diff options
| -rw-r--r-- | ConfigureChecks.cmake | 1 | ||||
| -rw-r--r-- | config.h.cmake | 3 | ||||
| -rw-r--r-- | include/libssh/crypto.h | 3 | ||||
| -rw-r--r-- | src/CMakeLists.txt | 8 | ||||
| -rw-r--r-- | src/kex.c | 4 | ||||
| -rw-r--r-- | src/libmbedcrypto.c | 18 |
6 files changed, 20 insertions, 17 deletions
diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake index 3bb4a5e0..18c10b93 100644 --- a/ConfigureChecks.cmake +++ b/ConfigureChecks.cmake @@ -138,7 +138,6 @@ endif () if (NOT WITH_MBEDTLS) set(HAVE_DSA 1) - set(HAVE_CHACHA 1) endif (NOT WITH_MBEDTLS) # FUNCTIONS diff --git a/config.h.cmake b/config.h.cmake index 044e6032..61d20acb 100644 --- a/config.h.cmake +++ b/config.h.cmake @@ -89,9 +89,6 @@ /* Define to 1 if you have DSA */ #cmakedefine HAVE_DSA 1 -/* Define to 1 if you have chacha20-poly1305 */ -#cmakedefine HAVE_CHACHA 1 - /*************************** FUNCTIONS ***************************/ /* Define to 1 if you have the `EVP_aes128_ctr' function. */ diff --git a/include/libssh/crypto.h b/include/libssh/crypto.h index 4064481d..2447de14 100644 --- a/include/libssh/crypto.h +++ b/include/libssh/crypto.h @@ -129,11 +129,10 @@ struct ssh_cipher_struct { unsigned int blocksize; /* blocksize of the algo */ enum ssh_cipher_e ciphertype; uint32_t lenfield_blocksize; /* blocksize of the packet length field */ -#ifdef HAVE_LIBGCRYPT size_t keylen; /* length of the key structure */ +#ifdef HAVE_LIBGCRYPT gcry_cipher_hd_t *key; #elif defined HAVE_LIBCRYPTO - size_t keylen; /* length of the key structure */ struct ssh_3des_key_schedule *des3_key; struct ssh_aes_key_schedule *aes_key; const EVP_CIPHER *cipher; diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 4edc59f4..8d4613ff 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -164,15 +164,9 @@ set(libssh_SRCS external/ge25519.c external/poly1305.c external/sc25519.c + chachapoly.c ) -if (NOT WITH_MBEDTLS) - set(libssh_SRCS - ${libssh_SRCS} - chachapoly.c - ) -endif (NOT WITH_MBEDTLS) - if (WITH_GCRYPT) set(libssh_SRCS ${libssh_SRCS} @@ -95,11 +95,7 @@ #define ECDH "" #endif -#ifdef HAVE_CHACHA #define CHACHA20 "chacha20-poly1305@openssh.com," -#else /* HAVE_CHACHA */ -#define CHACHA20 -#endif /* HAVE_CHACHA */ #define KEY_EXCHANGE CURVE25519 ECDH "diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" #define KEX_METHODS_SIZE 10 diff --git a/src/libmbedcrypto.c b/src/libmbedcrypto.c index 6854bd98..216bcdc5 100644 --- a/src/libmbedcrypto.c +++ b/src/libmbedcrypto.c @@ -30,6 +30,8 @@ #ifdef HAVE_LIBMBEDCRYPTO #include <mbedtls/md.h> +extern const struct ssh_cipher_struct chacha20poly1305_cipher; + struct ssh_mac_ctx_struct { enum ssh_mac_e mac_type; mbedtls_md_context_t ctx; @@ -1067,6 +1069,9 @@ static struct ssh_cipher_struct ssh_ciphertab[] = { .decrypt = cipher_decrypt_cbc, }, { + .name = "chacha20-poly1305@openssh.com" + }, + { .name = NULL, .blocksize = 0, .keysize = 0, @@ -1085,6 +1090,7 @@ struct ssh_cipher_struct *ssh_get_ciphertab(void) void ssh_mbedtls_init(void) { + size_t i; int rc; mbedtls_entropy_init(&ssh_mbedtls_entropy); @@ -1095,6 +1101,18 @@ void ssh_mbedtls_init(void) if (rc != 0) { mbedtls_ctr_drbg_free(&ssh_mbedtls_ctr_drbg); } + + for (i = 0; ssh_ciphertab[i].name != NULL; i++) { + int cmp; + + cmp = strcmp(ssh_ciphertab[i].name, "chacha20-poly1305@openssh.com"); + if (cmp == 0) { + memcpy(&ssh_ciphertab[i], + &chacha20poly1305_cipher, + sizeof(struct ssh_cipher_struct)); + break; + } + } } int ssh_mbedtls_random(void *where, int len, int strong) |