Skip to content
Permalink
Browse files

Report failures to initialize the crypto backend

  • Loading branch information...
tiennou committed May 14, 2019
1 parent c07feab commit fd00f10f672a114130ff863dbd3aaf0ce15d0e7c
Showing with 53 additions and 19 deletions.
  1. +2 −1 src/global.c
  2. +3 −1 src/mbedtls.c
  3. +1 −1 src/mbedtls.h
  4. +3 −1 src/openssl.c
  5. +1 −1 src/openssl.h
  6. +41 −12 src/wincng.c
  7. +2 −2 src/wincng.h
@@ -45,7 +45,8 @@ LIBSSH2_API int
libssh2_init(int flags)
{
if(_libssh2_initialized == 0 && !(flags & LIBSSH2_INIT_NO_CRYPTO)) {
libssh2_crypto_init();
if(libssh2_crypto_init() < 0)
return -1;
}

_libssh2_initialized++;
@@ -52,7 +52,7 @@ static mbedtls_ctr_drbg_context _libssh2_mbedtls_ctr_drbg;
* mbedTLS backend: Generic functions
*/

void
int
_libssh2_mbedtls_init(void)
{
int ret;
@@ -65,6 +65,8 @@ _libssh2_mbedtls_init(void)
&_libssh2_mbedtls_entropy, NULL, 0);
if(ret != 0)
mbedtls_ctr_drbg_free(&_libssh2_mbedtls_ctr_drbg);

return ret;
}

void
@@ -326,7 +326,7 @@
/*
* mbedTLS backend: forward declarations
*/
void
int
_libssh2_mbedtls_init(void);

void
@@ -638,7 +638,7 @@ static EVP_CIPHER * aes_192_ctr_cipher = NULL;
static EVP_CIPHER * aes_256_ctr_cipher = NULL;
#endif

void _libssh2_openssl_crypto_init(void)
int _libssh2_openssl_crypto_init(void)
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
!defined(LIBRESSL_VERSION_NUMBER)
@@ -660,6 +660,8 @@ void _libssh2_openssl_crypto_init(void)
aes_192_ctr_cipher = (EVP_CIPHER *)_libssh2_EVP_aes_192_ctr();
aes_256_ctr_cipher = (EVP_CIPHER *)_libssh2_EVP_aes_256_ctr();
#endif

return 0;
}

void _libssh2_openssl_crypto_exit(void)
@@ -291,7 +291,7 @@ int _libssh2_md5_init(libssh2_md5_ctx *ctx);
#define libssh2_hmac_cleanup(ctx) HMAC_cleanup(ctx)
#endif

extern void _libssh2_openssl_crypto_init(void);
extern int _libssh2_openssl_crypto_init(void);
extern void _libssh2_openssl_crypto_exit(void);
#define libssh2_crypto_init() _libssh2_openssl_crypto_init()
#define libssh2_crypto_exit() _libssh2_openssl_crypto_exit()
@@ -208,40 +208,64 @@
* Windows CNG backend: Generic functions
*/

void
int
_libssh2_wincng_init(void)
{
int ret;

(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgRNG,
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgRNG,
BCRYPT_RNG_ALGORITHM, NULL, 0);
if(!BCRYPT_SUCCESS(ret))
return -1;

(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashMD5,
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashMD5,
BCRYPT_MD5_ALGORITHM, NULL, 0);
(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA1,
if(!BCRYPT_SUCCESS(ret))
return -1;

ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA1,
BCRYPT_SHA1_ALGORITHM, NULL, 0);
(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA256,
if(!BCRYPT_SUCCESS(ret))
return -1;
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA256,
BCRYPT_SHA256_ALGORITHM, NULL, 0);
(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA512,
if(!BCRYPT_SUCCESS(ret))
return -1;

ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA512,
BCRYPT_SHA512_ALGORITHM, NULL, 0);
if(!BCRYPT_SUCCESS(ret))
return -1;

(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacMD5,
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacMD5,
BCRYPT_MD5_ALGORITHM, NULL,
BCRYPT_ALG_HANDLE_HMAC_FLAG);
(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA1,
if(!BCRYPT_SUCCESS(ret))
return -1;
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA1,
BCRYPT_SHA1_ALGORITHM, NULL,
BCRYPT_ALG_HANDLE_HMAC_FLAG);
(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA256,
if(!BCRYPT_SUCCESS(ret))
return -1;
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA256,
BCRYPT_SHA256_ALGORITHM, NULL,
BCRYPT_ALG_HANDLE_HMAC_FLAG);
(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA512,
if(!BCRYPT_SUCCESS(ret))
return -1;
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA512,
BCRYPT_SHA512_ALGORITHM, NULL,
BCRYPT_ALG_HANDLE_HMAC_FLAG);
if(!BCRYPT_SUCCESS(ret))
return -1;

(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgRSA,
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgRSA,
BCRYPT_RSA_ALGORITHM, NULL, 0);
(void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgDSA,
if(!BCRYPT_SUCCESS(ret))
return -1;
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgDSA,
BCRYPT_DSA_ALGORITHM, NULL, 0);
if(!BCRYPT_SUCCESS(ret))
return -1;

ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgAES_CBC,
BCRYPT_AES_ALGORITHM, NULL, 0);
@@ -252,6 +276,7 @@ _libssh2_wincng_init(void)
sizeof(BCRYPT_CHAIN_MODE_CBC), 0);
if(!BCRYPT_SUCCESS(ret)) {
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgAES_CBC, 0);
return -1;
}
}

@@ -264,6 +289,7 @@ _libssh2_wincng_init(void)
sizeof(BCRYPT_CHAIN_MODE_ECB), 0);
if(!BCRYPT_SUCCESS(ret)) {
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgAES_ECB, 0);
return -1;
}
}

@@ -276,6 +302,7 @@ _libssh2_wincng_init(void)
sizeof(BCRYPT_CHAIN_MODE_NA), 0);
if(!BCRYPT_SUCCESS(ret)) {
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgRC4_NA, 0);
return -1;
}
}

@@ -289,8 +316,10 @@ _libssh2_wincng_init(void)
if(!BCRYPT_SUCCESS(ret)) {
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlg3DES_CBC,
0);
return -1;
}
}
return 0;
}

void
@@ -109,7 +109,7 @@ struct _libssh2_wincng_ctx _libssh2_wincng;
* Windows CNG backend: Generic functions
*/

void _libssh2_wincng_init(void);
int _libssh2_wincng_init(void);
void _libssh2_wincng_free(void);

#define libssh2_crypto_init() \
@@ -395,7 +395,7 @@ _libssh2_bn *_libssh2_wincng_bignum_init(void);
/*
* Windows CNG backend: forward declarations
*/
void _libssh2_wincng_init(void);
int _libssh2_wincng_init(void);
void _libssh2_wincng_free(void);
int _libssh2_wincng_random(void *buf, int len);

0 comments on commit fd00f10

Please sign in to comment.
You can’t perform that action at this time.