|
Packit Service |
31306d |
/*
|
|
Packit Service |
31306d |
* This file is part of the SSH Library
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* Copyright (c) 2009 by Aris Adamantiadis
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* The SSH Library is free software; you can redistribute it and/or modify
|
|
Packit Service |
31306d |
* it under the terms of the GNU Lesser General Public License as published by
|
|
Packit Service |
31306d |
* the Free Software Foundation; either version 2.1 of the License, or (at your
|
|
Packit Service |
31306d |
* option) any later version.
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* The SSH Library is distributed in the hope that it will be useful, but
|
|
Packit Service |
31306d |
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
Packit Service |
31306d |
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
|
|
Packit Service |
31306d |
* License for more details.
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* You should have received a copy of the GNU Lesser General Public License
|
|
Packit Service |
31306d |
* along with the SSH Library; see the file COPYING. If not, write to
|
|
Packit Service |
31306d |
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
|
|
Packit Service |
31306d |
* MA 02111-1307, USA.
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#include "config.h"
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#include <stdlib.h>
|
|
Packit Service |
31306d |
#include <stdio.h>
|
|
Packit Service |
31306d |
#include <string.h>
|
|
Packit Service |
31306d |
#ifdef HAVE_SYS_TIME_H
|
|
Packit Service |
31306d |
#include <sys/time.h>
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#include "libssh/priv.h"
|
|
Packit Service |
31306d |
#include "libssh/session.h"
|
|
Packit Service |
31306d |
#include "libssh/crypto.h"
|
|
Packit Service |
31306d |
#include "libssh/wrapper.h"
|
|
Packit Service |
31306d |
#include "libssh/libcrypto.h"
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifdef HAVE_LIBCRYPTO
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#include <openssl/sha.h>
|
|
Packit Service |
31306d |
#include <openssl/md5.h>
|
|
Packit Service |
31306d |
#include <openssl/dsa.h>
|
|
Packit Service |
31306d |
#include <openssl/rsa.h>
|
|
Packit Service |
31306d |
#include <openssl/hmac.h>
|
|
Packit Service |
31306d |
#include <openssl/opensslv.h>
|
|
Packit Service |
31306d |
#include <openssl/rand.h>
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#include "libcrypto-compat.h"
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_AES_H
|
|
Packit Service |
31306d |
#define HAS_AES
|
|
Packit Service |
31306d |
#include <openssl/aes.h>
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_DES_H
|
|
Packit Service |
31306d |
#define HAS_DES
|
|
Packit Service |
31306d |
#include <openssl/des.h>
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#if (defined(HAVE_VALGRIND_VALGRIND_H) && defined(HAVE_OPENSSL_IA32CAP_LOC))
|
|
Packit Service |
31306d |
#include <valgrind/valgrind.h>
|
|
Packit Service |
31306d |
#define CAN_DISABLE_AESNI
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#include "libssh/crypto.h"
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID
|
|
Packit Service |
31306d |
#include <openssl/kdf.h>
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT
|
|
Packit Service |
31306d |
#include <openssl/modes.h>
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#include "libssh/crypto.h"
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static int libcrypto_initialized = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void ssh_reseed(void){
|
|
Packit Service |
31306d |
#ifndef _WIN32
|
|
Packit Service |
31306d |
struct timeval tv;
|
|
Packit Service |
31306d |
gettimeofday(&tv, NULL);
|
|
Packit Service |
31306d |
RAND_add(&tv, sizeof(tv), 0.0);
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/**
|
|
Packit Service |
31306d |
* @brief Get random bytes
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* Make sure to always check the return code of this function!
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* @param[in] where The buffer to fill with random bytes
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* @param[in] len The size of the buffer to fill.
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* @param[in] strong Use a strong or private RNG source.
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* @return 1 on success, 0 on error.
