cipher.h revision 57429 
1/*
2 *
3 * cipher.h
4 *
5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
6 *
7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 *                    All rights reserved
9 *
10 * Created: Wed Apr 19 16:50:42 1995 ylo
11 *
12 */
13
14/* RCSID("$Id: cipher.h,v 1.10 1999/11/24 19:53:46 markus Exp $"); */
15
16#ifndef CIPHER_H
17#define CIPHER_H
18
19#include <ssl/des.h>
20#include <ssl/blowfish.h>
21
22/* Cipher types.  New types can be added, but old types should not be removed
23   for compatibility.  The maximum allowed value is 31. */
24#define SSH_CIPHER_NOT_SET	-1	/* None selected (invalid number). */
25#define SSH_CIPHER_NONE		0	/* no encryption */
26#define SSH_CIPHER_IDEA		1	/* IDEA CFB */
27#define SSH_CIPHER_DES		2	/* DES CBC */
28#define SSH_CIPHER_3DES		3	/* 3DES CBC */
29#define SSH_CIPHER_BROKEN_TSS	4	/* TRI's Simple Stream encryption CBC */
30#define SSH_CIPHER_BROKEN_RC4	5	/* Alleged RC4 */
31#define SSH_CIPHER_BLOWFISH	6
32
33typedef struct {
34	unsigned int type;
35	union {
36		struct {
37			des_key_schedule key1;
38			des_key_schedule key2;
39			des_cblock iv2;
40			des_key_schedule key3;
41			des_cblock iv3;
42		}       des3;
43		struct {
44			struct bf_key_st key;
45			unsigned char iv[8];
46		}       bf;
47	}       u;
48}       CipherContext;
49/*
50 * Returns a bit mask indicating which ciphers are supported by this
51 * implementation.  The bit mask has the corresponding bit set of each
52 * supported cipher.
53 */
54unsigned int cipher_mask();
55
56/* Returns the name of the cipher. */
57const char *cipher_name(int cipher);
58
59/*
60 * Parses the name of the cipher.  Returns the number of the corresponding
61 * cipher, or -1 on error.
62 */
63int     cipher_number(const char *name);
64
65/*
66 * Selects the cipher to use and sets the key.  If for_encryption is true,
67 * the key is setup for encryption; otherwise it is setup for decryption.
68 */
69void
70cipher_set_key(CipherContext * context, int cipher,
71    const unsigned char *key, int keylen, int for_encryption);
72
73/*
74 * Sets key for the cipher by computing the MD5 checksum of the passphrase,
75 * and using the resulting 16 bytes as the key.
76 */
77void
78cipher_set_key_string(CipherContext * context, int cipher,
79    const char *passphrase, int for_encryption);
80
81/* Encrypts data using the cipher. */
82void
83cipher_encrypt(CipherContext * context, unsigned char *dest,
84    const unsigned char *src, unsigned int len);
85
86/* Decrypts data using the cipher. */
87void
88cipher_decrypt(CipherContext * context, unsigned char *dest,
89    const unsigned char *src, unsigned int len);
90
91/*
92 * If and CRC-32 attack is detected this function is called. Defaults to
93 * fatal, changed to packet_disconnect in sshd and ssh.
94 */
95extern void (*cipher_attack_detected) (const char *fmt, ...);
96
97#endif				/* CIPHER_H */
98