour_block(ctx, blk, len); } diff --git a/sshblowf.c b/sshblowf.c index c440556f..12d20db4 100644 --- a/sshblowf.c +++ b/sshblowf.c @@ -576,20 +576,20 @@ static void blowfish_iv(BlowfishContext *ctx, const void *viv) struct blowfish_ssh1_ctx { /* In SSH-1, need one key for each direction */ BlowfishContext contexts[2]; - ssh1_cipher vt; + ssh1_cipher ciph; }; static ssh1_cipher *blowfish_ssh1_new(void) { struct blowfish_ssh1_ctx *ctx = snew(struct blowfish_ssh1_ctx); - ctx->vt = &ssh1_blowfish; - return &ctx->vt; + ctx->ciph.vt = &ssh1_blowfish; + return &ctx->ciph; } static void blowfish_ssh1_free(ssh1_cipher *cipher) { struct blowfish_ssh1_ctx *ctx = - container_of(cipher, struct blowfish_ssh1_ctx, vt); + container_of(cipher, struct blowfish_ssh1_ctx, ciph); smemclr(ctx, sizeof(*ctx)); sfree(ctx); } @@ -597,7 +597,7 @@ static void blowfish_ssh1_free(ssh1_cipher *cipher) static void blowfish_ssh1_sesskey(ssh1_cipher *cipher, const void *key) { struct blowfish_ssh1_ctx *ctx = - container_of(cipher, struct blowfish_ssh1_ctx, vt); + container_of(cipher, struct blowfish_ssh1_ctx, ciph); blowfish_setkey(&ctx->contexts[0], key, SSH1_SESSION_KEY_LENGTH); ctx->contexts[0].iv0 = ctx->contexts[0].iv1 = 0; ctx->contexts[1] = ctx->contexts[0]; /* structure copy */ @@ -606,33 +606,33 @@ static void blowfish_ssh1_sesskey(ssh1_cipher *cipher, const void *key) static void blowfish_ssh1_encrypt_blk(ssh1_cipher *cipher, void *blk, int len) { struct blowfish_ssh1_ctx *ctx = - container_of(cipher, struct blowfish_ssh1_ctx, vt); + container_of(cipher, struct blowfish_ssh1_ctx, ciph); blowfish_lsb_encrypt_cbc(blk, len, ctx->contexts); } static void blowfish_ssh1_decrypt_blk(ssh1_cipher *cipher, void *blk, int len) { struct blowfish_ssh1_ctx *ctx = - container_of(cipher, struct blowfish_ssh1_ctx, vt); + container_of(cipher, struct blowfish_ssh1_ctx, ciph); blowfish_lsb_decrypt_cbc(blk, len, ctx->contexts+1); } struct blowfish_ssh2_ctx { BlowfishContext context; - ssh2_cipher vt; + ssh2_cipher ciph; }; static ssh2_cipher *blowfish_ssh2_new(const struct ssh2_cipheralg *alg) { struct blowfish_ssh2_ctx *ctx = snew(struct blowfish_ssh2_ctx); - ctx->vt = alg; - return &ctx->vt; + ctx->ciph.vt = alg; + return &ctx->ciph; } static void blowfish_ssh2_free(ssh2_cipher *cipher) { struct blowfish_ssh2_ctx *ctx = - container_of(cipher, struct blowfish_ssh2_ctx, vt); + container_of(cipher, struct blowfish_ssh2_ctx, ciph); smemclr(ctx, sizeof(*ctx)); sfree(ctx); } @@ -640,35 +640,35 @@ static void blowfish_ssh2_free(ssh2_cipher *cipher) static void blowfish_ssh2_setiv(ssh2_cipher *cipher, const void *iv) { struct blowfish_ssh2_ctx *ctx = - container_of(cipher, struct blowfish_ssh2_ctx, vt); + container_of(cipher, struct blowfish_ssh2_ctx, ciph); blowfish_iv(&ctx->context, iv); } static void blowfish_ssh2_setkey(ssh2_cipher *cipher, const void *key) { struct blowfish_ssh2_ctx *ctx = - container_of(cipher, struct blowfish_ssh2_ctx, vt); - blowfish_setkey(&ctx->context, key, ctx->vt->padded_keybytes); + container_of(cipher, struct blowfish_ssh2_ctx, ciph); + blowfish_setkey(&ctx->context, key, ctx->ciph.vt->padded_keybytes); } static void blowfish_ssh2_encrypt_blk(ssh2_cipher *cipher, void *blk, int len) { struct blowfish_ssh2_ctx *ctx = - container_of(cipher, struct