Attachment 35 Details for Bug 141 – this should make AES > 128 work (and 3des in ssh1)

[patch] this should make AES > 128 work (and 3des in ssh1)

U (text/plain), 3.52 KB, created by Markus Friedl on 2002-03-09 20:28:38 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: Markus Friedl

Created: 2002-03-09 20:28:38 AEDT

Size: 3.52 KB

patch

obsolete

>Index: cipher.c
>===================================================================
>RCS file: /home/markus/cvs/ssh/cipher.c,v
>retrieving revision 1.52
>diff -u -r1.52 cipher.c
>--- cipher.c	18 Feb 2002 13:05:32 -0000	1.52
>+++ cipher.c	9 Mar 2002 08:09:29 -0000
>@@ -44,6 +44,11 @@
> #include <openssl/md5.h>
> #include "rijndael.h"
> 
>+#if OPENSSL_VERSION_NUMBER <= 0x0090600fL
>+#define SSH_OLD_EVP
>+#define EVP_CIPHER_CTX_get_app_data(e)          ((e)->app_data)
>+#endif
>+
> static EVP_CIPHER *evp_ssh1_3des(void);
> static EVP_CIPHER *evp_ssh1_bf(void);
> static EVP_CIPHER *evp_rijndael(void);
>@@ -171,7 +176,11 @@
>     int encrypt)
> {
> 	static int dowarn = 1;
>+#ifdef SSH_OLD_EVP
>+	EVP_CIPHER *type;
>+#else
> 	const EVP_CIPHER *type;
>+#endif
> 	int klen;
> 
> 	if (cipher->number == SSH_CIPHER_DES) {
>@@ -195,7 +204,13 @@
> 
> 	type = (*cipher->evptype)();
> 
>+#ifdef SSH_OLD_EVP
>+	if (type->key_len < cipher->key_len)
>+		type->key_len = cipher->key_len;
> 	EVP_CIPHER_CTX_init(&cc->evp);
>+	EVP_CipherInit(&cc->evp, type, (u_char *)key, (u_char *)iv,
>+	    (encrypt == CIPHER_ENCRYPT));
>+#else
> 	if (EVP_CipherInit(&cc->evp, type, NULL, (u_char *)iv,
> 	    (encrypt == CIPHER_ENCRYPT)) == 0)
> 		fatal("cipher_init: EVP_CipherInit failed for %s",
>@@ -210,6 +225,7 @@
> 	if (EVP_CipherInit(&cc->evp, NULL, (u_char *)key, NULL, -1) == 0)
> 		fatal("cipher_init: EVP_CipherInit: set key failed for %s",
> 		    cipher->name);
>+#endif
> }
> 
> void
>@@ -217,15 +233,23 @@
> {
> 	if (len % cc->cipher->block_size)
> 		fatal("cipher_encrypt: bad plaintext length %d", len);
>+#ifdef SSH_OLD_EVP
>+	EVP_Cipher(&cc->evp, dest, (u_char *)src, len);
>+#else
> 	if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0)
> 		fatal("evp_crypt: EVP_Cipher failed");
>+#endif
> }
> 
> void
> cipher_cleanup(CipherContext *cc)
> {
>+#ifdef SSH_OLD_EVP
>+	EVP_CIPHER_CTX_cleanup(&cc->evp);
>+#else
> 	if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0)
> 		error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed");
>+#endif
> }
> 
> /*
>@@ -296,6 +320,11 @@
> 	EVP_CIPHER_CTX_init(&c->k1);
> 	EVP_CIPHER_CTX_init(&c->k2);
> 	EVP_CIPHER_CTX_init(&c->k3);
>+#ifdef SSH_OLD_EVP
>+	EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc);
>+	EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc);
>+	EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc);
>+#else
> 	if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||
> 	    EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||
> 	    EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {
>@@ -304,6 +333,7 @@
> 		EVP_CIPHER_CTX_set_app_data(ctx, NULL);
> 		return (0);
> 	}
>+#endif
> 	return (1);
> }
> static int
>@@ -315,10 +345,16 @@
> 		error("ssh1_3des_cbc: no context");
> 		return (0);
> 	}
>+#ifdef SSH_OLD_EVP
>+	EVP_Cipher(&c->k1, dest, (u_char *)src, len);
>+	EVP_Cipher(&c->k2, dest, dest, len);
>+	EVP_Cipher(&c->k3, dest, dest, len);
>+#else
> 	if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 ||
> 	    EVP_Cipher(&c->k2, dest, dest, len) == 0 ||
> 	    EVP_Cipher(&c->k3, dest, dest, len) == 0)
> 		return (0);
>+#endif
> 	return (1);
> }
> static int
>@@ -346,7 +382,9 @@
> 	ssh1_3des.init = ssh1_3des_init;
> 	ssh1_3des.cleanup = ssh1_3des_cleanup;
> 	ssh1_3des.do_cipher = ssh1_3des_cbc;
>+#ifndef SSH_OLD_EVP
> 	ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH;
>+#endif
> 	return (&ssh1_3des);
> }
> 
>@@ -494,7 +532,9 @@
> 	rijndal_cbc.init = ssh_rijndael_init;
> 	rijndal_cbc.cleanup = ssh_rijndael_cleanup;
> 	rijndal_cbc.do_cipher = ssh_rijndael_cbc;
>+#ifndef SSH_OLD_EVP
> 	rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
> 	    EVP_CIPH_ALWAYS_CALL_INIT;
>+#endif
> 	return (&rijndal_cbc);
> }

Actions: View | Diff

Attachments on bug 141: 34 | 35 | 36 | 37