]> andersk Git - openssh.git/blobdiff - cipher.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- (djm) Add --with-superuser-path=xxx configure option to specify what $PATH
[openssh.git] / cipher.c
diff --git a/cipher.c b/cipher.c
index 7a9c9c4918340936a49fca003d0c484d1ace6023..86d923409c55d70c784ea15b5294863001253ea6 100644 (file)
--- a/cipher.c
+++ b/cipher.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.53 2002/03/18 17:13:15 markus Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.55 2002/04/03 09:26:11 markus Exp $");
 
 #include "xmalloc.h"
 #include "log.h"
@@ -72,23 +72,25 @@ struct Cipher {
        { "aes128-cbc",         SSH_CIPHER_SSH2, 16, 16, evp_rijndael },
        { "aes192-cbc",         SSH_CIPHER_SSH2, 16, 24, evp_rijndael },
        { "aes256-cbc",         SSH_CIPHER_SSH2, 16, 32, evp_rijndael },
+       { "rijndael-cbc@lysator.liu.se",
+                               SSH_CIPHER_SSH2, 16, 32, evp_rijndael },
 
        { NULL,                 SSH_CIPHER_ILLEGAL, 0, 0, NULL }
 };
 
 /*--*/
 
-u_int  
+u_int
 cipher_blocksize(Cipher *c)
 {
        return (c->block_size);
 }
-u_int  
+u_int
 cipher_keylen(Cipher *c)
 {
        return (c->key_len);
 }
-u_int  
+u_int
 cipher_get_number(Cipher *c)
 {
        return (c->number);
@@ -507,9 +509,47 @@ ssh_rijndael_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src,
                for (i = blocks; i > 0; i--, cnow-=RIJNDAEL_BLOCKSIZE,
                    plain-=RIJNDAEL_BLOCKSIZE) {
                        rijndael_decrypt(&c->r_ctx, cnow, plain);
+                       ivp = (i == 1) ? c->r_iv : cnow-RIJNDAEL_BLOCKSIZE;
+                       for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++)
+                               plain[j] ^= ivp[j];
+               }
+               memcpy(c->r_iv, buf, RIJNDAEL_BLOCKSIZE);
+       }
+       return (1);
+}
+static int
+ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx)
+{
+       struct ssh_rijndael_ctx *c;
+
+       if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
+               memset(c, 0, sizeof(*c));
+               xfree(c);
+               EVP_CIPHER_CTX_set_app_data(ctx, NULL);
+       }
+       return (1);
+}
+static EVP_CIPHER *
+evp_rijndael(void)
+{
+       static EVP_CIPHER rijndal_cbc;
+
+       memset(&rijndal_cbc, 0, sizeof(EVP_CIPHER));
+       rijndal_cbc.nid = NID_undef;
+       rijndal_cbc.block_size = RIJNDAEL_BLOCKSIZE;
+       rijndal_cbc.iv_len = RIJNDAEL_BLOCKSIZE;
+       rijndal_cbc.key_len = 16;
+       rijndal_cbc.init = ssh_rijndael_init;
+       rijndal_cbc.cleanup = ssh_rijndael_cleanup;
+       rijndal_cbc.do_cipher = ssh_rijndael_cbc;
+#ifndef SSH_OLD_EVP
+       rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
+           EVP_CIPH_ALWAYS_CALL_INIT;
+#endif
+       return (&rijndal_cbc);
 }
 
-/* 
+/*
  * Exports an IV from the CipherContext required to export the key
  * state back from the unprivileged child to the privileged parent
  * process.
@@ -546,7 +586,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
                        fatal("%s: wrong iv length %d != %d", __FUNCTION__,
                            evplen, len);
 
-               if (strncmp(c->name, "aes", 3) == 0) {
+               if (c->evptype == evp_rijndael) {
                        struct ssh_rijndael_ctx *aesc;
 
                        aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
@@ -591,7 +631,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
                if (evplen == 0)
                        return;
 
-               if (strncmp(c->name, "aes", 3) == 0) {
+               if (c->evptype == evp_rijndael) {
                        struct ssh_rijndael_ctx *aesc;
 
                        aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
@@ -612,7 +652,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
                memcpy(desc->k2.iv, iv + 8, 8);
                memcpy(desc->k3.iv, iv + 16, 8);
                return;
-       } 
+       }
        default:
                fatal("%s: bad cipher %d", __FUNCTION__, c->number);
        }
@@ -675,42 +715,4 @@ cipher_set_keycontext(CipherContext *cc, u_char *dat)
                plen = EVP_X_STATE_LEN(cc->evp);
                memcpy(EVP_X_STATE(cc->evp), dat, plen);
        }
-                       ivp = (i == 1) ? c->r_iv : cnow-RIJNDAEL_BLOCKSIZE;
-                       for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++)
-                               plain[j] ^= ivp[j];
-               }
-               memcpy(c->r_iv, buf, RIJNDAEL_BLOCKSIZE);
-       }
-       return (1);
-}
-static int
-ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx)
-{
-       struct ssh_rijndael_ctx *c;
-
-       if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
-               memset(c, 0, sizeof(*c));
-               xfree(c);
-               EVP_CIPHER_CTX_set_app_data(ctx, NULL);
-       }
-       return (1);
-}
-static EVP_CIPHER *
-evp_rijndael(void)
-{
-       static EVP_CIPHER rijndal_cbc;
-
-       memset(&rijndal_cbc, 0, sizeof(EVP_CIPHER));
-       rijndal_cbc.nid = NID_undef;
-       rijndal_cbc.block_size = RIJNDAEL_BLOCKSIZE;
-       rijndal_cbc.iv_len = RIJNDAEL_BLOCKSIZE;
-       rijndal_cbc.key_len = 16;
-       rijndal_cbc.init = ssh_rijndael_init;
-       rijndal_cbc.cleanup = ssh_rijndael_cleanup;
-       rijndal_cbc.do_cipher = ssh_rijndael_cbc;
-#ifndef SSH_OLD_EVP
-       rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
-           EVP_CIPH_ALWAYS_CALL_INIT;
-#endif
-       return (&rijndal_cbc);
 }
git-cvsimport mirror of OpenSSH
This page took 0.040146 seconds and 4 git commands to generate.