blowfish_ssh2_ctx, vt); + container_of(cipher, struct blowfish_ssh2_ctx, ciph); blowfish_msb_encrypt_cbc(blk, len, &ctx->context); } static void blowfish_ssh2_decrypt_blk(ssh2_cipher *cipher, void *blk, int len) { struct blowfish_ssh2_ctx *ctx = - container_of(cipher, struct blowfish_ssh2_ctx, vt); + container_of(cipher, struct blowfish_ssh2_ctx, ciph); blowfish_msb_decrypt_cbc(blk, len, &ctx->context); } static void blowfish_ssh2_sdctr(ssh2_cipher *cipher, void *blk, int len) { struct blowfish_ssh2_ctx *ctx = - container_of(cipher, struct blowfish_ssh2_ctx, vt); + container_of(cipher, struct blowfish_ssh2_ctx, ciph); blowfish_msb_sdctr(blk, len, &ctx->context); } diff --git a/sshccp.c b/sshccp.c index 1ce40699..176e6094 100644 --- a/sshccp.c +++ b/sshccp.c @@ -866,14 +866,14 @@ struct ccp_context { struct poly1305 mac; BinarySink_IMPLEMENTATION; - ssh2_cipher cvt; + ssh2_cipher ciph; ssh2_mac mac_if; }; static ssh2_mac *poly_ssh2_new( const struct ssh2_macalg *alg, ssh2_cipher *cipher) { - struct ccp_context *ctx = container_of(cipher, struct ccp_context, cvt); + struct ccp_context *ctx = container_of(cipher, struct ccp_context, ciph); ctx->mac_if.vt = alg; BinarySink_DELEGATE_INIT(&ctx->mac_if, ctx); return &ctx->mac_if; @@ -950,13 +950,13 @@ static ssh2_cipher *ccp_new(const struct ssh2_cipheralg *alg) struct ccp_context *ctx = snew(struct ccp_context); BinarySink_INIT(ctx, poly_BinarySink_write); poly1305_init(&ctx->mac); - ctx->cvt = alg; - return &ctx->cvt; + ctx->ciph.vt = alg; + return &ctx->ciph; } static void ccp_free(ssh2_cipher *cipher) { - struct ccp_context *ctx = container_of(cipher, struct ccp_context, cvt); + struct ccp_context *ctx = container_of(cipher, struct ccp_context, ciph); smemclr(&ctx->a_cipher, sizeof(ctx->a_cipher)); smemclr(&ctx->b_cipher, sizeof(ctx->b_cipher)); smemclr(&ctx->mac, sizeof(ctx->mac)); @@ -966,14 +966,14 @@ static void ccp_free(ssh2_cipher *cipher) static void ccp_iv(ssh2_cipher *cipher, const void *iv) { /* struct ccp_context *ctx = - container_of(cipher, struct ccp_context, cvt); */ + container_of(cipher, struct ccp_context, ciph); */ /* IV is set based on the sequence number */ } static void ccp_key(ssh2_cipher *cipher, const void *vkey) { const unsigned char *key = (const unsigned char *)vkey; - struct ccp_context *ctx = container_of(cipher, struct ccp_context, cvt); + struct ccp_context *ctx = container_of(cipher, struct ccp_context, ciph); /* Initialise the a_cipher (for decrypting lengths) with the first 256 bits */ chacha20_key(&ctx->a_cipher, key + 32); /* Initialise the b_cipher (for content and MAC) with the second 256 bits */ @@ -982,13 +982,13 @@ static void ccp_key(ssh2_cipher *cipher, const void *vkey) static void ccp_encrypt(ssh2_cipher *cipher, void *blk, int len) { - struct ccp_context *ctx = container_of(cipher, struct ccp_context, cvt); + struct ccp_context *ctx = container_of(cipher, struct ccp_context, ciph); chacha20_encrypt(&ctx->b_cipher, blk, len); } static void ccp_decrypt(ssh2_cipher *cipher, void *blk, int len) { - struct ccp_context *ctx = container_of(cipher, struct ccp_context, cvt); + struct ccp_context *ctx = container_of(cipher, struct ccp_context, ciph); chacha20_decrypt(&ctx->b_cipher, blk, len); } @@ -1012,7 +1012,7 @@ static void ccp_length_op(struct