diff options
author | Darren Tucker <dtucker@zip.com.au> | 2005-06-09 21:45:10 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2005-06-09 21:45:10 +1000 |
commit | a55ec7701336230c76b63ad426057146ae516a4f (patch) | |
tree | ce6f737b8fe815e6ce88e60a8cf9e5c610ff34e1 /cipher.c | |
parent | 431f022263a59595dd7894181515832828a950f9 (diff) |
- (dtucker) [cipher.c openbsd-compat/Makefile.in
openbsd-compat/openbsd-compat.{c,h} openbsd-compat/openssl-compat.h]
Move compatibility code for supporting older OpenSSL versions to the
compat layer. Suggested by and "no objection" djm@
Diffstat (limited to 'cipher.c')
-rw-r--r-- | cipher.c | 42 |
1 files changed, 2 insertions, 40 deletions
@@ -43,26 +43,6 @@ RCSID("$OpenBSD: cipher.c,v 1.74 2005/05/23 23:32:46 djm Exp $"); | |||
43 | 43 | ||
44 | #include <openssl/md5.h> | 44 | #include <openssl/md5.h> |
45 | 45 | ||
46 | #if OPENSSL_VERSION_NUMBER < 0x00906000L | ||
47 | #define SSH_OLD_EVP | ||
48 | #define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) | ||
49 | #endif | ||
50 | |||
51 | #if OPENSSL_VERSION_NUMBER < 0x00907000L | ||
52 | extern const EVP_CIPHER *evp_rijndael(void); | ||
53 | extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); | ||
54 | #endif | ||
55 | |||
56 | #if !defined(EVP_CTRL_SET_ACSS_MODE) | ||
57 | # if (OPENSSL_VERSION_NUMBER >= 0x00907000L) | ||
58 | extern const EVP_CIPHER *evp_acss(void); | ||
59 | # define EVP_acss evp_acss | ||
60 | # define EVP_CTRL_SET_ACSS_MODE xxx /* used below */ | ||
61 | # else | ||
62 | # define EVP_acss NULL /* Don't try to support ACSS on older OpenSSL */ | ||
63 | # endif /* (OPENSSL_VERSION_NUMBER >= 0x00906000L) */ | ||
64 | #endif /* !defined(EVP_CTRL_SET_ACSS_MODE) */ | ||
65 | |||
66 | extern const EVP_CIPHER *evp_ssh1_bf(void); | 46 | extern const EVP_CIPHER *evp_ssh1_bf(void); |
67 | extern const EVP_CIPHER *evp_ssh1_3des(void); | 47 | extern const EVP_CIPHER *evp_ssh1_3des(void); |
68 | extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); | 48 | extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); |
@@ -88,25 +68,15 @@ struct Cipher { | |||
88 | { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 }, | 68 | { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 }, |
89 | { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 }, | 69 | { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 }, |
90 | { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 }, | 70 | { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 }, |
91 | #if OPENSSL_VERSION_NUMBER < 0x00907000L | ||
92 | { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, evp_rijndael }, | ||
93 | { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, evp_rijndael }, | ||
94 | { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, evp_rijndael }, | ||
95 | { "rijndael-cbc@lysator.liu.se", | ||
96 | SSH_CIPHER_SSH2, 16, 32, 0, evp_rijndael }, | ||
97 | #else | ||
98 | { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_aes_128_cbc }, | 71 | { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_aes_128_cbc }, |
99 | { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_aes_192_cbc }, | 72 | { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_aes_192_cbc }, |
100 | { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, | 73 | { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, |
101 | { "rijndael-cbc@lysator.liu.se", | 74 | { "rijndael-cbc@lysator.liu.se", |
102 | SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, | 75 | SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, |
103 | #endif | ||
104 | #if OPENSSL_VERSION_NUMBER >= 0x00905000L | ||
105 | { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, evp_aes_128_ctr }, | 76 | { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, evp_aes_128_ctr }, |
106 | { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, evp_aes_128_ctr }, | 77 | { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, evp_aes_128_ctr }, |
107 | { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, evp_aes_128_ctr }, | 78 | { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, evp_aes_128_ctr }, |
108 | #endif | 79 | #ifdef USE_CIPHER_ACSS |
109 | #if defined(EVP_CTRL_SET_ACSS_MODE) | ||
110 | { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss }, | 80 | { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss }, |
111 | #endif | 81 | #endif |
112 | { NULL, SSH_CIPHER_INVALID, 0, 0, 0, NULL } | 82 | { NULL, SSH_CIPHER_INVALID, 0, 0, 0, NULL } |
@@ -225,8 +195,8 @@ cipher_init(CipherContext *cc, Cipher *cipher, | |||
225 | EVP_CIPHER *type; | 195 | EVP_CIPHER *type; |
226 | #else | 196 | #else |
227 | const EVP_CIPHER *type; | 197 | const EVP_CIPHER *type; |
228 | #endif | ||
229 | int klen; | 198 | int klen; |
199 | #endif | ||
230 | u_char *junk, *discard; | 200 | u_char *junk, *discard; |
231 | 201 | ||
232 | if (cipher->number == SSH_CIPHER_DES) { | 202 | if (cipher->number == SSH_CIPHER_DES) { |
@@ -293,23 +263,15 @@ cipher_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) | |||
293 | { | 263 | { |
294 | if (len % cc->cipher->block_size) | 264 | if (len % cc->cipher->block_size) |
295 | fatal("cipher_encrypt: bad plaintext length %d", len); | 265 | fatal("cipher_encrypt: bad plaintext length %d", len); |
296 | #ifdef SSH_OLD_EVP | ||
297 | EVP_Cipher(&cc->evp, dest, (u_char *)src, len); | ||
298 | #else | ||
299 | if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) | 266 | if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) |
300 | fatal("evp_crypt: EVP_Cipher failed"); | 267 | fatal("evp_crypt: EVP_Cipher failed"); |
301 | #endif | ||
302 | } | 268 | } |
303 | 269 | ||
304 | void | 270 | void |
305 | cipher_cleanup(CipherContext *cc) | 271 | cipher_cleanup(CipherContext *cc) |
306 | { | 272 | { |
307 | #ifdef SSH_OLD_EVP | ||
308 | EVP_CIPHER_CTX_cleanup(&cc->evp); | ||
309 | #else | ||
310 | if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) | 273 | if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) |
311 | error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); | 274 | error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); |
312 | #endif | ||
313 | } | 275 | } |
314 | 276 | ||
315 | /* | 277 | /* |