tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- markus@cvs.openbsd.org 2002/05/30 08:07:31 

[cipher.c]
     use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of
     our own implementation. allow use of AES hardware via libcrypto,
     ok deraadt@
This commit is contained in:
Ben Lindstrom 2002-06-06 20:50:07 +00:00
parent a26ea63f8a
commit f088f4374a
2 changed files with 29 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -54,6 +54,11 @@
[sshd.c] [sshd.c]
don't start if privsep is enabled and SSH_PRIVSEP_USER or don't start if privsep is enabled and SSH_PRIVSEP_USER or
_PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@ _PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
- markus@cvs.openbsd.org 2002/05/30 08:07:31
[cipher.c]
use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of
our own implementation. allow use of AES hardware via libcrypto,
ok deraadt@
20020604 20020604
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
@ -738,4 +743,4 @@
- (stevesk) entropy.c: typo in debug message - (stevesk) entropy.c: typo in debug message
- (djm) ssh-keygen -i needs seeded RNG; report from markus@ - (djm) ssh-keygen -i needs seeded RNG; report from markus@
$Id: ChangeLog,v 1.2160 2002/06/06 20:46:25 mouring Exp $ $Id: ChangeLog,v 1.2161 2002/06/06 20:50:07 mouring Exp $

28
cipher.c
View File

@ -35,23 +35,25 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: cipher.c,v 1.56 2002/05/16 22:02:50 markus Exp $"); RCSID("$OpenBSD: cipher.c,v 1.57 2002/05/30 08:07:31 markus Exp $");
#include "xmalloc.h" #include "xmalloc.h"
#include "log.h" #include "log.h"
#include "cipher.h" #include "cipher.h"
#include <openssl/md5.h> #include <openssl/md5.h>
#include "rijndael.h"
#if OPENSSL_VERSION_NUMBER < 0x00906000L #if OPENSSL_VERSION_NUMBER < 0x00906000L
#define SSH_OLD_EVP #define SSH_OLD_EVP
#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) #define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
#endif #endif
#if OPENSSL_VERSION_NUMBER < 0x00907000L
#include "rijndael.h"
static const EVP_CIPHER *evp_rijndael(void);
#endif
static const EVP_CIPHER *evp_ssh1_3des(void); static const EVP_CIPHER *evp_ssh1_3des(void);
static const EVP_CIPHER *evp_ssh1_bf(void); static const EVP_CIPHER *evp_ssh1_bf(void);
static const EVP_CIPHER *evp_rijndael(void);
struct Cipher { struct Cipher {
char *name; char *name;
@ -69,11 +71,19 @@ struct Cipher {
{ "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc },
{ "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc },
{ "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 },
#if OPENSSL_VERSION_NUMBER < 0x00907000L
{ "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael },
{ "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael },
{ "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael },
{ "rijndael-cbc@lysator.liu.se", { "rijndael-cbc@lysator.liu.se",
SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, SSH_CIPHER_SSH2, 16, 32, evp_rijndael },
#else
{ "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc },
{ "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc },
{ "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc },
{ "rijndael-cbc@lysator.liu.se",
SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc },
#endif
{ NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL }
}; };
@ -444,6 +454,7 @@ evp_ssh1_bf(void)
return (&ssh1_bf); return (&ssh1_bf);
} }
#if OPENSSL_VERSION_NUMBER < 0x00907000L
/* RIJNDAEL */ /* RIJNDAEL */
#define RIJNDAEL_BLOCKSIZE 16 #define RIJNDAEL_BLOCKSIZE 16
struct ssh_rijndael_ctx struct ssh_rijndael_ctx
@ -548,6 +559,7 @@ evp_rijndael(void)
#endif #endif
return (&rijndal_cbc); return (&rijndal_cbc);
} }
#endif
/* /*
* Exports an IV from the CipherContext required to export the key * Exports an IV from the CipherContext required to export the key
@ -586,6 +598,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
fatal("%s: wrong iv length %d != %d", __FUNCTION__, fatal("%s: wrong iv length %d != %d", __FUNCTION__,
evplen, len); evplen, len);
#if OPENSSL_VERSION_NUMBER < 0x00907000L
if (c->evptype == evp_rijndael) { if (c->evptype == evp_rijndael) {
struct ssh_rijndael_ctx *aesc; struct ssh_rijndael_ctx *aesc;
@ -593,7 +606,9 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
if (aesc == NULL) if (aesc == NULL)
fatal("%s: no rijndael context", __FUNCTION__); fatal("%s: no rijndael context", __FUNCTION__);
civ = aesc->r_iv; civ = aesc->r_iv;
} else { } else
#endif
{
civ = cc->evp.iv; civ = cc->evp.iv;
} }
break; break;
@ -631,6 +646,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
if (evplen == 0) if (evplen == 0)
return; return;
#if OPENSSL_VERSION_NUMBER < 0x00907000L
if (c->evptype == evp_rijndael) { if (c->evptype == evp_rijndael) {
struct ssh_rijndael_ctx *aesc; struct ssh_rijndael_ctx *aesc;
@ -638,7 +654,9 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
if (aesc == NULL) if (aesc == NULL)
fatal("%s: no rijndael context", __FUNCTION__); fatal("%s: no rijndael context", __FUNCTION__);
div = aesc->r_iv; div = aesc->r_iv;
}else { } else
#endif
{
div = cc->evp.iv; div = cc->evp.iv;
} }
break; break;