version 1.55, 2002/04/03 09:26:11 |
version 1.55.2.2, 2002/10/11 14:51:52 |
|
|
#include "cipher.h" |
#include "cipher.h" |
|
|
#include <openssl/md5.h> |
#include <openssl/md5.h> |
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x00907000L |
#include "rijndael.h" |
#include "rijndael.h" |
|
static const EVP_CIPHER *evp_rijndael(void); |
|
#endif |
|
static const EVP_CIPHER *evp_ssh1_3des(void); |
|
static const EVP_CIPHER *evp_ssh1_bf(void); |
|
|
static EVP_CIPHER *evp_ssh1_3des(void); |
|
static EVP_CIPHER *evp_ssh1_bf(void); |
|
static EVP_CIPHER *evp_rijndael(void); |
|
|
|
struct Cipher { |
struct Cipher { |
char *name; |
char *name; |
int number; /* for ssh1 only */ |
int number; /* for ssh1 only */ |
u_int block_size; |
u_int block_size; |
u_int key_len; |
u_int key_len; |
EVP_CIPHER *(*evptype)(void); |
const EVP_CIPHER *(*evptype)(void); |
} ciphers[] = { |
} ciphers[] = { |
{ "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, |
{ "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, |
{ "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, |
{ "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, |
|
|
{ "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, |
{ "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, |
{ "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, |
{ "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, |
{ "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, |
{ "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, |
|
#if OPENSSL_VERSION_NUMBER < 0x00907000L |
{ "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, |
{ "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, |
{ "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, |
{ "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, |
{ "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, |
{ "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, |
{ "rijndael-cbc@lysator.liu.se", |
{ "rijndael-cbc@lysator.liu.se", |
SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, |
SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, |
|
#else |
|
{ "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc }, |
|
{ "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc }, |
|
{ "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, |
|
{ "rijndael-cbc@lysator.liu.se", |
|
SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, |
|
#endif |
|
|
{ NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } |
{ NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } |
}; |
}; |
|
|
{ |
{ |
return (c->block_size); |
return (c->block_size); |
} |
} |
|
|
u_int |
u_int |
cipher_keylen(Cipher *c) |
cipher_keylen(Cipher *c) |
{ |
{ |
return (c->key_len); |
return (c->key_len); |
} |
} |
|
|
u_int |
u_int |
cipher_get_number(Cipher *c) |
cipher_get_number(Cipher *c) |
{ |
{ |
|
|
{ |
{ |
EVP_CIPHER_CTX k1, k2, k3; |
EVP_CIPHER_CTX k1, k2, k3; |
}; |
}; |
|
|
static int |
static int |
ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, |
ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, |
int enc) |
int enc) |
|
|
} |
} |
return (1); |
return (1); |
} |
} |
|
|
static int |
static int |
ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) |
ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) |
{ |
{ |
|
|
return (0); |
return (0); |
return (1); |
return (1); |
} |
} |
|
|
static int |
static int |
ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) |
ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) |
{ |
{ |
|
|
} |
} |
return (1); |
return (1); |
} |
} |
static EVP_CIPHER * |
|
|
static const EVP_CIPHER * |
