| version 1.17.2.1, 2000/09/01 18:23:18 |
version 1.17.2.2, 2000/11/08 21:30:35 |
|
|
| /* |
/* |
| * |
|
| * cipher.h |
|
| * |
|
| * Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
| * |
|
| * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| * All rights reserved |
* All rights reserved |
| * |
* |
| * Created: Wed Apr 19 16:50:42 1995 ylo |
* As far as I am concerned, the code I have written for this software |
| |
* can be used freely for any purpose. Any derived versions of this |
| |
* software must be clearly marked as such, and if the derived work is |
| |
* incompatible with the protocol description in the RFC file, it must be |
| |
* called by a name other than "ssh" or "Secure Shell". |
| * |
* |
| |
* Copyright (c) 2000 Markus Friedl. All rights reserved. |
| |
* |
| |
* Redistribution and use in source and binary forms, with or without |
| |
* modification, are permitted provided that the following conditions |
| |
* are met: |
| |
* 1. Redistributions of source code must retain the above copyright |
| |
* notice, this list of conditions and the following disclaimer. |
| |
* 2. Redistributions in binary form must reproduce the above copyright |
| |
* notice, this list of conditions and the following disclaimer in the |
| |
* documentation and/or other materials provided with the distribution. |
| |
* |
| |
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
| |
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| |
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
| |
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
| |
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| |
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| |
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| |
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
*/ |
| |
|
| /* RCSID("$OpenBSD$"); */ |
/* RCSID("$OpenBSD$"); */ |
|
|
| #include <openssl/blowfish.h> |
#include <openssl/blowfish.h> |
| #include <openssl/rc4.h> |
#include <openssl/rc4.h> |
| #include <openssl/cast.h> |
#include <openssl/cast.h> |
| |
#include "rijndael.h" |
| /* Cipher types. New types can be added, but old types should not be removed |
/* |
| for compatibility. The maximum allowed value is 31. */ |
* Cipher types for SSH-1. New types can be added, but old types should not |
| |
* be removed for compatibility. The maximum allowed value is 31. |
| |
*/ |
| |
#define SSH_CIPHER_SSH2 -3 |
| #define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */ |
#define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */ |
| #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
| #define SSH_CIPHER_NONE 0 /* no encryption */ |
#define SSH_CIPHER_NONE 0 /* no encryption */ |
|
|
| #define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ |
#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ |
| #define SSH_CIPHER_BLOWFISH 6 |
#define SSH_CIPHER_BLOWFISH 6 |
| #define SSH_CIPHER_RESERVED 7 |
#define SSH_CIPHER_RESERVED 7 |
| |
#define SSH_CIPHER_MAX 31 |
| |
|
| /* these ciphers are used in SSH2: */ |
typedef struct Cipher Cipher; |
| #define SSH_CIPHER_BLOWFISH_CBC 8 |
typedef struct CipherContext CipherContext; |
| #define SSH_CIPHER_3DES_CBC 9 |
|
| #define SSH_CIPHER_ARCFOUR 10 /* Alleged RC4 */ |
|
| #define SSH_CIPHER_CAST128_CBC 11 |
|
| |
|
| typedef struct { |
struct CipherContext { |
| unsigned int type; |
|
| union { |
union { |
| struct { |
struct { |
| |
des_key_schedule key; |
| |
des_cblock iv; |
| |
} des; |
| |
struct { |
| des_key_schedule key1; |
des_key_schedule key1; |
| des_key_schedule key2; |
des_key_schedule key2; |
| des_cblock iv2; |
des_cblock iv2; |
|
|
| } des3; |
} des3; |
| struct { |
struct { |
| struct bf_key_st key; |
struct bf_key_st key; |
| unsigned char iv[8]; |
u_char iv[8]; |
| } bf; |
} bf; |
| struct { |
struct { |
| CAST_KEY key; |
CAST_KEY key; |
| unsigned char iv[8]; |
u_char iv[8]; |
| } cast; |
} cast; |
| |
struct { |
| |
u4byte iv[4]; |
| |
rijndael_ctx enc; |
| |
rijndael_ctx dec; |
| |
} rijndael; |
| RC4_KEY rc4; |
RC4_KEY rc4; |
| } u; |
} u; |
| } CipherContext; |
Cipher *cipher; |
| /* |
}; |
| * Returns a bit mask indicating which ciphers are supported by this |
struct Cipher { |
| * implementation. The bit mask has the corresponding bit set of each |
char *name; |
| * supported cipher. |
int number; /* for ssh1 only */ |
| */ |
u_int block_size; |
| unsigned int cipher_mask(); |
u_int key_len; |
| unsigned int cipher_mask1(); |
void (*setkey)(CipherContext *, const u_char *, u_int); |
| unsigned int cipher_mask2(); |
void (*setiv)(CipherContext *, const u_char *, u_int); |
| |
void (*encrypt)(CipherContext *, u_char *, const u_char *, u_int); |
| |
void (*decrypt)(CipherContext *, u_char *, const u_char *, u_int); |
| |
}; |
| |
|
| /* Returns the name of the cipher. */ |
unsigned int cipher_mask_ssh1(int client); |
| const char *cipher_name(int cipher); |
Cipher *cipher_by_name(const char *name); |
| |
Cipher *cipher_by_number(int id); |
| /* |
int cipher_number(const char *name); |
| * Parses the name of the cipher. Returns the number of the corresponding |
char *cipher_name(int id); |
| * cipher, or -1 on error. |
int ciphers_valid(const char *names); |
| */ |
void cipher_init(CipherContext *, Cipher *, const u_char *, u_int, const u_char *, u_int); |
| int cipher_number(const char *name); |
void cipher_encrypt(CipherContext *context, u_char *dest, const u_char *src, u_int len); |
| |
void cipher_decrypt(CipherContext *context, u_char *dest, const u_char *src, u_int len); |
| /* returns 1 if all ciphers are supported (ssh2 only) */ |
void cipher_set_key_string(CipherContext *context, Cipher *cipher, const char *passphrase); |
| int ciphers_valid(const char *names); |
|
| |
|
| /* |
|
| * Selects the cipher to use and sets the key. If for_encryption is true, |
|
| * the key is setup for encryption; otherwise it is setup for decryption. |
|
| */ |
|
| void |
|
| cipher_set_key(CipherContext * context, int cipher, |
|
| const unsigned char *key, int keylen); |
|
| void |
|
| cipher_set_key_iv(CipherContext * context, int cipher, |
|
| const unsigned char *key, int keylen, |
|
| const unsigned char *iv, int ivlen); |
|
| |
|
| /* |
|
| * Sets key for the cipher by computing the MD5 checksum of the passphrase, |
|
| * and using the resulting 16 bytes as the key. |
|
| */ |
|
| void |
|
| cipher_set_key_string(CipherContext * context, int cipher, |
|
| const char *passphrase); |
|
| |
|
| /* Encrypts data using the cipher. */ |
|
| void |
|
| cipher_encrypt(CipherContext * context, unsigned char *dest, |
|
| const unsigned char *src, unsigned int len); |
|
| |
|
| /* Decrypts data using the cipher. */ |
|
| void |
|
| cipher_decrypt(CipherContext * context, unsigned char *dest, |
|
| const unsigned char *src, unsigned int len); |
|
| |
|
| #endif /* CIPHER_H */ |
#endif /* CIPHER_H */ |
![[BACK]](/icons/back.gif){kind=icon}
Return to cipher.h CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh