Attachment #1640 for bug #1340

Lines 42-47 Link Here

(-)openssh.orig/cipher-ctr.c (+103 lines)
42	u_char aes_counter[AES_BLOCK_SIZE];	42	u_char aes_counter[AES_BLOCK_SIZE];
43	};	43	};
44		44
		45	#ifdef USE_CIPHER_CAMELLIA
		46	#include <openssl/camellia.h>
		47	const EVP_CIPHER *evp_camellia_128_ctr(void);
		48	void ssh_camellia_ctr_iv(EVP_CIPHER_CTX , int, u_char , u_int);
		49
		50	struct ssh_camellia_ctr_ctx
		51	{
		52	CAMELLIA_KEY camellia_ctx;
		53	u_char camellia_counter[CAMELLIA_BLOCK_SIZE];
		54	};
		55	#endif
		56
45	/*	57	/*
46	* increment counter 'ctr',	58	* increment counter 'ctr',
47	* the counter is of size 'len' bytes and stored in network-byte-order.	59	* the counter is of size 'len' bytes and stored in network-byte-order.
Lines 144-146 Link Here
144	#endif	156	#endif
145	return (&aes_ctr);	157	return (&aes_ctr);
146	}	158	}
		159
		160	#ifdef USE_CIPHER_CAMELLIA
		161	static int
		162	ssh_camellia_ctr(EVP_CIPHER_CTX ctx, u_char dest, const u_char *src,
		163	u_int len)
		164	{
		165	struct ssh_camellia_ctr_ctx *c;
		166	u_int n = 0;
		167	u_char buf[CAMELLIA_BLOCK_SIZE];
		168
		169	if (len == 0)
		170	return (1);
		171	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL)
		172	return (0);
		173
		174	while ((len--) > 0) {
		175	if (n == 0) {
		176	Camellia_encrypt(c->camellia_counter, buf, &c->camellia_ctx);
		177	ssh_ctr_inc(c->camellia_counter, CAMELLIA_BLOCK_SIZE);
		178	}
		179	(dest++) = (src++) ^ buf[n];
		180	n = (n + 1) % CAMELLIA_BLOCK_SIZE;
		181	}
		182	return (1);
		183	}
		184
		185	static int
		186	ssh_camellia_ctr_init(EVP_CIPHER_CTX ctx, const u_char key, const u_char *iv,
		187	int enc)
		188	{
		189	struct ssh_camellia_ctr_ctx *c;
		190
		191	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {
		192	c = xmalloc(sizeof(*c));
		193	EVP_CIPHER_CTX_set_app_data(ctx, c);
		194	}
		195	if (key != NULL)
		196	Camellia_set_key(key,
		197	EVP_CIPHER_CTX_key_length(ctx) * 8,
		198	&c->camellia_ctx);
		199	if (iv != NULL)
		200	memcpy(c->camellia_counter, iv, CAMELLIA_BLOCK_SIZE);
		201	return (1);
		202	}
		203
		204	static int
		205	ssh_camellia_ctr_cleanup(EVP_CIPHER_CTX *ctx)
		206	{
		207	struct ssh_camellia_ctr_ctx *c;
		208
		209	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
		210	memset(c, 0, sizeof(*c));
		211	xfree(c);
		212	EVP_CIPHER_CTX_set_app_data(ctx, NULL);
		213	}
		214	return (1);
		215	}
		216
		217	void
		218	ssh_camellia_ctr_iv(EVP_CIPHER_CTX evp, int doset, u_char iv, u_int len)
		219	{
		220	struct ssh_camellia_ctr_ctx *c;
		221
		222	if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL)
223	fatal("ssh_camellia_ctr_iv: no context");
224	if (doset)
225	memcpy(c->camellia_counter, iv, len);
226	else
227	memcpy(iv, c->camellia_counter, len);
228	}
229
230	const EVP_CIPHER *
231	evp_camellia_128_ctr(void)
232	{
233	static EVP_CIPHER camellia_ctr;
234
235	memset(&camellia_ctr, 0, sizeof(EVP_CIPHER));
236	camellia_ctr.nid = NID_undef;
237	camellia_ctr.block_size = CAMELLIA_BLOCK_SIZE;
238	camellia_ctr.iv_len = CAMELLIA_BLOCK_SIZE;
239	camellia_ctr.key_len = 16;
240	camellia_ctr.init = ssh_camellia_ctr_init;
241	camellia_ctr.cleanup = ssh_camellia_ctr_cleanup;
242	camellia_ctr.do_cipher = ssh_camellia_ctr;
243	#ifndef SSH_OLD_EVP
244	camellia_ctr.flags = EVP_CIPH_CBC_MODE \| EVP_CIPH_VARIABLE_LENGTH \|
245	EVP_CIPH_ALWAYS_CALL_INIT \| EVP_CIPH_CUSTOM_IV;
246	#endif
247	return (&camellia_ctr);
248	}
249	#endif