ccp_context *ctx, void *blk, int len, static void ccp_encrypt_length(ssh2_cipher *cipher, void *blk, int len, unsigned long seq) { - struct ccp_context *ctx = container_of(cipher, struct ccp_context, cvt); + struct ccp_context *ctx = container_of(cipher, struct ccp_context, ciph); ccp_length_op(ctx, blk, len, seq); chacha20_encrypt(&ctx->a_cipher, blk, len); } @@ -1020,7 +1020,7 @@ static void ccp_encrypt_length(ssh2_cipher *cipher, void *blk, int len, static void ccp_decrypt_length(ssh2_cipher *cipher, void *blk, int len, unsigned long seq) { - struct ccp_context *ctx = container_of(cipher, struct ccp_context, cvt); + struct ccp_context *ctx = container_of(cipher, struct ccp_context, ciph); ccp_length_op(ctx, blk, len, seq); chacha20_decrypt(&ctx->a_cipher, blk, len); } diff --git a/sshdes.c b/sshdes.c index 3c5953f1..bdc6f8d0 100644 --- a/sshdes.c +++ b/sshdes.c @@ -776,122 +776,133 @@ static void des_key(DESContext *context, const void *vkey) struct des3_ssh1_ctx { /* 3 cipher context for each direction */ DESContext contexts[6]; - ssh1_cipher vt; + ssh1_cipher ciph; }; struct des_ssh1_ctx { /* 1 cipher context for each direction */ DESContext contexts[2]; - ssh1_cipher vt; + ssh1_cipher ciph; }; static ssh1_cipher *des3_ssh1_new(void) { struct des3_ssh1_ctx *ctx = snew(struct des3_ssh1_ctx); - ctx->vt = &ssh1_3des; - return &ctx->vt; + ctx->ciph.vt = &ssh1_3des; + return &ctx->ciph; } static ssh1_cipher *des_ssh1_new(void) { struct des_ssh1_ctx *ctx = snew(struct des_ssh1_ctx); - ctx->vt = &ssh1_des; - return &ctx->vt; + ctx->ciph.vt = &ssh1_des; + return &ctx->ciph; } static void des3_ssh1_free(ssh1_cipher *cipher) { - struct des3_ssh1_ctx *ctx = container_of(cipher, struct des3_ssh1_ctx, vt); + struct des3_ssh1_ctx *ctx = container_of( + cipher, struct des3_ssh1_ctx, ciph); smemclr(ctx, sizeof(*ctx)); sfree(ctx); } static void des_ssh1_free(ssh1_cipher *cipher) { - struct des_ssh1_ctx *ctx = container_of(cipher, struct des_ssh1_ctx, vt); + struct des_ssh1_ctx *ctx = container_of( + cipher, struct des_ssh1_ctx, ciph); smemclr(ctx, sizeof(*ctx)); sfree(ctx); } static void des3_ssh1_sesskey(ssh1_cipher *cipher, const void *key) { - struct des3_ssh1_ctx *ctx = container_of(cipher, struct des3_ssh1_ctx, vt); + struct des3_ssh1_ctx *ctx = container_of( + cipher, struct des3_ssh1_ctx, ciph); des3_key(ctx->contexts, key); des3_key(ctx->contexts+3, key); } static void des3_ssh1_encrypt_blk(ssh1_cipher *cipher, void *blk, int len) { - struct des3_ssh1_ctx *ctx = container_of(cipher, struct des3_ssh1_ctx, vt); + struct des3_ssh1_ctx *ctx = container_of( + cipher, struct des3_ssh1_ctx, ciph); des_3cbc_encrypt(blk, len, ctx->contexts); } static void des3_ssh1_decrypt_blk(ssh1_cipher *cipher, void *blk, int len) { - struct des3_ssh1_ctx *ctx = container_of(cipher, struct des3_ssh1_ctx, vt); + struct des3_ssh1_ctx *ctx = container_of( + cipher, struct des3_ssh1_ctx, ciph); des_3cbc_decrypt(blk, len, ctx->contexts+3); } static void des_ssh1_sesskey(ssh1_cipher *cipher, const void *key) { - struct des_ssh1_ctx *ctx = container_of(cipher, struct des_ssh1_ctx, vt); + struct des_ssh1_ctx *ctx = container_of( + cipher, struct des_ssh1_ctx, ciph); des_key(ctx->contexts, key); des_key(ctx->contexts+1, key); } static void des_ssh1_encrypt_blk(ssh1_cipher *cipher, void *blk, int len) { - struct des_ssh1_ctx *ctx = container_of(cipher, struct des_ssh1_ctx, vt); + struct des_ssh1_ctx *ctx = container_of( + cipher, struct des_ssh1_ctx, ciph); des_cbc_encrypt(blk, len, ctx->contexts); } static void des_ssh1_decrypt_blk(ssh1_cipher *cipher, void *blk, int len) { - struct des_ssh1_ctx *ctx = container_of(cipher, struct des_ssh1_ctx, vt); + struct des_ssh1_ctx *ctx = container_of( + cipher, struct des_ssh1_ctx, ciph); des_cbc_decrypt(blk, len, ctx->contexts+1); } struct des3_ssh2_ctx { DESContext contexts[3]; - ssh2_cipher vt; + ssh2_cipher ciph; }; struct des_ssh2_ctx { DESContext context; - ssh2_cipher vt; + ssh2_cipher ciph; }; static ssh2_cipher *des3_ssh2_new(const struct ssh2_cipheralg *alg) { struct des3_ssh2_ctx *ctx = snew(struct des3_ssh2_ctx); - ctx->vt = alg; - return &ctx->vt; + ctx->ciph.vt = alg; + return &ctx->ciph; } static ssh2_cipher *des_ssh2_new(const struct ssh2_cipheralg *alg) { struct des_ssh2_ctx *ctx = snew(struct des_ssh2_ctx); - ctx->vt = alg; - return &ctx->vt; + ctx->ciph.vt = alg; + return &ctx->ciph; } static void des3_ssh2_free(ssh2_cipher *cipher) { - struct des3_ssh2_ctx *ctx = container_of(cipher, struct des3_ssh2_ctx, vt); + struct des3_ssh2_ctx *ctx = container_of( + cipher, struct des3_ssh2_ctx, ciph); smemclr(ctx, sizeof(*ctx)); sfree(ctx); } static void des_ssh2_free(ssh2_cipher *cipher) { - struct des_ssh2_ctx *ctx = container_of(cipher, struct des_ssh2_ctx, vt); + struct des_ssh2_ctx *ctx = container_of( + cipher, struct des_ssh2_ctx, ciph); smemclr(ctx, sizeof(*ctx)); sfree(ctx); } static void des3_ssh2_setiv(ssh2_cipher *cipher, const void *iv) { - struct des3_ssh2_ctx *ctx = container_of(cipher, struct des3_ssh2_ctx, vt); + struct des3_ssh2_ctx *ctx = container_of( + cipher, struct des3_ssh2_ctx, ciph); des_iv(&ctx->contexts[0], iv); /* SSH-2 treats triple-DES as a single block cipher to wrap in * CBC, so there's only one IV required, not three */ @@ -899,49 +910,57 @@ static void des3_ssh2_setiv(ssh2_cipher *cipher, const void *iv) static void des3_ssh2_setkey(ssh2_cipher *cipher, const void *key) { - struct des3_ssh2_ctx *ctx = container_of(cipher, struct des3_ssh2_ctx, vt); + struct des3_ssh2_ctx *ctx = container_of( + cipher, struct des3_ssh2_ctx, ciph); des3_key(ctx->contexts, key); } static void des_ssh2_setiv(ssh2_cipher *cipher, const void *iv) { - struct des_ssh2_ctx *ctx = container_of(cipher, struct des_ssh2_ctx, vt); + struct des_ssh2_ctx *ctx = container_of( + cipher, struct des_ssh2_ctx, ciph); des_iv(&ctx->context, iv); } static void des_ssh2_setkey(ssh2_cipher *cipher, const void *key) { - struct des_ssh2_ctx *ctx = container_of(cipher, struct des_ssh2_ctx, vt); + struct des_ssh2_ctx *ctx = container_of( + cipher, struct des_ssh2_ctx, ciph); des_key(&ctx->context, key); } static void des3_ssh2_encrypt_blk(ssh2_cipher *cipher, void *blk, int len) { - struct des3_ssh2_ctx *ctx = container_of(cipher, struct des3_ssh2_ctx, vt); + struct des3_ssh2_ctx *ctx = container_of( + cipher, struct des3_ssh2_ctx, ciph); des_cbc3_encrypt(blk, len, ctx->contexts); } static void des3_ssh2_decrypt_blk(ssh2_cipher *cipher, void *blk, int len) { - struct des3_ssh2_ctx *ctx = container_of(cipher, struct des3_ssh2_ctx, vt); + struct des3_ssh2_ctx *ctx = container_of( + cipher, struct des3_ssh2_ctx, ciph); des_cbc3_decrypt(blk, len, ctx->contexts); } static void des3_ssh2_sdctr(ssh2_cipher *cipher, void *blk, int len) { - struct des3_ssh2_ctx *ctx = container_of(cipher, struct des3_ssh2_ctx, vt); + struct des3_ssh2_ctx *ctx = container_of( + cipher, struct des3_ssh2_ctx, ciph); des_sdctr3(blk, len, ctx->contexts); } static void des_ssh2_encrypt_blk(ssh2_cipher *cipher, void *blk, int len) { - struct des_ssh2_ctx *ctx = container_of(cipher, struct des_ssh2_ctx, vt); + struct des_ssh2_ctx *ctx = container_of( + cipher, struct des_ssh2_ctx, ciph); des_cbc_encrypt(blk, len, &ctx->context); } static void des_ssh2_decrypt_blk(ssh2_cipher *cipher, void *blk, int len) { - struct des_ssh2_ctx *ctx = container_of(cipher, struct des_ssh2_ctx, vt); + struct des_ssh2_ctx *ctx = container_of( + cipher, struct des_ssh2_ctx, ciph); des_cbc_decrypt(blk, len, &ctx->context); } diff --git a/sshdss.c b/sshdss.c index f56fbe62..ce3853b9 100644 --- a/sshdss.c +++ b/sshdss.c @@ -21,7 +21,7 @@ static ssh_key *dss_new_pub(const ssh_keyalg *self, ptrlen data) return NULL; dss = snew(struct dss_key); - dss->sshk = &ssh_dss; + dss->sshk.vt = &ssh_dss; dss->p = get_mp_ssh2(src); dss->q = get_mp_ssh2(src); dss->g = get_mp_ssh2(src); @@ -280,7 +280,7 @@ static ssh_key *dss_new_priv_openssh(const ssh_keyalg *self, struct dss_key *dss; dss = snew(struct dss_key); - dss->sshk = &ssh_dss; + dss->sshk.vt = &ssh_dss; dss->p = get_mp_ssh2(src); dss->q = get_mp_ssh2(src); diff --git a/sshdssg.c b/sshdssg.c index 882fbc1d..f6905b8d 100644 --- a/sshdssg.c +++ b/sshdssg.c @@ -12,7 +12,7 @@ int dsa_generate(struct dss_key *key, int bits, progfn_t pfn, unsigned pfirst, qfirst; int progress; - key->sshk = &ssh_dss; + key->sshk.vt = &ssh_dss; /* * Set up the phase limits for the progress report. We do this diff --git a/sshecc.c b/sshecc.c index 4a63a290..02271969 100644 --- a/sshecc.c +++ b/sshecc.c @@ -1735,7 +1735,7 @@ static ssh_key *ecdsa_new_pub(const ssh_keyalg *self, ptrlen data) } ec = snew(struct ec_key); - ec->sshk = self; + ec->sshk.vt = self; ec->publicKey.curve = curve; ec->publicKey.infinity = false; @@ -1811,7 +1811,7 @@ static void ecdsa_public_blob(ssh_key *key, BinarySink *bs) assert(pointlen >= 2); - put_stringz(bs, ec->sshk->ssh_id); + put_stringz(bs, ec->sshk.vt->ssh_id); put_uint32(bs, pointlen); /* Unset last bit of y and set first bit of x in its place */ @@ -1825,7 +1825,7 @@ static void ecdsa_public_blob(ssh_key *key, BinarySink *bs) pointlen = (bignum_bitcount(ec->publicKey.curve->p) + 7) / 8; - put_stringz(bs, ec->sshk->ssh_id); + put_stringz(bs, ec->sshk.vt->ssh_id); put_stringz(bs, ec->publicKey.curve->name); put_uint32(bs, (2 * pointlen) + 1); put_byte(bs, 0x04); @@ -1923,7 +1923,7 @@ static ssh_key *ed25519_new_priv_openssh(const ssh_keyalg *self, return NULL; ec = snew(struct ec_key); - ec->sshk = self; + ec->sshk.vt = self; ec->publicKey.curve = ec_ed25519(); ec->publicKey.infinity = false; @@ -2017,7 +2017,7 @@ static ssh_key *ecdsa_new_priv_openssh(const ssh_keyalg *self, assert(curve->type == EC_WEIERSTRASS); ec = snew(struct ec_key); - ec->sshk = self; + ec->sshk.vt = self; ec->publicKey.curve = curve; ec->publicKey.infinity = false; @@ -2111,7 +2111,7 @@ static bool