X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/d77347cc4f322168ec99e158bcb0124b379244a3..HEAD:/cipher.c diff --git a/cipher.c b/cipher.c index 075a4c5f..bb5c0ac3 100644 --- a/cipher.c +++ b/cipher.c @@ -1,3 +1,4 @@ +/* $OpenBSD: cipher.c,v 1.82 2009/01/26 09:58:15 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,33 +36,20 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.71 2004/07/28 09:40:29 markus Exp $"); -#include "xmalloc.h" -#include "log.h" -#include "cipher.h" +#include #include -#if OPENSSL_VERSION_NUMBER < 0x00906000L -#define SSH_OLD_EVP -#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) -#endif +#include +#include -#if OPENSSL_VERSION_NUMBER < 0x00907000L -extern const EVP_CIPHER *evp_rijndael(void); -extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); -#endif +#include "xmalloc.h" +#include "log.h" +#include "cipher.h" -#if !defined(EVP_CTRL_SET_ACSS_MODE) -# if (OPENSSL_VERSION_NUMBER >= 0x00907000L) -extern const EVP_CIPHER *evp_acss(void); -# define EVP_acss evp_acss -# define EVP_CTRL_SET_ACSS_MODE xxx /* used below */ -# else -# define EVP_acss NULL /* Don't try to support ACSS on older OpenSSL */ -# endif /* (OPENSSL_VERSION_NUMBER >= 0x00906000L) */ -#endif /* !defined(EVP_CTRL_SET_ACSS_MODE) */ +/* compatibility with old or broken OpenSSL versions */ +#include "openbsd-compat/openssl-compat.h" extern const EVP_CIPHER *evp_ssh1_bf(void); extern const EVP_CIPHER *evp_ssh1_3des(void); @@ -74,39 +62,33 @@ struct Cipher { int number; /* for ssh1 only */ u_int block_size; u_int key_len; + u_int discard_len; + u_int cbc_mode; const EVP_CIPHER *(*evptype)(void); } ciphers[] = { - { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, - { "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, - { "3des", SSH_CIPHER_3DES, 8, 16, evp_ssh1_3des }, - { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, evp_ssh1_bf }, - - { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc }, - { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, - { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, - { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, -#if OPENSSL_VERSION_NUMBER < 0x00907000L - { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, - { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, - { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, - { "rijndael-cbc@lysator.liu.se", - SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, -#else - { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc }, - { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc }, - { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, + { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, EVP_enc_null }, + { "des", SSH_CIPHER_DES, 8, 8, 0, 1, EVP_des_cbc }, + { "3des", SSH_CIPHER_3DES, 8, 16, 0, 1, evp_ssh1_3des }, + { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 1, evp_ssh1_bf }, + + { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 1, EVP_des_ede3_cbc }, + { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, 0, 1, EVP_bf_cbc }, + { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, 0, 1, EVP_cast5_cbc }, + { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, EVP_rc4 }, + { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 1536, 0, EVP_rc4 }, + { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 1536, 0, EVP_rc4 }, + { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, 1, EVP_aes_128_cbc }, + { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, 1, EVP_aes_192_cbc }, + { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, 1, EVP_aes_256_cbc }, { "rijndael-cbc@lysator.liu.se", - SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, -#endif -#if OPENSSL_VERSION_NUMBER >= 0x00905000L - { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr }, - { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr }, - { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr }, + SSH_CIPHER_SSH2, 16, 32, 0, 1, EVP_aes_256_cbc }, + { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, evp_aes_128_ctr }, + { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, evp_aes_128_ctr }, + { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, evp_aes_128_ctr }, +#ifdef USE_CIPHER_ACSS + { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, 0, EVP_acss }, #endif -#if defined(EVP_CTRL_SET_ACSS_MODE) - { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, EVP_acss }, -#endif - { NULL, SSH_CIPHER_INVALID, 0, 0, NULL } + { NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, NULL } }; /*--*/ @@ -129,6 +111,12 @@ cipher_get_number(const Cipher *c) return (c->number); } +u_int +cipher_is_cbc(const Cipher *c) +{ + return (c->cbc_mode); +} + u_int cipher_mask_ssh1(int client) { @@ -146,7 +134,7 @@ cipher_by_name(const char *name) { Cipher *c; for (c = ciphers; c->name != NULL; c++) - if (strcasecmp(c->name, name) == 0) + if (strcmp(c->name, name) == 0) return c; return NULL; } @@ -199,8 +187,10 @@ cipher_number(const char *name) Cipher *c; if (name == NULL) return -1; - c = cipher_by_name(name); - return (c==NULL) ? -1 : c->number; + for (c = ciphers; c->name != NULL; c++) + if (strcasecmp(c->name, name) == 0) + return c->number; + return -1; } char * @@ -220,8 +210,9 @@ cipher_init(CipherContext *cc, Cipher *cipher, EVP_CIPHER *type; #else const EVP_CIPHER *type; -#endif int klen; +#endif + u_char *junk, *discard; if (cipher->number == SSH_CIPHER_DES) { if (dowarn) { @@ -259,7 +250,7 @@ cipher_init(CipherContext *cc, Cipher *cipher, fatal("cipher_init: EVP_CipherInit failed for %s", cipher->name); klen = EVP_CIPHER_CTX_key_length(&cc->evp); - if (klen > 0 && keylen != klen) { + if (klen > 0 && keylen != (u_int)klen) { debug2("cipher_init: set keylen (%d -> %d)", klen, keylen); if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) fatal("cipher_init: set keylen failed (%d -> %d)", @@ -269,6 +260,17 @@ cipher_init(CipherContext *cc, Cipher *cipher, fatal("cipher_init: EVP_CipherInit: set key failed for %s", cipher->name); #endif + + if (cipher->discard_len > 0) { + junk = xmalloc(cipher->discard_len); + discard = xmalloc(cipher->discard_len); + if (EVP_Cipher(&cc->evp, discard, junk, + cipher->discard_len) == 0) + fatal("evp_crypt: EVP_Cipher failed during discard"); + memset(discard, 0, cipher->discard_len); + xfree(junk); + xfree(discard); + } } void @@ -276,23 +278,15 @@ cipher_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) { if (len % cc->cipher->block_size) fatal("cipher_encrypt: bad plaintext length %d", len); -#ifdef SSH_OLD_EVP - EVP_Cipher(&cc->evp, dest, (u_char *)src, len); -#else if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) fatal("evp_crypt: EVP_Cipher failed"); -#endif } void cipher_cleanup(CipherContext *cc) { -#ifdef SSH_OLD_EVP - EVP_CIPHER_CTX_cleanup(&cc->evp); -#else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); -#endif } /* @@ -347,12 +341,12 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); - if (evplen == 0) + if (evplen <= 0) return; - if (evplen != len) + if ((u_int)evplen != len) fatal("%s: wrong iv length %d != %d", __func__, evplen, len); -#if OPENSSL_VERSION_NUMBER < 0x00907000L +#ifdef USE_BUILTIN_RIJNDAEL if (c->evptype == evp_rijndael) ssh_rijndael_iv(&cc->evp, 0, iv, len); else @@ -383,7 +377,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv) evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen == 0) return; -#if OPENSSL_VERSION_NUMBER < 0x00907000L +#ifdef USE_BUILTIN_RIJNDAEL if (c->evptype == evp_rijndael) ssh_rijndael_iv(&cc->evp, 1, iv, evplen); else