diff options
author | Aris Adamantiadis <aris@0xbadc0de.be> | 2010-02-09 22:24:04 +0100 |
---|---|---|
committer | Aris Adamantiadis <aris@0xbadc0de.be> | 2010-02-09 22:24:04 +0100 |
commit | fdfd12716e14d575a00bb5ce4289ac7984a227ba (patch) | |
tree | dbb0c424846cd579620beeca0e9ff334644f628c /libssh | |
parent | dc0d945f28fd3ff8f7c4cf90abeb6853b75b4aec (diff) | |
download | libssh-fdfd12716e14d575a00bb5ce4289ac7984a227ba.tar.gz libssh-fdfd12716e14d575a00bb5ce4289ac7984a227ba.tar.xz libssh-fdfd12716e14d575a00bb5ce4289ac7984a227ba.zip |
aes128-ctr aes192-ctr aes256-ctr for libgcrypt
Diffstat (limited to 'libssh')
-rw-r--r-- | libssh/kex.c | 2 | ||||
-rw-r--r-- | libssh/wrapper.c | 57 |
2 files changed, 51 insertions, 8 deletions
diff --git a/libssh/kex.c b/libssh/kex.c index d0753b82..5d1c9cb0 100644 --- a/libssh/kex.c +++ b/libssh/kex.c @@ -44,7 +44,7 @@ #ifdef HAVE_LIBGCRYPT #define BLOWFISH "blowfish-cbc," -#define AES "aes256-cbc,aes192-cbc,aes128-cbc," +#define AES "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc," #define DES "3des-cbc" #elif defined HAVE_LIBCRYPTO #ifdef HAVE_OPENSSL_BLOWFISH_H diff --git a/libssh/wrapper.c b/libssh/wrapper.c index b7de1532..991a7c21 100644 --- a/libssh/wrapper.c +++ b/libssh/wrapper.c @@ -157,29 +157,31 @@ static void blowfish_decrypt(struct crypto_struct *cipher, void *in, } static int aes_set_key(struct crypto_struct *cipher, void *key, void *IV) { + int mode=GCRY_CIPHER_MODE_CBC; if (cipher->key == NULL) { if (alloc_key(cipher) < 0) { return -1; } - + if(strstr(cipher->name,"-ctr")) + mode=GCRY_CIPHER_MODE_CTR; switch (cipher->keysize) { case 128: if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_AES128, - GCRY_CIPHER_MODE_CBC, 0)) { + mode, 0)) { SAFE_FREE(cipher->key); return -1; } break; case 192: if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_AES192, - GCRY_CIPHER_MODE_CBC, 0)) { + mode, 0)) { SAFE_FREE(cipher->key); return -1; } break; case 256: if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_AES256, - GCRY_CIPHER_MODE_CBC, 0)) { + mode, 0)) { SAFE_FREE(cipher->key); return -1; } @@ -189,9 +191,17 @@ static int aes_set_key(struct crypto_struct *cipher, void *key, void *IV) { SAFE_FREE(cipher->key); return -1; } - if (gcry_cipher_setiv(cipher->key[0], IV, 16)) { - SAFE_FREE(cipher->key); - return -1; + if(mode == GCRY_CIPHER_MODE_CBC){ + if (gcry_cipher_setiv(cipher->key[0], IV, 16)) { + + SAFE_FREE(cipher->key); + return -1; + } + } else { + if(gcry_cipher_setctr(cipher->key[0],IV,16)){ + SAFE_FREE(cipher->key); + return -1; + } } } @@ -320,6 +330,39 @@ static struct crypto_struct ssh_ciphertab[] = { .cbc_decrypt = blowfish_decrypt }, { + .name = "aes128-ctr", + .blocksize = 16, + .keylen = sizeof(gcry_cipher_hd_t), + .key = NULL, + .keysize = 128, + .set_encrypt_key = aes_set_key, + .set_decrypt_key = aes_set_key, + .cbc_encrypt = aes_encrypt, + .cbc_decrypt = aes_encrypt + }, + { + .name = "aes192-ctr", + .blocksize = 16, + .keylen = sizeof(gcry_cipher_hd_t), + .key = NULL, + .keysize = 192, + .set_encrypt_key = aes_set_key, + .set_decrypt_key = aes_set_key, + .cbc_encrypt = aes_encrypt, + .cbc_decrypt = aes_encrypt + }, + { + .name = "aes256-ctr", + .blocksize = 16, + .keylen = sizeof(gcry_cipher_hd_t), + .key = NULL, + .keysize = 256, + .set_encrypt_key = aes_set_key, + .set_decrypt_key = aes_set_key, + .cbc_encrypt = aes_encrypt, + .cbc_decrypt = aes_encrypt + }, + { .name = "aes128-cbc", .blocksize = 16, .keylen = sizeof(gcry_cipher_hd_t), |