]>
Commit | Line | Data |
---|---|---|
8efc0c15 | 1 | /* |
5260325f | 2 | * |
3 | * cipher.h | |
4 | * | |
5 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | |
6 | * | |
7 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | |
8 | * All rights reserved | |
9 | * | |
10 | * Created: Wed Apr 19 16:50:42 1995 ylo | |
11 | * | |
12 | */ | |
8efc0c15 | 13 | |
14 | /* RCSID("$Id$"); */ | |
15 | ||
16 | #ifndef CIPHER_H | |
17 | #define CIPHER_H | |
18 | ||
4d195447 | 19 | #include "config.h" |
20 | ||
5881cd60 | 21 | #ifdef HAVE_OPENSSL |
8efc0c15 | 22 | #include <openssl/des.h> |
23 | #include <openssl/blowfish.h> | |
5881cd60 | 24 | #endif |
25 | #ifdef HAVE_SSL | |
26 | #include <ssl/des.h> | |
27 | #include <ssl/blowfish.h> | |
28 | #endif | |
8efc0c15 | 29 | |
30 | /* Cipher types. New types can be added, but old types should not be removed | |
31 | for compatibility. The maximum allowed value is 31. */ | |
5260325f | 32 | #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
33 | #define SSH_CIPHER_NONE 0 /* no encryption */ | |
34 | #define SSH_CIPHER_IDEA 1 /* IDEA CFB */ | |
35 | #define SSH_CIPHER_DES 2 /* DES CBC */ | |
36 | #define SSH_CIPHER_3DES 3 /* 3DES CBC */ | |
37 | #define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ | |
38 | #define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ | |
8efc0c15 | 39 | #define SSH_CIPHER_BLOWFISH 6 |
40 | ||
41 | typedef struct { | |
5260325f | 42 | unsigned int type; |
43 | union { | |
44 | struct { | |
45 | des_key_schedule key1; | |
46 | des_key_schedule key2; | |
47 | des_cblock iv2; | |
48 | des_key_schedule key3; | |
49 | des_cblock iv3; | |
50 | } des3; | |
51 | struct { | |
52 | struct bf_key_st key; | |
53 | unsigned char iv[8]; | |
54 | } bf; | |
55 | } u; | |
56 | } CipherContext; | |
8efc0c15 | 57 | /* Returns a bit mask indicating which ciphers are supported by this |
58 | implementation. The bit mask has the corresponding bit set of each | |
59 | supported cipher. */ | |
60 | unsigned int cipher_mask(); | |
61 | ||
62 | /* Returns the name of the cipher. */ | |
63 | const char *cipher_name(int cipher); | |
64 | ||
65 | /* Parses the name of the cipher. Returns the number of the corresponding | |
66 | cipher, or -1 on error. */ | |
5260325f | 67 | int cipher_number(const char *name); |
8efc0c15 | 68 | |
69 | /* Selects the cipher to use and sets the key. If for_encryption is true, | |
70 | the key is setup for encryption; otherwise it is setup for decryption. */ | |
5260325f | 71 | void |
72 | cipher_set_key(CipherContext * context, int cipher, | |
73 | const unsigned char *key, int keylen, int for_encryption); | |
8efc0c15 | 74 | |
75 | /* Sets key for the cipher by computing the MD5 checksum of the passphrase, | |
76 | and using the resulting 16 bytes as the key. */ | |
5260325f | 77 | void |
78 | cipher_set_key_string(CipherContext * context, int cipher, | |
79 | const char *passphrase, int for_encryption); | |
8efc0c15 | 80 | |
81 | /* Encrypts data using the cipher. */ | |
5260325f | 82 | void |
83 | cipher_encrypt(CipherContext * context, unsigned char *dest, | |
84 | const unsigned char *src, unsigned int len); | |
8efc0c15 | 85 | |
86 | /* Decrypts data using the cipher. */ | |
5260325f | 87 | void |
88 | cipher_decrypt(CipherContext * context, unsigned char *dest, | |
89 | const unsigned char *src, unsigned int len); | |
8efc0c15 | 90 | |
91 | /* If and CRC-32 attack is detected this function is called. Defaults | |
92 | * to fatal, changed to packet_disconnect in sshd and ssh. */ | |
5260325f | 93 | extern void (*cipher_attack_detected) (const char *fmt,...); |
8efc0c15 | 94 | |
5260325f | 95 | #endif /* CIPHER_H */ |