search for: ivlen

Greetings; I've been reading the OpenSSH source code and have a question about the des_ssh1_setiv function in cipher.c. (cut-n-pasted here from cipher.c v1.47) : static void des_ssh1_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) { memset(cc->u.des.iv, 0, sizeof(cc->u.des.iv)); } This doesn't use the *iv parameter. Compare with: static void des3_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) { memset(cc->u.des3.iv1, 0, sizeof(cc->u.des3.iv1)); memset(cc->u.des3.iv2, 0,...

http://bugzilla.mindrot.org/show_bug.cgi?id=138 mouring at eviladmin.org changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |vjo at dulug.duke.edu ------- Additional Comments From mouring at eviladmin.org 2002-03-08 04:49 ------- *** Bug 139 has been

...(&b); - enc->key = buffer_get_string(&b, &enc->key_len); - enc->iv = buffer_get_string(&b, &len); + enc->key = buffer_get_binary(&b, &enc->key_len); + enc->iv = buffer_get_binary(&b, &len); if (len != enc->block_size) fatal("%s: bad ivlen: expected %u != %u", __func__, enc->block_size, len); @@ -435,7 +435,7 @@ if (mac->name == NULL || mac_init(mac, mac->name) == -1) fatal("%s: can not init mac %s", __func__, mac->name); mac->enabled = buffer_get_int(&b); - mac->key = buffer_get_str...

...gging using ddd shows this error comes up the 4th time this line is executed and the arguments to cipher_init are Breakpoint 5, cipher_init (cc=0x814ede0, cipher=0x813fc40, key=0x8189480 "?\2110\231?%\210??d?\222zv\236?6QO]", keylen=16, iv=0x8189420 "nf?^'oQo?V???????\f?W", ivlen=16, encrypt=1) at cipher.c:224 Below is the output i obtained running directly [tjruwase at speedracer openssh-3.2.2p1]$ ./ssh tjruwase at minnow Bounds Checking GCC v gcc-3.0-3.0 Copyright (C) 1995 Richard W.M. Jones Bounds Checking comes with ABSOLUTELY NO WARRANTY. For details see file `COPYIN...

https://bugzilla.mindrot.org/show_bug.cgi?id=2207 Bug ID: 2207 Summary: Potential NULL deference, found using coverity Product: Portable OpenSSH Version: -current Hardware: Other OS: FreeBSD Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee:

...+ esp->auth.icv_trunc_len - enclen; } static void esp4_err(struct sk_buff *skb, u32 info) @@ -368,8 +379,10 @@ if (crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len)) goto error; x->props.header_len = sizeof(struct ip_esp_hdr) + esp->conf.ivlen; - if (x->props.mode) + if (x->props.mode == XFRM_MODE_TUNNEL) x->props.header_len += sizeof(struct iphdr); + else if (x->props.mode == XFRM_MODE_BEET) + x->props.header_len += IPV4_BEET_PHMAXLEN; if (x->encap) { struct xfrm_encap_tmpl *encap...

...- rijndael_set_key(&cc->u.rijndael.dec, (u4byte *)key, 8*keylen, 0); + rijndael_set_key(&cc->u.rijndael.enc, (char *)key, 8*keylen, 1); + rijndael_set_key(&cc->u.rijndael.dec, (char *)key, 8*keylen, 0); } static void rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) { - if (iv == NULL) - fatal("no IV for %s.", cc->cipher->name); - memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); + if (iv == NULL || ivlen != RIJNDAEL_BLOCKSIZE) + fatal("bad/no IV for %s.", cc->cipher->name); + memcpy(cc->u.rijndael.iv, iv, R...

...sphrase, ??? ??? ?if ((r = sshbuf_get_string(kdf, &salt, &slen)) != 0 || ??? ??? ???? (r = sshbuf_get_u32(kdf, &rounds)) != 0) ??? ??? ??? ?goto out; +?? ??? ?vault_info->rounds = rounds; ??? ??? ?if (bcrypt_pbkdf(passphrase, strlen(passphrase), salt, slen, ??? ??? ???? key, keylen + ivlen, rounds) < 0) { ??? ??? ??? ?r = SSH_ERR_INVALID_FORMAT; @@ -4155,6 +4216,10 @@ private2_decrypt(struct sshbuf *decoded, const char *passphrase, ??? ?decrypted = NULL; ??? ?*pubkeyp = pubkey; ??? ?pubkey = NULL; +?? ?if (vault_infop != NULL) { +?? ??? ?*vault_infop = vault_info; +?? ??? ?vault_i...

Hi, OpenSSH 7.2 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains many bugfixes and several new features. The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is available via Git at https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at