aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDirkjan Bussink <d.bussink@gmail.com>2020-12-22 19:54:14 +0100
committerJakub Jelen <jjelen@redhat.com>2021-01-11 10:45:22 +0100
commit710815674a907116c1864dd29c804039cd392616 (patch)
treee96c17823f6664619d7c4858c95f0a232dcfcf2c
parent816f06e172d5744b2721e1c94863fb76b4313e5e (diff)
downloadlibssh-710815674a907116c1864dd29c804039cd392616.tar.gz
libssh-710815674a907116c1864dd29c804039cd392616.tar.xz
libssh-710815674a907116c1864dd29c804039cd392616.zip
Cleanup AES compatibility code
OpenSSL 1.0.1 has support for CTR & GCM modes so the checks here are no longer needed. This allows for a bunch of additional cleanup of the old code. As for old MacOS versions etc, LibreSSL is a kind of compatibility layer there but things already don't work anyway with that, so it doesn't break anything that isn't already broken. OpenSSL is needed on MacOS separately anyway (like installed with Homebrew). Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
-rw-r--r--ConfigureChecks.cmake16
-rw-r--r--config.h.cmake12
-rw-r--r--src/kex.c6
-rw-r--r--src/libcrypto.c125
4 files changed, 1 insertions, 158 deletions
diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
index c0cce91b..3bc9edca 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -102,22 +102,6 @@ if (OPENSSL_FOUND)
set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARIES})
- check_function_exists(EVP_aes_128_ctr HAVE_OPENSSL_EVP_AES_CTR)
-
- set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
- set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARIES})
- check_function_exists(EVP_aes_128_cbc HAVE_OPENSSL_EVP_AES_CBC)
-
- set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
- set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARIES})
- check_function_exists(EVP_aes_128_gcm HAVE_OPENSSL_EVP_AES_GCM)
-
- set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
- set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARIES})
- check_function_exists(CRYPTO_ctr128_encrypt HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT)
-
- set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
- set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARIES})
check_function_exists(EVP_KDF_CTX_new_id HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID)
set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
diff --git a/config.h.cmake b/config.h.cmake
index 12e0b73f..34690304 100644
--- a/config.h.cmake
+++ b/config.h.cmake
@@ -111,21 +111,9 @@
/*************************** FUNCTIONS ***************************/
-/* Define to 1 if you have the `EVP_aes128_ctr' function. */
-#cmakedefine HAVE_OPENSSL_EVP_AES_CTR 1
-
-/* Define to 1 if you have the `EVP_aes128_cbc' function. */
-#cmakedefine HAVE_OPENSSL_EVP_AES_CBC 1
-
-/* Define to 1 if you have the `EVP_aes128_gcm' function. */
-#cmakedefine HAVE_OPENSSL_EVP_AES_GCM 1
-
/* Define to 1 if you have the `EVP_chacha20' function. */
#cmakedefine HAVE_OPENSSL_EVP_CHACHA20 1
-/* Define to 1 if you have the `CRYPTO_ctr128_encrypt' function. */
-#cmakedefine HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT 1
-
/* Define to 1 if you have the `EVP_KDF_CTX_new_id' function. */
#cmakedefine HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID 1
diff --git a/src/kex.c b/src/kex.c
index 98558e97..d2ee93ba 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -75,11 +75,7 @@
#elif defined(HAVE_LIBCRYPTO)
# ifdef HAVE_OPENSSL_AES_H
-# ifdef HAVE_OPENSSL_EVP_AES_GCM
-# define GCM "aes256-gcm@openssh.com,aes128-gcm@openssh.com,"
-# else
-# define GCM ""
-# endif /* HAVE_OPENSSL_EVP_AES_GCM */
+# define GCM "aes256-gcm@openssh.com,aes128-gcm@openssh.com,"
