Bugzilla – Attachment 1879 Details for
Bug 1340
Support for Camellia block cipher to OpenSSH-portable.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
A patch to enable Camellia support of OpenBSD's OpenSSH.
ssh_head.diff (text/plain), 7.98 KB, created by
Yoshisato YANAGISAWA
on 2010-06-21 01:12:08 AEST
(
hide
)
Description:
A patch to enable Camellia support of OpenBSD's OpenSSH.
Filename:
MIME Type:
Creator:
Yoshisato YANAGISAWA
Created:
2010-06-21 01:12:08 AEST
Size:
7.98 KB
patch
obsolete
>Index: cipher-ctr.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/cipher-ctr.c,v >retrieving revision 1.10 >diff -c -r1.10 cipher-ctr.c >*** cipher-ctr.c 3 Aug 2006 03:34:42 -0000 1.10 >--- cipher-ctr.c 20 Jun 2010 15:04:17 -0000 >*************** >*** 21,26 **** >--- 21,27 ---- > > #include <openssl/evp.h> > #include <openssl/aes.h> >+ #include <openssl/camellia.h> > > #include "xmalloc.h" > #include "log.h" >*************** >*** 34,39 **** >--- 35,49 ---- > u_char aes_counter[AES_BLOCK_SIZE]; > }; > >+ const EVP_CIPHER *evp_camellia_128_ctr(void); >+ void ssh_camellia_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); >+ >+ struct ssh_camellia_ctr_ctx >+ { >+ CAMELLIA_KEY camellia_ctx; >+ u_char camellia_counter[CAMELLIA_BLOCK_SIZE]; >+ }; >+ > /* > * increment counter 'ctr', > * the counter is of size 'len' bytes and stored in network-byte-order. >*************** >*** 133,136 **** >--- 143,233 ---- > aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | > EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; > return (&aes_ctr); >+ } >+ >+ static int >+ ssh_camellia_ctr(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, >+ u_int len) >+ { >+ struct ssh_camellia_ctr_ctx *c; >+ u_int n = 0; >+ u_char buf[CAMELLIA_BLOCK_SIZE]; >+ >+ if (len == 0) >+ return (1); >+ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) >+ return (0); >+ >+ while ((len--) > 0) { >+ if (n == 0) { >+ Camellia_encrypt(c->camellia_counter, buf, >+ &c->camellia_ctx); >+ ssh_ctr_inc(c->camellia_counter, CAMELLIA_BLOCK_SIZE); >+ } >+ *(dest++) = *(src++) ^ buf[n]; >+ n = (n + 1) % CAMELLIA_BLOCK_SIZE; >+ } >+ return (1); >+ } >+ >+ static int >+ ssh_camellia_ctr_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, >+ int enc) >+ { >+ struct ssh_camellia_ctr_ctx *c; >+ >+ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { >+ c = xmalloc(sizeof(*c)); >+ EVP_CIPHER_CTX_set_app_data(ctx, c); >+ } >+ if (key != NULL) >+ Camellia_set_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, >+ &c->camellia_ctx); >+ if (iv != NULL) >+ memcpy(c->camellia_counter, iv, CAMELLIA_BLOCK_SIZE); >+ return (1); >+ } >+ >+ static int >+ ssh_camellia_ctr_cleanup(EVP_CIPHER_CTX *ctx) >+ { >+ struct ssh_camellia_ctr_ctx *c; >+ >+ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { >+ memset(c, 0, sizeof(*c)); >+ xfree(c); >+ EVP_CIPHER_CTX_set_app_data(ctx, NULL); >+ } >+ return (1); >+ } >+ >+ void >+ ssh_camellia_ctr_iv(EVP_CIPHER_CTX *evp, int doset, u_char * iv, u_int len) >+ { >+ struct ssh_camellia_ctr_ctx *c; >+ >+ if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL) >+ fatal("ssh_camellia_ctr_iv: no context"); >+ if (doset) >+ memcpy(c->camellia_counter, iv, len); >+ else >+ memcpy(iv, c->camellia_counter, len); >+ } >+ >+ const EVP_CIPHER * >+ evp_camellia_128_ctr(void) >+ { >+ static EVP_CIPHER camellia_ctr; >+ >+ memset(&camellia_ctr, 0, sizeof(EVP_CIPHER)); >+ camellia_ctr.nid = NID_undef; >+ camellia_ctr.block_size = CAMELLIA_BLOCK_SIZE; >+ camellia_ctr.iv_len = CAMELLIA_BLOCK_SIZE; >+ camellia_ctr.key_len = 16; >+ camellia_ctr.init = ssh_camellia_ctr_init; >+ camellia_ctr.cleanup = ssh_camellia_ctr_cleanup; >+ camellia_ctr.do_cipher = ssh_camellia_ctr; >+ camellia_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | >+ EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; >+ return (&camellia_ctr); > } >Index: cipher.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/cipher.c,v >retrieving revision 1.82 >diff -c -r1.82 cipher.c >*** cipher.c 26 Jan 2009 09:58:15 -0000 1.82 >--- cipher.c 20 Jun 2010 15:04:17 -0000 >*************** >*** 51,56 **** >--- 51,57 ---- > extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); > extern const EVP_CIPHER *evp_aes_128_ctr(void); > extern void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); >+ extern const EVP_CIPHER *evp_camellia_128_ctr(void); > > struct Cipher { > char *name; >*************** >*** 81,86 **** >--- 82,99 ---- > { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, evp_aes_128_ctr }, > { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, evp_aes_128_ctr }, > { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, 0, EVP_acss }, >+ { "camellia128-cbc@openssh.org", >+ SSH_CIPHER_SSH2, 16, 16, 0, 1, EVP_camellia_128_cbc }, >+ { "camellia192-cbc@openssh.org", >+ SSH_CIPHER_SSH2, 16, 24, 0, 1, EVP_camellia_192_cbc }, >+ { "camellia256-cbc@openssh.org", >+ SSH_CIPHER_SSH2, 16, 32, 0, 1, EVP_camellia_256_cbc }, >+ { "camellia128-ctr@openssh.org", >+ SSH_CIPHER_SSH2, 16, 16, 0, 0, evp_camellia_128_ctr }, >+ { "camellia192-ctr@openssh.org", >+ SSH_CIPHER_SSH2, 16, 24, 0, 0, evp_camellia_128_ctr }, >+ { "camellia256-ctr@openssh.org", >+ SSH_CIPHER_SSH2, 16, 32, 0, 0, evp_camellia_128_ctr }, > > { NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, NULL } > }; >*************** >*** 328,333 **** >--- 341,348 ---- > evplen, len); > if (c->evptype == evp_aes_128_ctr) > ssh_aes_ctr_iv(&cc->evp, 0, iv, len); >+ else if (c->evptype == evp_camellia_128_ctr) >+ ssh_camellia_ctr_iv(&cc->evp, 0, iv, len); > else > memcpy(iv, cc->evp.iv, len); > break; >*************** >*** 354,359 **** >--- 369,376 ---- > return; > if (c->evptype == evp_aes_128_ctr) > ssh_aes_ctr_iv(&cc->evp, 1, iv, evplen); >+ else if (c->evptype == evp_camellia_128_ctr) >+ ssh_camellia_ctr_iv(&cc->evp, 1, iv, evplen); > else > memcpy(cc->evp.iv, iv, evplen); > break; >Index: myproposal.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/myproposal.h,v >retrieving revision 1.24 >diff -c -r1.24 myproposal.h >*** myproposal.h 26 Feb 2010 20:29:54 -0000 1.24 >--- myproposal.h 20 Jun 2010 15:04:17 -0000 >*************** >*** 33,38 **** >--- 33,41 ---- > "ssh-rsa,ssh-dss" > > #define KEX_DEFAULT_ENCRYPT \ >+ "camellia128-ctr@openssh.org,camellia192-ctr@openssh.org," \ >+ "camellia256-ctr@openssh.org,camellia128-cbc@openssh.org," \ >+ "camellia192-cbc@openssh.org,camellia256-cbc@openssh.org," \ > "aes128-ctr,aes192-ctr,aes256-ctr," \ > "arcfour256,arcfour128," \ > "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ >Index: ssh_config.5 >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh_config.5,v >retrieving revision 1.129 >diff -c -r1.129 ssh_config.5 >*** ssh_config.5 5 Mar 2010 10:28:21 -0000 1.129 >--- ssh_config.5 20 Jun 2010 15:04:17 -0000 >*************** >*** 200,209 **** >--- 200,218 ---- > .Dq arcfour256 , > .Dq arcfour , > .Dq blowfish-cbc , >+ .Dq camellia128-cbc@openssh.org , >+ .Dq camellia192-cbc@openssh.org , >+ .Dq camellia256-cbc@openssh.org , >+ .Dq camellia128-ctr@openssh.org , >+ .Dq camellia192-ctr@openssh.org , >+ .Dq camellia256-ctr@openssh.org , > and > .Dq cast128-cbc . > The default is: > .Bd -literal -offset 3n >+ camellia128-cbc@openssh.org,camellia192-cbc@openssh.org, >+ camellia256-cbc@openssh.org,camellia128-ctr@openssh.org, >+ camellia192-ctr@openssh.org,camellia256-ctr@openssh.org, > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, > aes256-cbc,arcfour >Index: sshd_config.5 >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/sshd_config.5,v >retrieving revision 1.120 >diff -c -r1.120 sshd_config.5 >*** sshd_config.5 4 Mar 2010 23:17:25 -0000 1.120 >--- sshd_config.5 20 Jun 2010 15:04:22 -0000 >*************** >*** 242,251 **** >--- 242,260 ---- > .Dq arcfour256 , > .Dq arcfour , > .Dq blowfish-cbc , >+ .Dq camellia128-cbc@openssh.org , >+ .Dq camellia192-cbc@openssh.org , >+ .Dq camellia256-cbc@openssh.org , >+ .Dq camellia128-ctr@openssh.org , >+ .Dq camellia192-ctr@openssh.org , >+ .Dq camellia256-ctr@openssh.org , > and > .Dq cast128-cbc . > The default is: > .Bd -literal -offset 3n >+ camellia128-cbc@openssh.org,camellia192-cbc@openssh.org, >+ camellia256-cbc@openssh.org,camellia128-ctr@openssh.org, >+ camellia192-ctr@openssh.org,camellia256-ctr@openssh.org, > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, > aes256-cbc,arcfour
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1879">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1340
:
1327
|
1392
|
1397
|
1640
|
1878
| 1879 |
1902