diff options
author | Colin Watson <cjwatson@debian.org> | 2005-09-14 12:45:47 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2005-09-14 12:45:47 +0000 |
commit | 9b71add4cecf753c45f5fbd6ff0913bc95b3e95d (patch) | |
tree | d4ea8fdb30c7949c6433f5277c39548ea579d4dc /cipher.c | |
parent | ed07bcbea56007ab5b218ddf3aa6a7d4e21966e0 (diff) | |
parent | 16704d57999d987fb8d9ba53379841a79f016d67 (diff) |
Merge 4.2p1 to the trunk.
Diffstat (limited to 'cipher.c')
-rw-r--r-- | cipher.c | 102 |
1 files changed, 41 insertions, 61 deletions
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: cipher.c,v 1.73 2005/01/23 10:18:12 djm Exp $"); | 38 | RCSID("$OpenBSD: cipher.c,v 1.77 2005/07/16 01:35:24 djm Exp $"); |
39 | 39 | ||
40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
41 | #include "log.h" | 41 | #include "log.h" |
@@ -43,25 +43,8 @@ RCSID("$OpenBSD: cipher.c,v 1.73 2005/01/23 10:18:12 djm Exp $"); | |||
43 | 43 | ||
44 | #include <openssl/md5.h> | 44 | #include <openssl/md5.h> |
45 | 45 | ||
46 | #if OPENSSL_VERSION_NUMBER < 0x00906000L | 46 | /* compatibility with old or broken OpenSSL versions */ |
47 | #define SSH_OLD_EVP | 47 | #include "openbsd-compat/openssl-compat.h" |
48 | #define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) | ||
49 | #endif | ||
50 | |||
51 | #if OPENSSL_VERSION_NUMBER < 0x00907000L | ||
52 | extern const EVP_CIPHER *evp_rijndael(void); | ||
53 | extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); | ||
54 | #endif | ||
55 | |||
56 | #if !defined(EVP_CTRL_SET_ACSS_MODE) | ||
57 | # if (OPENSSL_VERSION_NUMBER >= 0x00907000L) | ||
58 | extern const EVP_CIPHER *evp_acss(void); | ||
59 | # define EVP_acss evp_acss | ||
60 | # define EVP_CTRL_SET_ACSS_MODE xxx /* used below */ | ||
61 | # else | ||
62 | # define EVP_acss NULL /* Don't try to support ACSS on older OpenSSL */ | ||
63 | # endif /* (OPENSSL_VERSION_NUMBER >= 0x00906000L) */ | ||
64 | #endif /* !defined(EVP_CTRL_SET_ACSS_MODE) */ | ||
65 | 48 | ||
66 | extern const EVP_CIPHER *evp_ssh1_bf(void); | 49 | extern const EVP_CIPHER *evp_ssh1_bf(void); |
67 | extern const EVP_CIPHER *evp_ssh1_3des(void); | 50 | extern const EVP_CIPHER *evp_ssh1_3des(void); |
@@ -74,39 +57,32 @@ struct Cipher { | |||
74 | int number; /* for ssh1 only */ | 57 | int number; /* for ssh1 only */ |
75 | u_int block_size; | 58 | u_int block_size; |
76 | u_int key_len; | 59 | u_int key_len; |
60 | u_int discard_len; | ||
77 | const EVP_CIPHER *(*evptype)(void); | 61 | const EVP_CIPHER *(*evptype)(void); |
78 | } ciphers[] = { | 62 | } ciphers[] = { |
79 | { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, | 63 | { "none", SSH_CIPHER_NONE, 8, 0, 0, EVP_enc_null }, |
80 | { "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, | 64 | { "des", SSH_CIPHER_DES, 8, 8, 0, EVP_des_cbc }, |
81 | { "3des", SSH_CIPHER_3DES, 8, 16, evp_ssh1_3des }, | 65 | { "3des", SSH_CIPHER_3DES, 8, 16, 0, evp_ssh1_3des }, |
82 | { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, evp_ssh1_bf }, | 66 | { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, evp_ssh1_bf }, |
83 | 67 | ||
84 | { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc }, | 68 | { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, EVP_des_ede3_cbc }, |
85 | { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, | 69 | { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, 0, EVP_bf_cbc }, |
86 | { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, | 70 | { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, 0, EVP_cast5_cbc }, |
87 | { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, | 71 | { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 }, |
88 | #if OPENSSL_VERSION_NUMBER < 0x00907000L | 72 | { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 }, |
89 | { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, | 73 | { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 }, |
90 | { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, | 74 | { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_aes_128_cbc }, |
91 | { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, | 75 | { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_aes_192_cbc }, |
76 | { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, | ||
92 | { "rijndael-cbc@lysator.liu.se", | 77 | { "rijndael-cbc@lysator.liu.se", |
93 | SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, | 78 | SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, |
94 | #else | 79 | { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, evp_aes_128_ctr }, |
95 | { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc }, | 80 | { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, evp_aes_128_ctr }, |
96 | { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc }, | 81 | { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, evp_aes_128_ctr }, |
97 | { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, | 82 | #ifdef USE_CIPHER_ACSS |