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
int ssh_get_random(void *where, int len, int strong)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_RAND_PRIV_BYTES
|
|
Packit Service |
31306d |
if (strong) {
|
|
Packit Service |
31306d |
/* Returns -1 when not supported, 0 on error, 1 on success */
|
|
Packit Service |
31306d |
return !!RAND_priv_bytes(where, len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
#else
|
|
Packit Service |
31306d |
(void)strong;
|
|
Packit Service |
31306d |
#endif /* HAVE_RAND_PRIV_BYTES */
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* Returns -1 when not supported, 0 on error, 1 on success */
|
|
Packit Service |
31306d |
return !!RAND_bytes(where, len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
SHACTX sha1_init(void)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
SHACTX c = EVP_MD_CTX_create();
|
|
Packit Service |
31306d |
if (c == NULL) {
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
EVP_MD_CTX_init(c);
|
|
Packit Service |
31306d |
rc = EVP_DigestInit_ex(c, EVP_sha1(), NULL);
|
|
Packit Service |
31306d |
if (rc == 0) {
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
c = NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return c;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha1_update(SHACTX c, const void *data, unsigned long len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
EVP_DigestUpdate(c, data, len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha1_final(unsigned char *md, SHACTX c)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
unsigned int mdlen = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVP_DigestFinal(c, md, &mdlen);
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha1(const unsigned char *digest, int len, unsigned char *hash)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
SHACTX c = sha1_init();
|
|
Packit Service |
31306d |
if (c != NULL) {
|
|
Packit Service |
31306d |
sha1_update(c, digest, len);
|
|
Packit Service |
31306d |
sha1_final(hash, c);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_ECC
|
|
Packit Service |
31306d |
static const EVP_MD *nid_to_evpmd(int nid)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
switch (nid) {
|
|
Packit Service |
31306d |
case NID_X9_62_prime256v1:
|
|
Packit Service |
31306d |
return EVP_sha256();
|
|
Packit Service |
31306d |
case NID_secp384r1:
|
|
Packit Service |
31306d |
return EVP_sha384();
|
|
Packit Service |
31306d |
case NID_secp521r1:
|
|
Packit Service |
31306d |
return EVP_sha512();
|
|
Packit Service |
31306d |
default:
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void evp(int nid, unsigned char *digest, int len, unsigned char *hash, unsigned int *hlen)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
const EVP_MD *evp_md = nid_to_evpmd(nid);
|
|
Packit Service |
31306d |
EVP_MD_CTX *md = EVP_MD_CTX_new();
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVP_DigestInit(md, evp_md);
|
|
Packit Service |
31306d |
EVP_DigestUpdate(md, digest, len);
|
|
Packit Service |
31306d |
EVP_DigestFinal(md, hash, hlen);
|
|
Packit Service |
31306d |
EVP_MD_CTX_free(md);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVPCTX evp_init(int nid)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
const EVP_MD *evp_md = nid_to_evpmd(nid);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVPCTX ctx = EVP_MD_CTX_new();
|
|
Packit Service |
31306d |
if (ctx == NULL) {
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVP_DigestInit(ctx, evp_md);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return ctx;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void evp_update(EVPCTX ctx, const void *data, unsigned long len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
EVP_DigestUpdate(ctx, data, len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
EVP_DigestFinal(ctx, md, mdlen);
|
|
Packit Service |
31306d |
EVP_MD_CTX_free(ctx);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
SHA256CTX sha256_init(void)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
SHA256CTX c = EVP_MD_CTX_create();
|
|
Packit Service |
31306d |
if (c == NULL) {
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
EVP_MD_CTX_init(c);
|
|
Packit Service |
31306d |
rc = EVP_DigestInit_ex(c, EVP_sha256(), NULL);
|
|
Packit Service |
31306d |
if (rc == 0) {
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
c = NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return c;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha256_update(SHA256CTX c, const void *data, unsigned long len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
EVP_DigestUpdate(c, data, len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha256_final(unsigned char *md, SHA256CTX c)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
unsigned int mdlen = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVP_DigestFinal(c, md, &mdlen);
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha256(const unsigned char *digest, int len, unsigned char *hash)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
SHA256CTX c = sha256_init();
|
|
Packit Service |
31306d |
if (c != NULL) {
|
|
Packit Service |
31306d |
sha256_update(c, digest, len);
|
|
Packit Service |
31306d |
sha256_final(hash, c);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
SHA384CTX sha384_init(void)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
SHA384CTX c = EVP_MD_CTX_create();
|
|
Packit Service |
31306d |
if (c == NULL) {
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
EVP_MD_CTX_init(c);
|
|
Packit Service |
31306d |
rc = EVP_DigestInit_ex(c, EVP_sha384(), NULL);
|
|
Packit Service |
31306d |
if (rc == 0) {
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
c = NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return c;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha384_update(SHA384CTX c, const void *data, unsigned long len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
