- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
This commit is contained in:
parent
74e2868271
commit
5573171352
|
@ -1,3 +1,7 @@
|
||||||
|
20140721
|
||||||
|
- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
|
||||||
|
needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
|
||||||
|
|
||||||
20140719
|
20140719
|
||||||
- (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used
|
- (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used
|
||||||
in servconf.h.
|
in servconf.h.
|
||||||
|
|
7
cipher.c
7
cipher.c
|
@ -49,6 +49,8 @@
|
||||||
#include "ssherr.h"
|
#include "ssherr.h"
|
||||||
#include "digest.h"
|
#include "digest.h"
|
||||||
|
|
||||||
|
#include "openbsd-compat/openssl-compat.h"
|
||||||
|
|
||||||
#ifdef WITH_SSH1
|
#ifdef WITH_SSH1
|
||||||
extern const EVP_CIPHER *evp_ssh1_bf(void);
|
extern const EVP_CIPHER *evp_ssh1_bf(void);
|
||||||
extern const EVP_CIPHER *evp_ssh1_3des(void);
|
extern const EVP_CIPHER *evp_ssh1_3des(void);
|
||||||
|
@ -545,6 +547,11 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
|
||||||
return SSH_ERR_LIBCRYPTO_ERROR;
|
return SSH_ERR_LIBCRYPTO_ERROR;
|
||||||
if ((u_int)evplen != len)
|
if ((u_int)evplen != len)
|
||||||
return SSH_ERR_INVALID_ARGUMENT;
|
return SSH_ERR_INVALID_ARGUMENT;
|
||||||
|
#ifndef OPENSSL_HAVE_EVPCTR
|
||||||
|
if (c->evptype == evp_aes_128_ctr)
|
||||||
|
ssh_aes_ctr_iv(&cc->evp, 0, iv, len);
|
||||||
|
else
|
||||||
|
#endif
|
||||||
if (cipher_authlen(c)) {
|
if (cipher_authlen(c)) {
|
||||||
if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN,
|
if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN,
|
||||||
len, iv))
|
len, iv))
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $Id: openssl-compat.h,v 1.28 2014/07/02 05:28:07 djm Exp $ */
|
/* $Id: openssl-compat.h,v 1.29 2014/07/20 16:24:59 dtucker Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
|
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
|
||||||
|
@ -34,6 +34,14 @@ int ssh_compatible_openssl(long, long);
|
||||||
# define LIBCRYPTO_EVP_INL_TYPE size_t
|
# define LIBCRYPTO_EVP_INL_TYPE size_t
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifndef OPENSSL_HAVE_EVPCTR
|
||||||
|
#define EVP_aes_128_ctr evp_aes_128_ctr
|
||||||
|
#define EVP_aes_192_ctr evp_aes_128_ctr
|
||||||
|
#define EVP_aes_256_ctr evp_aes_128_ctr
|
||||||
|
const EVP_CIPHER *evp_aes_128_ctr(void);
|
||||||
|
void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t);
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Avoid some #ifdef. Code that uses these is unreachable without GCM */
|
/* Avoid some #ifdef. Code that uses these is unreachable without GCM */
|
||||||
#if !defined(OPENSSL_HAVE_EVPGCM) && !defined(EVP_CTRL_GCM_SET_IV_FIXED)
|
#if !defined(OPENSSL_HAVE_EVPGCM) && !defined(EVP_CTRL_GCM_SET_IV_FIXED)
|
||||||
# define EVP_CTRL_GCM_SET_IV_FIXED -1
|
# define EVP_CTRL_GCM_SET_IV_FIXED -1
|
||||||
|
|
Loading…
Reference in New Issue