=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/cipher.c,v retrieving revision 1.55 retrieving revision 1.55.2.3 diff -u -r1.55 -r1.55.2.3 --- src/usr.bin/ssh/cipher.c 2002/04/03 09:26:11 1.55 +++ src/usr.bin/ssh/cipher.c 2003/04/03 22:35:17 1.55.2.3 @@ -35,25 +35,27 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.55 2002/04/03 09:26:11 markus Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.55.2.3 2003/04/03 22:35:17 miod Exp $"); #include "xmalloc.h" #include "log.h" #include "cipher.h" #include + +#if OPENSSL_VERSION_NUMBER < 0x00907000L #include "rijndael.h" +static const EVP_CIPHER *evp_rijndael(void); +#endif +static const EVP_CIPHER *evp_ssh1_3des(void); +static const EVP_CIPHER *evp_ssh1_bf(void); -static EVP_CIPHER *evp_ssh1_3des(void); -static EVP_CIPHER *evp_ssh1_bf(void); -static EVP_CIPHER *evp_rijndael(void); - struct Cipher { char *name; int number; /* for ssh1 only */ u_int block_size; u_int key_len; - EVP_CIPHER *(*evptype)(void); + const EVP_CIPHER *(*evptype)(void); } ciphers[] = { { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, { "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, @@ -64,11 +66,19 @@ { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, +#if OPENSSL_VERSION_NUMBER < 0x00907000L { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, { "rijndael-cbc@lysator.liu.se", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, +#else + { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc }, + { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc }, + { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, + { "rijndael-cbc@lysator.liu.se", + SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, +#endif { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } }; @@ -80,11 +90,13 @@ { return (c->block_size); } + u_int cipher_keylen(Cipher *c) { return (c->key_len); } + u_int cipher_get_number(Cipher *c) { @@ -209,7 +221,7 @@ cipher->name); klen = EVP_CIPHER_CTX_key_length(&cc->evp); if (klen > 0 && keylen != klen) { - debug("cipher_init: set keylen (%d -> %d)", klen, keylen); + debug2("cipher_init: set keylen (%d -> %d)", klen, keylen); if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) fatal("cipher_init: set keylen failed (%d -> %d)", klen, keylen); @@ -277,6 +289,7 @@ { EVP_CIPHER_CTX k1, k2, k3; }; + static int ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, int enc) @@ -313,6 +326,7 @@ } return (1); } + static int ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) { @@ -328,6 +342,7 @@ return (0); return (1); } + static int ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) { @@ -340,7 +355,8 @@ } return (1); } -static EVP_CIPHER * + +static const EVP_CIPHER * evp_ssh1_3des(void) { static EVP_CIPHER ssh1_3des; @@ -379,7 +395,9 @@ *dst++ = c[3]; } } + static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, const u_char *, u_int) = NULL; + static int bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, u_int len) { @@ -390,7 +408,8 @@ swap_bytes(out, out, len); return (ret); } -static EVP_CIPHER * + +static const EVP_CIPHER * evp_ssh1_bf(void) { static EVP_CIPHER ssh1_bf; @@ -403,6 +422,7 @@ return (&ssh1_bf); } +#if OPENSSL_VERSION_NUMBER < 0x00907000L /* RIJNDAEL */ #define RIJNDAEL_BLOCKSIZE 16 struct ssh_rijndael_ctx @@ -431,6 +451,7 @@ memcpy(c->r_iv, iv, RIJNDAEL_BLOCKSIZE); return (1); } + static int ssh_rijndael_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) @@ -476,6 +497,7 @@ } return (1); } + static int ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx) { @@ -488,7 +510,8 @@ } return (1); } -static EVP_CIPHER * + +static const EVP_CIPHER * evp_rijndael(void) { static EVP_CIPHER rijndal_cbc; @@ -502,9 +525,10 @@ rijndal_cbc.cleanup = ssh_rijndael_cleanup; rijndal_cbc.do_cipher = ssh_rijndael_cbc; rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | - EVP_CIPH_ALWAYS_CALL_INIT; + EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; return (&rijndal_cbc); } +#endif /* * Exports an IV from the CipherContext required to export the key @@ -540,35 +564,38 @@ if (evplen == 0) return; if (evplen != len) - fatal("%s: wrong iv length %d != %d", __FUNCTION__, + fatal("%s: wrong iv length %d != %d", __func__, evplen, len); +#if OPENSSL_VERSION_NUMBER < 0x00907000L if (c->evptype == evp_rijndael) { struct ssh_rijndael_ctx *aesc; aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp); if (aesc == NULL) - fatal("%s: no rijndael context", __FUNCTION__); + fatal("%s: no rijndael context", __func__); civ = aesc->r_iv; - } else { + } else +#endif + { civ = cc->evp.iv; } break; case SSH_CIPHER_3DES: { struct ssh1_3des_ctx *desc; if (len != 24) - fatal("%s: bad 3des iv length: %d", __FUNCTION__, len); + fatal("%s: bad 3des iv length: %d", __func__, len); desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); if (desc == NULL) - fatal("%s: no 3des context", __FUNCTION__); - debug3("%s: Copying 3DES IV", __FUNCTION__); + fatal("%s: no 3des context", __func__); + debug3("%s: Copying 3DES IV", __func__); memcpy(iv, desc->k1.iv, 8); memcpy(iv + 8, desc->k2.iv, 8); memcpy(iv + 16, desc->k3.iv, 8); return; } default: - fatal("%s: bad cipher %d", __FUNCTION__, c->number); + fatal("%s: bad cipher %d", __func__, c->number); } memcpy(iv, civ, len); } @@ -588,14 +615,17 @@ if (evplen == 0) return; +#if OPENSSL_VERSION_NUMBER < 0x00907000L if (c->evptype == evp_rijndael) { struct ssh_rijndael_ctx *aesc; aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp); if (aesc == NULL) - fatal("%s: no rijndael context", __FUNCTION__); + fatal("%s: no rijndael context", __func__); div = aesc->r_iv; - }else { + } else +#endif + { div = cc->evp.iv; } break; @@ -603,15 +633,15 @@ struct ssh1_3des_ctx *desc; desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); if (desc == NULL) - fatal("%s: no 3des context", __FUNCTION__); - debug3("%s: Installed 3DES IV", __FUNCTION__); + fatal("%s: no 3des context", __func__); + debug3("%s: Installed 3DES IV", __func__); memcpy(desc->k1.iv, iv, 8); memcpy(desc->k2.iv, iv + 8, 8); memcpy(desc->k3.iv, iv + 16, 8); return; } default: - fatal("%s: bad cipher %d", __FUNCTION__, c->number); + fatal("%s: bad cipher %d", __func__, c->number); } memcpy(div, iv, evplen); } @@ -628,28 +658,14 @@ cipher_get_keycontext(CipherContext *cc, u_char *dat) { Cipher *c = cc->cipher; - int plen; + int plen = 0; - if (c->number == SSH_CIPHER_3DES) { - struct ssh1_3des_ctx *desc; - desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); - if (desc == NULL) - fatal("%s: no 3des context", __FUNCTION__); - plen = EVP_X_STATE_LEN(desc->k1); + if (c->evptype == EVP_rc4) { + plen = EVP_X_STATE_LEN(cc->evp); if (dat == NULL) - return (3*plen); - memcpy(dat, EVP_X_STATE(desc->k1), plen); - memcpy(dat + plen, EVP_X_STATE(desc->k2), plen); - memcpy(dat + 2*plen, EVP_X_STATE(desc->k3), plen); - return (3*plen); + return (plen); + memcpy(dat, EVP_X_STATE(cc->evp), plen); } - - /* Generic EVP */ - plen = EVP_X_STATE_LEN(cc->evp); - if (dat == NULL) - return (plen); - - memcpy(dat, EVP_X_STATE(cc->evp), plen); return (plen); } @@ -659,16 +675,7 @@ Cipher *c = cc->cipher; int plen; - if (c->number == SSH_CIPHER_3DES) { - struct ssh1_3des_ctx *desc; - desc = EVP_CIPHER_CTX_get_app_data(&cc->evp); - if (desc == NULL) - fatal("%s: no 3des context", __FUNCTION__); - plen = EVP_X_STATE_LEN(desc->k1); - memcpy(EVP_X_STATE(desc->k1), dat, plen); - memcpy(EVP_X_STATE(desc->k2), dat + plen, plen); - memcpy(EVP_X_STATE(desc->k3), dat + 2*plen, plen); - } else { + if (c->evptype == EVP_rc4) { plen = EVP_X_STATE_LEN(cc->evp); memcpy(EVP_X_STATE(cc->evp), dat, plen); }