EVP_DigestUpdate(c, data, len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha384_final(unsigned char *md, SHA384CTX c)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
unsigned int mdlen = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVP_DigestFinal(c, md, &mdlen);
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha384(const unsigned char *digest, int len, unsigned char *hash)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
SHA384CTX c = sha384_init();
|
|
Packit Service |
31306d |
if (c != NULL) {
|
|
Packit Service |
31306d |
sha384_update(c, digest, len);
|
|
Packit Service |
31306d |
sha384_final(hash, c);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
SHA512CTX sha512_init(void)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int rc = 0;
|
|
Packit Service |
31306d |
SHA512CTX c = EVP_MD_CTX_create();
|
|
Packit Service |
31306d |
if (c == NULL) {
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
EVP_MD_CTX_init(c);
|
|
Packit Service |
31306d |
rc = EVP_DigestInit_ex(c, EVP_sha512(), NULL);
|
|
Packit Service |
31306d |
if (rc == 0) {
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
c = NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return c;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha512_update(SHA512CTX c, const void *data, unsigned long len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
EVP_DigestUpdate(c, data, len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha512_final(unsigned char *md, SHA512CTX c)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
unsigned int mdlen = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVP_DigestFinal(c, md, &mdlen);
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void sha512(const unsigned char *digest, int len, unsigned char *hash)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
SHA512CTX c = sha512_init();
|
|
Packit Service |
31306d |
if (c != NULL) {
|
|
Packit Service |
31306d |
sha512_update(c, digest, len);
|
|
Packit Service |
31306d |
sha512_final(hash, c);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
MD5CTX md5_init(void)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
MD5CTX c = EVP_MD_CTX_create();
|
|
Packit Service |
31306d |
if (c == NULL) {
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
EVP_MD_CTX_init(c);
|
|
Packit Service |
31306d |
rc = EVP_DigestInit_ex(c, EVP_md5(), NULL);
|
|
Packit Service |
31306d |
if(rc == 0) {
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
c = NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return c;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void md5_update(MD5CTX c, const void *data, unsigned long len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
EVP_DigestUpdate(c, data, len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void md5_final(unsigned char *md, MD5CTX c)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
unsigned int mdlen = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVP_DigestFinal(c, md, &mdlen);
|
|
Packit Service |
31306d |
EVP_MD_CTX_destroy(c);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID
|
|
Packit Service |
31306d |
static const EVP_MD *sshkdf_digest_to_md(enum ssh_kdf_digest digest_type)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
switch (digest_type) {
|
|
Packit Service |
31306d |
case SSH_KDF_SHA1:
|
|
Packit Service |
31306d |
return EVP_sha1();
|
|
Packit Service |
31306d |
case SSH_KDF_SHA256:
|
|
Packit Service |
31306d |
return EVP_sha256();
|
|
Packit Service |
31306d |
case SSH_KDF_SHA384:
|
|
Packit Service |
31306d |
return EVP_sha384();
|
|
Packit Service |
31306d |
case SSH_KDF_SHA512:
|
|
Packit Service |
31306d |
return EVP_sha512();
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
int ssh_kdf(struct ssh_crypto_struct *crypto,
|
|
Packit Service |
31306d |
unsigned char *key, size_t key_len,
|
|
Packit Service |
31306d |
int key_type, unsigned char *output,
|
|
Packit Service |
31306d |
size_t requested_len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
EVP_KDF_CTX *ctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF);
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (ctx == NULL) {
|
|
Packit Service |
31306d |
return -1;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_MD,
|
|
Packit Service |
31306d |
sshkdf_digest_to_md(crypto->digest_type));
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
goto out;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_KEY, key, key_len);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
goto out;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH,
|
|
Packit Service |
31306d |
crypto->secret_hash, crypto->digest_len);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
goto out;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE, key_type);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
goto out;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
|
|
Packit Service |
31306d |
crypto->session_id, crypto->digest_len);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
goto out;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
rc = EVP_KDF_derive(ctx, output, requested_len);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
goto out;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
out:
|
|
Packit Service |
31306d |
EVP_KDF_CTX_free(ctx);
|
|
Packit Service |
31306d |
if (rc < 0) {
|
|
Packit Service |
31306d |
return rc;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return 0;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#else
|
|
Packit Service |
31306d |
int ssh_kdf(struct ssh_crypto_struct *crypto,
|
|
Packit Service |
31306d |
unsigned char *key, size_t key_len,
|
|
Packit Service |
31306d |
int key_type, unsigned char *output,
|
|
Packit Service |
31306d |
size_t requested_len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
return sshkdf_derive_key(crypto, key, key_len,
|
|
Packit Service |
31306d |
key_type, output, requested_len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) {
|
|
Packit Service |
31306d |
HMACCTX ctx = NULL;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
ctx = HMAC_CTX_new();
|
|
Packit Service |
31306d |
if (ctx == NULL) {
|
|
Packit Service |
31306d |
return NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
switch(type) {
|
|
Packit Service |
31306d |
case SSH_HMAC_SHA1:
|
|
Packit Service |
31306d |
HMAC_Init_ex(ctx, key, len, EVP_sha1(), NULL);
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_HMAC_SHA256:
|
|
Packit Service |
31306d |
HMAC_Init_ex(ctx, key, len, EVP_sha256(), NULL);
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_HMAC_SHA512:
|
|
Packit Service |
31306d |
HMAC_Init_ex(ctx, key, len, EVP_sha512(), NULL);
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_HMAC_MD5:
|
|
Packit Service |
31306d |
HMAC_Init_ex(ctx, key, len, EVP_md5(), NULL);
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
default:
|
|
Packit Service |
31306d |
HMAC_CTX_free(ctx);
|
|
Packit Service |
31306d |
ctx = NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return ctx;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void hmac_update(HMACCTX ctx, const void *data, unsigned long len) {
|
|
Packit Service |
31306d |
HMAC_Update(ctx, data, len);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void hmac_final(HMACCTX ctx, unsigned char *hashmacbuf, unsigned int *len) {
|
|
Packit Service |
31306d |
HMAC_Final(ctx,hashmacbuf,len);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#if OPENSSL_VERSION_NUMBER > 0x10100000L
|
|
Packit Service |
31306d |
HMAC_CTX_free(ctx);
|
|
Packit Service |
31306d |
ctx = NULL;
|
|
Packit Service |
31306d |
#else
|
|
Packit Service |
31306d |
HMAC_cleanup(ctx);
|
|
Packit Service |
31306d |
SAFE_FREE(ctx);
|
|
Packit Service |
31306d |
ctx = NULL;
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static void evp_cipher_init(struct ssh_cipher_struct *cipher) {
|
|
Packit Service |
31306d |
if (cipher->ctx == NULL) {
|
|
Packit Service |
31306d |
cipher->ctx = EVP_CIPHER_CTX_new();
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
switch(cipher->ciphertype){
|
|
Packit Service |
31306d |
case SSH_AES128_CBC:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_aes_128_cbc();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_AES192_CBC:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_aes_192_cbc();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_AES256_CBC:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_aes_256_cbc();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_EVP_AES_CTR
|
|
Packit Service |
31306d |
case SSH_AES128_CTR:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_aes_128_ctr();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_AES192_CTR:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_aes_192_ctr();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_AES256_CTR:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_aes_256_ctr();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
#else
|
|
Packit Service |
31306d |
case SSH_AES128_CTR:
|
|
Packit Service |
31306d |
case SSH_AES192_CTR:
|
|
Packit Service |
31306d |
case SSH_AES256_CTR:
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "This cipher is not available in evp_cipher_init");
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_EVP_AES_GCM
|
|
Packit Service |
31306d |
case SSH_AEAD_AES128_GCM:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_aes_128_gcm();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_AEAD_AES256_GCM:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_aes_256_gcm();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
#else
|
|
Packit Service |
31306d |
case SSH_AEAD_AES128_GCM:
|
|
Packit Service |
31306d |
case SSH_AEAD_AES256_GCM:
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "This cipher is not available in evp_cipher_init");
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
#endif /* HAVE_OPENSSL_EVP_AES_GCM */
|
|
Packit Service |
31306d |
case SSH_3DES_CBC:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_des_ede3_cbc();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
#ifdef WITH_BLOWFISH_CIPHER
|
|
Packit Service |
31306d |
case SSH_BLOWFISH_CBC:
|
|
Packit Service |
31306d |
cipher->cipher = EVP_bf_cbc();
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
/* ciphers not using EVP */
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
case SSH_AEAD_CHACHA20_POLY1305:
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "The ChaCha cipher cannot be handled here");
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_NO_CIPHER:
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "No valid ciphertype found");
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static int evp_cipher_set_encrypt_key(struct ssh_cipher_struct *cipher,
|
|
Packit Service |
31306d |
void *key, void *IV)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
evp_cipher_init(cipher);
|
|
Packit Service |
31306d |
EVP_CIPHER_CTX_init(cipher->ctx);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
rc = EVP_EncryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV);
|
|
Packit Service |
31306d |
if (rc != 1){
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptInit_ex failed");
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_EVP_AES_GCM
|
|
Packit Service |
31306d |
/* For AES-GCM we need to set IV in specific way */
|
|
Packit Service |
31306d |
if (cipher->ciphertype == SSH_AEAD_AES128_GCM ||
|
|
Packit Service |
31306d |
cipher->ciphertype == SSH_AEAD_AES256_GCM) {
|
|
Packit Service |
31306d |
rc = EVP_CIPHER_CTX_ctrl(cipher->ctx,
|
|
Packit Service |
31306d |
EVP_CTRL_GCM_SET_IV_FIXED,
|
|
Packit Service |
31306d |
-1,
|
|
Packit Service |
31306d |
(uint8_t *)IV);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_CTRL_GCM_SET_IV_FIXED failed");
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
#endif /* HAVE_OPENSSL_EVP_AES_GCM */
