aboutsummaryrefslogtreecommitdiff
path: root/src/libcrypto.c
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2018-06-28 17:52:58 +0200
committerAndreas Schneider <asn@cryptomilk.org>2018-06-29 14:41:14 +0200
commit206f3ff895d3d822ac4f23426136537129f9f062 (patch)
tree59728e18437ec9308d14a50082ef831b5b158612 /src/libcrypto.c
parent81b4320318966e83678641a06717c301b071971b (diff)
downloadlibssh-206f3ff895d3d822ac4f23426136537129f9f062.tar.gz
libssh-206f3ff895d3d822ac4f23426136537129f9f062.tar.xz
libssh-206f3ff895d3d822ac4f23426136537129f9f062.zip
Rest in Peace SSHv1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'src/libcrypto.c')
-rw-r--r--src/libcrypto.c115
1 files changed, 0 insertions, 115 deletions
diff --git a/src/libcrypto.c b/src/libcrypto.c
index 982c9c84..186d6105 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -471,10 +471,6 @@ static void evp_cipher_init(struct ssh_cipher_struct *cipher) {
cipher->cipher = EVP_bf_cbc();
break;
/* ciphers not using EVP */
- case SSH_3DES_CBC_SSH1:
- case SSH_DES_CBC_SSH1:
- SSH_LOG(SSH_LOG_WARNING, "This cipher should not use evp_cipher_init");
- break;
case SSH_NO_CIPHER:
SSH_LOG(SSH_LOG_WARNING, "No valid ciphertype found");
break;
@@ -612,95 +608,6 @@ static void aes_ctr_cleanup(struct ssh_cipher_struct *cipher){
}
#endif /* HAVE_OPENSSL_EVP_AES_CTR */
-#ifdef HAS_DES
-
-typedef uint8_t des_iv_t[8];
-
-struct ssh_3des_key_schedule {
- DES_key_schedule keys[3];
- union {
- des_iv_t v[3];
- uint8_t *c;
- } ivs;
-};
-
-/* 3des cbc for SSH-1 has no suitable EVP construct and requires
- * a custom key setup
- */
-static int des3_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){
- DES_cblock *keys = key;
-
- DES_set_odd_parity(&keys[0]);
- DES_set_odd_parity(&keys[1]);
- DES_set_odd_parity(&keys[2]);
-
- cipher->des3_key = malloc(sizeof (struct ssh_3des_key_schedule));
- if (cipher->des3_key == NULL){
- return SSH_ERROR;
- }
- DES_set_key_unchecked(&keys[0], &cipher->des3_key->keys[0]);
- DES_set_key_unchecked(&keys[1], &cipher->des3_key->keys[1]);
- DES_set_key_unchecked(&keys[2], &cipher->des3_key->keys[2]);
- memcpy(cipher->des3_key->ivs.v, IV, 24);
- return SSH_OK;
-}
-
-static void des3_1_encrypt(struct ssh_cipher_struct *cipher, void *in,
- void *out, unsigned long len) {
-#ifdef DEBUG_CRYPTO
- ssh_print_hexa("Encrypt IV before", cipher->des3_key->ivs.c, 24);
-#endif
- DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[0], &cipher->des3_key->ivs.v[0], 1);
- DES_ncbc_encrypt(out, in, len, &cipher->des3_key->keys[1], &cipher->des3_key->ivs.v[1], 0);
- DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[2], &cipher->des3_key->ivs.v[2], 1);
-#ifdef DEBUG_CRYPTO
- ssh_print_hexa("Encrypt IV after", cipher->des3_key->ivs.c, 24);
-#endif
-}
-
-static void des3_1_decrypt(struct ssh_cipher_struct *cipher, void *in,
- void *out, unsigned long len) {
-#ifdef DEBUG_CRYPTO
- ssh_print_hexa("Decrypt IV before", cipher->des3_key->ivs.c, 24);
-#endif
-
- DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[2], &cipher->des3_key->ivs.v[0], 0);
- DES_ncbc_encrypt(out, in, len, &cipher->des3_key->keys[1], &cipher->des3_key->ivs.v[1], 1);
- DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[0], &cipher->des3_key->ivs.v[2], 0);
-
-#ifdef DEBUG_CRYPTO
- ssh_print_hexa("Decrypt IV after", cipher->des3_key->ivs.c, 24);
-#endif
-}
-
-static int des1_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV) {
- DES_set_odd_parity(key);
-
- cipher->des3_key = malloc(sizeof (struct ssh_3des_key_schedule));
- if (cipher->des3_key == NULL){
- return SSH_ERROR;
- }
- DES_set_key_unchecked(key, &cipher->des3_key->keys[0]);
- memcpy(cipher->des3_key->ivs.v, IV, 8);
- return SSH_OK;
-}
-
-static void des1_1_encrypt(struct ssh_cipher_struct *cipher, void *in, void *out,
- unsigned long len){
- DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[0], &cipher->des3_key->ivs.v[0], 1);
-}
-
-static void des1_1_decrypt(struct ssh_cipher_struct *cipher, void *in, void *out,
- unsigned long len){
- DES_ncbc_encrypt(in,out,len, &cipher->des3_key->keys[0], &cipher->des3_key->ivs.v[0], 0);
-}
-
-static void des_cleanup(struct ssh_cipher_struct *cipher){
- explicit_bzero(cipher->des3_key, sizeof(*cipher->des3_key));
- SAFE_FREE(cipher->des3_key);
-}
-
-#endif /* HAS_DES */
/*
* The table of supported ciphers
@@ -838,28 +745,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
.decrypt = evp_cipher_decrypt,
.cleanup = evp_cipher_cleanup
},
- {
- .name = "3des-cbc-ssh1",
- .blocksize = 8,
- .ciphertype = SSH_3DES_CBC_SSH1,
- .keysize = 192,
- .set_encrypt_key = des3_set_key,
- .set_decrypt_key = des3_set_key,
- .encrypt = des3_1_encrypt,
- .decrypt = des3_1_decrypt,
- .cleanup = des_cleanup
- },
- {
- .name = "des-cbc-ssh1",
- .blocksize = 8,
- .ciphertype = SSH_DES_CBC_SSH1,
- .keysize = 64,
- .set_encrypt_key = des1_set_key,
- .set_decrypt_key = des1_set_key,
- .encrypt = des1_1_encrypt,
- .decrypt = des1_1_decrypt,
- .cleanup = des_cleanup
- },
#endif /* HAS_DES */
{
.name = "chacha20-poly1305@openssh.com"