cipher_get_keycontext() and cipher_set_keycontext() copying OpenSSL RC4 cryptographic state

Robert Dugal rdugal at certicom.com
Thu Sep 8 00:34:46 EST 2011


These two functions in cipher.c (I have looked at openssh5.8p1 & openssh5.9p1) copy the internal cryptographic state of an OpenSSL RC4 encryption/decryption context using simple memcpy().  
This code also copies the state when evptype is EVP_acss, which I am unfamiliar with.
This code appears to works fine when using the builtin crypto of OpenSSL 1.0.0d.  
However, I have been doing some work to make OpenSSH use alternative crypto engines and it appears to me that this code may not work correctly when using an OpenSSL engine.
The cipher_data could contain pointers to other data objects so just copying the cipher_data is not going to work correctly.  

OpenSSL provides EVP_CIPHER_CTX_copy() which can be used to safely copy the cryptographic state of an EVP_CIPHER_CTX. 
This API will call an engine specific interface to perform the copy, if required by the engine, ensuring that the cipher_data is copied correctly.
It's unclear exactly how EVP_CIPHER_CTX_copy() can be used in the OpenSSH code. 

It's unclear to me exactly under which situations cipher_get_keycontext() and cipher_set_keycontext() will be called.
Can someone provide me with some instructions on how I could configure an OpenSSH linux installation to verify this will be an issue when using an engine?
Once I have verified this is an issue I will file a bug.

Thanks
Rob

-- 
Robert Dugal	Team Lead SSL & PKI Group
Certicom Corp.	A Subsidiary of Research In Motion
                  4701 Tahoe Blvd., Building A
                  Mississauga, ON
                  L4W 0B5

rdugal at certicom.com
direct       	+1.289.261.4148
mobile      	+1.416.276.8062
main         	+1.905.507.4220
fax             	+1.905.507.4230
www.certicom.com

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.


More information about the openssh-unix-dev mailing list