# define AES GCM "aes256-ctr,aes192-ctr,aes128-ctr,"
# define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
# else /* HAVE_OPENSSL_AES_H */
diff --git a/src/libcrypto.c b/src/libcrypto.c
index b2d5fc93..c5c0eac5 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -71,10 +71,6 @@
#include <openssl/kdf.h>
#endif
-#ifdef HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT
-#include <openssl/modes.h>
-#endif
-
#include "libssh/crypto.h"
static int libcrypto_initialized = 0;
@@ -496,7 +492,6 @@ static void evp_cipher_init(struct ssh_cipher_struct *cipher)
case SSH_AES256_CBC:
cipher->cipher = EVP_aes_256_cbc();
break;
-#ifdef HAVE_OPENSSL_EVP_AES_CTR
case SSH_AES128_CTR:
cipher->cipher = EVP_aes_128_ctr();
break;
@@ -506,26 +501,12 @@ static void evp_cipher_init(struct ssh_cipher_struct *cipher)
case SSH_AES256_CTR:
cipher->cipher = EVP_aes_256_ctr();
break;
-#else
- case SSH_AES128_CTR:
- case SSH_AES192_CTR:
- case SSH_AES256_CTR:
- SSH_LOG(SSH_LOG_WARNING, "This cipher is not available in evp_cipher_init");
- break;
-#endif
-#ifdef HAVE_OPENSSL_EVP_AES_GCM
case SSH_AEAD_AES128_GCM:
cipher->cipher = EVP_aes_128_gcm();
break;
case SSH_AEAD_AES256_GCM:
cipher->cipher = EVP_aes_256_gcm();
break;
-#else
- case SSH_AEAD_AES128_GCM:
- case SSH_AEAD_AES256_GCM:
- SSH_LOG(SSH_LOG_WARNING, "This cipher is not available in evp_cipher_init");
- break;
-#endif /* HAVE_OPENSSL_EVP_AES_GCM */
case SSH_3DES_CBC:
cipher->cipher = EVP_des_ede3_cbc();
break;
@@ -557,7 +538,6 @@ static int evp_cipher_set_encrypt_key(struct ssh_cipher_struct *cipher,
return SSH_ERROR;
}
-#ifdef HAVE_OPENSSL_EVP_AES_GCM
/* For AES-GCM we need to set IV in specific way */
if (cipher->ciphertype == SSH_AEAD_AES128_GCM ||
cipher->ciphertype == SSH_AEAD_AES256_GCM) {
@@ -570,7 +550,6 @@ static int evp_cipher_set_encrypt_key(struct ssh_cipher_struct *cipher,
return SSH_ERROR;
}
}
-#endif /* HAVE_OPENSSL_EVP_AES_GCM */
EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
@@ -589,7 +568,6 @@ static int evp_cipher_set_decrypt_key(struct ssh_cipher_struct *cipher,
return SSH_ERROR;
}
-#ifdef HAVE_OPENSSL_EVP_AES_GCM
/* For AES-GCM we need to set IV in specific way */
if (cipher->ciphertype == SSH_AEAD_AES128_GCM ||
cipher->ciphertype == SSH_AEAD_AES256_GCM) {
@@ -602,7 +580,6 @@ static int evp_cipher_set_decrypt_key(struct ssh_cipher_struct *cipher,
return SSH_ERROR;
}
}
-#endif /* HAVE_OPENSSL_EVP_AES_GCM */
EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
@@ -668,68 +645,6 @@ static void evp_cipher_cleanup(struct ssh_cipher_struct *cipher) {
}
}
-#ifndef HAVE_OPENSSL_EVP_AES_CTR
-/* Some OS (osx, OpenIndiana, ...) have no support for CTR ciphers in EVP_aes */
-
-struct ssh_aes_key_schedule {
- AES_KEY key;
- uint8_t IV[AES_BLOCK_SIZE];
-};
-
-static int aes_ctr_set_key(struct ssh_cipher_struct *cipher, void *key,
- void *IV) {
- int rc;
-
- if (cipher->aes_key == NULL) {
- cipher->aes_key = malloc(sizeof (struct ssh_aes_key_schedule));
- }
- if (cipher->aes_key == NULL) {
- return SSH_ERROR;
- }
- ZERO_STRUCTP(cipher->aes_key);
- /* CTR doesn't need a decryption key */
- rc = AES_set_encrypt_key(key, cipher->keysize, &cipher->aes_key->key);
- if (rc < 0) {
- SAFE_FREE(cipher->aes_key);
- return SSH_ERROR;
- }
- memcpy(cipher->aes_key->IV, IV, AES_BLOCK_SIZE);
- return SSH_OK;
-}
-
-static void
-aes_ctr_encrypt(struct ssh_cipher_struct *cipher,
- void *in,
- void *out,
- size_t len)
-{
- unsigned char tmp_buffer[AES_BLOCK_SIZE];
- unsigned int num=0;
- /* Some things are special with ctr128 :
- * In this case, tmp_buffer is not being used, because it is used to store temporary data
- * when an encryption is made on lengths that are not multiple of blocksize.
