diff --git a/ChangeLog b/ChangeLog index 56b65b49a..0fe3ea709 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,6 @@ PolarSSL ChangeLog -= Version 0.12.2 released on XXXXXXXX += Version 0.13.0 released on XXXXXXXX Features * Added option parsing for host and port selection to ssl_client2 @@ -15,6 +15,7 @@ Changes in a function to allow easy future expansion * Changed symmetric cipher functions to identical interface (returning int result values) + * Changed ARC4 to use seperate input/output buffer Bug fixes * Fixed bug resulting in failure to send the last diff --git a/include/polarssl/arc4.h b/include/polarssl/arc4.h index 76e7e0a3c..f6b9f138d 100644 --- a/include/polarssl/arc4.h +++ b/include/polarssl/arc4.h @@ -51,12 +51,14 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen ); * \brief ARC4 cipher function * * \param ctx ARC4 context - * \param buf buffer to be processed - * \param buflen amount of data in buf + * \param length length of the input data + * \param input buffer holding the input data + * \param output buffer for the output data * * \return 0 */ -int arc4_crypt( arc4_context *ctx, unsigned char *buf, int buflen ); +int arc4_crypt( arc4_context *ctx, int length, const unsigned char *input, + unsigned char *output ); /* * \brief Checkup routine diff --git a/library/arc4.c b/library/arc4.c index 5e70311d7..b87053ec4 100644 --- a/library/arc4.c +++ b/library/arc4.c @@ -63,7 +63,8 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen ) /* * ARC4 cipher function */ -int arc4_crypt( arc4_context *ctx, unsigned char *buf, int buflen ) +int arc4_crypt( arc4_context *ctx, int length, const unsigned char *input, + unsigned char *output ) { int i, x, y, a, b; unsigned char *m; @@ -72,7 +73,7 @@ int arc4_crypt( arc4_context *ctx, unsigned char *buf, int buflen ) y = ctx->y; m = ctx->m; - for( i = 0; i < buflen; i++ ) + for( i = 0; i < length; i++ ) { x = ( x + 1 ) & 0xFF; a = m[x]; y = ( y + a ) & 0xFF; b = m[y]; @@ -80,8 +81,8 @@ int arc4_crypt( arc4_context *ctx, unsigned char *buf, int buflen ) m[x] = (unsigned char) b; m[y] = (unsigned char) a; - buf[i] = (unsigned char) - ( buf[i] ^ m[(unsigned char)( a + b )] ); + output[i] = (unsigned char) + ( input[i] ^ m[(unsigned char)( a + b )] ); } ctx->x = x; @@ -127,7 +128,8 @@ static const unsigned char arc4_test_ct[3][8] = int arc4_self_test( int verbose ) { int i; - unsigned char buf[8]; + unsigned char ibuf[8]; + unsigned char obuf[8]; arc4_context ctx; for( i = 0; i < 3; i++ ) @@ -135,12 +137,12 @@ int arc4_self_test( int verbose ) if( verbose != 0 ) printf( " ARC4 test #%d: ", i + 1 ); - memcpy( buf, arc4_test_pt[i], 8 ); + memcpy( ibuf, arc4_test_pt[i], 8 ); arc4_setup( &ctx, (unsigned char *) arc4_test_key[i], 8 ); - arc4_crypt( &ctx, buf, 8 ); + arc4_crypt( &ctx, 8, ibuf, obuf ); - if( memcmp( buf, arc4_test_ct[i], 8 ) != 0 ) + if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 03975d29b..733551307 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -531,7 +531,8 @@ static int ssl_encrypt_buf( ssl_context *ssl ) ssl->out_msg, ssl->out_msglen ); arc4_crypt( (arc4_context *) ssl->ctx_enc, - ssl->out_msg, ssl->out_msglen ); + ssl->out_msglen, ssl->out_msg, + ssl->out_msg ); #else return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); #endif @@ -618,7 +619,8 @@ static int ssl_decrypt_buf( ssl_context *ssl ) #if defined(POLARSSL_ARC4_C) padlen = 0; arc4_crypt( (arc4_context *) ssl->ctx_dec, - ssl->in_msg, ssl->in_msglen ); + ssl->in_msglen, ssl->in_msg, + ssl->in_msg ); #else return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); #endif diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 5aeb4e32a..922c5eccd 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -169,11 +169,11 @@ int main( void ) set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) - arc4_crypt( &arc4, buf, BUFSIZE ); + arc4_crypt( &arc4, BUFSIZE, buf, buf ); tsc = hardclock(); for( j = 0; j < 1024; j++ ) - arc4_crypt( &arc4, buf, BUFSIZE ); + arc4_crypt( &arc4, BUFSIZE, buf, buf ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function index a7a533340..bc545a97f 100644 --- a/tests/suites/test_suite_arc4.function +++ b/tests/suites/test_suite_arc4.function @@ -7,22 +7,24 @@ arc4_crypt:hex_src_string:hex_key_string:hex_dst_string { unsigned char src_str[1000]; unsigned char key_str[1000]; - unsigned char dst_str[2000]; + unsigned char dst_str[1000]; + unsigned char dst_hexstr[2000]; int src_len, key_len; arc4_context ctx; memset(src_str, 0x00, 1000); memset(key_str, 0x00, 1000); - memset(dst_str, 0x00, 2000); + memset(dst_str, 0x00, 1000); + memset(dst_hexstr, 0x00, 2000); src_len = unhexify( src_str, {hex_src_string} ); key_len = unhexify( key_str, {hex_key_string} ); arc4_setup(&ctx, key_str, key_len); - TEST_ASSERT( arc4_crypt(&ctx, src_str, src_len) == 0 ); - hexify( dst_str, src_str, src_len ); + TEST_ASSERT( arc4_crypt(&ctx, src_len, src_str, dst_str ) == 0 ); + hexify( dst_hexstr, dst_str, src_len ); - TEST_ASSERT( strcmp( (char *) dst_str, {hex_dst_string} ) == 0 ); + TEST_ASSERT( strcmp( (char *) dst_hexstr, {hex_dst_string} ) == 0 ); } END_CASE