evp_ssh1_3des(void) |
evp_ssh1_3des(void) |
{ |
{ |
static EVP_CIPHER ssh1_3des; |
static EVP_CIPHER ssh1_3des; |
|
|
*dst++ = c[3]; |
*dst++ = c[3]; |
} |
} |
} |
} |
|
|
static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, const u_char *, u_int) = NULL; |
static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, const u_char *, u_int) = NULL; |
|
|
static int |
static int |
bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, u_int len) |
bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, u_int len) |
{ |
{ |
|
|
swap_bytes(out, out, len); |
swap_bytes(out, out, len); |
return (ret); |
return (ret); |
} |
} |
static EVP_CIPHER * |
|
|
static const EVP_CIPHER * |
evp_ssh1_bf(void) |
evp_ssh1_bf(void) |
{ |
{ |
static EVP_CIPHER ssh1_bf; |
static EVP_CIPHER ssh1_bf; |
|
|
return (&ssh1_bf); |
return (&ssh1_bf); |
} |
} |
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x00907000L |
/* RIJNDAEL */ |
/* RIJNDAEL */ |
#define RIJNDAEL_BLOCKSIZE 16 |
#define RIJNDAEL_BLOCKSIZE 16 |
struct ssh_rijndael_ctx |
struct ssh_rijndael_ctx |
|
|
memcpy(c->r_iv, iv, RIJNDAEL_BLOCKSIZE); |
memcpy(c->r_iv, iv, RIJNDAEL_BLOCKSIZE); |
return (1); |
return (1); |
} |
} |
|
|
static int |
static int |
ssh_rijndael_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, |
ssh_rijndael_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, |
u_int len) |
u_int len) |
|
|
} |
} |
return (1); |
return (1); |
} |
} |
|
|
static int |
static int |
ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx) |
ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx) |
{ |
{ |
|
|
} |
} |
return (1); |
return (1); |
} |
} |
static EVP_CIPHER * |
|
|
static const EVP_CIPHER * |
evp_rijndael(void) |
evp_rijndael(void) |
{ |
{ |
static EVP_CIPHER rijndal_cbc; |
static EVP_CIPHER rijndal_cbc; |
|
|
rijndal_cbc.cleanup = ssh_rijndael_cleanup; |
rijndal_cbc.cleanup = ssh_rijndael_cleanup; |
rijndal_cbc.do_cipher = ssh_rijndael_cbc; |
rijndal_cbc.do_cipher = ssh_rijndael_cbc; |
rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | |
rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | |
EVP_CIPH_ALWAYS_CALL_INIT; |
EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; |
return (&rijndal_cbc); |
return (&rijndal_cbc); |
} |
} |
|
#endif |
|
|
/* |
/* |
* Exports an IV from the CipherContext required to export the key |
* Exports an IV from the CipherContext required to export the key |
|
|
if (evplen == 0) |
if (evplen == 0) |
return; |
return; |
if (evplen != len) |
if (evplen != len) |
fatal("%s: wrong iv length %d != %d", __FUNCTION__, |
fatal("%s: wrong iv length %d != %d", __func__, |
evplen, len); |
evplen, len); |
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x00907000L |
if (c->evptype == evp_rijndael) { |
if (c->evptype == evp_rijndael) { |
struct ssh_rijndael_ctx *aesc; |
struct ssh_rijndael_ctx *aesc; |
|
|
aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
if (aesc == NULL) |
if (aesc == NULL) |
fatal("%s: no rijndael context", __FUNCTION__); |
fatal("%s: no rijndael context", __func__); |
civ = aesc->r_iv; |
civ = aesc->r_iv; |
} else { |
} else |
|
#endif |
|
{ |
civ = cc->evp.iv; |
civ = cc->evp.iv; |
} |
} |
break; |
break; |
case SSH_CIPHER_3DES: { |
case SSH_CIPHER_3DES: { |
struct ssh1_3des_ctx *desc; |
struct ssh1_3des_ctx *desc; |
if (len != 24) |
if (len != 24) |
fatal("%s: bad 3des iv length: %d", __FUNCTION__, len); |
fatal("%s: bad 3des iv length: %d", __func__, len); |
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
if (desc == NULL) |
if (desc == NULL) |
fatal("%s: no 3des context", __FUNCTION__); |