- * Same for num, which is being used to store the current offset in blocksize in CTR
- * function.
- */
-#ifdef HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT
- CRYPTO_ctr128_encrypt(in, out, len, &cipher->aes_key->key, cipher->aes_key->IV, tmp_buffer, &num, (block128_f)AES_encrypt);
-#else
- AES_ctr128_encrypt(in, out, len, &cipher->aes_key->key, cipher->aes_key->IV, tmp_buffer, &num);
-#endif /* HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT */
-}
-
-static void aes_ctr_cleanup(struct ssh_cipher_struct *cipher){
- if (cipher != NULL) {
- if (cipher->aes_key != NULL) {
- explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key));
- }
- SAFE_FREE(cipher->aes_key);
- }
-}
-
-#endif /* HAVE_OPENSSL_EVP_AES_CTR */
-
-#ifdef HAVE_OPENSSL_EVP_AES_GCM
static int
evp_cipher_aead_get_length(struct ssh_cipher_struct *cipher,
void *in,
@@ -900,8 +815,6 @@ evp_cipher_aead_decrypt(struct ssh_cipher_struct *cipher,
return SSH_OK;
}
-#endif /* HAVE_OPENSSL_EVP_AES_GCM */
-
#if defined(HAVE_OPENSSL_EVP_CHACHA20) && defined(HAVE_OPENSSL_EVP_POLY1305)
struct chacha20_poly1305_keysched {
@@ -1311,7 +1224,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
},
#endif
#ifdef HAS_AES
-#ifdef HAVE_OPENSSL_EVP_AES_CTR
{
.name = "aes128-ctr",
.blocksize = AES_BLOCK_SIZE,
@@ -1345,41 +1257,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
.decrypt = evp_cipher_decrypt,
.cleanup = evp_cipher_cleanup
},
-#else /* HAVE_OPENSSL_EVP_AES_CTR */
- {
- .name = "aes128-ctr",
- .blocksize = AES_BLOCK_SIZE,
- .ciphertype = SSH_AES128_CTR,
- .keysize = 128,
- .set_encrypt_key = aes_ctr_set_key,
- .set_decrypt_key = aes_ctr_set_key,
- .encrypt = aes_ctr_encrypt,
- .decrypt = aes_ctr_encrypt,
- .cleanup = aes_ctr_cleanup
- },
- {
- .name = "aes192-ctr",
- .blocksize = AES_BLOCK_SIZE,
- .ciphertype = SSH_AES192_CTR,
- .keysize = 192,
- .set_encrypt_key = aes_ctr_set_key,
- .set_decrypt_key = aes_ctr_set_key,
- .encrypt = aes_ctr_encrypt,
- .decrypt = aes_ctr_encrypt,
- .cleanup = aes_ctr_cleanup
- },
- {
- .name = "aes256-ctr",
- .blocksize = AES_BLOCK_SIZE,
- .ciphertype = SSH_AES256_CTR,
- .keysize = 256,
- .set_encrypt_key = aes_ctr_set_key,
- .set_decrypt_key = aes_ctr_set_key,
- .encrypt = aes_ctr_encrypt,
- .decrypt = aes_ctr_encrypt,
- .cleanup = aes_ctr_cleanup
- },
-#endif /* HAVE_OPENSSL_EVP_AES_CTR */
{
.name = "aes128-cbc",
.blocksize = AES_BLOCK_SIZE,
@@ -1413,7 +1290,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
.decrypt = evp_cipher_decrypt,
.cleanup = evp_cipher_cleanup
},
-#ifdef HAVE_OPENSSL_EVP_AES_GCM
{
.name = "aes128-gcm@openssh.com",
.blocksize = AES_BLOCK_SIZE,
@@ -1442,7 +1318,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
.aead_decrypt = evp_cipher_aead_decrypt,
.cleanup = evp_cipher_cleanup
},
-#endif /* HAVE_OPENSSL_EVP_AES_GCM */
#endif /* HAS_AES */
#ifdef HAS_DES
{