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static int evp_cipher_set_decrypt_key(struct ssh_cipher_struct *cipher,
|
|
Packit Service |
31306d |
void *key, void *IV) {
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
evp_cipher_init(cipher);
|
|
Packit Service |
31306d |
EVP_CIPHER_CTX_init(cipher->ctx);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
rc = EVP_DecryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV);
|
|
Packit Service |
31306d |
if (rc != 1){
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptInit_ex failed");
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_EVP_AES_GCM
|
|
Packit Service |
31306d |
/* For AES-GCM we need to set IV in specific way */
|
|
Packit Service |
31306d |
if (cipher->ciphertype == SSH_AEAD_AES128_GCM ||
|
|
Packit Service |
31306d |
cipher->ciphertype == SSH_AEAD_AES256_GCM) {
|
|
Packit Service |
31306d |
rc = EVP_CIPHER_CTX_ctrl(cipher->ctx,
|
|
Packit Service |
31306d |
EVP_CTRL_GCM_SET_IV_FIXED,
|
|
Packit Service |
31306d |
-1,
|
|
Packit Service |
31306d |
(uint8_t *)IV);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_CTRL_GCM_SET_IV_FIXED failed");
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
#endif /* HAVE_OPENSSL_EVP_AES_GCM */
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* EVP wrapper function for encrypt/decrypt */
|
|
Packit Service |
31306d |
static void evp_cipher_encrypt(struct ssh_cipher_struct *cipher,
|
|
Packit Service |
31306d |
void *in,
|
|
Packit Service |
31306d |
void *out,
|
|
Packit Service |
31306d |
size_t len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int outlen = 0;
|
|
Packit Service |
31306d |
int rc = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
rc = EVP_EncryptUpdate(cipher->ctx,
|
|
Packit Service |
31306d |
(unsigned char *)out,
|
|
Packit Service |
31306d |
&outlen,
|
|
Packit Service |
31306d |
(unsigned char *)in,
|
|
Packit Service |
31306d |
(int)len);
|
|
Packit Service |
31306d |
if (rc != 1){
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptUpdate failed");
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
if (outlen != (int)len){
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING,
|
|
Packit Service |
31306d |
"EVP_EncryptUpdate: output size %d for %zu in",
|
|
Packit Service |
31306d |
outlen,
|
|
Packit Service |
31306d |
len);
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher,
|
|
Packit Service |
31306d |
void *in,
|
|
Packit Service |
31306d |
void *out,
|
|
Packit Service |
31306d |
size_t len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int outlen = 0;
|
|
Packit Service |
31306d |
int rc = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
rc = EVP_DecryptUpdate(cipher->ctx,
|
|
Packit Service |
31306d |
(unsigned char *)out,
|
|
Packit Service |
31306d |
&outlen,
|
|
Packit Service |
31306d |
(unsigned char *)in,
|
|
Packit Service |
31306d |
(int)len);
|
|
Packit Service |
31306d |
if (rc != 1){
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptUpdate failed");
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
if (outlen != (int)len){
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING,
|
|
Packit Service |
31306d |
"EVP_DecryptUpdate: output size %d for %zu in",
|
|
Packit Service |
31306d |
outlen,
|
|
Packit Service |
31306d |
len);
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static void evp_cipher_cleanup(struct ssh_cipher_struct *cipher) {
|
|
Packit Service |
31306d |
if (cipher->ctx != NULL) {
|
|
Packit Service |
31306d |
EVP_CIPHER_CTX_cleanup(cipher->ctx);
|
|
Packit Service |
31306d |
EVP_CIPHER_CTX_free(cipher->ctx);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifndef HAVE_OPENSSL_EVP_AES_CTR
|
|
Packit Service |
31306d |
/* Some OS (osx, OpenIndiana, ...) have no support for CTR ciphers in EVP_aes */
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
struct ssh_aes_key_schedule {
|
|
Packit Service |
31306d |
AES_KEY key;
|
|
Packit Service |
31306d |
uint8_t IV[AES_BLOCK_SIZE];
|
|
Packit Service |
31306d |
};
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static int aes_ctr_set_key(struct ssh_cipher_struct *cipher, void *key,
|
|
Packit Service |
31306d |
void *IV) {
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (cipher->aes_key == NULL) {
|
|
Packit Service |
31306d |
cipher->aes_key = malloc(sizeof (struct ssh_aes_key_schedule));
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
if (cipher->aes_key == NULL) {
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
ZERO_STRUCTP(cipher->aes_key);
|
|
Packit Service |
31306d |
/* CTR doesn't need a decryption key */
|
|
Packit Service |
31306d |
rc = AES_set_encrypt_key(key, cipher->keysize, &cipher->aes_key->key);
|
|
Packit Service |
31306d |
if (rc < 0) {
|
|
Packit Service |
31306d |
SAFE_FREE(cipher->aes_key);
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
memcpy(cipher->aes_key->IV, IV, AES_BLOCK_SIZE);
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static void
|
|
Packit Service |
31306d |
aes_ctr_encrypt(struct ssh_cipher_struct *cipher,
|
|
Packit Service |
31306d |
void *in,
|
|
Packit Service |
31306d |
void *out,
|
|
Packit Service |
31306d |
size_t len)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
unsigned char tmp_buffer[AES_BLOCK_SIZE];
|
|
Packit Service |
31306d |
unsigned int num=0;
|
|
Packit Service |
31306d |
/* Some things are special with ctr128 :
|
|
Packit Service |
31306d |
* In this case, tmp_buffer is not being used, because it is used to store temporary data
|
|
Packit Service |
31306d |
* when an encryption is made on lengths that are not multiple of blocksize.
|
|
Packit Service |
31306d |
* Same for num, which is being used to store the current offset in blocksize in CTR
|
|
Packit Service |
31306d |
* function.
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT
|
|
Packit Service |
31306d |
CRYPTO_ctr128_encrypt(in, out, len, &cipher->aes_key->key, cipher->aes_key->IV, tmp_buffer, &num, (block128_f)AES_encrypt);
|
|
Packit Service |
