void cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) { const Cipher *c = cc->cipher; int evplen; switch (c->number) { case SSH_CIPHER_NONE: case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen <= 0) return; if ((u_int)evplen != len) fatal("%s: wrong iv length %d != %d", __func__, evplen, len); if (cipher_authlen(c)) { if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN, len, iv)) fatal("%s: EVP_CTRL_GCM_IV_GEN", __func__); } else memcpy(iv, cc->evp.iv, len); break; case SSH_CIPHER_3DES: ssh1_3des_iv(&cc->evp, 0, iv, 24); break; default: fatal("%s: bad cipher %d", __func__, c->number); } }
void cipher_set_keyiv(CipherContext *cc, u_char *iv) { const Cipher *c = cc->cipher; int evplen = 0; switch (c->number) { case SSH_CIPHER_NONE: case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen == 0) return; if (cipher_authlen(c)) { if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_SET_IV_FIXED, -1, iv)) fatal("%s: EVP_CTRL_GCM_SET_IV_FIXED failed", __func__); } else memcpy(cc->evp.iv, iv, evplen); break; case SSH_CIPHER_3DES: ssh1_3des_iv(&cc->evp, 1, iv, 24); break; default: fatal("%s: bad cipher %d", __func__, c->number); } }
void cipher_set_keyiv(CipherContext *cc, u_char *iv) { Cipher *c = cc->cipher; int evplen = 0; switch (c->number) { case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen == 0) return; #ifdef USE_BUILTIN_RIJNDAEL if (c->evptype == evp_rijndael) ssh_rijndael_iv(&cc->evp, 1, iv, evplen); else #endif if (c->evptype == evp_aes_128_ctr) ssh_aes_ctr_iv(&cc->evp, 1, iv, evplen); else memcpy(cc->evp.iv, iv, evplen); break; case SSH_CIPHER_3DES: ssh1_3des_iv(&cc->evp, 1, iv, 24); break; default: fatal("%s: bad cipher %d", __func__, c->number); } }
void cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) { Cipher *c = cc->cipher; int evplen; switch (c->number) { case SSH_CIPHER_NONE: case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen <= 0) return; if ((u_int)evplen != len) fatal("%s: wrong iv length %d != %d", __func__, evplen, len); if (c->evptype == evp_aes_128_ctr) ssh_aes_ctr_iv(&cc->evp, 0, iv, len); else memcpy(iv, cc->evp.iv, len); break; case SSH_CIPHER_3DES: ssh1_3des_iv(&cc->evp, 0, iv, 24); break; default: fatal("%s: bad cipher %d", __func__, c->number); } }
int cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) { struct sshcipher *c = cc->cipher; int evplen; switch (c->number) { case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen == 0) return 0; else if (evplen < 0) return SSH_ERR_LIBCRYPTO_ERROR; if ((u_int)evplen != len) return SSH_ERR_INVALID_ARGUMENT; if (c->evptype == evp_aes_128_ctr) return ssh_aes_ctr_iv(&cc->evp, 0, iv, len); else memcpy(iv, cc->evp.iv, len); return 0; case SSH_CIPHER_3DES: return ssh1_3des_iv(&cc->evp, 0, iv, 24); default: return SSH_ERR_INVALID_ARGUMENT; } }
int cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) { const struct sshcipher *c = cc->cipher; #ifdef WITH_OPENSSL int evplen; #endif if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { if (len != 0) return SSH_ERR_INVALID_ARGUMENT; return 0; } if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { if (len != sizeof(cc->ac_ctx.ctr)) return SSH_ERR_INVALID_ARGUMENT; memcpy(iv, cc->ac_ctx.ctr, len); return 0; } if ((cc->cipher->flags & CFLAG_NONE) != 0) return 0; switch (c->number) { #ifdef WITH_OPENSSL case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen == 0) return 0; else if (evplen < 0) return SSH_ERR_LIBCRYPTO_ERROR; if ((u_int)evplen != len) return SSH_ERR_INVALID_ARGUMENT; #ifndef OPENSSL_HAVE_EVPCTR if (c->evptype == evp_aes_128_ctr) ssh_aes_ctr_iv(&cc->evp, 0, iv, len); else #endif if (cipher_authlen(c)) { if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN, len, iv)) return SSH_ERR_LIBCRYPTO_ERROR; } else memcpy(iv, cc->evp.iv, len); break; #endif #ifdef WITH_SSH1 case SSH_CIPHER_3DES: return ssh1_3des_iv(&cc->evp, 0, iv, 24); #endif default: return SSH_ERR_INVALID_ARGUMENT; } return 0; }
void cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) { const Cipher *c = cc->cipher; int evplen; if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { if (len != 0) fatal("%s: wrong iv length %d != %d", __func__, len, 0); return; } switch (c->number) { #ifdef NONE_CIPHER_ENABLED case SSH_CIPHER_NONE: #endif case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen <= 0) return; if ((u_int)evplen != len) fatal("%s: wrong iv length %d != %d", __func__, evplen, len); #ifdef USE_BUILTIN_RIJNDAEL if (c->evptype == evp_rijndael) ssh_rijndael_iv(&cc->evp, 0, iv, len); else #endif #ifndef OPENSSL_HAVE_EVPCTR if (c->evptype == evp_aes_128_ctr) ssh_aes_ctr_iv(&cc->evp, 0, iv, len); else #endif memcpy(iv, cc->evp.iv, len); break; case SSH_CIPHER_3DES: ssh1_3des_iv(&cc->evp, 0, iv, 24); break; default: fatal("%s: bad cipher %d", __func__, c->number); } }
int cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) { const struct sshcipher *c = cc->cipher; #ifdef WITH_OPENSSL int evplen = 0; #endif if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) return 0; if ((cc->cipher->flags & CFLAG_NONE) != 0) return 0; switch (c->number) { #ifdef WITH_OPENSSL case SSH_CIPHER_NONE: case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(cc->evp); if (evplen <= 0) return SSH_ERR_LIBCRYPTO_ERROR; if (cipher_authlen(c)) { /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_SET_IV_FIXED, -1, __UNCONST(iv))) return SSH_ERR_LIBCRYPTO_ERROR; } else memcpy(cc->evp->iv, iv, evplen); break; #endif #ifdef WITH_SSH1 case SSH_CIPHER_3DES: return ssh1_3des_iv(cc->evp, 1, __UNCONST(iv), 24); #endif default: return SSH_ERR_INVALID_ARGUMENT; } return 0; }
int cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) { struct sshcipher *c = cc->cipher; int evplen = 0; switch (c->number) { case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen <= 0) return SSH_ERR_LIBCRYPTO_ERROR; if (c->evptype == evp_aes_128_ctr) return ssh_aes_ctr_iv(&cc->evp, 1, (u_char *)iv, evplen); else memcpy(cc->evp.iv, iv, evplen); return 0; case SSH_CIPHER_3DES: return ssh1_3des_iv(&cc->evp, 1, (u_char *)iv, 24); default: return SSH_ERR_INVALID_ARGUMENT; } }