summaryrefslogtreecommitdiff
path: root/authfile.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2013-11-21 14:12:23 +1100
committerDamien Miller <djm@mindrot.org>2013-11-21 14:12:23 +1100
commit0fde8acdad78a4d20cadae974376cc0165f645ee (patch)
tree6e6aa82b73163bcb412920050d98f82ca9f4e86e /authfile.c
parentfdb2306acdc3eb2bc46b6dfdaaf6005c650af22a (diff)
- djm@cvs.openbsd.org 2013/11/21 00:45:44
[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@
Diffstat (limited to 'authfile.c')
-rw-r--r--authfile.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/authfile.c b/authfile.c
index 63ae16bbd..d0c1089eb 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfile.c,v 1.97 2013/05/17 00:13:13 djm Exp $ */ 1/* $OpenBSD: authfile.c,v 1.98 2013/11/21 00:45:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -149,7 +149,7 @@ key_private_rsa1_to_blob(Key *key, Buffer *blob, const char *passphrase,
149 149
150 cipher_set_key_string(&ciphercontext, cipher, passphrase, 150 cipher_set_key_string(&ciphercontext, cipher, passphrase,
151 CIPHER_ENCRYPT); 151 CIPHER_ENCRYPT);
152 cipher_crypt(&ciphercontext, cp, 152 cipher_crypt(&ciphercontext, 0, cp,
153 buffer_ptr(&buffer), buffer_len(&buffer), 0, 0); 153 buffer_ptr(&buffer), buffer_len(&buffer), 0, 0);
154 cipher_cleanup(&ciphercontext); 154 cipher_cleanup(&ciphercontext);
155 memset(&ciphercontext, 0, sizeof(ciphercontext)); 155 memset(&ciphercontext, 0, sizeof(ciphercontext));
@@ -473,7 +473,7 @@ key_parse_private_rsa1(Buffer *blob, const char *passphrase, char **commentp)
473 /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ 473 /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */
474 cipher_set_key_string(&ciphercontext, cipher, passphrase, 474 cipher_set_key_string(&ciphercontext, cipher, passphrase,
475 CIPHER_DECRYPT); 475 CIPHER_DECRYPT);
476 cipher_crypt(&ciphercontext, cp, 476 cipher_crypt(&ciphercontext, 0, cp,
477 buffer_ptr(&copy), buffer_len(&copy), 0, 0); 477 buffer_ptr(&copy), buffer_len(&copy), 0, 0);
478 cipher_cleanup(&ciphercontext); 478 cipher_cleanup(&ciphercontext);
479 memset(&ciphercontext, 0, sizeof(ciphercontext)); 479 memset(&ciphercontext, 0, sizeof(ciphercontext));