aboutsummaryrefslogtreecommitdiff
path: root/libssh/crypt.c
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cynapses.org>2010-09-06 14:28:38 +0200
committerAndreas Schneider <asn@cynapses.org>2010-09-06 14:28:38 +0200
commitf7842e3a4b9acea2126ff725f993c299aef0e6db (patch)
tree18239f819a5edbcfc7f2961c48f3f9297314ef22 /libssh/crypt.c
parent38421403d2dc45636e597f2a909daa6ae31976de (diff)
downloadlibssh-f7842e3a4b9acea2126ff725f993c299aef0e6db.tar.gz
libssh-f7842e3a4b9acea2126ff725f993c299aef0e6db.tar.xz
libssh-f7842e3a4b9acea2126ff725f993c299aef0e6db.zip
misc: Rename libssh/ to src/
Diffstat (limited to 'libssh/crypt.c')
-rw-r--r--libssh/crypt.c216
1 files changed, 0 insertions, 216 deletions
diff --git a/libssh/crypt.c b/libssh/crypt.c
deleted file mode 100644
index 1085c4aa..00000000
--- a/libssh/crypt.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/*
- * crypt.c - blowfish-cbc code
- *
- * This file is part of the SSH Library
- *
- * Copyright (c) 2003 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING. If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#include "config.h"
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-
-#ifndef _WIN32
-#include <arpa/inet.h>
-#endif
-
-#ifdef OPENSSL_CRYPTO
-#include <openssl/blowfish.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#endif
-
-#include "libssh/priv.h"
-#include "libssh/session.h"
-#include "libssh/wrapper.h"
-#include "libssh/crypto.h"
-#include "libssh/buffer.h"
-
-uint32_t packet_decrypt_len(ssh_session session, char *crypted){
- uint32_t decrypted;
-
- if (session->current_crypto) {
- if (packet_decrypt(session, crypted,
- session->current_crypto->in_cipher->blocksize) < 0) {
- return 0;
- }
- }
-
- memcpy(&decrypted,crypted,sizeof(decrypted));
- ssh_log(session, SSH_LOG_PACKET,
- "Packet size decrypted: %lu (0x%lx)",
- (long unsigned int) ntohl(decrypted),
- (long unsigned int) ntohl(decrypted));
- return ntohl(decrypted);
-}
-
-int packet_decrypt(ssh_session session, void *data,uint32_t len) {
- struct crypto_struct *crypto = session->current_crypto->in_cipher;
- char *out = NULL;
- if(len % session->current_crypto->in_cipher->blocksize != 0){
- ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len);
- return SSH_ERROR;
- }
- out = malloc(len);
- if (out == NULL) {
- return -1;
- }
-
- ssh_log(session,SSH_LOG_PACKET, "Decrypting %d bytes", len);
-
-#ifdef HAVE_LIBGCRYPT
- if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey,
- session->current_crypto->decryptIV) < 0) {
- SAFE_FREE(out);
- return -1;
- }
- crypto->cbc_decrypt(crypto,data,out,len);
-#elif defined HAVE_LIBCRYPTO
- if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey) < 0) {
- SAFE_FREE(out);
- return -1;
- }
- crypto->cbc_decrypt(crypto,data,out,len,session->current_crypto->decryptIV);
-#endif
-
- memcpy(data,out,len);
- memset(out,0,len);
-
- SAFE_FREE(out);
- return 0;
-}
-
-unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
- struct crypto_struct *crypto = NULL;
- HMACCTX ctx = NULL;
- char *out = NULL;
- unsigned int finallen;
- uint32_t seq;
-
- if (!session->current_crypto) {
- return NULL; /* nothing to do here */
- }
- if(len % session->current_crypto->in_cipher->blocksize != 0){
- ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len);
- return NULL;
- }
- out = malloc(len);
- if (out == NULL) {
- return NULL;
- }
-
- seq = ntohl(session->send_seq);
- crypto = session->current_crypto->out_cipher;
-
- ssh_log(session, SSH_LOG_PACKET,
- "Encrypting packet with seq num: %d, len: %d",
- session->send_seq,len);
-
-#ifdef HAVE_LIBGCRYPT
- if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey,
- session->current_crypto->encryptIV) < 0) {
- SAFE_FREE(out);
- return NULL;
- }
-#elif defined HAVE_LIBCRYPTO
- if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey) < 0) {
- SAFE_FREE(out);
- return NULL;
- }
-#endif
-
- if (session->version == 2) {
- ctx = hmac_init(session->current_crypto->encryptMAC,20,HMAC_SHA1);
- if (ctx == NULL) {
- SAFE_FREE(out);
- return NULL;
- }
- hmac_update(ctx,(unsigned char *)&seq,sizeof(uint32_t));
- hmac_update(ctx,data,len);
- hmac_final(ctx,session->current_crypto->hmacbuf,&finallen);
-#ifdef DEBUG_CRYPTO
- ssh_print_hexa("mac: ",data,len);
- if (finallen != 20) {
- printf("Final len is %d\n",finallen);
- }
- ssh_print_hexa("Packet hmac", session->current_crypto->hmacbuf, 20);
-#endif
- }
-
-#ifdef HAVE_LIBGCRYPT
- crypto->cbc_encrypt(crypto, data, out, len);
-#elif defined HAVE_LIBCRYPTO
- crypto->cbc_encrypt(crypto, data, out, len,
- session->current_crypto->encryptIV);
-#endif
-
- memcpy(data, out, len);
- memset(out, 0, len);
- SAFE_FREE(out);
-
- if (session->version == 2) {
- return session->current_crypto->hmacbuf;
- }
-
- return NULL;
-}
-
-/**
- * @internal
- *
- * @brief Verify the hmac of a packet
- *
- * @param session The session to use.
- * @param buffer The buffer to verify the hmac from.
- * @param mac The mac to compare with the hmac.
- *
- * @return 0 if hmac and mac are equal, < 0 if not or an error
- * occurred.
- */
-int packet_hmac_verify(ssh_session session, ssh_buffer buffer,
- unsigned char *mac) {
- unsigned char hmacbuf[EVP_MAX_MD_SIZE] = {0};
- HMACCTX ctx;
- unsigned int len;
- uint32_t seq;
-
- ctx = hmac_init(session->current_crypto->decryptMAC, 20, HMAC_SHA1);
- if (ctx == NULL) {
- return -1;
- }
-
- seq = htonl(session->recv_seq);
-
- hmac_update(ctx, (unsigned char *) &seq, sizeof(uint32_t));
- hmac_update(ctx, ssh_buffer_get_begin(buffer), ssh_buffer_get_len(buffer));
- hmac_final(ctx, hmacbuf, &len);
-
-#ifdef DEBUG_CRYPTO
- ssh_print_hexa("received mac",mac,len);
- ssh_print_hexa("Computed mac",hmacbuf,len);
- ssh_print_hexa("seq",(unsigned char *)&seq,sizeof(uint32_t));
-#endif
- if (memcmp(mac, hmacbuf, len) == 0) {
- return 0;
- }
-
- return -1;
-}
-
-/* vim: set ts=2 sw=2 et cindent: */