31306d |
#else
|
|
Packit Service |
31306d |
AES_ctr128_encrypt(in, out, len, &cipher->aes_key->key, cipher->aes_key->IV, tmp_buffer, &num);
|
|
Packit Service |
31306d |
#endif /* HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT */
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static void aes_ctr_cleanup(struct ssh_cipher_struct *cipher){
|
|
Packit Service |
31306d |
if (cipher != NULL) {
|
|
Packit Service |
31306d |
if (cipher->aes_key != NULL) {
|
|
Packit Service |
31306d |
explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key));
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
SAFE_FREE(cipher->aes_key);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#endif /* HAVE_OPENSSL_EVP_AES_CTR */
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_EVP_AES_GCM
|
|
Packit Service |
31306d |
static int
|
|
Packit Service |
31306d |
evp_cipher_aead_get_length(struct ssh_cipher_struct *cipher,
|
|
Packit Service |
31306d |
void *in,
|
|
Packit Service |
31306d |
uint8_t *out,
|
|
Packit Service |
31306d |
size_t len,
|
|
Packit Service |
31306d |
uint64_t seq)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
(void)cipher;
|
|
Packit Service |
31306d |
(void)seq;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* The length is not encrypted: Copy it to the result buffer */
|
|
Packit Service |
31306d |
memcpy(out, in, len);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static void
|
|
Packit Service |
31306d |
evp_cipher_aead_encrypt(struct ssh_cipher_struct *cipher,
|
|
Packit Service |
31306d |
void *in,
|
|
Packit Service |
31306d |
void *out,
|
|
Packit Service |
31306d |
size_t len,
|
|
Packit Service |
31306d |
uint8_t *tag,
|
|
Packit Service |
31306d |
uint64_t seq)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
size_t authlen, aadlen;
|
|
Packit Service |
31306d |
uint8_t lastiv[1];
|
|
Packit Service |
31306d |
int tmplen = 0;
|
|
Packit Service |
31306d |
size_t outlen;
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
(void) seq;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
aadlen = cipher->lenfield_blocksize;
|
|
Packit Service |
31306d |
authlen = cipher->tag_size;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* increment IV */
|
|
Packit Service |
31306d |
rc = EVP_CIPHER_CTX_ctrl(cipher->ctx,
|
|
Packit Service |
31306d |
EVP_CTRL_GCM_IV_GEN,
|
|
Packit Service |
31306d |
1,
|
|
Packit Service |
31306d |
lastiv);
|
|
Packit Service |
31306d |
if (rc == 0) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_CTRL_GCM_IV_GEN failed");
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* Pass over the authenticated data (not encrypted) */
|
|
Packit Service |
31306d |
rc = EVP_EncryptUpdate(cipher->ctx,
|
|
Packit Service |
31306d |
NULL,
|
|
Packit Service |
31306d |
&tmplen,
|
|
Packit Service |
31306d |
(unsigned char *)in,
|
|
Packit Service |
31306d |
(int)aadlen);
|
|
Packit Service |
31306d |
outlen = tmplen;
|
|
Packit Service |
31306d |
if (rc == 0 || outlen != aadlen) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "Failed to pass authenticated data");
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
memcpy(out, in, aadlen);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* Encrypt the rest of the data */
|
|
Packit Service |
31306d |
rc = EVP_EncryptUpdate(cipher->ctx,
|
|
Packit Service |
31306d |
(unsigned char *)out + aadlen,
|
|
Packit Service |
31306d |
&tmplen,
|
|
Packit Service |
31306d |
(unsigned char *)in + aadlen,
|
|
Packit Service |
31306d |
(int)len - aadlen);
|
|
Packit Service |
31306d |
outlen = tmplen;
|
|
Packit Service |
31306d |
if (rc != 1 || outlen != (int)len - aadlen) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptUpdate failed");
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* compute tag */
|
|
Packit Service |
31306d |
rc = EVP_EncryptFinal(cipher->ctx,
|
|
Packit Service |
31306d |
NULL,
|
|
Packit Service |
31306d |
&tmplen);
|
|
Packit Service |
31306d |
if (rc < 0) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptFinal failed: Failed to create a tag");
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
rc = EVP_CIPHER_CTX_ctrl(cipher->ctx,
|
|
Packit Service |
31306d |
EVP_CTRL_GCM_GET_TAG,
|
|
Packit Service |
31306d |
authlen,
|
|
Packit Service |
31306d |
(unsigned char *)tag);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_CTRL_GCM_GET_TAG failed");
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static int
|
|
Packit Service |
31306d |
evp_cipher_aead_decrypt(struct ssh_cipher_struct *cipher,
|
|
Packit Service |
31306d |
void *complete_packet,
|
|
Packit Service |
31306d |
uint8_t *out,
|
|
Packit Service |
31306d |
size_t encrypted_size,
|
|
Packit Service |
31306d |
uint64_t seq)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
size_t authlen, aadlen;
|
|
Packit Service |
31306d |
uint8_t lastiv[1];
|
|
Packit Service |
31306d |
int outlen = 0;
|
|
Packit Service |
31306d |
int rc = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
(void)seq;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
aadlen = cipher->lenfield_blocksize;
|
|
Packit Service |
31306d |
authlen = cipher->tag_size;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* increment IV */
|
|
Packit Service |
31306d |
rc = EVP_CIPHER_CTX_ctrl(cipher->ctx,
|
|
Packit Service |
31306d |
EVP_CTRL_GCM_IV_GEN,
|
|
Packit Service |
31306d |
1,
|
|
Packit Service |
31306d |
lastiv);
|
|
Packit Service |
31306d |
if (rc == 0) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_CTRL_GCM_IV_GEN failed");
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* set tag for authentication */
|
|
Packit Service |
31306d |
rc = EVP_CIPHER_CTX_ctrl(cipher->ctx,
|
|
Packit Service |
31306d |
EVP_CTRL_GCM_SET_TAG,
|
|
Packit Service |
31306d |
authlen,
|
|
Packit Service |
31306d |
(unsigned char *)complete_packet + aadlen + encrypted_size);
|
|
Packit Service |
31306d |
if (rc == 0) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_CTRL_GCM_SET_TAG failed");
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* Pass over the authenticated data (not encrypted) */
|
|
Packit Service |
31306d |
rc = EVP_DecryptUpdate(cipher->ctx,
|
|
Packit Service |
31306d |
NULL,
|
|
Packit Service |
31306d |
&outlen,
|
|
Packit Service |
31306d |
(unsigned char *)complete_packet,
|
|
Packit Service |
31306d |
(int)aadlen);
|
|
Packit Service |
31306d |
if (rc == 0) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "Failed to pass authenticated data");
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
/* Do not copy the length to the target buffer, because it is already processed */
|
|
Packit Service |
31306d |
//memcpy(out, complete_packet, aadlen);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* Decrypt the rest of the data */
|
|
Packit Service |
31306d |
rc = EVP_DecryptUpdate(cipher->ctx,
|
|
Packit Service |
31306d |
(unsigned char *)out,
|
|
Packit Service |
31306d |
&outlen,
|
|
Packit Service |
31306d |
(unsigned char *)complete_packet + aadlen,
|
|
Packit Service |
31306d |
encrypted_size /* already substracted aadlen*/);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptUpdate failed");
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (outlen != (int)encrypted_size) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING,
|
|
Packit Service |
31306d |
"EVP_DecryptUpdate: output size %d for %zd in",
|
|
Packit Service |
31306d |
outlen,
|
|
Packit Service |
31306d |
encrypted_size);
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/* verify tag */
|
|
Packit Service |
31306d |
rc = EVP_DecryptFinal(cipher->ctx,
|
|
Packit Service |
31306d |
NULL,
|
|
Packit Service |
31306d |
&outlen);
|
|
Packit Service |
31306d |
if (rc < 0) {
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptFinal failed: Failed authentication");
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#endif /* HAVE_OPENSSL_EVP_AES_GCM */
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/*
|
|
Packit Service |
31306d |
* The table of supported ciphers
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
static struct ssh_cipher_struct ssh_ciphertab[] = {
|
|
Packit Service |
31306d |
#ifdef WITH_BLOWFISH_CIPHER
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "blowfish-cbc",
|
|
Packit Service |
31306d |
.blocksize = 8,
|
|
Packit Service |
31306d |
.ciphertype = SSH_BLOWFISH_CBC,
|
|
Packit Service |
31306d |
.keysize = 128,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.encrypt = evp_cipher_encrypt,
|
|
Packit Service |
31306d |
.decrypt = evp_cipher_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
#ifdef HAS_AES
|
|
Packit Service |
31306d |
#ifndef BROKEN_AES_CTR
|
|
Packit Service |
31306d |
/* OpenSSL until 0.9.7c has a broken AES_ctr128_encrypt implementation which
|
|
Packit Service |
31306d |
* increments the counter from 2^64 instead of 1. It's better not to use it
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_EVP_AES_CTR
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes128-ctr",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.ciphertype = SSH_AES128_CTR,
|
|
Packit Service |
31306d |
.keysize = 128,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.encrypt = evp_cipher_encrypt,
|
|
Packit Service |
31306d |
.decrypt = evp_cipher_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes192-ctr",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.ciphertype = SSH_AES192_CTR,
|
|
Packit Service |
31306d |
.keysize = 192,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.encrypt = evp_cipher_encrypt,
|
|
Packit Service |
31306d |
.decrypt = evp_cipher_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes256-ctr",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.ciphertype = SSH_AES256_CTR,
|
|
Packit Service |
31306d |
.keysize = 256,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.encrypt = evp_cipher_encrypt,
|
|
Packit Service |
31306d |
.decrypt = evp_cipher_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
#else /* HAVE_OPENSSL_EVP_AES_CTR */
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes128-ctr",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.ciphertype = SSH_AES128_CTR,
|
|
Packit Service |
31306d |
.keysize = 128,
|
|
Packit Service |
31306d |
.set_encrypt_key = aes_ctr_set_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = aes_ctr_set_key,
|
|
Packit Service |
31306d |
.encrypt = aes_ctr_encrypt,
|
|
Packit Service |
31306d |
.decrypt = aes_ctr_encrypt,
|
|
Packit Service |
31306d |
.cleanup = aes_ctr_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes192-ctr",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.ciphertype = SSH_AES192_CTR,
|
|
Packit Service |
31306d |
.keysize = 192,
|
|
Packit Service |
31306d |
.set_encrypt_key = aes_ctr_set_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = aes_ctr_set_key,
|
|
Packit Service |
31306d |
.encrypt = aes_ctr_encrypt,
|
|
Packit Service |
31306d |
.decrypt = aes_ctr_encrypt,
|
|
Packit Service |
31306d |
.cleanup = aes_ctr_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes256-ctr",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.ciphertype = SSH_AES256_CTR,
|
|
Packit Service |
31306d |
.keysize = 256,
|
|
Packit Service |
31306d |
.set_encrypt_key = aes_ctr_set_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = aes_ctr_set_key,
|
|
Packit Service |
31306d |
.encrypt = aes_ctr_encrypt,
|
|
Packit Service |
31306d |
.decrypt = aes_ctr_encrypt,
|
|
Packit Service |
31306d |
.cleanup = aes_ctr_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
#endif /* HAVE_OPENSSL_EVP_AES_CTR */
|
|
Packit Service |
31306d |
#endif /* BROKEN_AES_CTR */
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes128-cbc",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.ciphertype = SSH_AES128_CBC,
|
|
Packit Service |
31306d |
.keysize = 128,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.encrypt = evp_cipher_encrypt,
|
|
Packit Service |
31306d |
