| cipher.c (57464) | cipher.c (58585) |
|---|---|
| 1/* 2 * 3 * cipher.c 4 * 5 * Author: Tatu Ylonen <ylo@cs.hut.fi> 6 * 7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 8 * All rights reserved 9 * 10 * Created: Wed Apr 19 17:41:39 1995 ylo 11 * | 1/* 2 * 3 * cipher.c 4 * 5 * Author: Tatu Ylonen <ylo@cs.hut.fi> 6 * 7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 8 * All rights reserved 9 * 10 * Created: Wed Apr 19 17:41:39 1995 ylo 11 * |
| 12 * $FreeBSD: head/crypto/openssh/cipher.c 57464 2000-02-25 01:53:12Z green $ | 12 * $FreeBSD: head/crypto/openssh/cipher.c 58585 2000-03-26 07:37:48Z kris $ |
| 13 */ 14 15#include "includes.h" | 13 */ 14 15#include "includes.h" |
| 16RCSID("$Id: cipher.c,v 1.19 2000/02/22 15:19:29 markus Exp $"); | 16RCSID("$Id: cipher.c,v 1.20 2000/03/22 09:55:10 markus Exp $"); |
| 17 18#include "ssh.h" 19#include "cipher.h" 20 21#include <openssl/md5.h> 22 23/* 24 * What kind of tripple DES are these 2 routines? --- 75 unchanged lines hidden (view full) --- 100 t.c[3] = *src++; 101 t.c[2] = *src++; 102 t.c[1] = *src++; 103 t.c[0] = *src++; 104 *dst++ = t.i; 105 } 106} 107 | 17 18#include "ssh.h" 19#include "cipher.h" 20 21#include <openssl/md5.h> 22 23/* 24 * What kind of tripple DES are these 2 routines? --- 75 unchanged lines hidden (view full) --- 100 t.c[3] = *src++; 101 t.c[2] = *src++; 102 t.c[1] = *src++; 103 t.c[0] = *src++; 104 *dst++ = t.i; 105 } 106} 107 |
| 108void (*cipher_attack_detected) (const char *fmt,...) = fatal; 109 110static inline void 111detect_cbc_attack(const unsigned char *src, 112 unsigned int len) 113{ 114 return; 115 116 log("CRC-32 CBC insertion attack detected"); 117 cipher_attack_detected("CRC-32 CBC insertion attack detected"); 118} 119 | |
| 120/* 121 * Names of all encryption algorithms. 122 * These must match the numbers defined in cipher.h. 123 */ 124static char *cipher_names[] = 125{ 126 "none", 127 "idea", --- 166 unchanged lines hidden (view full) --- 294 fatal("cipher_decrypt: bad ciphertext length %d", len); 295 296 switch (context->type) { 297 case SSH_CIPHER_NONE: 298 memcpy(dest, src, len); 299 break; 300 301 case SSH_CIPHER_3DES: | 108/* 109 * Names of all encryption algorithms. 110 * These must match the numbers defined in cipher.h. 111 */ 112static char *cipher_names[] = 113{ 114 "none", 115 "idea", --- 166 unchanged lines hidden (view full) --- 282 fatal("cipher_decrypt: bad ciphertext length %d", len); 283 284 switch (context->type) { 285 case SSH_CIPHER_NONE: 286 memcpy(dest, src, len); 287 break; 288 289 case SSH_CIPHER_3DES: |
| 302 /* CRC-32 attack? */ | |
| 303 SSH_3CBC_DECRYPT(context->u.des3.key1, 304 context->u.des3.key2, &context->u.des3.iv2, 305 context->u.des3.key3, &context->u.des3.iv3, 306 dest, (unsigned char *) src, len); 307 break; 308 309 case SSH_CIPHER_BLOWFISH: | 290 SSH_3CBC_DECRYPT(context->u.des3.key1, 291 context->u.des3.key2, &context->u.des3.iv2, 292 context->u.des3.key3, &context->u.des3.iv3, 293 dest, (unsigned char *) src, len); 294 break; 295 296 case SSH_CIPHER_BLOWFISH: |
| 310 detect_cbc_attack(src, len); | |
| 311 swap_bytes(src, dest, len); 312 BF_cbc_encrypt((void *) dest, dest, len, 313 &context->u.bf.key, context->u.bf.iv, 314 BF_DECRYPT); 315 swap_bytes(dest, dest, len); 316 break; 317 318 default: 319 fatal("cipher_decrypt: unknown cipher: %s", cipher_name(context->type)); 320 } 321} | 297 swap_bytes(src, dest, len); 298 BF_cbc_encrypt((void *) dest, dest, len, 299 &context->u.bf.key, context->u.bf.iv, 300 BF_DECRYPT); 301 swap_bytes(dest, dest, len); 302 break; 303 304 default: 305 fatal("cipher_decrypt: unknown cipher: %s", cipher_name(context->type)); 306 } 307} |