=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/cipher.c,v retrieving revision 1.37 retrieving revision 1.37.2.4 diff -u -r1.37 -r1.37.2.4 --- src/usr.bin/ssh/cipher.c 2000/10/23 19:31:54 1.37 +++ src/usr.bin/ssh/cipher.c 2001/05/07 21:09:28 1.37.2.4 @@ -35,10 +35,11 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.37 2000/10/23 19:31:54 markus Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.37.2.4 2001/05/07 21:09:28 jason Exp $"); -#include "ssh.h" #include "xmalloc.h" +#include "log.h" +#include "cipher.h" #include @@ -154,14 +155,9 @@ memcpy(&iv1, iv2, 8); - des_cbc_encrypt(src, dest, len, cc->u.des3.key1, &iv1, DES_ENCRYPT); - memcpy(&iv1, dest + len - 8, 8); - - des_cbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_DECRYPT); - memcpy(iv2, &iv1, 8); /* Note how iv1 == iv2 on entry and exit. */ - - des_cbc_encrypt(dest, dest, len, cc->u.des3.key3, iv3, DES_ENCRYPT); - memcpy(iv3, dest + len - 8, 8); + des_ncbc_encrypt(src, dest, len, cc->u.des3.key1, &iv1, DES_ENCRYPT); + des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_DECRYPT); + des_ncbc_encrypt(dest, dest, len, cc->u.des3.key3, iv3, DES_ENCRYPT); } void des3_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src, @@ -173,22 +169,16 @@ memcpy(&iv1, iv2, 8); - des_cbc_encrypt(src, dest, len, cc->u.des3.key3, iv3, DES_DECRYPT); - memcpy(iv3, src + len - 8, 8); - - des_cbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_ENCRYPT); - memcpy(iv2, dest + len - 8, 8); - - des_cbc_encrypt(dest, dest, len, cc->u.des3.key1, &iv1, DES_DECRYPT); - /* memcpy(&iv1, iv2, 8); */ - /* Note how iv1 == iv2 on entry and exit. */ + des_ncbc_encrypt(src, dest, len, cc->u.des3.key3, iv3, DES_DECRYPT); + des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_ENCRYPT); + des_ncbc_encrypt(dest, dest, len, cc->u.des3.key1, &iv1, DES_DECRYPT); } /* Blowfish */ void blowfish_setkey(CipherContext *cc, const u_char *key, u_int keylen) { - BF_set_key(&cc->u.bf.key, keylen, (unsigned char *)key); + BF_set_key(&cc->u.bf.key, keylen, (u_char *)key); } void blowfish_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) @@ -218,7 +208,7 @@ * and after encryption/decryption. Thus the swap_bytes stuff (yuk). */ static void -swap_bytes(const unsigned char *src, unsigned char *dst, int n) +swap_bytes(const u_char *src, u_char *dst, int n) { char c[4]; @@ -271,12 +261,12 @@ void cast_setkey(CipherContext *cc, const u_char *key, u_int keylen) { - CAST_set_key(&cc->u.cast.key, keylen, (unsigned char *) key); + CAST_set_key(&cc->u.cast.key, keylen, (u_char *) key); } void cast_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) { - if (iv == NULL) + if (iv == NULL) fatal("no IV for %s.", cc->cipher->name); memcpy(cc->u.cast.iv, (char *)iv, 8); } @@ -305,7 +295,7 @@ void rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) { - if (iv == NULL) + if (iv == NULL) fatal("no IV for %s.", cc->cipher->name); memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); } @@ -425,15 +415,15 @@ SSH_CIPHER_SSH2, 16, 32, rijndael_setkey, rijndael_setiv, rijndael_cbc_encrypt, rijndael_cbc_decrypt }, - { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL, NULL, NULL, NULL } + { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL, NULL, NULL, NULL } }; /*--*/ -unsigned int +u_int cipher_mask_ssh1(int client) { - unsigned int mask = 0; + u_int mask = 0; mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ mask |= 1 << SSH_CIPHER_BLOWFISH; if (client) { @@ -552,7 +542,7 @@ const char *passphrase) { MD5_CTX md; - unsigned char digest[16]; + u_char digest[16]; MD5_Init(&md); MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase));