1d059297112922cabb0c674840589be8db821fd9aAdam Langley/* $OpenBSD: cipher.h,v 1.47 2015/01/14 10:24:42 markus Exp $ */ 2bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 3bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman/* 4bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * Author: Tatu Ylonen <ylo@cs.hut.fi> 5bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 6bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * All rights reserved 7bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 8bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * As far as I am concerned, the code I have written for this software 9bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * can be used freely for any purpose. Any derived versions of this 10bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * software must be clearly marked as such, and if the derived work is 11bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * incompatible with the protocol description in the RFC file, it must be 12bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * called by a name other than "ssh" or "Secure Shell". 13bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 14bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * Copyright (c) 2000 Markus Friedl. All rights reserved. 15bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 16bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * Redistribution and use in source and binary forms, with or without 17bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * modification, are permitted provided that the following conditions 18bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * are met: 19bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 1. Redistributions of source code must retain the above copyright 20bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * notice, this list of conditions and the following disclaimer. 21bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 2. Redistributions in binary form must reproduce the above copyright 22bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * notice, this list of conditions and the following disclaimer in the 23bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * documentation and/or other materials provided with the distribution. 24bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 25bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 26bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 27bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 28bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 29bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 30bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 31bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 32bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 33bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman */ 36bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 37bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#ifndef CIPHER_H 38bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define CIPHER_H 39bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 40d059297112922cabb0c674840589be8db821fd9aAdam Langley#include <sys/types.h> 41bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#include <openssl/evp.h> 42d059297112922cabb0c674840589be8db821fd9aAdam Langley#include "cipher-chachapoly.h" 43d059297112922cabb0c674840589be8db821fd9aAdam Langley#include "cipher-aesctr.h" 44d059297112922cabb0c674840589be8db821fd9aAdam Langley 45bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman/* 46bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * Cipher types for SSH-1. New types can be added, but old types should not 47bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * be removed for compatibility. The maximum allowed value is 31. 48bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman */ 49bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_SSH2 -3 50bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_INVALID -2 /* No valid cipher selected. */ 51bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ 52bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_NONE 0 /* no encryption */ 53bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_IDEA 1 /* IDEA CFB */ 54bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_DES 2 /* DES CBC */ 55bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_3DES 3 /* 3DES CBC */ 56bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ 57bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ 58bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_BLOWFISH 6 59bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_RESERVED 7 60bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define SSH_CIPHER_MAX 31 61bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 62bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define CIPHER_ENCRYPT 1 63bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#define CIPHER_DECRYPT 0 64bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 65d059297112922cabb0c674840589be8db821fd9aAdam Langleystruct sshcipher; 66d059297112922cabb0c674840589be8db821fd9aAdam Langleystruct sshcipher_ctx { 67bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman int plaintext; 68d059297112922cabb0c674840589be8db821fd9aAdam Langley int encrypt; 69bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman EVP_CIPHER_CTX evp; 70d059297112922cabb0c674840589be8db821fd9aAdam Langley struct chachapoly_ctx cp_ctx; /* XXX union with evp? */ 71d059297112922cabb0c674840589be8db821fd9aAdam Langley struct aesctr_ctx ac_ctx; /* XXX union with evp? */ 72d059297112922cabb0c674840589be8db821fd9aAdam Langley const struct sshcipher *cipher; 73bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman}; 74bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 75d059297112922cabb0c674840589be8db821fd9aAdam Langleytypedef struct sshcipher Cipher; 76d059297112922cabb0c674840589be8db821fd9aAdam Langleytypedef struct sshcipher_ctx CipherContext; 77d059297112922cabb0c674840589be8db821fd9aAdam Langley 78bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartmanu_int cipher_mask_ssh1(int); 79d059297112922cabb0c674840589be8db821fd9aAdam Langleyconst struct sshcipher *cipher_by_name(const char *); 80d059297112922cabb0c674840589be8db821fd9aAdam Langleyconst struct sshcipher *cipher_by_number(int); 81bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartmanint cipher_number(const char *); 82bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartmanchar *cipher_name(int); 83d059297112922cabb0c674840589be8db821fd9aAdam Langleyconst char *cipher_warning_message(const struct sshcipher_ctx *); 84bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartmanint ciphers_valid(const char *); 85d059297112922cabb0c674840589be8db821fd9aAdam Langleychar *cipher_alg_list(char, int); 86d059297112922cabb0c674840589be8db821fd9aAdam Langleyint cipher_init(struct sshcipher_ctx *, const struct sshcipher *, 87d059297112922cabb0c674840589be8db821fd9aAdam Langley const u_char *, u_int, const u_char *, u_int, int); 88d059297112922cabb0c674840589be8db821fd9aAdam Langleyint cipher_crypt(struct sshcipher_ctx *, u_int, u_char *, const u_char *, 89d059297112922cabb0c674840589be8db821fd9aAdam Langley u_int, u_int, u_int); 90d059297112922cabb0c674840589be8db821fd9aAdam Langleyint cipher_get_length(struct sshcipher_ctx *, u_int *, u_int, 91d059297112922cabb0c674840589be8db821fd9aAdam Langley const u_char *, u_int); 92d059297112922cabb0c674840589be8db821fd9aAdam Langleyint cipher_cleanup(struct sshcipher_ctx *); 93d059297112922cabb0c674840589be8db821fd9aAdam Langleyint cipher_set_key_string(struct sshcipher_ctx *, const struct sshcipher *, 94d059297112922cabb0c674840589be8db821fd9aAdam Langley const char *, int); 95d059297112922cabb0c674840589be8db821fd9aAdam Langleyu_int cipher_blocksize(const struct sshcipher *); 96d059297112922cabb0c674840589be8db821fd9aAdam Langleyu_int cipher_keylen(const struct sshcipher *); 97d059297112922cabb0c674840589be8db821fd9aAdam Langleyu_int cipher_seclen(const struct sshcipher *); 98d059297112922cabb0c674840589be8db821fd9aAdam Langleyu_int cipher_authlen(const struct sshcipher *); 99d059297112922cabb0c674840589be8db821fd9aAdam Langleyu_int cipher_ivlen(const struct sshcipher *); 100d059297112922cabb0c674840589be8db821fd9aAdam Langleyu_int cipher_is_cbc(const struct sshcipher *); 101bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 102d059297112922cabb0c674840589be8db821fd9aAdam Langleyu_int cipher_get_number(const struct sshcipher *); 103d059297112922cabb0c674840589be8db821fd9aAdam Langleyint cipher_get_keyiv(struct sshcipher_ctx *, u_char *, u_int); 104d059297112922cabb0c674840589be8db821fd9aAdam Langleyint cipher_set_keyiv(struct sshcipher_ctx *, const u_char *); 105d059297112922cabb0c674840589be8db821fd9aAdam Langleyint cipher_get_keyiv_len(const struct sshcipher_ctx *); 106d059297112922cabb0c674840589be8db821fd9aAdam Langleyint cipher_get_keycontext(const struct sshcipher_ctx *, u_char *); 107d059297112922cabb0c674840589be8db821fd9aAdam Langleyvoid cipher_set_keycontext(struct sshcipher_ctx *, const u_char *); 108bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#endif /* CIPHER_H */ 109