summaryrefslogtreecommitdiff
path: root/cipher.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2005-06-09 21:45:10 +1000
committerDarren Tucker <dtucker@zip.com.au>2005-06-09 21:45:10 +1000
commita55ec7701336230c76b63ad426057146ae516a4f (patch)
treece6f737b8fe815e6ce88e60a8cf9e5c610ff34e1 /cipher.c
parent431f022263a59595dd7894181515832828a950f9 (diff)
- (dtucker) [cipher.c openbsd-compat/Makefile.in
openbsd-compat/openbsd-compat.{c,h} openbsd-compat/openssl-compat.h] Move compatibility code for supporting older OpenSSL versions to the compat layer. Suggested by and "no objection" djm@
Diffstat (limited to 'cipher.c')
-rw-r--r--cipher.c42
1 files changed, 2 insertions, 40 deletions
diff --git a/cipher.c b/cipher.c
index b56492940..df46c0175 100644
--- a/cipher.c
+++ b/cipher.c
@@ -43,26 +43,6 @@ RCSID("$OpenBSD: cipher.c,v 1.74 2005/05/23 23:32:46 djm Exp $");
43 43
44#include <openssl/md5.h> 44#include <openssl/md5.h>
45 45
46#if OPENSSL_VERSION_NUMBER < 0x00906000L
47#define SSH_OLD_EVP
48#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
49#endif
50
51#if OPENSSL_VERSION_NUMBER < 0x00907000L
52extern const EVP_CIPHER *evp_rijndael(void);
53extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);
54#endif
55
56#if !defined(EVP_CTRL_SET_ACSS_MODE)
57# if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
58extern const EVP_CIPHER *evp_acss(void);
59# define EVP_acss evp_acss
60# define EVP_CTRL_SET_ACSS_MODE xxx /* used below */
61# else
62# define EVP_acss NULL /* Don't try to support ACSS on older OpenSSL */
63# endif /* (OPENSSL_VERSION_NUMBER >= 0x00906000L) */
64#endif /* !defined(EVP_CTRL_SET_ACSS_MODE) */
65
66extern const EVP_CIPHER *evp_ssh1_bf(void); 46extern const EVP_CIPHER *evp_ssh1_bf(void);
67extern const EVP_CIPHER *evp_ssh1_3des(void); 47extern const EVP_CIPHER *evp_ssh1_3des(void);
68extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); 48extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
@@ -88,25 +68,15 @@ struct Cipher {
88 { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 }, 68 { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 },
89 { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 }, 69 { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 },
90 { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 }, 70 { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 },
91#if OPENSSL_VERSION_NUMBER < 0x00907000L
92 { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, evp_rijndael },
93 { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, evp_rijndael },
94 { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, evp_rijndael },
95 { "rijndael-cbc@lysator.liu.se",
96 SSH_CIPHER_SSH2, 16, 32, 0, evp_rijndael },
97#else
98 { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_aes_128_cbc }, 71 { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_aes_128_cbc },
99 { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_aes_192_cbc }, 72 { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_aes_192_cbc },
100 { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, 73 { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc },
101 { "rijndael-cbc@lysator.liu.se", 74 { "rijndael-cbc@lysator.liu.se",
102 SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, 75 SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc },
103#endif
104#if OPENSSL_VERSION_NUMBER >= 0x00905000L
105 { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, evp_aes_128_ctr }, 76 { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, evp_aes_128_ctr },
106 { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, evp_aes_128_ctr }, 77 { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, evp_aes_128_ctr },
107 { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, evp_aes_128_ctr }, 78 { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, evp_aes_128_ctr },
108#endif 79#ifdef USE_CIPHER_ACSS
109#if defined(EVP_CTRL_SET_ACSS_MODE)
110 { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss }, 80 { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss },
111#endif 81#endif
112 { NULL, SSH_CIPHER_INVALID, 0, 0, 0, NULL } 82 { NULL, SSH_CIPHER_INVALID, 0, 0, 0, NULL }
@@ -225,8 +195,8 @@ cipher_init(CipherContext *cc, Cipher *cipher,
225 EVP_CIPHER *type; 195 EVP_CIPHER *type;
226#else 196#else
227 const EVP_CIPHER *type; 197 const EVP_CIPHER *type;
228#endif
229 int klen; 198 int klen;
199#endif
230 u_char *junk, *discard; 200 u_char *junk, *discard;
231 201
232 if (cipher->number == SSH_CIPHER_DES) { 202 if (cipher->number == SSH_CIPHER_DES) {
@@ -293,23 +263,15 @@ cipher_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
293{ 263{
294 if (len % cc->cipher->block_size) 264 if (len % cc->cipher->block_size)
295 fatal("cipher_encrypt: bad plaintext length %d", len); 265 fatal("cipher_encrypt: bad plaintext length %d", len);
296#ifdef SSH_OLD_EVP
297 EVP_Cipher(&cc->evp, dest, (u_char *)src, len);
298#else
299 if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) 266 if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0)
300 fatal("evp_crypt: EVP_Cipher failed"); 267 fatal("evp_crypt: EVP_Cipher failed");
301#endif
302} 268}
303 269
304void 270void
305cipher_cleanup(CipherContext *cc) 271cipher_cleanup(CipherContext *cc)
306{ 272{
307#ifdef SSH_OLD_EVP
308 EVP_CIPHER_CTX_cleanup(&cc->evp);
309#else
310 if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) 273 if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0)
311 error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); 274 error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed");
312#endif
313} 275}
314 276
315/* 277/*
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 14:32:02 +0000