| version 1.17.2.4, 2001/03/21 18:52:41 |
version 1.18, 2000/06/20 01:39:40 |
|
|
| /* |
/* |
| |
* |
| |
* cipher.h |
| |
* |
| * Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
| |
* |
| * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| * All rights reserved |
* All rights reserved |
| * |
* |
| * As far as I am concerned, the code I have written for this software |
* Created: Wed Apr 19 16:50:42 1995 ylo |
| * can be used freely for any purpose. Any derived versions of this |
|
| * software must be clearly marked as such, and if the derived work is |
|
| * incompatible with the protocol description in the RFC file, it must be |
|
| * called by a name other than "ssh" or "Secure Shell". |
|
| * |
* |
| * Copyright (c) 2000 Markus Friedl. All rights reserved. |
|
| * |
|
| * Redistribution and use in source and binary forms, with or without |
|
| * modification, are permitted provided that the following conditions |
|
| * are met: |
|
| * 1. Redistributions of source code must retain the above copyright |
|
| * notice, this list of conditions and the following disclaimer. |
|
| * 2. Redistributions in binary form must reproduce the above copyright |
|
| * notice, this list of conditions and the following disclaimer in the |
|
| * documentation and/or other materials provided with the distribution. |
|
| * |
|
| * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
|
| * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
|
| * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
|
| * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
|
| * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
| * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
|
| * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
|
| * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
|
| * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
|
| * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
| */ |
*/ |
| |
|
| /* RCSID("$OpenBSD$"); */ |
/* RCSID("$OpenBSD$"); */ |
|
|
| #include <openssl/blowfish.h> |
#include <openssl/blowfish.h> |
| #include <openssl/rc4.h> |
#include <openssl/rc4.h> |
| #include <openssl/cast.h> |
#include <openssl/cast.h> |
| #include "rijndael.h" |
|
| /* |
/* Cipher types. New types can be added, but old types should not be removed |
| * Cipher types for SSH-1. New types can be added, but old types should not |
for compatibility. The maximum allowed value is 31. */ |
| * be removed for compatibility. The maximum allowed value is 31. |
|
| */ |
|
| #define SSH_CIPHER_SSH2 -3 |
|
| #define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */ |
#define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */ |
| #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
| #define SSH_CIPHER_NONE 0 /* no encryption */ |
#define SSH_CIPHER_NONE 0 /* no encryption */ |
|
|
| #define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ |
#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ |
| #define SSH_CIPHER_BLOWFISH 6 |
#define SSH_CIPHER_BLOWFISH 6 |
| #define SSH_CIPHER_RESERVED 7 |
#define SSH_CIPHER_RESERVED 7 |
| #define SSH_CIPHER_MAX 31 |
|
| |
|
| typedef struct Cipher Cipher; |
/* these ciphers are used in SSH2: */ |
| typedef struct CipherContext CipherContext; |
#define SSH_CIPHER_BLOWFISH_CBC 8 |
| |
#define SSH_CIPHER_3DES_CBC 9 |
| |
#define SSH_CIPHER_ARCFOUR 10 /* Alleged RC4 */ |
| |
#define SSH_CIPHER_CAST128_CBC 11 |
| |
|
| struct CipherContext { |
typedef struct { |
| |
unsigned int type; |
| union { |
union { |
| struct { |
struct { |
| des_key_schedule key; |
|
| des_cblock iv; |
|
| } des; |
|
| struct { |
|
| des_key_schedule key1; |
des_key_schedule key1; |
| des_key_schedule key2; |
des_key_schedule key2; |
| des_cblock iv2; |
des_cblock iv2; |
|
|
| } des3; |
} des3; |
| struct { |
struct { |
| struct bf_key_st key; |
struct bf_key_st key; |
| u_char iv[8]; |
unsigned char iv[8]; |
| } bf; |
} bf; |
| struct { |
struct { |
| CAST_KEY key; |
CAST_KEY key; |
| u_char iv[8]; |
unsigned char iv[8]; |
| } cast; |
} cast; |
| struct { |
|
| u4byte iv[4]; |
|
| rijndael_ctx enc; |
|
| rijndael_ctx dec; |
|
| } rijndael; |
|
| RC4_KEY rc4; |
RC4_KEY rc4; |
| } u; |
} u; |
| Cipher *cipher; |
} CipherContext; |
| }; |
/* |
| struct Cipher { |
* Returns a bit mask indicating which ciphers are supported by this |
| char *name; |
* implementation. The bit mask has the corresponding bit set of each |
| int number; /* for ssh1 only */ |
* supported cipher. |
| u_int block_size; |
*/ |
| u_int key_len; |
unsigned int cipher_mask(); |
| void (*setkey)(CipherContext *, const u_char *, u_int); |
unsigned int cipher_mask1(); |
| void (*setiv)(CipherContext *, const u_char *, u_int); |
unsigned int cipher_mask2(); |
| void (*encrypt)(CipherContext *, u_char *, const u_char *, u_int); |
|
| void (*decrypt)(CipherContext *, u_char *, const u_char *, u_int); |
|
| }; |
|
| |
|
| u_int cipher_mask_ssh1(int client); |
/* Returns the name of the cipher. */ |
| Cipher *cipher_by_name(const char *name); |
const char *cipher_name(int cipher); |
| Cipher *cipher_by_number(int id); |
|
| int cipher_number(const char *name); |
/* |
| char *cipher_name(int id); |
* Parses the name of the cipher. Returns the number of the corresponding |
| int ciphers_valid(const char *names); |
* cipher, or -1 on error. |
| void cipher_init(CipherContext *, Cipher *, const u_char *, u_int, const u_char *, u_int); |
*/ |
| void cipher_encrypt(CipherContext *context, u_char *dest, const u_char *src, u_int len); |
int cipher_number(const char *name); |
| void cipher_decrypt(CipherContext *context, u_char *dest, const u_char *src, u_int len); |
|
| void cipher_set_key_string(CipherContext *context, Cipher *cipher, const char *passphrase); |
/* returns 1 if all ciphers are supported (ssh2 only) */ |
| |
int ciphers_valid(const char *names); |
| |
|
| |
/* |
| |
* Selects the cipher to use and sets the key. If for_encryption is true, |
| |
* the key is setup for encryption; otherwise it is setup for decryption. |
| |
*/ |
| |
void |
| |
cipher_set_key(CipherContext * context, int cipher, |
| |
const unsigned char *key, int keylen); |
| |
void |
| |
cipher_set_key_iv(CipherContext * context, int cipher, |
| |
const unsigned char *key, int keylen, |
| |
const unsigned char *iv, int ivlen); |
| |
|
| |
/* |
| |
* Sets key for the cipher by computing the MD5 checksum of the passphrase, |
| |
* and using the resulting 16 bytes as the key. |
| |
*/ |
| |
void |
| |
cipher_set_key_string(CipherContext * context, int cipher, |
| |
const char *passphrase); |
| |
|
| |
/* Encrypts data using the cipher. */ |
| |
void |
| |
cipher_encrypt(CipherContext * context, unsigned char *dest, |
| |
const unsigned char *src, unsigned int len); |
| |
|
| |
/* Decrypts data using the cipher. */ |
| |
void |
| |
cipher_decrypt(CipherContext * context, unsigned char *dest, |
| |
const unsigned char *src, unsigned int len); |
| |
|
| #endif /* CIPHER_H */ |
#endif /* CIPHER_H */ |
![[BACK]](/icons/back.gif){kind=icon}
Return to cipher.h CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh