cipher.h revision 60576 
1/*
2 *
3 * cipher.h
4 *
5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
6 *
7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 *                    All rights reserved
9 *
10 * Created: Wed Apr 19 16:50:42 1995 ylo
11 *
12 * $FreeBSD: head/crypto/openssh/cipher.h 60576 2000-05-15 05:24:25Z kris $
13 */
14
15/* RCSID("$Id: cipher.h,v 1.17 2000/05/08 17:12:15 markus Exp $"); */
16
17#ifndef CIPHER_H
18#define CIPHER_H
19
20#include <openssl/des.h>
21#include <openssl/blowfish.h>
22#include <openssl/rc4.h>
23#include <openssl/cast.h>
24
25/* Cipher types.  New types can be added, but old types should not be removed
26   for compatibility.  The maximum allowed value is 31. */
27#define SSH_CIPHER_ILLEGAL	-2	/* No valid cipher selected. */
28#define SSH_CIPHER_NOT_SET	-1	/* None selected (invalid number). */
29#define SSH_CIPHER_NONE		0	/* no encryption */
30#define SSH_CIPHER_IDEA		1	/* IDEA CFB */
31#define SSH_CIPHER_DES		2	/* DES CBC */
32#define SSH_CIPHER_3DES		3	/* 3DES CBC */
33#define SSH_CIPHER_BROKEN_TSS	4	/* TRI's Simple Stream encryption CBC */
34#define SSH_CIPHER_BROKEN_RC4	5	/* Alleged RC4 */
35#define SSH_CIPHER_BLOWFISH	6
36#define SSH_CIPHER_RESERVED	7
37
38/* these ciphers are used in SSH2: */
39#define SSH_CIPHER_BLOWFISH_CBC	8
40#define SSH_CIPHER_3DES_CBC	9
41#define SSH_CIPHER_ARCFOUR	10	/* Alleged RC4 */
42#define SSH_CIPHER_CAST128_CBC	11
43
44typedef struct {
45	unsigned int type;
46	union {
47		struct {
48			des_key_schedule key1;
49			des_key_schedule key2;
50			des_cblock iv2;
51			des_key_schedule key3;
52			des_cblock iv3;
53		}       des3;
54		struct {
55			struct bf_key_st key;
56			unsigned char iv[8];
57		}       bf;
58		struct {
59			CAST_KEY key;
60			unsigned char iv[8];
61		} cast;
62		RC4_KEY rc4;
63	}       u;
64}       CipherContext;
65/*
66 * Returns a bit mask indicating which ciphers are supported by this
67 * implementation.  The bit mask has the corresponding bit set of each
68 * supported cipher.
69 */
70unsigned int cipher_mask();
71unsigned int cipher_mask1();
72unsigned int cipher_mask2();
73
74/* Returns the name of the cipher. */
75const char *cipher_name(int cipher);
76
77/*
78 * Parses the name of the cipher.  Returns the number of the corresponding
79 * cipher, or -1 on error.
80 */
81int     cipher_number(const char *name);
82
83/* returns 1 if all ciphers are supported (ssh2 only) */
84int     ciphers_valid(const char *names);
85
86/*
87 * Selects the cipher to use and sets the key.  If for_encryption is true,
88 * the key is setup for encryption; otherwise it is setup for decryption.
89 */
90void
91cipher_set_key(CipherContext * context, int cipher,
92    const unsigned char *key, int keylen);
93void
94cipher_set_key_iv(CipherContext * context, int cipher,
95    const unsigned char *key, int keylen,
96    const unsigned char *iv, int ivlen);
97
98/*
99 * Sets key for the cipher by computing the MD5 checksum of the passphrase,
100 * and using the resulting 16 bytes as the key.
101 */
102void
103cipher_set_key_string(CipherContext * context, int cipher,
104    const char *passphrase);
105
106/* Encrypts data using the cipher. */
107void
108cipher_encrypt(CipherContext * context, unsigned char *dest,
109    const unsigned char *src, unsigned int len);
110
111/* Decrypts data using the cipher. */
112void
113cipher_decrypt(CipherContext * context, unsigned char *dest,
114    const unsigned char *src, unsigned int len);
115
116#endif				/* CIPHER_H */
117