2010-05-14 01:22:22 +02:00
|
|
|
/*
|
|
|
|
|
* This file is part of the SSH Library
|
|
|
|
|
*
|
|
|
|
|
* Copyright (c) 2009 by Aris Adamantiadis
|
2016-03-29 13:06:59 +02:00
|
|
|
* Copyright (C) 2016 g10 Code GmbH
|
2010-05-14 01:22:22 +02:00
|
|
|
*
|
|
|
|
|
* The SSH Library is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU Lesser General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2.1 of the License, or (at your
|
|
|
|
|
* option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* The SSH Library is distributed in the hope that it will be useful, but
|
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
|
|
|
|
|
* License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public License
|
|
|
|
|
* along with the SSH Library; see the file COPYING. If not, write to
|
|
|
|
|
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
|
|
|
|
|
* MA 02111-1307, USA.
|
|
|
|
|
*/
|
|
|
|
|
|
2018-01-10 21:59:17 +01:00
|
|
|
#include "config.h"
|
|
|
|
|
|
2010-05-14 01:22:22 +02:00
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
|
|
|
|
|
#include "libssh/priv.h"
|
|
|
|
|
#include "libssh/session.h"
|
|
|
|
|
#include "libssh/crypto.h"
|
|
|
|
|
#include "libssh/wrapper.h"
|
2016-03-29 13:06:59 +02:00
|
|
|
#include "libssh/string.h"
|
2010-05-14 01:22:22 +02:00
|
|
|
|
|
|
|
|
#ifdef HAVE_LIBGCRYPT
|
|
|
|
|
#include <gcrypt.h>
|
|
|
|
|
|
2011-06-13 13:46:34 +02:00
|
|
|
struct ssh_mac_ctx_struct {
|
|
|
|
|
enum ssh_mac_e mac_type;
|
|
|
|
|
gcry_md_hd_t ctx;
|
|
|
|
|
};
|
2010-05-14 01:22:22 +02:00
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
static int alloc_key(struct ssh_cipher_struct *cipher) {
|
2010-05-14 01:22:22 +02:00
|
|
|
cipher->key = malloc(cipher->keylen);
|
|
|
|
|
if (cipher->key == NULL) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-05 21:24:12 +01:00
|
|
|
void ssh_reseed(void){
|
|
|
|
|
}
|
|
|
|
|
|
2010-05-14 01:22:22 +02:00
|
|
|
SHACTX sha1_init(void) {
|
|
|
|
|
SHACTX ctx = NULL;
|
|
|
|
|
gcry_md_open(&ctx, GCRY_MD_SHA1, 0);
|
|
|
|
|
|
|
|
|
|
return ctx;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha1_update(SHACTX c, const void *data, unsigned long len) {
|
|
|
|
|
gcry_md_write(c, data, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha1_final(unsigned char *md, SHACTX c) {
|
|
|
|
|
gcry_md_final(c);
|
|
|
|
|
memcpy(md, gcry_md_read(c, 0), SHA_DIGEST_LEN);
|
|
|
|
|
gcry_md_close(c);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha1(unsigned char *digest, int len, unsigned char *hash) {
|
|
|
|
|
gcry_md_hash_buffer(GCRY_MD_SHA1, hash, digest, len);
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-02 16:00:24 +02:00
|
|
|
#ifdef HAVE_GCRYPT_ECC
|
|
|
|
|
static int nid_to_md_algo(int nid)
|
|
|
|
|
{
|
|
|
|
|
switch (nid) {
|
|
|
|
|
case NID_gcrypt_nistp256:
|
|
|
|
|
return GCRY_MD_SHA256;
|
|
|
|
|
case NID_gcrypt_nistp384:
|
|
|
|
|
return GCRY_MD_SHA384;
