From a3828d48121544bb84a61c0a9c3260c6537f6d84 Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Tue, 5 Jun 2001 20:50:16 +0000 Subject: [PATCH] - markus@cvs.openbsd.org 2001/05/28 22:51:11 [cipher.c cipher.h] simpler 3des for ssh1 --- ChangeLog | 5 ++++- cipher.c | 33 ++++++++++++++------------------- cipher.h | 5 +++-- 3 files changed, 21 insertions(+), 22 deletions(-) diff --git a/ChangeLog b/ChangeLog index b25584e89..3de936f63 100644 --- a/ChangeLog +++ b/ChangeLog @@ -62,6 +62,9 @@ - markus@cvs.openbsd.org 2001/05/28 10:08:55 [authfile.c] key_load_private: set comment to filename for PEM keys + - markus@cvs.openbsd.org 2001/05/28 22:51:11 + [cipher.c cipher.h] + simpler 3des for ssh1 20010528 - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c @@ -5492,4 +5495,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1241 2001/06/05 20:46:32 mouring Exp $ +$Id: ChangeLog,v 1.1242 2001/06/05 20:50:16 mouring Exp $ diff --git a/cipher.c b/cipher.c index 5350703ef..fd93299ed 100644 --- a/cipher.c +++ b/cipher.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.43 2001/02/04 15:32:23 stevesk Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.44 2001/05/28 22:51:10 markus Exp $"); #include "xmalloc.h" #include "log.h" @@ -100,6 +100,7 @@ des3_setkey(CipherContext *cc, const u_char *key, u_int keylen) void des3_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) { + memset(cc->u.des3.iv1, 0, sizeof(cc->u.des3.iv1)); memset(cc->u.des3.iv2, 0, sizeof(cc->u.des3.iv2)); memset(cc->u.des3.iv3, 0, sizeof(cc->u.des3.iv3)); if (iv == NULL) @@ -149,29 +150,23 @@ void des3_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) { - des_cblock iv1; - des_cblock *iv2 = &cc->u.des3.iv2; - des_cblock *iv3 = &cc->u.des3.iv3; - - memcpy(&iv1, iv2, 8); - - des_ncbc_encrypt(src, dest, len, cc->u.des3.key1, &iv1, DES_ENCRYPT); - des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_DECRYPT); - des_ncbc_encrypt(dest, dest, len, cc->u.des3.key3, iv3, DES_ENCRYPT); + des_ncbc_encrypt(src, dest, len, cc->u.des3.key1, &cc->u.des3.iv1, + DES_ENCRYPT); + des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, &cc->u.des3.iv2, + DES_DECRYPT); + des_ncbc_encrypt(dest, dest, len, cc->u.des3.key3, &cc->u.des3.iv3, + DES_ENCRYPT); } void des3_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) { - des_cblock iv1; - des_cblock *iv2 = &cc->u.des3.iv2; - des_cblock *iv3 = &cc->u.des3.iv3; - - memcpy(&iv1, iv2, 8); - - des_ncbc_encrypt(src, dest, len, cc->u.des3.key3, iv3, DES_DECRYPT); - des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_ENCRYPT); - des_ncbc_encrypt(dest, dest, len, cc->u.des3.key1, &iv1, DES_DECRYPT); + des_ncbc_encrypt(src, dest, len, cc->u.des3.key3, &cc->u.des3.iv3, + DES_DECRYPT); + des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, &cc->u.des3.iv2, + DES_ENCRYPT); + des_ncbc_encrypt(dest, dest, len, cc->u.des3.key1, &cc->u.des3.iv1, + DES_DECRYPT); } /* Blowfish */ diff --git a/cipher.h b/cipher.h index 6d929aaff..2ad4979c2 100644 --- a/cipher.h +++ b/cipher.h @@ -32,7 +32,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: cipher.h,v 1.25 2000/12/19 23:17:56 markus Exp $"); */ +/* RCSID("$OpenBSD: cipher.h,v 1.26 2001/05/28 22:51:11 markus Exp $"); */ #ifndef CIPHER_H #define CIPHER_H @@ -71,8 +71,9 @@ struct CipherContext { struct { des_key_schedule key1; des_key_schedule key2; - des_cblock iv2; des_key_schedule key3; + des_cblock iv1; + des_cblock iv2; des_cblock iv3; } des3; struct {