diff options
author | Damien Miller <djm@mindrot.org> | 1999-11-25 00:26:21 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-11-25 00:26:21 +1100 |
commit | 95def09838fc61b37b6ea7cd5c234a465b4b129b (patch) | |
tree | 042744f76f40a326b873cb1c3690a6d7d966bc3e /cipher.h | |
parent | 4d2f15f895f4c795afc008aeff3fd2ceffbc44f4 (diff) |
- Merged very large OpenBSD source code reformat
- OpenBSD CVS updates
- [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
[ssh.h sshd.8 sshd.c]
syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE
- [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
messages. allows use of s/key in windows (ttssh, securecrt) and
ssh-1.2.27 clients without 'ssh -v', ok: niels@
- [sshd.8]
-V, for fallback to openssh in SSH2 compatibility mode
- [sshd.c]
fix sigchld race; cjc5@po.cwru.edu
Diffstat (limited to 'cipher.h')
-rw-r--r-- | cipher.h | 97 |
1 files changed, 50 insertions, 47 deletions
@@ -1,17 +1,17 @@ | |||
1 | /* | 1 | /* |
2 | 2 | * | |
3 | cipher.h | 3 | * cipher.h |
4 | 4 | * | |
5 | Author: Tatu Ylonen <ylo@cs.hut.fi> | 5 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
6 | 6 | * | |
7 | Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 7 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
8 | All rights reserved | 8 | * All rights reserved |
9 | 9 | * | |
10 | Created: Wed Apr 19 16:50:42 1995 ylo | 10 | * Created: Wed Apr 19 16:50:42 1995 ylo |
11 | 11 | * | |
12 | */ | 12 | */ |
13 | 13 | ||
14 | /* RCSID("$Id: cipher.h,v 1.3 1999/11/16 02:37:16 damien Exp $"); */ | 14 | /* RCSID("$Id: cipher.h,v 1.4 1999/11/24 13:26:22 damien Exp $"); */ |
15 | 15 | ||
16 | #ifndef CIPHER_H | 16 | #ifndef CIPHER_H |
17 | #define CIPHER_H | 17 | #define CIPHER_H |
@@ -29,32 +29,31 @@ Created: Wed Apr 19 16:50:42 1995 ylo | |||
29 | 29 | ||
30 | /* Cipher types. New types can be added, but old types should not be removed | 30 | /* Cipher types. New types can be added, but old types should not be removed |
31 | for compatibility. The maximum allowed value is 31. */ | 31 | for compatibility. The maximum allowed value is 31. */ |
32 | #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ | 32 | #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
33 | #define SSH_CIPHER_NONE 0 /* no encryption */ | 33 | #define SSH_CIPHER_NONE 0 /* no encryption */ |
34 | #define SSH_CIPHER_IDEA 1 /* IDEA CFB */ | 34 | #define SSH_CIPHER_IDEA 1 /* IDEA CFB */ |
35 | #define SSH_CIPHER_DES 2 /* DES CBC */ | 35 | #define SSH_CIPHER_DES 2 /* DES CBC */ |
36 | #define SSH_CIPHER_3DES 3 /* 3DES CBC */ | 36 | #define SSH_CIPHER_3DES 3 /* 3DES CBC */ |
37 | #define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ | 37 | #define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ |
38 | #define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ | 38 | #define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ |
39 | #define SSH_CIPHER_BLOWFISH 6 | 39 | #define SSH_CIPHER_BLOWFISH 6 |
40 | 40 | ||
41 | typedef struct { | 41 | typedef struct { |
42 | unsigned int type; | 42 | unsigned int type; |
43 | union { | 43 | union { |
44 | struct { | 44 | struct { |
45 | des_key_schedule key1; | 45 | des_key_schedule key1; |
46 | des_key_schedule key2; | 46 | des_key_schedule key2; |
47 | des_cblock iv2; | 47 | des_cblock iv2; |
48 | des_key_schedule key3; | 48 | des_key_schedule key3; |
49 | des_cblock iv3; | 49 | des_cblock iv3; |
50 | } des3; | 50 | } des3; |
51 | struct { | 51 | struct { |
52 | struct bf_key_st key; | 52 | struct bf_key_st key; |
53 | unsigned char iv[8]; | 53 | unsigned char iv[8]; |
54 | } bf; | 54 | } bf; |
55 | } u; | 55 | } u; |
56 | } CipherContext; | 56 | } CipherContext; |
57 | |||
58 | /* Returns a bit mask indicating which ciphers are supported by this | 57 | /* Returns a bit mask indicating which ciphers are supported by this |
59 | implementation. The bit mask has the corresponding bit set of each | 58 | implementation. The bit mask has the corresponding bit set of each |
60 | supported cipher. */ | 59 | supported cipher. */ |
@@ -65,28 +64,32 @@ const char *cipher_name(int cipher); | |||
65 | 64 | ||
66 | /* Parses the name of the cipher. Returns the number of the corresponding | 65 | /* Parses the name of the cipher. Returns the number of the corresponding |
67 | cipher, or -1 on error. */ | 66 | cipher, or -1 on error. */ |
68 | int cipher_number(const char *name); | 67 | int cipher_number(const char *name); |
69 | 68 | ||
70 | /* Selects the cipher to use and sets the key. If for_encryption is true, | 69 | /* Selects the cipher to use and sets the key. If for_encryption is true, |
71 | the key is setup for encryption; otherwise it is setup for decryption. */ | 70 | the key is setup for encryption; otherwise it is setup for decryption. */ |
72 | void cipher_set_key(CipherContext *context, int cipher, | 71 | void |
73 | const unsigned char *key, int keylen, int for_encryption); | 72 | cipher_set_key(CipherContext * context, int cipher, |
73 | const unsigned char *key, int keylen, int for_encryption); | ||
74 | 74 | ||
75 | /* Sets key for the cipher by computing the MD5 checksum of the passphrase, | 75 | /* Sets key for the cipher by computing the MD5 checksum of the passphrase, |
76 | and using the resulting 16 bytes as the key. */ | 76 | and using the resulting 16 bytes as the key. */ |
77 | void cipher_set_key_string(CipherContext *context, int cipher, | 77 | void |
78 | const char *passphrase, int for_encryption); | 78 | cipher_set_key_string(CipherContext * context, int cipher, |
79 | const char *passphrase, int for_encryption); | ||
79 | 80 | ||
80 | /* Encrypts data using the cipher. */ | 81 | /* Encrypts data using the cipher. */ |
81 | void cipher_encrypt(CipherContext *context, unsigned char *dest, | 82 | void |
82 | const unsigned char *src, unsigned int len); | 83 | cipher_encrypt(CipherContext * context, unsigned char *dest, |
84 | const unsigned char *src, unsigned int len); | ||
83 | 85 | ||
84 | /* Decrypts data using the cipher. */ | 86 | /* Decrypts data using the cipher. */ |
85 | void cipher_decrypt(CipherContext *context, unsigned char *dest, | 87 | void |
86 | const unsigned char *src, unsigned int len); | 88 | cipher_decrypt(CipherContext * context, unsigned char *dest, |
89 | const unsigned char *src, unsigned int len); | ||
87 | 90 | ||
88 | /* If and CRC-32 attack is detected this function is called. Defaults | 91 | /* If and CRC-32 attack is detected this function is called. Defaults |
89 | * to fatal, changed to packet_disconnect in sshd and ssh. */ | 92 | * to fatal, changed to packet_disconnect in sshd and ssh. */ |
90 | extern void (*cipher_attack_detected)(const char *fmt, ...); | 93 | extern void (*cipher_attack_detected) (const char *fmt,...); |
91 | 94 | ||
92 | #endif /* CIPHER_H */ | 95 | #endif /* CIPHER_H */ |