diff options
| author | Damien Miller <djm@mindrot.org> | 2013-11-21 14:12:23 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2013-11-21 14:12:23 +1100 |
| commit | 0fde8acdad78a4d20cadae974376cc0165f645ee (patch) | |
| tree | 6e6aa82b73163bcb412920050d98f82ca9f4e86e /authfile.c | |
| parent | fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a (diff) | |
- djm@cvs.openbsd.org 2013/11/21 00:45:44
[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
[chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
[dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
[ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
cipher "chacha20-poly1305@openssh.com" that combines Daniel
Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
authenticated encryption mode.
Inspired by and similar to Adam Langley's proposal for TLS:
http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
but differs in layout used for the MAC calculation and the use of a
second ChaCha20 instance to separately encrypt packet lengths.
Details are in the PROTOCOL.chacha20poly1305 file.
Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
ok markus@ naddy@
Diffstat (limited to 'authfile.c')
| -rw-r--r-- | authfile.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/authfile.c b/authfile.c index 63ae16bbd..d0c1089eb 100644 --- a/authfile.c +++ b/authfile.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: authfile.c,v 1.97 2013/05/17 00:13:13 djm Exp $ */ | 1 | /* $OpenBSD: authfile.c,v 1.98 2013/11/21 00:45:43 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -149,7 +149,7 @@ key_private_rsa1_to_blob(Key *key, Buffer *blob, const char *passphrase, | |||
| 149 | 149 | ||
| 150 | cipher_set_key_string(&ciphercontext, cipher, passphrase, | 150 | cipher_set_key_string(&ciphercontext, cipher, passphrase, |
| 151 | CIPHER_ENCRYPT); | 151 | CIPHER_ENCRYPT); |
| 152 | cipher_crypt(&ciphercontext, cp, | 152 | cipher_crypt(&ciphercontext, 0, cp, |
| 153 | buffer_ptr(&buffer), buffer_len(&buffer), 0, 0); | 153 | buffer_ptr(&buffer), buffer_len(&buffer), 0, 0); |
| 154 | cipher_cleanup(&ciphercontext); | 154 | cipher_cleanup(&ciphercontext); |
| 155 | memset(&ciphercontext, 0, sizeof(ciphercontext)); | 155 | memset(&ciphercontext, 0, sizeof(ciphercontext)); |
| @@ -473,7 +473,7 @@ key_parse_private_rsa1(Buffer *blob, const char *passphrase, char **commentp) | |||
| 473 | /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ | 473 | /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ |
| 474 | cipher_set_key_string(&ciphercontext, cipher, passphrase, | 474 | cipher_set_key_string(&ciphercontext, cipher, passphrase, |
| 475 | CIPHER_DECRYPT); | 475 | CIPHER_DECRYPT); |
| 476 | cipher_crypt(&ciphercontext, cp, | 476 | cipher_crypt(&ciphercontext, 0, cp, |
| 477 | buffer_ptr(©), buffer_len(©), 0, 0); | 477 | buffer_ptr(©), buffer_len(©), 0, 0); |
| 478 | cipher_cleanup(&ciphercontext); | 478 | cipher_cleanup(&ciphercontext); |
| 479 | memset(&ciphercontext, 0, sizeof(ciphercontext)); | 479 | memset(&ciphercontext, 0, sizeof(ciphercontext)); |