Lines 55-60 Link Here

(-)openssh.orig/cipher.c (+19 lines)
55	extern const EVP_CIPHER *evp_ssh1_3des(void);	55	extern const EVP_CIPHER *evp_ssh1_3des(void);
56	extern void ssh1_3des_iv(EVP_CIPHER_CTX , int, u_char , int);	56	extern void ssh1_3des_iv(EVP_CIPHER_CTX , int, u_char , int);
57	extern const EVP_CIPHER *evp_aes_128_ctr(void);	57	extern const EVP_CIPHER *evp_aes_128_ctr(void);
		58	#ifdef USE_CIPHER_CAMELLIA
		59	extern const EVP_CIPHER *evp_camellia_128_ctr(void);
		60	#endif
58	extern void ssh_aes_ctr_iv(EVP_CIPHER_CTX , int, u_char , u_int);	61	extern void ssh_aes_ctr_iv(EVP_CIPHER_CTX , int, u_char , u_int);
59		62
60	struct Cipher {	63	struct Cipher {
Lines 88-93 Link Here
88	#ifdef USE_CIPHER_ACSS	91	#ifdef USE_CIPHER_ACSS
89	{ "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, 0, EVP_acss },	92	{ "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, 0, EVP_acss },
90	#endif	93	#endif
		94	#ifdef USE_CIPHER_CAMELLIA
		95	{ "camellia128-cbc@openssh.org", SSH_CIPHER_SSH2, 16, 16, 0, 1, EVP_camellia_128_cbc },
		96	{ "camellia192-cbc@openssh.org", SSH_CIPHER_SSH2, 16, 24, 0, 1, EVP_camellia_192_cbc },
		97	{ "camellia256-cbc@openssh.org", SSH_CIPHER_SSH2, 16, 32, 0, 1, EVP_camellia_256_cbc },
		98	{ "camellia128-ctr@openssh.org", SSH_CIPHER_SSH2, 16, 16, 0, 0, evp_camellia_128_ctr },
		99	{ "camellia192-ctr@openssh.org", SSH_CIPHER_SSH2, 16, 24, 0, 0, evp_camellia_128_ctr },
		100	{ "camellia256-ctr@openssh.org", SSH_CIPHER_SSH2, 16, 32, 0, 0, evp_camellia_128_ctr },
		101	#endif
91	{ NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, NULL }	102	{ NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, NULL }
92	};	103	};
93		104
Lines 353-358 Link Here
353	#endif	364	#endif
354	if (c->evptype == evp_aes_128_ctr)	365	if (c->evptype == evp_aes_128_ctr)
355	ssh_aes_ctr_iv(&cc->evp, 0, iv, len);	366	ssh_aes_ctr_iv(&cc->evp, 0, iv, len);
		367	#ifdef USE_CIPHER_CAMELLIA
		368	else if (c->evptype == evp_camellia_128_ctr)
		369	ssh_camellia_ctr_iv(&cc->evp, 0, iv, len);
		370	#endif
356	else	371	else
357	memcpy(iv, cc->evp.iv, len);	372	memcpy(iv, cc->evp.iv, len);
358	break;	373	break;
Lines 384-389 Link Here
384	#endif	399	#endif
385	if (c->evptype == evp_aes_128_ctr)	400	if (c->evptype == evp_aes_128_ctr)
386	ssh_aes_ctr_iv(&cc->evp, 1, iv, evplen);	401	ssh_aes_ctr_iv(&cc->evp, 1, iv, evplen);
		402	#ifdef USE_CIPHER_CAMELLIA
		403	else if (c->evptype == evp_camellia_128_ctr)
		404	ssh_camellia_ctr_iv(&cc->evp, 1, iv, evplen);
		405	#endif
387	else	406	else
388	memcpy(cc->evp.iv, iv, evplen);	407	memcpy(cc->evp.iv, iv, evplen);
389	break;	408	break;




	  fi ]
)

# Check for OpenSSL without EVP_camellia_{128,192,256}_cbc
AC_MSG_CHECKING([whether OpenSSL has Camellia support])
AC_LINK_IFELSE(
	[AC_LANG_SOURCE([[
#include <string.h>
#include <openssl/evp.h>
int main(void) { exit(EVP_camellia_128_cbc() == NULL
	|| EVP_camellia_192_cbc() == NULL
	|| EVP_camellia_256_cbc() == NULL);}
	]])],
	[
		AC_MSG_RESULT(yes)
		AC_DEFINE(USE_CIPHER_CAMELLIA, 1,
		    [libcrypto has Camellia functions])
	],
	[
		AC_MSG_RESULT(no)
	]
)

# Check for OpenSSL without EVP_aes_{192,256}_cbc
AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
AC_LINK_IFELSE(

Return to bug 1340

Lines 2057-2062 Link Here

(-)openssh.orig/configure.ac (+20 lines)
2057	fi ]	2057	fi ]
2058	)	2058	)
2059		2059
		2060	# Check for OpenSSL without EVP_camellia_{128,192,256}_cbc
		2061	AC_MSG_CHECKING([whether OpenSSL has Camellia support])
		2062	AC_LINK_IFELSE(
		2063	[AC_LANG_SOURCE([[
		2064	#include <string.h>
		2065	#include <openssl/evp.h>
		2066	int main(void) { exit(EVP_camellia_128_cbc() == NULL
		2067	\|\| EVP_camellia_192_cbc() == NULL
		2068	\|\| EVP_camellia_256_cbc() == NULL);}
		2069	]])],
		2070	[
		2071	AC_MSG_RESULT(yes)
		2072	AC_DEFINE(USE_CIPHER_CAMELLIA, 1,
		2073	[libcrypto has Camellia functions])
		2074	],
		2075	[
		2076	AC_MSG_RESULT(no)
		2077	]
		2078	)
		2079
2060	# Check for OpenSSL without EVP_aes_{192,256}_cbc	2080	# Check for OpenSSL without EVP_aes_{192,256}_cbc
2061	AC_MSG_CHECKING([whether OpenSSL has crippled AES support])	2081	AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
2062	AC_LINK_IFELSE(	2082	AC_LINK_IFELSE(