fatal("%s: no 3des context", __func__); |
debug3("%s: Copying 3DES IV", __FUNCTION__); |
debug3("%s: Copying 3DES IV", __func__); |
memcpy(iv, desc->k1.iv, 8); |
memcpy(iv, desc->k1.iv, 8); |
memcpy(iv + 8, desc->k2.iv, 8); |
memcpy(iv + 8, desc->k2.iv, 8); |
memcpy(iv + 16, desc->k3.iv, 8); |
memcpy(iv + 16, desc->k3.iv, 8); |
return; |
return; |
} |
} |
default: |
default: |
fatal("%s: bad cipher %d", __FUNCTION__, c->number); |
fatal("%s: bad cipher %d", __func__, c->number); |
} |
} |
memcpy(iv, civ, len); |
memcpy(iv, civ, len); |
} |
} |
|
|
if (evplen == 0) |
if (evplen == 0) |
return; |
return; |
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x00907000L |
if (c->evptype == evp_rijndael) { |
if (c->evptype == evp_rijndael) { |
struct ssh_rijndael_ctx *aesc; |
struct ssh_rijndael_ctx *aesc; |
|
|
aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
if (aesc == NULL) |
if (aesc == NULL) |
fatal("%s: no rijndael context", __FUNCTION__); |
fatal("%s: no rijndael context", __func__); |
div = aesc->r_iv; |
div = aesc->r_iv; |
}else { |
} else |
|
#endif |
|
{ |
div = cc->evp.iv; |
div = cc->evp.iv; |
} |
} |
break; |
break; |
|
|
struct ssh1_3des_ctx *desc; |
struct ssh1_3des_ctx *desc; |
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
if (desc == NULL) |
if (desc == NULL) |
fatal("%s: no 3des context", __FUNCTION__); |
fatal("%s: no 3des context", __func__); |
debug3("%s: Installed 3DES IV", __FUNCTION__); |
debug3("%s: Installed 3DES IV", __func__); |
memcpy(desc->k1.iv, iv, 8); |
memcpy(desc->k1.iv, iv, 8); |
memcpy(desc->k2.iv, iv + 8, 8); |
memcpy(desc->k2.iv, iv + 8, 8); |
memcpy(desc->k3.iv, iv + 16, 8); |
memcpy(desc->k3.iv, iv + 16, 8); |
return; |
return; |
} |
} |
default: |
default: |
fatal("%s: bad cipher %d", __FUNCTION__, c->number); |
fatal("%s: bad cipher %d", __func__, c->number); |
} |
} |
memcpy(div, iv, evplen); |
memcpy(div, iv, evplen); |
} |
} |
|
|
cipher_get_keycontext(CipherContext *cc, u_char *dat) |
cipher_get_keycontext(CipherContext *cc, u_char *dat) |
{ |
{ |
Cipher *c = cc->cipher; |
Cipher *c = cc->cipher; |
int plen; |
int plen = 0; |
|
|
if (c->number == SSH_CIPHER_3DES) { |
if (c->evptype == EVP_rc4) { |
struct ssh1_3des_ctx *desc; |
plen = EVP_X_STATE_LEN(cc->evp); |
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
|
if (desc == NULL) |
|
fatal("%s: no 3des context", __FUNCTION__); |
|
plen = EVP_X_STATE_LEN(desc->k1); |
|
if (dat == NULL) |
if (dat == NULL) |
return (3*plen); |
return (plen); |
memcpy(dat, EVP_X_STATE(desc->k1), plen); |
memcpy(dat, EVP_X_STATE(cc->evp), plen); |
memcpy(dat + plen, EVP_X_STATE(desc->k2), plen); |
|
memcpy(dat + 2*plen, EVP_X_STATE(desc->k3), plen); |
|
return (3*plen); |
|
} |
} |
|
|
/* Generic EVP */ |
|
plen = EVP_X_STATE_LEN(cc->evp); |
|
if (dat == NULL) |
|
return (plen); |
|
|
|
memcpy(dat, EVP_X_STATE(cc->evp), plen); |
|
return (plen); |
return (plen); |
} |
} |
|
|
|
|
Cipher *c = cc->cipher; |
Cipher *c = cc->cipher; |
int plen; |
int plen; |
|
|
if (c->number == SSH_CIPHER_3DES) { |
if (c->evptype == EVP_rc4) { |
struct ssh1_3des_ctx *desc; |
|
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); |
|
if (desc == NULL) |
|
fatal("%s: no 3des context", __FUNCTION__); |
|
plen = EVP_X_STATE_LEN(desc->k1); |
|
memcpy(EVP_X_STATE(desc->k1), dat, plen); |
|
memcpy(EVP_X_STATE(desc->k2), dat + plen, plen); |
|
memcpy(EVP_X_STATE(desc->k3), dat + 2*plen, plen); |
|
} else { |
|
plen = EVP_X_STATE_LEN(cc->evp); |
plen = EVP_X_STATE_LEN(cc->evp); |
memcpy(EVP_X_STATE(cc->evp), dat, plen); |
memcpy(EVP_X_STATE(cc->evp), dat, plen); |
} |
} |