- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits

needed to build AES CTR mode against OpenSSL 0.9.8f and above.  ok djm
This commit is contained in:
Darren Tucker 2014-07-21 02:24:59 +10:00
parent 74e2868271
commit 5573171352
3 changed files with 20 additions and 1 deletions

View File

@ -1,3 +1,7 @@
20140721
- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
20140719 20140719
- (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used
in servconf.h. in servconf.h.

View File

@ -49,6 +49,8 @@
#include "ssherr.h" #include "ssherr.h"
#include "digest.h" #include "digest.h"
#include "openbsd-compat/openssl-compat.h"
#ifdef WITH_SSH1 #ifdef WITH_SSH1
extern const EVP_CIPHER *evp_ssh1_bf(void); extern const EVP_CIPHER *evp_ssh1_bf(void);
extern const EVP_CIPHER *evp_ssh1_3des(void); extern const EVP_CIPHER *evp_ssh1_3des(void);
@ -545,6 +547,11 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
return SSH_ERR_LIBCRYPTO_ERROR; return SSH_ERR_LIBCRYPTO_ERROR;
if ((u_int)evplen != len) if ((u_int)evplen != len)
return SSH_ERR_INVALID_ARGUMENT; return SSH_ERR_INVALID_ARGUMENT;
#ifndef OPENSSL_HAVE_EVPCTR
if (c->evptype == evp_aes_128_ctr)
ssh_aes_ctr_iv(&cc->evp, 0, iv, len);
else
#endif
if (cipher_authlen(c)) { if (cipher_authlen(c)) {
if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN, if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN,
len, iv)) len, iv))

View File

@ -1,4 +1,4 @@
/* $Id: openssl-compat.h,v 1.28 2014/07/02 05:28:07 djm Exp $ */ /* $Id: openssl-compat.h,v 1.29 2014/07/20 16:24:59 dtucker Exp $ */
/* /*
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@ -34,6 +34,14 @@ int ssh_compatible_openssl(long, long);
# define LIBCRYPTO_EVP_INL_TYPE size_t # define LIBCRYPTO_EVP_INL_TYPE size_t
#endif #endif
#ifndef OPENSSL_HAVE_EVPCTR
#define EVP_aes_128_ctr evp_aes_128_ctr
#define EVP_aes_192_ctr evp_aes_128_ctr
#define EVP_aes_256_ctr evp_aes_128_ctr
const EVP_CIPHER *evp_aes_128_ctr(void);
void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t);
#endif
/* Avoid some #ifdef. Code that uses these is unreachable without GCM */ /* Avoid some #ifdef. Code that uses these is unreachable without GCM */
#if !defined(OPENSSL_HAVE_EVPGCM) && !defined(EVP_CTRL_GCM_SET_IV_FIXED) #if !defined(OPENSSL_HAVE_EVPGCM) && !defined(EVP_CTRL_GCM_SET_IV_FIXED)
# define EVP_CTRL_GCM_SET_IV_FIXED -1 # define EVP_CTRL_GCM_SET_IV_FIXED -1