Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame^] | 1 | /* |
| 2 | |
| 3 | cipher.h |
| 4 | |
| 5 | Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 6 | |
| 7 | Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 8 | All rights reserved |
| 9 | |
| 10 | Created: Wed Apr 19 16:50:42 1995 ylo |
| 11 | |
| 12 | */ |
| 13 | |
| 14 | /* RCSID("$Id: cipher.h,v 1.1 1999/10/27 03:42:44 damien Exp $"); */ |
| 15 | |
| 16 | #ifndef CIPHER_H |
| 17 | #define CIPHER_H |
| 18 | |
| 19 | #include <openssl/des.h> |
| 20 | #include <openssl/blowfish.h> |
| 21 | |
| 22 | /* Cipher types. New types can be added, but old types should not be removed |
| 23 | for compatibility. The maximum allowed value is 31. */ |
| 24 | #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
| 25 | #define SSH_CIPHER_NONE 0 /* no encryption */ |
| 26 | #define SSH_CIPHER_IDEA 1 /* IDEA CFB */ |
| 27 | #define SSH_CIPHER_DES 2 /* DES CBC */ |
| 28 | #define SSH_CIPHER_3DES 3 /* 3DES CBC */ |
| 29 | #define SSH_CIPHER_TSS 4 /* TRI's Simple Stream encryption CBC */ |
| 30 | #define SSH_CIPHER_RC4 5 /* Alleged RC4 */ |
| 31 | #define SSH_CIPHER_BLOWFISH 6 |
| 32 | |
| 33 | typedef struct { |
| 34 | unsigned int type; |
| 35 | union { |
| 36 | struct { |
| 37 | des_key_schedule key1; |
| 38 | des_key_schedule key2; |
| 39 | des_cblock iv2; |
| 40 | des_key_schedule key3; |
| 41 | des_cblock iv3; |
| 42 | } des3; |
| 43 | struct { |
| 44 | struct bf_key_st key; |
| 45 | unsigned char iv[8]; |
| 46 | } bf; |
| 47 | } u; |
| 48 | } CipherContext; |
| 49 | |
| 50 | /* Returns a bit mask indicating which ciphers are supported by this |
| 51 | implementation. The bit mask has the corresponding bit set of each |
| 52 | supported cipher. */ |
| 53 | unsigned int cipher_mask(); |
| 54 | |
| 55 | /* Returns the name of the cipher. */ |
| 56 | const char *cipher_name(int cipher); |
| 57 | |
| 58 | /* Parses the name of the cipher. Returns the number of the corresponding |
| 59 | cipher, or -1 on error. */ |
| 60 | int cipher_number(const char *name); |
| 61 | |
| 62 | /* Selects the cipher to use and sets the key. If for_encryption is true, |
| 63 | the key is setup for encryption; otherwise it is setup for decryption. */ |
| 64 | void cipher_set_key(CipherContext *context, int cipher, |
| 65 | const unsigned char *key, int keylen, int for_encryption); |
| 66 | |
| 67 | /* Sets key for the cipher by computing the MD5 checksum of the passphrase, |
| 68 | and using the resulting 16 bytes as the key. */ |
| 69 | void cipher_set_key_string(CipherContext *context, int cipher, |
| 70 | const char *passphrase, int for_encryption); |
| 71 | |
| 72 | /* Encrypts data using the cipher. */ |
| 73 | void cipher_encrypt(CipherContext *context, unsigned char *dest, |
| 74 | const unsigned char *src, unsigned int len); |
| 75 | |
| 76 | /* Decrypts data using the cipher. */ |
| 77 | void cipher_decrypt(CipherContext *context, unsigned char *dest, |
| 78 | const unsigned char *src, unsigned int len); |
| 79 | |
| 80 | /* If and CRC-32 attack is detected this function is called. Defaults |
| 81 | * to fatal, changed to packet_disconnect in sshd and ssh. */ |
| 82 | extern void (*cipher_attack_detected)(const char *fmt, ...); |
| 83 | |
| 84 | #endif /* CIPHER_H */ |