void cipher_set_keyiv(CipherContext *cc, u_char *iv) { Cipher *c = cc->cipher; int evplen = 0; switch (c->number) { case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen == 0) return; #ifdef USE_BUILTIN_RIJNDAEL if (c->evptype == evp_rijndael) ssh_rijndael_iv(&cc->evp, 1, iv, evplen); else #endif if (c->evptype == evp_aes_128_ctr) ssh_aes_ctr_iv(&cc->evp, 1, iv, evplen); else memcpy(cc->evp.iv, iv, evplen); break; case SSH_CIPHER_3DES: ssh1_3des_iv(&cc->evp, 1, iv, 24); break; default: fatal("%s: bad cipher %d", __func__, c->number); } }
void cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) { const Cipher *c = cc->cipher; int evplen; if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { if (len != 0) fatal("%s: wrong iv length %d != %d", __func__, len, 0); return; } switch (c->number) { #ifdef NONE_CIPHER_ENABLED case SSH_CIPHER_NONE: #endif case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen <= 0) return; if ((u_int)evplen != len) fatal("%s: wrong iv length %d != %d", __func__, evplen, len); #ifdef USE_BUILTIN_RIJNDAEL if (c->evptype == evp_rijndael) ssh_rijndael_iv(&cc->evp, 0, iv, len); else #endif #ifndef OPENSSL_HAVE_EVPCTR if (c->evptype == evp_aes_128_ctr) ssh_aes_ctr_iv(&cc->evp, 0, iv, len); else #endif memcpy(iv, cc->evp.iv, len); break; case SSH_CIPHER_3DES: ssh1_3des_iv(&cc->evp, 0, iv, 24); break; default: fatal("%s: bad cipher %d", __func__, c->number); } }