ecdsa_verify(ssh_key *key, ptrlen sig, ptrlen data) { struct ec_key *ec = container_of(key, struct ec_key, sshk); const struct ecsign_extra *extra = - (const struct ecsign_extra *)ec->sshk->extra; + (const struct ecsign_extra *)ec->sshk.vt->extra; BinarySource src[1]; ptrlen sigstr; bool ret; @@ -2122,7 +2122,7 @@ static bool ecdsa_verify(ssh_key *key, ptrlen sig, ptrlen data) BinarySource_BARE_INIT(src, sig.ptr, sig.len); /* Check the signature starts with the algorithm name */ - if (!ptrlen_eq_string(get_string(src), ec->sshk->ssh_id)) + if (!ptrlen_eq_string(get_string(src), ec->sshk.vt->ssh_id)) return false; sigstr = get_string(src); @@ -2261,7 +2261,7 @@ static void ecdsa_sign(ssh_key *key, const void *data, int datalen, { struct ec_key *ec = container_of(key, struct ec_key, sshk); const struct ecsign_extra *extra = - (const struct ecsign_extra *)ec->sshk->extra; + (const struct ecsign_extra *)ec->sshk.vt->extra; unsigned char digest[512 / 8]; int digestLen; Bignum r = NULL, s = NULL; @@ -2347,7 +2347,7 @@ static void ecdsa_sign(ssh_key *key, const void *data, int datalen, } /* Format the output */ - put_stringz(bs, ec->sshk->ssh_id); + put_stringz(bs, ec->sshk.vt->ssh_id); pointlen = ec->publicKey.curve->fieldBits / 8; put_uint32(bs, pointlen * 2); @@ -2379,7 +2379,7 @@ static void ecdsa_sign(ssh_key *key, const void *data, int datalen, assert(s); /* Format the output */ - put_stringz(bs, ec->sshk->ssh_id); + put_stringz(bs, ec->sshk.vt->ssh_id); substr = strbuf_new(); put_mp_ssh2(substr, r); @@ -2571,7 +2571,7 @@ struct ec_key *ssh_ecdhkex_newkey(const struct ssh_kex *kex) key = snew(struct ec_key); - key->sshk = NULL; + key->sshk.vt = NULL; key->publicKey.curve = curve; if (curve->type == EC_MONTGOMERY) { diff --git a/sshecdsag.c b/sshecdsag.c index 09d2eba3..24547ca5 100644 --- a/sshecdsag.c +++ b/sshecdsag.c @@ -10,7 +10,7 @@ int ec_generate(struct ec_key *key, int bits, progfn_t pfn, struct ec_point *publicKey; if (!ec_nist_alg_and_curve_by_bits(bits, &key->publicKey.curve, - &key->sshk)) + &key->sshk.vt)) return 0; key->privateKey = bignum_random_in_range(One, key->publicKey.curve->w.n); @@ -37,7 +37,7 @@ int ec_edgenerate(struct ec_key *key, int bits, progfn_t pfn, struct ec_point *publicKey; if (!ec_ed_alg_and_curve_by_bits(bits, &key->publicKey.curve, - &key->sshk)) + &key->sshk.vt)) return 0; { diff --git a/sshrsa.c b/sshrsa.c index 248127fd..09627408 100644 --- a/sshrsa.c +++ b/sshrsa.c @@ -520,7 +520,7 @@ static ssh_key *rsa2_new_pub(const ssh_keyalg *self, ptrlen data) return NULL; rsa = snew(struct RSAKey); - rsa->sshk = &ssh_rsa; + rsa->sshk.vt = &ssh_rsa; rsa->exponent = get_mp_ssh2(src); rsa->modulus = get_mp_ssh2(src); rsa->private_exponent = NULL; @@ -605,7 +605,7 @@ static ssh_key *rsa2_new_priv_openssh(const ssh_keyalg *self, struct RSAKey *rsa; rsa = snew(struct RSAKey); - rsa->sshk = &ssh_rsa; + rsa->sshk.vt = &ssh_rsa; rsa->comment = NULL; rsa->modulus = get_mp_ssh2(src); diff --git a/sshrsag.c b/sshrsag.c index 7800ec94..fad23d1a 100644 --- a/sshrsag.c +++ b/sshrsag.c @@ -14,7 +14,7 @@ int rsa_generate(struct RSAKey *key, int bits, progfn_t pfn, Bignum pm1, qm1, phi_n; unsigned pfirst, qfirst; - key->sshk = &ssh_rsa; + key->sshk.vt = &ssh_rsa; /* * Set up the phase limits for the progress report. We do this