Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 1 | /* |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 2 | * |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 3 | * cipher.h |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 4 | * |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 5 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 6 | * |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 7 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 8 | * All rights reserved |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 9 | * |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 10 | * Created: Wed Apr 19 16:50:42 1995 ylo |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 11 | * |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 12 | */ |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 13 | |
Damien Miller | 6536c7d | 2000-06-22 21:32:31 +1000 | [diff] [blame] | 14 | /* RCSID("$OpenBSD: cipher.h,v 1.18 2000/06/20 01:39:40 markus Exp $"); */ |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 15 | |
| 16 | #ifndef CIPHER_H |
| 17 | #define CIPHER_H |
| 18 | |
| 19 | #include <openssl/des.h> |
| 20 | #include <openssl/blowfish.h> |
Damien Miller | b38eff8 | 2000-04-01 11:09:21 +1000 | [diff] [blame] | 21 | #include <openssl/rc4.h> |
| 22 | #include <openssl/cast.h> |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 23 | |
| 24 | /* Cipher types. New types can be added, but old types should not be removed |
| 25 | for compatibility. The maximum allowed value is 31. */ |
Damien Miller | 30c3d42 | 2000-05-09 11:02:59 +1000 | [diff] [blame] | 26 | #define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */ |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 27 | #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
| 28 | #define SSH_CIPHER_NONE 0 /* no encryption */ |
| 29 | #define SSH_CIPHER_IDEA 1 /* IDEA CFB */ |
| 30 | #define SSH_CIPHER_DES 2 /* DES CBC */ |
| 31 | #define SSH_CIPHER_3DES 3 /* 3DES CBC */ |
| 32 | #define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ |
| 33 | #define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 34 | #define SSH_CIPHER_BLOWFISH 6 |
Damien Miller | b38eff8 | 2000-04-01 11:09:21 +1000 | [diff] [blame] | 35 | #define SSH_CIPHER_RESERVED 7 |
| 36 | |
| 37 | /* these ciphers are used in SSH2: */ |
| 38 | #define SSH_CIPHER_BLOWFISH_CBC 8 |
| 39 | #define SSH_CIPHER_3DES_CBC 9 |
| 40 | #define SSH_CIPHER_ARCFOUR 10 /* Alleged RC4 */ |
| 41 | #define SSH_CIPHER_CAST128_CBC 11 |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 42 | |
| 43 | typedef struct { |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 44 | unsigned int type; |
| 45 | union { |
| 46 | struct { |
| 47 | des_key_schedule key1; |
| 48 | des_key_schedule key2; |
| 49 | des_cblock iv2; |
| 50 | des_key_schedule key3; |
| 51 | des_cblock iv3; |
| 52 | } des3; |
| 53 | struct { |
| 54 | struct bf_key_st key; |
| 55 | unsigned char iv[8]; |
| 56 | } bf; |
Damien Miller | b38eff8 | 2000-04-01 11:09:21 +1000 | [diff] [blame] | 57 | struct { |
| 58 | CAST_KEY key; |
| 59 | unsigned char iv[8]; |
| 60 | } cast; |
| 61 | RC4_KEY rc4; |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 62 | } u; |
| 63 | } CipherContext; |
Damien Miller | 5428f64 | 1999-11-25 11:54:57 +1100 | [diff] [blame] | 64 | /* |
| 65 | * Returns a bit mask indicating which ciphers are supported by this |
| 66 | * implementation. The bit mask has the corresponding bit set of each |
| 67 | * supported cipher. |
| 68 | */ |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 69 | unsigned int cipher_mask(); |
Damien Miller | 1383bd8 | 2000-04-06 12:32:37 +1000 | [diff] [blame] | 70 | unsigned int cipher_mask1(); |
| 71 | unsigned int cipher_mask2(); |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 72 | |
| 73 | /* Returns the name of the cipher. */ |
| 74 | const char *cipher_name(int cipher); |
| 75 | |
Damien Miller | 5428f64 | 1999-11-25 11:54:57 +1100 | [diff] [blame] | 76 | /* |
| 77 | * Parses the name of the cipher. Returns the number of the corresponding |
| 78 | * cipher, or -1 on error. |
| 79 | */ |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 80 | int cipher_number(const char *name); |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 81 | |
Damien Miller | 7892879 | 2000-04-12 20:17:38 +1000 | [diff] [blame] | 82 | /* returns 1 if all ciphers are supported (ssh2 only) */ |
| 83 | int ciphers_valid(const char *names); |
| 84 | |
Damien Miller | 5428f64 | 1999-11-25 11:54:57 +1100 | [diff] [blame] | 85 | /* |
| 86 | * Selects the cipher to use and sets the key. If for_encryption is true, |
| 87 | * the key is setup for encryption; otherwise it is setup for decryption. |
| 88 | */ |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 89 | void |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 90 | cipher_set_key(CipherContext * context, int cipher, |
Damien Miller | 1383bd8 | 2000-04-06 12:32:37 +1000 | [diff] [blame] | 91 | const unsigned char *key, int keylen); |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 92 | void |
Damien Miller | b38eff8 | 2000-04-01 11:09:21 +1000 | [diff] [blame] | 93 | cipher_set_key_iv(CipherContext * context, int cipher, |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 94 | const unsigned char *key, int keylen, |
Damien Miller | b38eff8 | 2000-04-01 11:09:21 +1000 | [diff] [blame] | 95 | const unsigned char *iv, int ivlen); |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 96 | |
Damien Miller | 5428f64 | 1999-11-25 11:54:57 +1100 | [diff] [blame] | 97 | /* |
| 98 | * Sets key for the cipher by computing the MD5 checksum of the passphrase, |
| 99 | * and using the resulting 16 bytes as the key. |
| 100 | */ |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 101 | void |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 102 | cipher_set_key_string(CipherContext * context, int cipher, |
Damien Miller | 1383bd8 | 2000-04-06 12:32:37 +1000 | [diff] [blame] | 103 | const char *passphrase); |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 104 | |
| 105 | /* Encrypts data using the cipher. */ |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 106 | void |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 107 | cipher_encrypt(CipherContext * context, unsigned char *dest, |
| 108 | const unsigned char *src, unsigned int len); |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 109 | |
| 110 | /* Decrypts data using the cipher. */ |
Damien Miller | 4af5130 | 2000-04-16 11:18:38 +1000 | [diff] [blame] | 111 | void |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 112 | cipher_decrypt(CipherContext * context, unsigned char *dest, |
| 113 | const unsigned char *src, unsigned int len); |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 114 | |
Damien Miller | 95def09 | 1999-11-25 00:26:21 +1100 | [diff] [blame] | 115 | #endif /* CIPHER_H */ |