]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * | |
3 | * cipher.h | |
4 | * | |
5 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | |
6 | * | |
7 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | |
8 | * All rights reserved | |
9 | * | |
10 | * Created: Wed Apr 19 16:50:42 1995 ylo | |
11 | * | |
12 | */ | |
13 | ||
14 | /* RCSID("$Id$"); */ | |
15 | ||
16 | #ifndef CIPHER_H | |
17 | #define CIPHER_H | |
18 | ||
19 | #include <openssl/des.h> | |
20 | #include <openssl/blowfish.h> | |
21 | #include <openssl/rc4.h> | |
22 | #include <openssl/cast.h> | |
23 | ||
24 | /* Cipher types. New types can be added, but old types should not be removed | |
25 | for compatibility. The maximum allowed value is 31. */ | |
26 | #define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */ | |
27 | #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ | |
28 | #define SSH_CIPHER_NONE 0 /* no encryption */ | |
29 | #define SSH_CIPHER_IDEA 1 /* IDEA CFB */ | |
30 | #define SSH_CIPHER_DES 2 /* DES CBC */ | |
31 | #define SSH_CIPHER_3DES 3 /* 3DES CBC */ | |
32 | #define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ | |
33 | #define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ | |
34 | #define SSH_CIPHER_BLOWFISH 6 | |
35 | #define SSH_CIPHER_RESERVED 7 | |
36 | ||
37 | /* these ciphers are used in SSH2: */ | |
38 | #define SSH_CIPHER_BLOWFISH_CBC 8 | |
39 | #define SSH_CIPHER_3DES_CBC 9 | |
40 | #define SSH_CIPHER_ARCFOUR 10 /* Alleged RC4 */ | |
41 | #define SSH_CIPHER_CAST128_CBC 11 | |
42 | ||
43 | typedef struct { | |
44 | unsigned int type; | |
45 | union { | |
46 | struct { | |
47 | des_key_schedule key1; | |
48 | des_key_schedule key2; | |
49 | des_cblock iv2; | |
50 | des_key_schedule key3; | |
51 | des_cblock iv3; | |
52 | } des3; | |
53 | struct { | |
54 | struct bf_key_st key; | |
55 | unsigned char iv[8]; | |
56 | } bf; | |
57 | struct { | |
58 | CAST_KEY key; | |
59 | unsigned char iv[8]; | |
60 | } cast; | |
61 | RC4_KEY rc4; | |
62 | } u; | |
63 | } CipherContext; | |
64 | /* | |
65 | * Returns a bit mask indicating which ciphers are supported by this | |
66 | * implementation. The bit mask has the corresponding bit set of each | |
67 | * supported cipher. | |
68 | */ | |
69 | unsigned int cipher_mask(); | |
70 | unsigned int cipher_mask1(); | |
71 | unsigned int cipher_mask2(); | |
72 | ||
73 | /* Returns the name of the cipher. */ | |
74 | const char *cipher_name(int cipher); | |
75 | ||
76 | /* | |
77 | * Parses the name of the cipher. Returns the number of the corresponding | |
78 | * cipher, or -1 on error. | |
79 | */ | |
80 | int cipher_number(const char *name); | |
81 | ||
82 | /* returns 1 if all ciphers are supported (ssh2 only) */ | |
83 | int ciphers_valid(const char *names); | |
84 | ||
85 | /* | |
86 | * Selects the cipher to use and sets the key. If for_encryption is true, | |
87 | * the key is setup for encryption; otherwise it is setup for decryption. | |
88 | */ | |
89 | void | |
90 | cipher_set_key(CipherContext * context, int cipher, | |
91 | const unsigned char *key, int keylen); | |
92 | void | |
93 | cipher_set_key_iv(CipherContext * context, int cipher, | |
94 | const unsigned char *key, int keylen, | |
95 | const unsigned char *iv, int ivlen); | |
96 | ||
97 | /* | |
98 | * Sets key for the cipher by computing the MD5 checksum of the passphrase, | |
99 | * and using the resulting 16 bytes as the key. | |
100 | */ | |
101 | void | |
102 | cipher_set_key_string(CipherContext * context, int cipher, | |
103 | const char *passphrase); | |
104 | ||
105 | /* Encrypts data using the cipher. */ | |
106 | void | |
107 | cipher_encrypt(CipherContext * context, unsigned char *dest, | |
108 | const unsigned char *src, unsigned int len); | |
109 | ||
110 | /* Decrypts data using the cipher. */ | |
111 | void | |
112 | cipher_decrypt(CipherContext * context, unsigned char *dest, | |
113 | const unsigned char *src, unsigned int len); | |
114 | ||
115 | #endif /* CIPHER_H */ |