2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6 * As far as I am concerned, the code I have written for this software
7 * can be used freely for any purpose. Any derived versions of this
8 * software must be clearly marked as such, and if the derived work is
9 * incompatible with the protocol description in the RFC file, it must be
10 * called by a name other than "ssh" or "Secure Shell".
13 /* RCSID("$OpenBSD: cipher.h,v 1.19 2000/09/07 20:27:50 deraadt Exp $"); */
18 #include <openssl/des.h>
19 #include <openssl/blowfish.h>
20 #include <openssl/rc4.h>
21 #include <openssl/cast.h>
23 /* Cipher types. New types can be added, but old types should not be removed
24 for compatibility. The maximum allowed value is 31. */
25 #define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */
26 #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */
27 #define SSH_CIPHER_NONE 0 /* no encryption */
28 #define SSH_CIPHER_IDEA 1 /* IDEA CFB */
29 #define SSH_CIPHER_DES 2 /* DES CBC */
30 #define SSH_CIPHER_3DES 3 /* 3DES CBC */
31 #define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */
32 #define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */
33 #define SSH_CIPHER_BLOWFISH 6
34 #define SSH_CIPHER_RESERVED 7
36 /* these ciphers are used in SSH2: */
37 #define SSH_CIPHER_BLOWFISH_CBC 8
38 #define SSH_CIPHER_3DES_CBC 9
39 #define SSH_CIPHER_ARCFOUR 10 /* Alleged RC4 */
40 #define SSH_CIPHER_CAST128_CBC 11
46 des_key_schedule key1;
47 des_key_schedule key2;
49 des_key_schedule key3;
64 * Returns a bit mask indicating which ciphers are supported by this
65 * implementation. The bit mask has the corresponding bit set of each
68 unsigned int cipher_mask();
69 unsigned int cipher_mask1();
70 unsigned int cipher_mask2();
72 /* Returns the name of the cipher. */
73 const char *cipher_name(int cipher);
76 * Parses the name of the cipher. Returns the number of the corresponding
77 * cipher, or -1 on error.
79 int cipher_number(const char *name);
81 /* returns 1 if all ciphers are supported (ssh2 only) */
82 int ciphers_valid(const char *names);
85 * Selects the cipher to use and sets the key. If for_encryption is true,
86 * the key is setup for encryption; otherwise it is setup for decryption.
89 cipher_set_key(CipherContext * context, int cipher,
90 const unsigned char *key, int keylen);
92 cipher_set_key_iv(CipherContext * context, int cipher,
93 const unsigned char *key, int keylen,
94 const unsigned char *iv, int ivlen);
97 * Sets key for the cipher by computing the MD5 checksum of the passphrase,
98 * and using the resulting 16 bytes as the key.
101 cipher_set_key_string(CipherContext * context, int cipher,
102 const char *passphrase);
104 /* Encrypts data using the cipher. */
106 cipher_encrypt(CipherContext * context, unsigned char *dest,
107 const unsigned char *src, unsigned int len);
109 /* Decrypts data using the cipher. */
111 cipher_decrypt(CipherContext * context, unsigned char *dest,
112 const unsigned char *src, unsigned int len);
114 #endif /* CIPHER_H */