diff options
Diffstat (limited to 'cipher.c')
-rw-r--r-- | cipher.c | 47 |
1 files changed, 36 insertions, 11 deletions
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: cipher.c,v 1.50 2002/01/21 22:30:12 markus Exp $"); | 38 | RCSID("$OpenBSD: cipher.c,v 1.51 2002/02/14 23:41:01 markus Exp $"); |
39 | 39 | ||
40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
41 | #include "log.h" | 41 | #include "log.h" |
@@ -43,6 +43,17 @@ RCSID("$OpenBSD: cipher.c,v 1.50 2002/01/21 22:30:12 markus Exp $"); | |||
43 | 43 | ||
44 | #include <openssl/md5.h> | 44 | #include <openssl/md5.h> |
45 | 45 | ||
46 | struct Cipher { | ||
47 | char *name; | ||
48 | int number; /* for ssh1 only */ | ||
49 | u_int block_size; | ||
50 | u_int key_len; | ||
51 | void (*setkey)(CipherContext *, const u_char *, u_int); | ||
52 | void (*setiv)(CipherContext *, const u_char *, u_int); | ||
53 | void (*encrypt)(CipherContext *, u_char *, const u_char *, u_int); | ||
54 | void (*decrypt)(CipherContext *, u_char *, const u_char *, u_int); | ||
55 | }; | ||
56 | |||
46 | /* no encryption */ | 57 | /* no encryption */ |
47 | static void | 58 | static void |
48 | none_setkey(CipherContext *cc, const u_char *key, u_int keylen) | 59 | none_setkey(CipherContext *cc, const u_char *key, u_int keylen) |
@@ -397,6 +408,18 @@ Cipher ciphers[] = { | |||
397 | 408 | ||
398 | /*--*/ | 409 | /*--*/ |
399 | 410 | ||
411 | u_int | ||
412 | cipher_blocksize(Cipher *c) | ||
413 | { | ||
414 | return (c->block_size); | ||
415 | } | ||
416 | |||
417 | u_int | ||
418 | cipher_keylen(Cipher *c) | ||
419 | { | ||
420 | return (c->key_len); | ||
421 | } | ||
422 | |||
400 | u_int | 423 | u_int |
401 | cipher_mask_ssh1(int client) | 424 | cipher_mask_ssh1(int client) |
402 | { | 425 | { |
@@ -479,8 +502,8 @@ cipher_name(int id) | |||
479 | } | 502 | } |
480 | 503 | ||
481 | void | 504 | void |
482 | cipher_init(CipherContext *cc, Cipher *cipher, | 505 | cipher_init(CipherContext *cc, Cipher *cipher, const u_char *key, |
483 | const u_char *key, u_int keylen, const u_char *iv, u_int ivlen) | 506 | u_int keylen, const u_char *iv, u_int ivlen, int encrypt) |
484 | { | 507 | { |
485 | if (keylen < cipher->key_len) | 508 | if (keylen < cipher->key_len) |
486 | fatal("cipher_init: key length %d is insufficient for %s.", | 509 | fatal("cipher_init: key length %d is insufficient for %s.", |
@@ -489,24 +512,26 @@ cipher_init(CipherContext *cc, Cipher *cipher, | |||
489 | fatal("cipher_init: iv length %d is insufficient for %s.", | 512 | fatal("cipher_init: iv length %d is insufficient for %s.", |
490 | ivlen, cipher->name); | 513 | ivlen, cipher->name); |
491 | cc->cipher = cipher; | 514 | cc->cipher = cipher; |
515 | cc->encrypt = (encrypt == CIPHER_ENCRYPT); | ||
492 | cipher->setkey(cc, key, keylen); | 516 | cipher->setkey(cc, key, keylen); |
493 | cipher->setiv(cc, iv, ivlen); | 517 | cipher->setiv(cc, iv, ivlen); |
494 | } | 518 | } |
495 | 519 | ||
496 | void | 520 | void |
497 | cipher_encrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) | 521 | cipher_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) |
498 | { | 522 | { |
499 | if (len % cc->cipher->block_size) | 523 | if (len % cc->cipher->block_size) |
500 | fatal("cipher_encrypt: bad plaintext length %d", len); | 524 | fatal("cipher_encrypt: bad plaintext length %d", len); |
501 | cc->cipher->encrypt(cc, dest, src, len); | 525 | if (cc->encrypt) |
526 | cc->cipher->encrypt(cc, dest, src, len); | ||
527 | else | ||
528 | cc->cipher->decrypt(cc, dest, src, len); | ||
502 | } | 529 | } |
503 | 530 | ||
504 | void | 531 | void |
505 | cipher_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) | 532 | cipher_cleanup(CipherContext *cc) |
506 | { | 533 | { |
507 | if (len % cc->cipher->block_size) | 534 | memset(cc, 0, sizeof(*cc)); |
508 | fatal("cipher_decrypt: bad ciphertext length %d", len); | ||
509 | cc->cipher->decrypt(cc, dest, src, len); | ||
510 | } | 535 | } |
511 | 536 | ||
512 | /* | 537 | /* |
@@ -516,7 +541,7 @@ cipher_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) | |||
516 | 541 | ||
517 | void | 542 | void |
518 | cipher_set_key_string(CipherContext *cc, Cipher *cipher, | 543 | cipher_set_key_string(CipherContext *cc, Cipher *cipher, |
519 | const char *passphrase) | 544 | const char *passphrase, int encrypt) |
520 | { | 545 | { |
521 | MD5_CTX md; | 546 | MD5_CTX md; |
522 | u_char digest[16]; | 547 | u_char digest[16]; |
@@ -525,7 +550,7 @@ cipher_set_key_string(CipherContext *cc, Cipher *cipher, | |||
525 | MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase)); | 550 | MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase)); |
526 | MD5_Final(digest, &md); | 551 | MD5_Final(digest, &md); |
527 | 552 | ||
528 | cipher_init(cc, cipher, digest, 16, NULL, 0); | 553 | cipher_init(cc, cipher, digest, 16, NULL, 0, encrypt); |
529 | 554 | ||
530 | memset(digest, 0, sizeof(digest)); | 555 | memset(digest, 0, sizeof(digest)); |
531 | memset(&md, 0, sizeof(md)); | 556 | memset(&md, 0, sizeof(md)); |