Robert Dugal
2011-Sep-07 14:34 UTC
cipher_get_keycontext() and cipher_set_keycontext() copying OpenSSL RC4 cryptographic state
These two functions in cipher.c (I have looked at openssh5.8p1 & openssh5.9p1) copy the internal cryptographic state of an OpenSSL RC4 encryption/decryption context using simple memcpy(). This code also copies the state when evptype is EVP_acss, which I am unfamiliar with. This code appears to works fine when using the builtin crypto of OpenSSL 1.0.0d. However, I have been doing some work to make OpenSSH use alternative crypto engines and it appears to me that this code may not work correctly when using an OpenSSL engine. The cipher_data could contain pointers to other data objects so just copying the cipher_data is not going to work correctly. OpenSSL provides EVP_CIPHER_CTX_copy() which can be used to safely copy the cryptographic state of an EVP_CIPHER_CTX. This API will call an engine specific interface to perform the copy, if required by the engine, ensuring that the cipher_data is copied correctly. It's unclear exactly how EVP_CIPHER_CTX_copy() can be used in the OpenSSH code. It's unclear to me exactly under which situations cipher_get_keycontext() and cipher_set_keycontext() will be called. Can someone provide me with some instructions on how I could configure an OpenSSH linux installation to verify this will be an issue when using an engine? Once I have verified this is an issue I will file a bug. Thanks Rob -- Robert Dugal Team Lead SSL & PKI Group Certicom Corp. A Subsidiary of Research In Motion 4701 Tahoe Blvd., Building A Mississauga, ON L4W 0B5 rdugal at certicom.com direct +1.289.261.4148 mobile +1.416.276.8062 main +1.905.507.4220 fax +1.905.507.4230 www.certicom.com --------------------------------------------------------------------- This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.