diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-06 20:50:07 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-06 20:50:07 +0000 |
| commit | f088f4374a04f9abd1dc91cb387f75e3bf0c5c56 (patch) | |
| tree | 24a5a9bfe8c0d2714f1d62e51d30a81aa8384444 /cipher.c | |
| parent | a26ea63f8acd883603de9f780f1ff05775e51f78 (diff) | |
| download | openssh-git-f088f4374a04f9abd1dc91cb387f75e3bf0c5c56.tar.gz | |
- markus@cvs.openbsd.org 2002/05/30 08:07:31
[cipher.c]
use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of
our own implementation. allow use of AES hardware via libcrypto,
ok deraadt@
Diffstat (limited to 'cipher.c')
| -rw-r--r-- | cipher.c | 28 |
1 files changed, 23 insertions, 5 deletions
@@ -35,23 +35,25 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.56 2002/05/16 22:02:50 markus Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.57 2002/05/30 08:07:31 markus Exp $"); #include "xmalloc.h" #include "log.h" #include "cipher.h" #include <openssl/md5.h> -#include "rijndael.h" #if OPENSSL_VERSION_NUMBER < 0x00906000L #define SSH_OLD_EVP #define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) #endif +#if OPENSSL_VERSION_NUMBER < 0x00907000L +#include "rijndael.h" +static const EVP_CIPHER *evp_rijndael(void); +#endif static const EVP_CIPHER *evp_ssh1_3des(void); static const EVP_CIPHER *evp_ssh1_bf(void); -static const EVP_CIPHER *evp_rijndael(void); struct Cipher { char *name; @@ -69,11 +71,19 @@ struct Cipher { { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, +#if OPENSSL_VERSION_NUMBER < 0x00907000L { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, { "rijndael-cbc@lysator.liu.se", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, +#else + { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc }, + { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc }, + { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, + { "rijndael-cbc@lysator.liu.se", + SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, +#endif { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } }; @@ -444,6 +454,7 @@ evp_ssh1_bf(void) return (&ssh1_bf); } +#if OPENSSL_VERSION_NUMBER < 0x00907000L /* RIJNDAEL */ #define RIJNDAEL_BLOCKSIZE 16 struct ssh_rijndael_ctx @@ -548,6 +559,7 @@ evp_rijndael(void) #endif return (&rijndal_cbc); } +#endif /* * Exports an IV from the CipherContext required to export the key @@ -586,6 +598,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) fatal("%s: wrong iv length %d != %d", __FUNCTION__, evplen, len); +#if OPENSSL_VERSION_NUMBER < 0x00907000L if (c->evptype == evp_rijndael) { struct ssh_rijndael_ctx *aesc; @@ -593,7 +606,9 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) if (aesc == NULL) fatal("%s: no rijndael context", __FUNCTION__); civ = aesc->r_iv; - } else { + } else +#endif + { civ = cc->evp.iv; } break; @@ -631,6 +646,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv) if (evplen == 0) return; +#if OPENSSL_VERSION_NUMBER < 0x00907000L if (c->evptype == evp_rijndael) { struct ssh_rijndael_ctx *aesc; @@ -638,7 +654,9 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv) if (aesc == NULL) fatal("%s: no rijndael context", __FUNCTION__); div = aesc->r_iv; - }else { + } else +#endif + { div = cc->evp.iv; } break; |