|
|
|
|
|
case NID_gcrypt_nistp521:
|
|
|
|
|
return GCRY_MD_SHA512;
|
|
|
|
|
}
|
|
|
|
|
return GCRY_MD_NONE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void evp(int nid, unsigned char *digest, int len,
|
|
|
|
|
unsigned char *hash, unsigned int *hlen)
|
|
|
|
|
{
|
|
|
|
|
int algo = nid_to_md_algo(nid);
|
|
|
|
|
|
|
|
|
|
/* Note: What gcrypt calls 'hash' is called 'digest' here and
|
|
|
|
|
vice-versa. */
|
|
|
|
|
gcry_md_hash_buffer(algo, hash, digest, len);
|
|
|
|
|
*hlen = gcry_md_get_algo_dlen(algo);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
EVPCTX evp_init(int nid)
|
|
|
|
|
{
|
|
|
|
|
gcry_error_t err;
|
|
|
|
|
int algo = nid_to_md_algo(nid);
|
|
|
|
|
EVPCTX ctx;
|
|
|
|
|
|
|
|
|
|
err = gcry_md_open(&ctx, algo, 0);
|
|
|
|
|
if (err) {
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ctx;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void evp_update(EVPCTX ctx, const void *data, unsigned long len)
|
|
|
|
|
{
|
|
|
|
|
gcry_md_write(ctx, data, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen)
|
|
|
|
|
{
|
|
|
|
|
int algo = gcry_md_get_algo(ctx);
|
|
|
|
|
*mdlen = gcry_md_get_algo_dlen(algo);
|
|
|
|
|
memcpy(md, gcry_md_read(ctx, algo), *mdlen);
|
|
|
|
|
gcry_md_close(ctx);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2014-04-20 09:53:47 +00:00
|
|
|
SHA256CTX sha256_init(void) {
|
|
|
|
|
SHA256CTX ctx = NULL;
|
|
|
|
|
gcry_md_open(&ctx, GCRY_MD_SHA256, 0);
|
|
|
|
|
|
|
|
|
|
return ctx;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha256_update(SHACTX c, const void *data, unsigned long len) {
|
|
|
|
|
gcry_md_write(c, data, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha256_final(unsigned char *md, SHACTX c) {
|
|
|
|
|
gcry_md_final(c);
|
|
|
|
|
memcpy(md, gcry_md_read(c, 0), SHA256_DIGEST_LEN);
|
|
|
|
|
gcry_md_close(c);
|
|
|
|
|
}
|
|
|
|
|
|
2011-06-13 13:46:34 +02:00
|
|
|
void sha256(unsigned char *digest, int len, unsigned char *hash){
|
|
|
|
|
gcry_md_hash_buffer(GCRY_MD_SHA256, hash, digest, len);
|
|
|
|
|
}
|
|
|
|
|
|
2014-04-20 09:53:47 +00:00
|
|
|
SHA384CTX sha384_init(void) {
|
|
|
|
|
SHA384CTX ctx = NULL;
|
|
|
|
|
gcry_md_open(&ctx, GCRY_MD_SHA384, 0);
|
|
|
|
|
|
|
|
|
|
return ctx;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha384_update(SHACTX c, const void *data, unsigned long len) {
|
|
|
|
|
gcry_md_write(c, data, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha384_final(unsigned char *md, SHACTX c) {
|
|
|
|
|
gcry_md_final(c);
|
|
|
|
|
memcpy(md, gcry_md_read(c, 0), SHA384_DIGEST_LEN);
|
|
|
|
|
gcry_md_close(c);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha384(unsigned char *digest, int len, unsigned char *hash) {
|
|
|
|
|
gcry_md_hash_buffer(GCRY_MD_SHA384, hash, digest, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SHA512CTX sha512_init(void) {
|
|
|
|
|
SHA512CTX ctx = NULL;
|
|
|
|
|