98 | { "rijndael-cbc@lysator.liu.se", | 83 | { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss }, |
99 | SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, | ||
100 | #endif | ||
101 | #if OPENSSL_VERSION_NUMBER >= 0x00905000L | ||
102 | { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr }, | ||
103 | { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr }, | ||
104 | { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr }, | ||
105 | #endif | 84 | #endif |
106 | #if defined(EVP_CTRL_SET_ACSS_MODE) | 85 | { NULL, SSH_CIPHER_INVALID, 0, 0, 0, NULL } |
107 | { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, EVP_acss }, | ||
108 | #endif | ||
109 | { NULL, SSH_CIPHER_INVALID, 0, 0, NULL } | ||
110 | }; | 86 | }; |
111 | 87 | ||
112 | /*--*/ | 88 | /*--*/ |
@@ -222,8 +198,9 @@ cipher_init(CipherContext *cc, Cipher *cipher, | |||
222 | EVP_CIPHER *type; | 198 | EVP_CIPHER *type; |
223 | #else | 199 | #else |
224 | const EVP_CIPHER *type; | 200 | const EVP_CIPHER *type; |
225 | #endif | ||
226 | int klen; | 201 | int klen; |
202 | #endif | ||
203 | u_char *junk, *discard; | ||
227 | 204 | ||
228 | if (cipher->number == SSH_CIPHER_DES) { | 205 | if (cipher->number == SSH_CIPHER_DES) { |
229 | if (dowarn) { | 206 | if (dowarn) { |
@@ -261,7 +238,7 @@ cipher_init(CipherContext *cc, Cipher *cipher, | |||
261 | fatal("cipher_init: EVP_CipherInit failed for %s", | 238 | fatal("cipher_init: EVP_CipherInit failed for %s", |
262 | cipher->name); | 239 | cipher->name); |
263 | klen = EVP_CIPHER_CTX_key_length(&cc->evp); | 240 | klen = EVP_CIPHER_CTX_key_length(&cc->evp); |
264 | if (klen > 0 && keylen != klen) { | 241 | if (klen > 0 && keylen != (u_int)klen) { |
265 | debug2("cipher_init: set keylen (%d -> %d)", klen, keylen); | 242 | debug2("cipher_init: set keylen (%d -> %d)", klen, keylen); |
266 | if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) | 243 | if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) |
267 | fatal("cipher_init: set keylen failed (%d -> %d)", | 244 | fatal("cipher_init: set keylen failed (%d -> %d)", |
@@ -271,6 +248,17 @@ cipher_init(CipherContext *cc, Cipher *cipher, | |||
271 | fatal("cipher_init: EVP_CipherInit: set key failed for %s", | 248 | fatal("cipher_init: EVP_CipherInit: set key failed for %s", |
272 | cipher->name); | 249 | cipher->name); |
273 | #endif | 250 | #endif |
251 | |||
252 | if (cipher->discard_len > 0) { | ||
253 | junk = xmalloc(cipher->discard_len); | ||
254 | discard = xmalloc(cipher->discard_len); | ||
255 | if (EVP_Cipher(&cc->evp, discard, junk, | ||
256 | cipher->discard_len) == 0) | ||
257 | fatal("evp_crypt: EVP_Cipher failed during discard"); | ||
258 | memset(discard, 0, cipher->discard_len); | ||
259 | xfree(junk); | ||
260 | xfree(discard); | ||
261 | } | ||
274 | } | 262 | } |
275 | 263 | ||
276 | void | 264 | void |
@@ -278,23 +266,15 @@ cipher_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) | |||
278 | { | 266 | { |
279 | if (len % cc->cipher->block_size) | 267 | if (len % cc->cipher->block_size) |
280 | fatal("cipher_encrypt: bad plaintext length %d", len); | 268 | fatal("cipher_encrypt: bad plaintext length %d", len); |
281 | #ifdef SSH_OLD_EVP | ||
282 | EVP_Cipher(&cc->evp, dest, (u_char *)src, len); | ||
283 | #else | ||
284 | if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) | 269 | if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) |
285 | fatal("evp_crypt: EVP_Cipher failed"); | 270 | fatal("evp_crypt: EVP_Cipher failed"); |
286 | #endif | ||
287 | } | 271 | } |
288 | 272 | ||
289 | void | 273 | void |
290 | cipher_cleanup(CipherContext *cc) | 274 | cipher_cleanup(CipherContext *cc) |
291 | { | 275 | { |
292 | #ifdef SSH_OLD_EVP | ||
293 | EVP_CIPHER_CTX_cleanup(&cc->evp); | ||
294 | #else | ||
295 | if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) | 276 | if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) |
296 | error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); | 277 | error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); |
297 | #endif | ||
298 | } | 278 | } |
299 | 279 | ||
300 | /* | 280 | /* |
@@ -349,9 +329,9 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) | |||
349 | case SSH_CIPHER_DES: | 329 | case SSH_CIPHER_DES: |
350 | case SSH_CIPHER_BLOWFISH: | 330 | case SSH_CIPHER_BLOWFISH: |
351 | evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); | 331 | evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); |
352 | if (evplen == 0) | 332 | if (evplen <= 0) |
353 | return; | 333 | return; |
354 | if (evplen != len) | 334 | if ((u_int)evplen != len) |
355 | fatal("%s: wrong iv length %d != %d", __func__, | 335 | fatal("%s: wrong iv length %d != %d", __func__, |
356 | evplen, len); | 336 | evplen, len); |
357 | #if OPENSSL_VERSION_NUMBER < 0x00907000L | 337 | #if OPENSSL_VERSION_NUMBER < 0x00907000L |