.decrypt = evp_cipher_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes192-cbc",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.ciphertype = SSH_AES192_CBC,
|
|
Packit Service |
31306d |
.keysize = 192,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.encrypt = evp_cipher_encrypt,
|
|
Packit Service |
31306d |
.decrypt = evp_cipher_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes256-cbc",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.ciphertype = SSH_AES256_CBC,
|
|
Packit Service |
31306d |
.keysize = 256,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.encrypt = evp_cipher_encrypt,
|
|
Packit Service |
31306d |
.decrypt = evp_cipher_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
#ifdef HAVE_OPENSSL_EVP_AES_GCM
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes128-gcm@openssh.com",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.lenfield_blocksize = 4, /* not encrypted, but authenticated */
|
|
Packit Service |
31306d |
.ciphertype = SSH_AEAD_AES128_GCM,
|
|
Packit Service |
31306d |
.keysize = 128,
|
|
Packit Service |
31306d |
.tag_size = AES_GCM_TAGLEN,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.aead_encrypt = evp_cipher_aead_encrypt,
|
|
Packit Service |
31306d |
.aead_decrypt_length = evp_cipher_aead_get_length,
|
|
Packit Service |
31306d |
.aead_decrypt = evp_cipher_aead_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "aes256-gcm@openssh.com",
|
|
Packit Service |
31306d |
.blocksize = AES_BLOCK_SIZE,
|
|
Packit Service |
31306d |
.lenfield_blocksize = 4, /* not encrypted, but authenticated */
|
|
Packit Service |
31306d |
.ciphertype = SSH_AEAD_AES256_GCM,
|
|
Packit Service |
31306d |
.keysize = 256,
|
|
Packit Service |
31306d |
.tag_size = AES_GCM_TAGLEN,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.aead_encrypt = evp_cipher_aead_encrypt,
|
|
Packit Service |
31306d |
.aead_decrypt_length = evp_cipher_aead_get_length,
|
|
Packit Service |
31306d |
.aead_decrypt = evp_cipher_aead_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
#endif /* HAVE_OPENSSL_EVP_AES_GCM */
|
|
Packit Service |
31306d |
#endif /* HAS_AES */
|
|
Packit Service |
31306d |
#ifdef HAS_DES
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "3des-cbc",
|
|
Packit Service |
31306d |
.blocksize = 8,
|
|
Packit Service |
31306d |
.ciphertype = SSH_3DES_CBC,
|
|
Packit Service |
31306d |
.keysize = 192,
|
|
Packit Service |
31306d |
.set_encrypt_key = evp_cipher_set_encrypt_key,
|
|
Packit Service |
31306d |
.set_decrypt_key = evp_cipher_set_decrypt_key,
|
|
Packit Service |
31306d |
.encrypt = evp_cipher_encrypt,
|
|
Packit Service |
31306d |
.decrypt = evp_cipher_decrypt,
|
|
Packit Service |
31306d |
.cleanup = evp_cipher_cleanup
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
#endif /* HAS_DES */
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = "chacha20-poly1305@openssh.com"
|
|
Packit Service |
31306d |
},
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
.name = NULL
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
};
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
struct ssh_cipher_struct *ssh_get_ciphertab(void)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
return ssh_ciphertab;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/**
|
|
Packit Service |
31306d |
* @internal
|
|
Packit Service |
31306d |
* @brief Initialize libcrypto's subsystem
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
int ssh_crypto_init(void)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
size_t i;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (libcrypto_initialized) {
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
if (SSLeay() != OPENSSL_VERSION_NUMBER){
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_WARNING, "libssh compiled with %s "
|
|
Packit Service |
31306d |
"headers, currently running with %s.",
|
|
Packit Service |
31306d |
OPENSSL_VERSION_TEXT,
|
|
Packit Service |
31306d |
SSLeay_version(SSLeay())
|
|
Packit Service |
31306d |
);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
#ifdef CAN_DISABLE_AESNI
|
|
Packit Service |
31306d |
/*
|
|
Packit Service |
31306d |
* disable AES-NI when running within Valgrind, because they generate
|
|
Packit Service |
31306d |
* too many "uninitialized memory access" false positives
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
if (RUNNING_ON_VALGRIND){
|
|
Packit Service |
31306d |
SSH_LOG(SSH_LOG_INFO, "Running within Valgrind, disabling AES-NI");
|
|
Packit Service |
31306d |
/* Bit #57 denotes AES-NI instruction set extension */
|
|
Packit Service |
31306d |
OPENSSL_ia32cap &= ~(1LL << 57);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
Packit Service |
31306d |
OpenSSL_add_all_algorithms();
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
for (i = 0; ssh_ciphertab[i].name != NULL; i++) {
|
|
Packit Service |
31306d |
int cmp;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
cmp = strcmp(ssh_ciphertab[i].name, "chacha20-poly1305@openssh.com");
|
|
Packit Service |
31306d |
if (cmp == 0) {
|
|
Packit Service |
31306d |
memcpy(&ssh_ciphertab[i],
|
|
Packit Service |
31306d |
ssh_get_chacha20poly1305_cipher(),
|
|
Packit Service |
31306d |
sizeof(struct ssh_cipher_struct));
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
libcrypto_initialized = 1;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/**
|
|
Packit Service |
31306d |
* @internal
|
|
Packit Service |
31306d |
* @brief Finalize libcrypto's subsystem
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
void ssh_crypto_finalize(void)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
if (!libcrypto_initialized) {
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
Packit Service |
31306d |
EVP_cleanup();
|
|
Packit Service |
31306d |
CRYPTO_cleanup_all_ex_data();
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
libcrypto_initialized = 0;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#endif /* LIBCRYPTO */
|