gcry_md_open(&ctx, GCRY_MD_SHA512, 0);
|
|
|
|
|
|
|
|
|
|
return ctx;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha512_update(SHACTX c, const void *data, unsigned long len) {
|
|
|
|
|
gcry_md_write(c, data, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha512_final(unsigned char *md, SHACTX c) {
|
|
|
|
|
gcry_md_final(c);
|
|
|
|
|
memcpy(md, gcry_md_read(c, 0), SHA512_DIGEST_LEN);
|
|
|
|
|
gcry_md_close(c);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sha512(unsigned char *digest, int len, unsigned char *hash) {
|
|
|
|
|
gcry_md_hash_buffer(GCRY_MD_SHA512, hash, digest, len);
|
|
|
|
|
}
|
|
|
|
|
|
2010-05-14 01:22:22 +02:00
|
|
|
MD5CTX md5_init(void) {
|
|
|
|
|
MD5CTX c = NULL;
|
|
|
|
|
gcry_md_open(&c, GCRY_MD_MD5, 0);
|
|
|
|
|
|
|
|
|
|
return c;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void md5_update(MD5CTX c, const void *data, unsigned long len) {
|
|
|
|
|
gcry_md_write(c,data,len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void md5_final(unsigned char *md, MD5CTX c) {
|
|
|
|
|
gcry_md_final(c);
|
|
|
|
|
memcpy(md, gcry_md_read(c, 0), MD5_DIGEST_LEN);
|
|
|
|
|
gcry_md_close(c);
|
|
|
|
|
}
|
|
|
|
|
|
2011-06-13 13:46:34 +02:00
|
|
|
ssh_mac_ctx ssh_mac_ctx_init(enum ssh_mac_e type){
|
2014-09-26 21:13:01 -07:00
|
|
|
ssh_mac_ctx ctx = malloc(sizeof(struct ssh_mac_ctx_struct));
|
|
|
|
|
if (ctx == NULL) {
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2011-06-13 13:46:34 +02:00
|
|
|
ctx->mac_type=type;
|
|
|
|
|
switch(type){
|
|
|
|
|
case SSH_MAC_SHA1:
|
|
|
|
|
gcry_md_open(&ctx->ctx, GCRY_MD_SHA1, 0);
|
|
|
|
|
break;
|
|
|
|
|
case SSH_MAC_SHA256:
|
|
|
|
|
gcry_md_open(&ctx->ctx, GCRY_MD_SHA256, 0);
|
|
|
|
|
break;
|
|
|
|
|
case SSH_MAC_SHA384:
|
|
|
|
|
gcry_md_open(&ctx->ctx, GCRY_MD_SHA384, 0);
|
|
|
|
|
break;
|
|
|
|
|
case SSH_MAC_SHA512:
|
|
|
|
|
gcry_md_open(&ctx->ctx, GCRY_MD_SHA512, 0);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
SAFE_FREE(ctx);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
return ctx;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ssh_mac_update(ssh_mac_ctx ctx, const void *data, unsigned long len) {
|
|
|
|
|
gcry_md_write(ctx->ctx,data,len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ssh_mac_final(unsigned char *md, ssh_mac_ctx ctx) {
|
2015-12-17 14:55:52 +01:00
|
|
|
size_t len = 0;
|
2011-06-13 13:46:34 +02:00
|
|
|
switch(ctx->mac_type){
|
|
|
|
|
case SSH_MAC_SHA1:
|
|
|
|
|
len=SHA_DIGEST_LEN;
|
|
|
|
|
break;
|
|
|
|
|
case SSH_MAC_SHA256:
|
2014-04-20 09:53:47 +00:00
|
|
|
len=SHA256_DIGEST_LEN;
|
2011-06-13 13:46:34 +02:00
|
|
|
break;
|
|
|
|
|
case SSH_MAC_SHA384:
|
2014-04-20 09:53:47 +00:00
|
|
|
len=SHA384_DIGEST_LEN;
|
2011-06-13 13:46:34 +02:00
|
|
|
break;
|
|
|
|
|
case SSH_MAC_SHA512:
|
2014-04-20 09:53:47 +00:00
|
|
|
len=SHA512_DIGEST_LEN;
|
2011-06-13 13:46:34 +02:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
gcry_md_final(ctx->ctx);
|
|
|
|
|
memcpy(md, gcry_md_read(ctx->ctx, 0), len);
|
|
|
|
|
gcry_md_close(ctx->ctx);
|
|
|
|
|
SAFE_FREE(ctx);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) {
|
2010-05-14 01:22:22 +02:00
|
|
|
HMACCTX c = NULL;
|
|
|
|
|
|
|
|
|
|
switch(type) {
|
2011-06-13 13:46:34 +02:00
|
|
|
case SSH_HMAC_SHA1:
|
2010-05-14 01:22:22 +02:00
|
|
|
gcry_md_open(&c, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
|
|
|
|
|
break;
|
2014-04-20 09:53:47 +00:00
|
|
|
case SSH_HMAC_SHA256:
|
|
|
|
|
gcry_md_open(&c, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
|
|
|
|
|
break;
|
|
|
|
|
case SSH_HMAC_SHA384:
|
|
|
|
|
gcry_md_open(&c, GCRY_MD_SHA384, GCRY_MD_FLAG_HMAC);
|
|
|
|
|
break;
|
|
|
|
|
case SSH_HMAC_SHA512:
|
|
|
|
|
gcry_md_open(&c, GCRY_MD_SHA512, GCRY_MD_FLAG_HMAC);
|
|
|
|
|
break;
|
2011-06-13 13:46:34 +02:00
|
|
|
case SSH_HMAC_MD5:
|
2010-05-14 01:22:22 +02:00
|
|
|
gcry_md_open(&c, GCRY_MD_MD5, GCRY_MD_FLAG_HMAC);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
c = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gcry_md_setkey(c, key, len);
|
|
|
|
|
|
|
|
|
|
return c;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void hmac_update(HMACCTX c, const void *data, unsigned long len) {
|
|
|
|
|
gcry_md_write(c, data, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void hmac_final(HMACCTX c, unsigned char *hashmacbuf, unsigned int *len) {
|
|
|
|
|
*len = gcry_md_get_algo_dlen(gcry_md_get_algo(c));
|
|
|
|
|
memcpy(hashmacbuf, gcry_md_read(c, 0), *len);
|
|
|
|
|
gcry_md_close(c);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* the wrapper functions for blowfish */
|
2011-09-17 00:20:45 +02:00
|
|
|
static int blowfish_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){
|
2010-05-14 01:22:22 +02:00
|
|
|
if (cipher->key == NULL) {
|
|
|
|
|
if (alloc_key(cipher) < 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_BLOWFISH,
|
|
|
|
|
GCRY_CIPHER_MODE_CBC, 0)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if (gcry_cipher_setkey(cipher->key[0], key, 16)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if (gcry_cipher_setiv(cipher->key[0], IV, 8)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
static void blowfish_encrypt(struct ssh_cipher_struct *cipher, void *in,
|
2010-05-14 01:22:22 +02:00
|
|
|
void *out, unsigned long len) {
|
|
|
|
|
gcry_cipher_encrypt(cipher->key[0], out, len, in, len);
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
static void blowfish_decrypt(struct ssh_cipher_struct *cipher, void *in,
|
2010-05-14 01:22:22 +02:00
|
|
|
void *out, unsigned long len) {
|
|
|
|
|
gcry_cipher_decrypt(cipher->key[0], out, len, in, len);
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
static int aes_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV) {
|
2010-05-14 01:22:22 +02:00
|
|
|
int mode=GCRY_CIPHER_MODE_CBC;
|
|
|
|
|
if (cipher->key == NULL) {
|
|
|
|
|
if (alloc_key(cipher) < 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if(strstr(cipher->name,"-ctr"))
|
|
|
|
|
mode=GCRY_CIPHER_MODE_CTR;
|
|
|
|
|
switch (cipher->keysize) {
|
|
|
|
|
case 128:
|
|
|
|
|
if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_AES128,
|
|
|
|
|
mode, 0)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 192:
|
|
|
|
|
if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_AES192,
|
|
|
|
|
mode, 0)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 256:
|
|
|
|
|
if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_AES256,
|
|
|
|
|
mode, 0)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (gcry_cipher_setkey(cipher->key[0], key, cipher->keysize / 8)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if(mode == GCRY_CIPHER_MODE_CBC){
|
|
|
|
|
if (gcry_cipher_setiv(cipher->key[0], IV, 16)) {
|
|
|
|
|
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if(gcry_cipher_setctr(cipher->key[0],IV,16)){
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
static void aes_encrypt(struct ssh_cipher_struct *cipher, void *in, void *out,
|
2010-05-14 01:22:22 +02:00
|
|
|
unsigned long len) {
|
|
|
|
|
gcry_cipher_encrypt(cipher->key[0], out, len, in, len);
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
static void aes_decrypt(struct ssh_cipher_struct *cipher, void *in, void *out,
|
2010-05-14 01:22:22 +02:00
|
|
|
unsigned long len) {
|
|
|
|
|
gcry_cipher_decrypt(cipher->key[0], out, len, in, len);
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
static int des3_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV) {
|
2010-05-14 01:22:22 +02:00
|
|
|
if (cipher->key == NULL) {
|
|
|
|
|
if (alloc_key(cipher) < 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_3DES,
|
|
|
|
|
GCRY_CIPHER_MODE_CBC, 0)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if (gcry_cipher_setkey(cipher->key[0], key, 24)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if (gcry_cipher_setiv(cipher->key[0], IV, 8)) {
|
|
|
|
|
SAFE_FREE(cipher->key);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
static void des3_encrypt(struct ssh_cipher_struct *cipher, void *in,
|
2010-05-14 01:22:22 +02:00
|
|
|
void *out, unsigned long len) {
|
|
|
|
|
gcry_cipher_encrypt(cipher->key[0], out, len, in, len);
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
static void des3_decrypt(struct ssh_cipher_struct *cipher, void *in,
|
2010-05-14 01:22:22 +02:00
|
|
|
void *out, unsigned long len) {
|
|
|
|
|
gcry_cipher_decrypt(cipher->key[0], out, len, in, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* the table of supported ciphers */
|
2011-09-17 00:20:45 +02:00
|
|
|
static struct ssh_cipher_struct ssh_ciphertab[] = {
|
2010-05-14 01:22:22 +02:00
|
|
|
{
|
|
|
|
|
.name = "blowfish-cbc",
|
|
|
|
|
.blocksize = 8,
|
|
|
|
|
.keylen = sizeof(gcry_cipher_hd_t),
|
|
|
|
|
.key = NULL,
|
|
|
|
|
.keysize = 128,
