]>
Commit | Line | Data |
---|---|---|
52607c0f | 1 | /* $Id$ */ |
2 | ||
3 | /* | |
4 | * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> | |
5 | * | |
6 | * Permission to use, copy, modify, and distribute this software for any | |
7 | * purpose with or without fee is hereby granted, provided that the above | |
8 | * copyright notice and this permission notice appear in all copies. | |
9 | * | |
10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |
11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |
12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | |
13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
14 | * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER | |
15 | * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING | |
16 | * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
17 | */ | |
18 | ||
19 | #include "includes.h" | |
20 | #include <openssl/evp.h> | |
21 | ||
22 | #if OPENSSL_VERSION_NUMBER < 0x00906000L | |
23 | # define SSH_OLD_EVP | |
24 | # define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) | |
cc43e894 | 25 | # define USE_BUILTIN_RIJNDAEL |
26 | #endif | |
27 | ||
bff0be25 | 28 | #if (OPENSSL_VERSION_NUMBER < 0x00907000L) || defined(OPENSSL_LOBOTOMISED_AES) |
29 | # define USE_BUILTIN_RIJNDAEL | |
30 | #endif | |
31 | ||
cc43e894 | 32 | #ifdef USE_BUILTIN_RIJNDAEL |
33 | # include "rijndael.h" | |
34 | # define AES_KEY rijndael_ctx | |
35 | # define AES_BLOCK_SIZE 16 | |
36 | # define AES_encrypt(a, b, c) rijndael_encrypt(c, a, b) | |
37 | # define AES_set_encrypt_key(a, b, c) rijndael_set_key(c, (char *)a, b, 1) | |
52607c0f | 38 | # define EVP_aes_128_cbc evp_rijndael |
39 | # define EVP_aes_192_cbc evp_rijndael | |
40 | # define EVP_aes_256_cbc evp_rijndael | |
41 | extern const EVP_CIPHER *evp_rijndael(void); | |
42 | extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); | |
43 | #endif | |
44 | ||
45 | #if !defined(EVP_CTRL_SET_ACSS_MODE) | |
46 | # if (OPENSSL_VERSION_NUMBER >= 0x00907000L) | |
47 | # define USE_CIPHER_ACSS 1 | |
48 | extern const EVP_CIPHER *evp_acss(void); | |
49 | # define EVP_acss evp_acss | |
50 | # else | |
51 | # define EVP_acss NULL | |
52 | # endif | |
53 | #endif | |
54 | ||
190d9b26 | 55 | /* OpenSSL 0.9.8e returns cipher key len not context key len */ |
56 | #if (OPENSSL_VERSION_NUMBER == 0x0090805fL) | |
57 | # define EVP_CIPHER_CTX_key_length(c) ((c)->key_len) | |
58 | #endif | |
59 | ||
52607c0f | 60 | /* |
60e10887 | 61 | * We overload some of the OpenSSL crypto functions with ssh_* equivalents |
62 | * which cater for older and/or less featureful OpenSSL version. | |
63 | * | |
64 | * In order for the compat library to call the real functions, it must | |
65 | * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and | |
66 | * implement the ssh_* equivalents. | |
52607c0f | 67 | */ |
c7ad0d99 | 68 | #ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS |
52607c0f | 69 | |
c7ad0d99 | 70 | # ifdef SSH_OLD_EVP |
52607c0f | 71 | # ifdef EVP_Cipher |
72 | # undef EVP_Cipher | |
73 | # endif | |
52607c0f | 74 | # define EVP_CipherInit(a,b,c,d,e) ssh_EVP_CipherInit((a),(b),(c),(d),(e)) |
75 | # define EVP_Cipher(a,b,c,d) ssh_EVP_Cipher((a),(b),(c),(d)) | |
76 | # define EVP_CIPHER_CTX_cleanup(a) ssh_EVP_CIPHER_CTX_cleanup((a)) | |
c7ad0d99 | 77 | # endif /* SSH_OLD_EVP */ |
78 | ||
15101d77 | 79 | # ifdef USE_OPENSSL_ENGINE |
80 | # ifdef SSLeay_add_all_algorithms | |
81 | # undef SSLeay_add_all_algorithms | |
82 | # endif | |
83 | # define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms() | |
15101d77 | 84 | #endif |
52607c0f | 85 | |
86 | int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *, | |
87 | unsigned char *, int); | |
88 | int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int); | |
89 | int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); | |
0244ad55 | 90 | void ssh_SSLeay_add_all_algorithms(void); |
c7ad0d99 | 91 | #endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ |