version 1.1, 1999/09/26 20:53:34 |
version 1.2, 1999/09/26 21:02:15 |
|
|
cipher_attack_detected("CRC-32 CBC insertion attack detected"); |
cipher_attack_detected("CRC-32 CBC insertion attack detected"); |
} |
} |
|
|
#ifdef WITH_IDEA |
|
static inline |
|
void |
|
detect_cfb_attack(const unsigned char *src, |
|
unsigned int len, |
|
const unsigned char iv[8]) |
|
{ |
|
return; |
|
|
|
log("CRC-32 CFB insertion attack detected"); |
|
cipher_attack_detected("CRC-32 CFB insertion attack detected"); |
|
} |
|
#endif /* WITH_IDEA */ |
|
|
|
/* Names of all encryption algorithms. These must match the numbers defined |
/* Names of all encryption algorithms. These must match the numbers defined |
int cipher.h. */ |
int cipher.h. */ |
static char *cipher_names[] = |
static char *cipher_names[] = |
{ "none", |
{ "none", |
#ifdef WITH_IDEA |
|
"idea", |
|
#else |
|
"no idea", |
"no idea", |
#endif |
|
#ifdef WITH_DES |
#ifdef WITH_DES |
"des", |
"des", |
#else |
#else |
|
|
{ |
{ |
unsigned int mask = 0; |
unsigned int mask = 0; |
mask |= 1 << SSH_CIPHER_NONE; |
mask |= 1 << SSH_CIPHER_NONE; |
#ifdef WITH_IDEA |
|
mask |= 1 << SSH_CIPHER_IDEA; |
|
#endif /* WITH_IDEA */ |
|
#ifdef WITH_DES |
#ifdef WITH_DES |
mask |= 1 << SSH_CIPHER_DES; |
mask |= 1 << SSH_CIPHER_DES; |
#endif |
#endif |
|
|
case SSH_CIPHER_NONE: |
case SSH_CIPHER_NONE: |
break; |
break; |
|
|
#ifdef WITH_IDEA |
|
case SSH_CIPHER_IDEA: |
|
if (keylen < 16) |
|
error("Key length %d is insufficient for IDEA.", keylen); |
|
idea_set_key(&context->u.idea.key, padded); |
|
memset(context->u.idea.iv, 0, sizeof(context->u.idea.iv)); |
|
break; |
|
#endif /* WITH_IDEA */ |
|
|
|
#ifdef WITH_DES |
#ifdef WITH_DES |
case SSH_CIPHER_DES: |
case SSH_CIPHER_DES: |
/* Note: the least significant bit of each byte of key is parity, |
/* Note: the least significant bit of each byte of key is parity, |
|
|
memcpy(dest, src, len); |
memcpy(dest, src, len); |
break; |
break; |
|
|
#ifdef WITH_IDEA |
|
case SSH_CIPHER_IDEA: |
|
idea_cfb_encrypt(&context->u.idea.key, context->u.idea.iv, |
|
dest, src, len); |
|
break; |
|
#endif /* WITH_IDEA */ |
|
|
|
#ifdef WITH_DES |
#ifdef WITH_DES |
case SSH_CIPHER_DES: |
case SSH_CIPHER_DES: |
des_cbc_encrypt((void*)src, (void*)dest, len, |
des_cbc_encrypt((void*)src, (void*)dest, len, |
|
|
case SSH_CIPHER_NONE: |
case SSH_CIPHER_NONE: |
memcpy(dest, src, len); |
memcpy(dest, src, len); |
break; |
break; |
|
|
#ifdef WITH_IDEA |
|
case SSH_CIPHER_IDEA: |
|
detect_cfb_attack(src, len, context->u.idea.iv); |
|
idea_cfb_decrypt(&context->u.idea.key, context->u.idea.iv, |
|
dest, src, len); |
|
break; |
|
#endif /* WITH_IDEA */ |
|
|
|
#ifdef WITH_DES |
#ifdef WITH_DES |
case SSH_CIPHER_DES: |
case SSH_CIPHER_DES: |