|
|
|
|
|
.set_encrypt_key = blowfish_set_key,
|
|
|
|
|
.set_decrypt_key = blowfish_set_key,
|
2014-08-15 10:16:05 +02:00
|
|
|
.encrypt = blowfish_encrypt,
|
|
|
|
|
.decrypt = blowfish_decrypt
|
2010-05-14 01:22:22 +02:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
.name = "aes128-ctr",
|
|
|
|
|
.blocksize = 16,
|
|
|
|
|
.keylen = sizeof(gcry_cipher_hd_t),
|
|
|
|
|
.key = NULL,
|
|
|
|
|
.keysize = 128,
|
|
|
|
|
.set_encrypt_key = aes_set_key,
|
|
|
|
|
.set_decrypt_key = aes_set_key,
|
2014-08-15 10:16:05 +02:00
|
|
|
.encrypt = aes_encrypt,
|
|
|
|
|
.decrypt = aes_encrypt
|
2010-05-14 01:22:22 +02:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
.name = "aes192-ctr",
|
|
|
|
|
.blocksize = 16,
|
|
|
|
|
.keylen = sizeof(gcry_cipher_hd_t),
|
|
|
|
|
.key = NULL,
|
|
|
|
|
.keysize = 192,
|
|
|
|
|
.set_encrypt_key = aes_set_key,
|
|
|
|
|
.set_decrypt_key = aes_set_key,
|
2014-08-15 10:16:05 +02:00
|
|
|
.encrypt = aes_encrypt,
|
|
|
|
|
.decrypt = aes_encrypt
|
2010-05-14 01:22:22 +02:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
.name = "aes256-ctr",
|
|
|
|
|
.blocksize = 16,
|
|
|
|
|
.keylen = sizeof(gcry_cipher_hd_t),
|
|
|
|
|
.key = NULL,
|
|
|
|
|
.keysize = 256,
|
|
|
|
|
.set_encrypt_key = aes_set_key,
|
|
|
|
|
.set_decrypt_key = aes_set_key,
|
2014-08-15 10:16:05 +02:00
|
|
|
.encrypt = aes_encrypt,
|
|
|
|
|
.decrypt = aes_encrypt
|
2010-05-14 01:22:22 +02:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
.name = "aes128-cbc",
|
|
|
|
|
.blocksize = 16,
|
|
|
|
|
.keylen = sizeof(gcry_cipher_hd_t),
|
|
|
|
|
.key = NULL,
|
|
|
|
|
.keysize = 128,
|
|
|
|
|
.set_encrypt_key = aes_set_key,
|
|
|
|
|
.set_decrypt_key = aes_set_key,
|
2014-08-15 10:16:05 +02:00
|
|
|
.encrypt = aes_encrypt,
|
|
|
|
|
.decrypt = aes_decrypt
|
2010-05-14 01:22:22 +02:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
.name = "aes192-cbc",
|
|
|
|
|
.blocksize = 16,
|
|
|
|
|
.keylen = sizeof(gcry_cipher_hd_t),
|
|
|
|
|
.key = NULL,
|
|
|
|
|
.keysize = 192,
|
|
|
|
|
.set_encrypt_key = aes_set_key,
|
|
|
|
|
.set_decrypt_key = aes_set_key,
|
2014-08-15 10:16:05 +02:00
|
|
|
.encrypt = aes_encrypt,
|
|
|
|
|
.decrypt = aes_decrypt
|
2010-05-14 01:22:22 +02:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
.name = "aes256-cbc",
|
|
|
|
|
.blocksize = 16,
|
|
|
|
|
.keylen = sizeof(gcry_cipher_hd_t),
|
|
|
|
|
.key = NULL,
|
|
|
|
|
.keysize = 256,
|
|
|
|
|
.set_encrypt_key = aes_set_key,
|
|
|
|
|
.set_decrypt_key = aes_set_key,
|
2014-08-15 10:16:05 +02:00
|
|
|
.encrypt = aes_encrypt,
|
|
|
|
|
.decrypt = aes_decrypt
|
2010-05-14 01:22:22 +02:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
.name = "3des-cbc",
|
|
|
|
|
.blocksize = 8,
|
|
|
|
|
.keylen = sizeof(gcry_cipher_hd_t),
|
|
|
|
|
.key = NULL,
|
|
|
|
|
.keysize = 192,
|
|
|
|
|
.set_encrypt_key = des3_set_key,
|
|
|
|
|
.set_decrypt_key = des3_set_key,
|
