Deleted Added
sdiff udiff text old ( 57430 ) new ( 57464 )
full compact
cipher.h (57430) cipher.h (57464)
1/*
2 *
3 * cipher.h
4 *
5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
6 *
7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 * All rights reserved
9 *
10 * Created: Wed Apr 19 16:50:42 1995 ylo
11 *
1/*
2 *
3 * cipher.h
4 *
5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
6 *
7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 * All rights reserved
9 *
10 * Created: Wed Apr 19 16:50:42 1995 ylo
11 *
12 * $FreeBSD: head/crypto/openssh/cipher.h 57464 2000-02-25 01:53:12Z green $
12 */
13
14/* RCSID("$Id: cipher.h,v 1.10 1999/11/24 19:53:46 markus Exp $"); */
15
16#ifndef CIPHER_H
17#define CIPHER_H
18
13 */
14
15/* RCSID("$Id: cipher.h,v 1.10 1999/11/24 19:53:46 markus Exp $"); */
16
17#ifndef CIPHER_H
18#define CIPHER_H
19
19#include
20#include
20#include <openssl/des.h>
21#include <openssl/blowfish.h>
21
22/* Cipher types. New types can be added, but old types should not be removed
23 for compatibility. The maximum allowed value is 31. */
24#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */
25#define SSH_CIPHER_NONE 0 /* no encryption */
26#define SSH_CIPHER_IDEA 1 /* IDEA CFB */
27#define SSH_CIPHER_DES 2 /* DES CBC */
28#define SSH_CIPHER_3DES 3 /* 3DES CBC */
29#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */
30#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */
31#define SSH_CIPHER_BLOWFISH 6
32
33typedef struct {
34 unsigned int type;
35 union {
36 struct {
37 des_key_schedule key1;
38 des_key_schedule key2;
39 des_cblock iv2;
40 des_key_schedule key3;
41 des_cblock iv3;
42 } des3;
43 struct {
44 struct bf_key_st key;
45 unsigned char iv[8];
46 } bf;
47 } u;
48} CipherContext;
49/*
50 * Returns a bit mask indicating which ciphers are supported by this
51 * implementation. The bit mask has the corresponding bit set of each
52 * supported cipher.
53 */
54unsigned int cipher_mask();
55
56/* Returns the name of the cipher. */
57const char *cipher_name(int cipher);
58
59/*
60 * Parses the name of the cipher. Returns the number of the corresponding
61 * cipher, or -1 on error.
62 */
63int cipher_number(const char *name);
64
65/*
66 * Selects the cipher to use and sets the key. If for_encryption is true,
67 * the key is setup for encryption; otherwise it is setup for decryption.
68 */
69void
70cipher_set_key(CipherContext * context, int cipher,
71 const unsigned char *key, int keylen, int for_encryption);
72
73/*
74 * Sets key for the cipher by computing the MD5 checksum of the passphrase,
75 * and using the resulting 16 bytes as the key.
76 */
77void
78cipher_set_key_string(CipherContext * context, int cipher,
79 const char *passphrase, int for_encryption);
80
81/* Encrypts data using the cipher. */
82void
83cipher_encrypt(CipherContext * context, unsigned char *dest,
84 const unsigned char *src, unsigned int len);
85
86/* Decrypts data using the cipher. */
87void
88cipher_decrypt(CipherContext * context, unsigned char *dest,
89 const unsigned char *src, unsigned int len);
90
91/*
92 * If and CRC-32 attack is detected this function is called. Defaults to
93 * fatal, changed to packet_disconnect in sshd and ssh.
94 */
95extern void (*cipher_attack_detected) (const char *fmt, ...);
96
97#endif /* CIPHER_H */
22
23/* Cipher types. New types can be added, but old types should not be removed
24 for compatibility. The maximum allowed value is 31. */
25#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */
26#define SSH_CIPHER_NONE 0 /* no encryption */
27#define SSH_CIPHER_IDEA 1 /* IDEA CFB */
28#define SSH_CIPHER_DES 2 /* DES CBC */
29#define SSH_CIPHER_3DES 3 /* 3DES CBC */
30#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */
31#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */
32#define SSH_CIPHER_BLOWFISH 6
33
34typedef struct {
35 unsigned int type;
36 union {
37 struct {
38 des_key_schedule key1;
39 des_key_schedule key2;
40 des_cblock iv2;
41 des_key_schedule key3;
42 des_cblock iv3;
43 } des3;
44 struct {
45 struct bf_key_st key;
46 unsigned char iv[8];
47 } bf;
48 } u;
49} CipherContext;
50/*
51 * Returns a bit mask indicating which ciphers are supported by this
52 * implementation. The bit mask has the corresponding bit set of each
53 * supported cipher.
54 */
55unsigned int cipher_mask();
56
57/* Returns the name of the cipher. */
58const char *cipher_name(int cipher);
59
60/*
61 * Parses the name of the cipher. Returns the number of the corresponding
62 * cipher, or -1 on error.
63 */
64int cipher_number(const char *name);
65
66/*
67 * Selects the cipher to use and sets the key. If for_encryption is true,
68 * the key is setup for encryption; otherwise it is setup for decryption.
69 */
70void
71cipher_set_key(CipherContext * context, int cipher,
72 const unsigned char *key, int keylen, int for_encryption);
73
74/*
75 * Sets key for the cipher by computing the MD5 checksum of the passphrase,
76 * and using the resulting 16 bytes as the key.
77 */
78void
79cipher_set_key_string(CipherContext * context, int cipher,
80 const char *passphrase, int for_encryption);
81
82/* Encrypts data using the cipher. */
83void
84cipher_encrypt(CipherContext * context, unsigned char *dest,
85 const unsigned char *src, unsigned int len);
86
87/* Decrypts data using the cipher. */
88void
89cipher_decrypt(CipherContext * context, unsigned char *dest,
90 const unsigned char *src, unsigned int len);
91
92/*
93 * If and CRC-32 attack is detected this function is called. Defaults to
94 * fatal, changed to packet_disconnect in sshd and ssh.
95 */
96extern void (*cipher_attack_detected) (const char *fmt, ...);
97
98#endif /* CIPHER_H */