summaryrefslogtreecommitdiff
path: root/cipher.c
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2002-06-06 20:50:07 +0000
committerBen Lindstrom <mouring@eviladmin.org>2002-06-06 20:50:07 +0000
commitf088f4374a04f9abd1dc91cb387f75e3bf0c5c56 (patch)
tree24a5a9bfe8c0d2714f1d62e51d30a81aa8384444 /cipher.c
parenta26ea63f8acd883603de9f780f1ff05775e51f78 (diff)
- markus@cvs.openbsd.org 2002/05/30 08:07:31
[cipher.c] use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of our own implementation. allow use of AES hardware via libcrypto, ok deraadt@
Diffstat (limited to 'cipher.c')
-rw-r--r--cipher.c28
1 files changed, 23 insertions, 5 deletions
diff --git a/cipher.c b/cipher.c
index 0078f5aad..db5a7228a 100644
--- a/cipher.c
+++ b/cipher.c
@@ -35,23 +35,25 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: cipher.c,v 1.56 2002/05/16 22:02:50 markus Exp $"); 38RCSID("$OpenBSD: cipher.c,v 1.57 2002/05/30 08:07:31 markus Exp $");
39 39
40#include "xmalloc.h" 40#include "xmalloc.h"
41#include "log.h" 41#include "log.h"
42#include "cipher.h" 42#include "cipher.h"
43 43
44#include <openssl/md5.h> 44#include <openssl/md5.h>
45#include "rijndael.h"
46 45
47#if OPENSSL_VERSION_NUMBER < 0x00906000L 46#if OPENSSL_VERSION_NUMBER < 0x00906000L
48#define SSH_OLD_EVP 47#define SSH_OLD_EVP
49#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) 48#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
50#endif 49#endif
51 50
51#if OPENSSL_VERSION_NUMBER < 0x00907000L
52#include "rijndael.h"
53static const EVP_CIPHER *evp_rijndael(void);
54#endif
52static const EVP_CIPHER *evp_ssh1_3des(void); 55static const EVP_CIPHER *evp_ssh1_3des(void);
53static const EVP_CIPHER *evp_ssh1_bf(void); 56static const EVP_CIPHER *evp_ssh1_bf(void);
54static const EVP_CIPHER *evp_rijndael(void);
55 57
56struct Cipher { 58struct Cipher {
57 char *name; 59 char *name;
@@ -69,11 +71,19 @@ struct Cipher {
69 { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, 71 { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc },
70 { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, 72 { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc },
71 { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, 73 { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 },
74#if OPENSSL_VERSION_NUMBER < 0x00907000L
72 { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, 75 { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael },
73 { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, 76 { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael },
74 { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, 77 { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael },
75 { "rijndael-cbc@lysator.liu.se", 78 { "rijndael-cbc@lysator.liu.se",
76 SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, 79 SSH_CIPHER_SSH2, 16, 32, evp_rijndael },
80#else
81 { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc },
82 { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc },
83 { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc },
84 { "rijndael-cbc@lysator.liu.se",
85 SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc },
86#endif
77 87
78 { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } 88 { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL }
79}; 89};
@@ -444,6 +454,7 @@ evp_ssh1_bf(void)
444 return (&ssh1_bf); 454 return (&ssh1_bf);
445} 455}
446 456
457#if OPENSSL_VERSION_NUMBER < 0x00907000L
447/* RIJNDAEL */ 458/* RIJNDAEL */
448#define RIJNDAEL_BLOCKSIZE 16 459#define RIJNDAEL_BLOCKSIZE 16
449struct ssh_rijndael_ctx 460struct ssh_rijndael_ctx
@@ -548,6 +559,7 @@ evp_rijndael(void)
548#endif 559#endif
549 return (&rijndal_cbc); 560 return (&rijndal_cbc);
550} 561}
562#endif
551 563
552/* 564/*
553 * Exports an IV from the CipherContext required to export the key 565 * Exports an IV from the CipherContext required to export the key
@@ -586,6 +598,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
586 fatal("%s: wrong iv length %d != %d", __FUNCTION__, 598 fatal("%s: wrong iv length %d != %d", __FUNCTION__,
587 evplen, len); 599 evplen, len);
588 600
601#if OPENSSL_VERSION_NUMBER < 0x00907000L
589 if (c->evptype == evp_rijndael) { 602 if (c->evptype == evp_rijndael) {
590 struct ssh_rijndael_ctx *aesc; 603 struct ssh_rijndael_ctx *aesc;
591 604
@@ -593,7 +606,9 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
593 if (aesc == NULL) 606 if (aesc == NULL)
594 fatal("%s: no rijndael context", __FUNCTION__); 607 fatal("%s: no rijndael context", __FUNCTION__);
595 civ = aesc->r_iv; 608 civ = aesc->r_iv;
596 } else { 609 } else
610#endif
611 {
597 civ = cc->evp.iv; 612 civ = cc->evp.iv;
598 } 613 }
599 break; 614 break;
@@ -631,6 +646,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
631 if (evplen == 0) 646 if (evplen == 0)
632 return; 647 return;
633 648
649#if OPENSSL_VERSION_NUMBER < 0x00907000L
634 if (c->evptype == evp_rijndael) { 650 if (c->evptype == evp_rijndael) {
635 struct ssh_rijndael_ctx *aesc; 651 struct ssh_rijndael_ctx *aesc;
636 652
@@ -638,7 +654,9 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
638 if (aesc == NULL) 654 if (aesc == NULL)
639 fatal("%s: no rijndael context", __FUNCTION__); 655 fatal("%s: no rijndael context", __FUNCTION__);
640 div = aesc->r_iv; 656 div = aesc->r_iv;
641 }else { 657 } else
658#endif
659 {
642 div = cc->evp.iv; 660 div = cc->evp.iv;
643 } 661 }
644 break; 662 break;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 07:19:10 +0000