2014-08-15 10:16:05 +02:00
|
|
|
.encrypt = des3_encrypt,
|
|
|
|
|
.decrypt = des3_decrypt
|
2010-05-14 01:22:22 +02:00
|
|
|
},
|
2018-02-28 10:24:55 -06:00
|
|
|
{
|
|
|
|
|
.name = "chacha20-poly1305@openssh.com"
|
|
|
|
|
},
|
2010-05-14 01:22:22 +02:00
|
|
|
{
|
|
|
|
|
.name = NULL,
|
|
|
|
|
.blocksize = 0,
|
|
|
|
|
.keylen = 0,
|
|
|
|
|
.key = NULL,
|
|
|
|
|
.keysize = 0,
|
|
|
|
|
.set_encrypt_key = NULL,
|
|
|
|
|
.set_decrypt_key = NULL,
|
2014-08-15 10:16:05 +02:00
|
|
|
.encrypt = NULL,
|
|
|
|
|
.decrypt = NULL
|
2010-05-14 01:22:22 +02:00
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
2018-02-28 10:24:55 -06:00
|
|
|
void libgcrypt_init(void)
|
|
|
|
|
{
|
|
|
|
|
size_t i;
|
|
|
|
|
|
|
|
|
|
for (i = 0; ssh_ciphertab[i].name != NULL; i++) {
|
|
|
|
|
int cmp;
|
|
|
|
|
cmp = strcmp(ssh_ciphertab[i].name, "chacha20-poly1305@openssh.com");
|
|
|
|
|
if (cmp == 0) {
|
|
|
|
|
memcpy(&ssh_ciphertab[i],
|
2018-06-30 14:23:05 +02:00
|
|
|
ssh_get_chacha20poly1305_cipher(),
|
2018-02-28 10:24:55 -06:00
|
|
|
sizeof(struct ssh_cipher_struct));
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-17 00:20:45 +02:00
|
|
|
struct ssh_cipher_struct *ssh_get_ciphertab(void)
|
2011-09-15 11:04:00 +02:00
|
|
|
{
|
2010-05-14 01:22:22 +02:00
|
|
|
return ssh_ciphertab;
|
|
|
|
|
}
|
2011-09-15 11:04:00 +02:00
|
|
|
|
2016-03-29 13:06:59 +02:00
|
|
|
/*
|
|
|
|
|
* Extract an MPI from the given s-expression SEXP named NAME which is
|
|
|
|
|
* encoded using INFORMAT and store it in a newly allocated ssh_string
|
|
|
|
|
* encoded using OUTFORMAT.
|
|
|
|
|
*/
|
|
|
|
|
ssh_string ssh_sexp_extract_mpi(const gcry_sexp_t sexp,
|
|
|
|
|
const char *name,
|
|
|
|
|
enum gcry_mpi_format informat,
|
|
|
|
|
enum gcry_mpi_format outformat)
|
|
|
|
|
{
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
ssh_string result = NULL;
|
|
|
|
|
gcry_sexp_t fragment = NULL;
|
|
|
|
|
gcry_mpi_t mpi = NULL;
|
|
|
|
|
size_t size;
|
|
|
|
|
|
|
|
|
|
fragment = gcry_sexp_find_token(sexp, name, 0);
|
|
|
|
|
if (fragment == NULL) {
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mpi = gcry_sexp_nth_mpi(fragment, 1, informat);
|
|
|
|
|
if (mpi == NULL) {
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = gcry_mpi_print(outformat, NULL, 0, &size, mpi);
|
|
|
|
|
if (err != 0) {
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result = ssh_string_new(size);
|
|
|
|
|
if (result == NULL) {
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = gcry_mpi_print(outformat, ssh_string_data(result), size, NULL, mpi);
|
|
|
|
|
if (err != 0) {
|
|
|
|
|
ssh_string_burn(result);
|
|
|
|
|
ssh_string_free(result);
|
|
|
|
|
result = NULL;
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fail:
|
|
|
|
|
gcry_sexp_release(fragment);
|
|
|
|
|
gcry_mpi_release(mpi);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2010-05-14 01:22:22 +02:00
|
|
|
#endif
|
