version 1.73, 2005/01/23 10:18:12 |
version 1.74, 2005/05/23 23:32:46 |
|
|
int number; /* for ssh1 only */ |
int number; /* for ssh1 only */ |
u_int block_size; |
u_int block_size; |
u_int key_len; |
u_int key_len; |
|
u_int discard_len; |
const EVP_CIPHER *(*evptype)(void); |
const EVP_CIPHER *(*evptype)(void); |
} ciphers[] = { |
} ciphers[] = { |
{ "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, |
{ "none", SSH_CIPHER_NONE, 8, 0, 0, EVP_enc_null }, |
{ "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, |
{ "des", SSH_CIPHER_DES, 8, 8, 0, EVP_des_cbc }, |
{ "3des", SSH_CIPHER_3DES, 8, 16, evp_ssh1_3des }, |
{ "3des", SSH_CIPHER_3DES, 8, 16, 0, evp_ssh1_3des }, |
{ "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, evp_ssh1_bf }, |
{ "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, evp_ssh1_bf }, |
|
|
{ "3des-cbc", SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc }, |
{ "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, EVP_des_ede3_cbc }, |
{ "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, |
{ "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, 0, EVP_bf_cbc }, |
{ "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, |
{ "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, 0, EVP_cast5_cbc }, |
{ "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, |
{ "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 }, |
{ "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc }, |
{ "arcfour128", SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 }, |
{ "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc }, |
{ "arcfour256", SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 }, |
{ "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, |
{ "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_aes_128_cbc }, |
|
{ "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_aes_192_cbc }, |
|
{ "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, |
{ "rijndael-cbc@lysator.liu.se", |
{ "rijndael-cbc@lysator.liu.se", |
SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, |
SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, |
{ "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr }, |
{ "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, evp_aes_128_ctr }, |
{ "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr }, |
{ "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, evp_aes_128_ctr }, |
{ "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr }, |
{ "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, evp_aes_128_ctr }, |
{ "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, EVP_acss }, |
{ "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss }, |
|
|
{ NULL, SSH_CIPHER_INVALID, 0, 0, NULL } |
{ NULL, SSH_CIPHER_INVALID, 0, 0, NULL } |
}; |
}; |
|
|
static int dowarn = 1; |
static int dowarn = 1; |
const EVP_CIPHER *type; |
const EVP_CIPHER *type; |
int klen; |
int klen; |
|
u_char *junk, *discard; |
|
|
if (cipher->number == SSH_CIPHER_DES) { |
if (cipher->number == SSH_CIPHER_DES) { |
if (dowarn) { |
if (dowarn) { |
|
|
if (EVP_CipherInit(&cc->evp, NULL, (u_char *)key, NULL, -1) == 0) |
if (EVP_CipherInit(&cc->evp, NULL, (u_char *)key, NULL, -1) == 0) |
fatal("cipher_init: EVP_CipherInit: set key failed for %s", |
fatal("cipher_init: EVP_CipherInit: set key failed for %s", |
cipher->name); |
cipher->name); |
|
|
|
if (cipher->discard_len > 0) { |
|
junk = xmalloc(cipher->discard_len); |
|
discard = xmalloc(cipher->discard_len); |
|
if (EVP_Cipher(&cc->evp, discard, junk, |
|
cipher->discard_len) == 0) |
|
fatal("evp_crypt: EVP_Cipher failed during discard"); |
|
memset(discard, 0, cipher->discard_len); |
|
xfree(junk); |
|
xfree(discard); |
|
} |
} |
} |
|
|
void |
void |