+/* $OpenBSD: cipher.h,v 1.37 2009/01/26 09:58:15 markus Exp $ */
+
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* RCSID("$OpenBSD: cipher.h,v 1.22 2000/10/13 18:59:14 markus Exp $"); */
-
#ifndef CIPHER_H
#define CIPHER_H
-#include <openssl/des.h>
-#include <openssl/blowfish.h>
-#include <openssl/rc4.h>
-#include <openssl/cast.h>
-#include "rijndael.h"
+#include <openssl/evp.h>
/*
* Cipher types for SSH-1. New types can be added, but old types should not
* be removed for compatibility. The maximum allowed value is 31.
*/
#define SSH_CIPHER_SSH2 -3
-#define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */
+#define SSH_CIPHER_INVALID -2 /* No valid cipher selected. */
#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */
#define SSH_CIPHER_NONE 0 /* no encryption */
#define SSH_CIPHER_IDEA 1 /* IDEA CFB */
#define SSH_CIPHER_RESERVED 7
#define SSH_CIPHER_MAX 31
+#define CIPHER_ENCRYPT 1
+#define CIPHER_DECRYPT 0
+
typedef struct Cipher Cipher;
typedef struct CipherContext CipherContext;
+struct Cipher;
struct CipherContext {
- union {
- struct {
- des_key_schedule key;
- des_cblock iv;
- } des;
- struct {
- des_key_schedule key1;
- des_key_schedule key2;
- des_cblock iv2;
- des_key_schedule key3;
- des_cblock iv3;
- } des3;
- struct {
- struct bf_key_st key;
- u_char iv[8];
- } bf;
- struct {
- CAST_KEY key;
- u_char iv[8];
- } cast;
- struct {
- u4byte iv[4];
- rijndael_ctx enc;
- rijndael_ctx dec;
- } rijndael;
- RC4_KEY rc4;
- } u;
+ int plaintext;
+ EVP_CIPHER_CTX evp;
Cipher *cipher;
};
-struct Cipher {
- char *name;
- int number; /* for ssh1 only */
- u_int block_size;
- u_int key_len;
- void (*setkey)(CipherContext *, const u_char *, u_int);
- void (*setiv)(CipherContext *, const u_char *, u_int);
- void (*encrypt)(CipherContext *, u_char *, const u_char *, u_int);
- void (*decrypt)(CipherContext *, u_char *, const u_char *, u_int);
-};
-unsigned int cipher_mask_ssh1(int client);
-Cipher *cipher_by_name(const char *name);
-Cipher *cipher_by_number(int id);
-int cipher_number(const char *name);
-char *cipher_name(int id);
-int ciphers_valid(const char *names);
-void cipher_init(CipherContext *, Cipher *, const u_char *, u_int, const u_char *, u_int);
-void cipher_encrypt(CipherContext *context, u_char *dest, const u_char *src, u_int len);
-void cipher_decrypt(CipherContext *context, u_char *dest, const u_char *src, u_int len);
-void cipher_set_key_string(CipherContext *context, Cipher *cipher, const char *passphrase);
+u_int cipher_mask_ssh1(int);
+Cipher *cipher_by_name(const char *);
+Cipher *cipher_by_number(int);
+int cipher_number(const char *);
+char *cipher_name(int);
+int ciphers_valid(const char *);
+void cipher_init(CipherContext *, Cipher *, const u_char *, u_int,
+ const u_char *, u_int, int);
+void cipher_crypt(CipherContext *, u_char *, const u_char *, u_int);
+void cipher_cleanup(CipherContext *);
+void cipher_set_key_string(CipherContext *, Cipher *, const char *, int);
+u_int cipher_blocksize(const Cipher *);
+u_int cipher_keylen(const Cipher *);
+u_int cipher_is_cbc(const Cipher *);
+u_int cipher_get_number(const Cipher *);
+void cipher_get_keyiv(CipherContext *, u_char *, u_int);
+void cipher_set_keyiv(CipherContext *, u_char *);
+int cipher_get_keyiv_len(const CipherContext *);
+int cipher_get_keycontext(const CipherContext *, u_char *);
+void cipher_set_keycontext(CipherContext *, u_char *);
#endif /* CIPHER_H */