]>
Commit | Line | Data |
---|---|---|
8efc0c15 | 1 | /* |
2 | ||
3 | cipher.h | |
4 | ||
5 | Author: Tatu Ylonen <ylo@cs.hut.fi> | |
6 | ||
7 | Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | |
8 | All rights reserved | |
9 | ||
10 | Created: Wed Apr 19 16:50:42 1995 ylo | |
11 | ||
12 | */ | |
13 | ||
14 | /* RCSID("$Id$"); */ | |
15 | ||
5881cd60 | 16 | #include "config.h" |
17 | ||
8efc0c15 | 18 | #ifndef CIPHER_H |
19 | #define CIPHER_H | |
20 | ||
5881cd60 | 21 | #ifdef HAVE_OPENSSL |
8efc0c15 | 22 | #include <openssl/des.h> |
23 | #include <openssl/blowfish.h> | |
5881cd60 | 24 | #endif |
25 | #ifdef HAVE_SSL | |
26 | #include <ssl/des.h> | |
27 | #include <ssl/blowfish.h> | |
28 | #endif | |
8efc0c15 | 29 | |
30 | /* Cipher types. New types can be added, but old types should not be removed | |
31 | for compatibility. The maximum allowed value is 31. */ | |
32 | #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ | |
33 | #define SSH_CIPHER_NONE 0 /* no encryption */ | |
34 | #define SSH_CIPHER_IDEA 1 /* IDEA CFB */ | |
35 | #define SSH_CIPHER_DES 2 /* DES CBC */ | |
36 | #define SSH_CIPHER_3DES 3 /* 3DES CBC */ | |
37 | #define SSH_CIPHER_TSS 4 /* TRI's Simple Stream encryption CBC */ | |
38 | #define SSH_CIPHER_RC4 5 /* Alleged RC4 */ | |
39 | #define SSH_CIPHER_BLOWFISH 6 | |
40 | ||
41 | typedef struct { | |
42 | unsigned int type; | |
43 | union { | |
44 | struct { | |
45 | des_key_schedule key1; | |
46 | des_key_schedule key2; | |
47 | des_cblock iv2; | |
48 | des_key_schedule key3; | |
49 | des_cblock iv3; | |
50 | } des3; | |
51 | struct { | |
52 | struct bf_key_st key; | |
53 | unsigned char iv[8]; | |
54 | } bf; | |
55 | } u; | |
56 | } CipherContext; | |
57 | ||
58 | /* Returns a bit mask indicating which ciphers are supported by this | |
59 | implementation. The bit mask has the corresponding bit set of each | |
60 | supported cipher. */ | |
61 | unsigned int cipher_mask(); | |
62 | ||
63 | /* Returns the name of the cipher. */ | |
64 | const char *cipher_name(int cipher); | |
65 | ||
66 | /* Parses the name of the cipher. Returns the number of the corresponding | |
67 | cipher, or -1 on error. */ | |
68 | int cipher_number(const char *name); | |
69 | ||
70 | /* Selects the cipher to use and sets the key. If for_encryption is true, | |
71 | the key is setup for encryption; otherwise it is setup for decryption. */ | |
72 | void cipher_set_key(CipherContext *context, int cipher, | |
73 | const unsigned char *key, int keylen, int for_encryption); | |
74 | ||
75 | /* Sets key for the cipher by computing the MD5 checksum of the passphrase, | |
76 | and using the resulting 16 bytes as the key. */ | |
77 | void cipher_set_key_string(CipherContext *context, int cipher, | |
78 | const char *passphrase, int for_encryption); | |
79 | ||
80 | /* Encrypts data using the cipher. */ | |
81 | void cipher_encrypt(CipherContext *context, unsigned char *dest, | |
82 | const unsigned char *src, unsigned int len); | |
83 | ||
84 | /* Decrypts data using the cipher. */ | |
85 | void cipher_decrypt(CipherContext *context, unsigned char *dest, | |
86 | const unsigned char *src, unsigned int len); | |
87 | ||
88 | /* If and CRC-32 attack is detected this function is called. Defaults | |
89 | * to fatal, changed to packet_disconnect in sshd and ssh. */ | |
90 | extern void (*cipher_attack_detected)(const char *fmt, ...); | |
91 | ||
92 | #endif /* CIPHER_H */ |