diff options
-rw-r--r-- | libssh/kex.c | 2 | ||||
-rw-r--r-- | libssh/wrapper.c | 25 |
2 files changed, 25 insertions, 2 deletions
diff --git a/libssh/kex.c b/libssh/kex.c index 5d1c9cb0..20982748 100644 --- a/libssh/kex.c +++ b/libssh/kex.c @@ -53,7 +53,7 @@ #define BLOWFISH "" #endif #ifdef HAVE_OPENSSL_AES_H -#define AES "aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc," +#define AES "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc," #else #define AES "" #endif diff --git a/libssh/wrapper.c b/libssh/wrapper.c index 991a7c21..a42c2367 100644 --- a/libssh/wrapper.c +++ b/libssh/wrapper.c @@ -615,7 +615,8 @@ static void aes_decrypt(struct crypto_struct *cipher, void *in, void *out, } /** @internal - * @brief encrypts/decrypts data with stream cipher AES128_ctr + * @brief encrypts/decrypts data with stream cipher AES_ctr128. 128 bits is actually + * the size of the CTR counter and incidentally the blocksize, but not the keysize. * @param len[in] must be a multiple of AES128 block size. */ static void aes_ctr128_encrypt(struct crypto_struct *cipher, void *in, void *out, @@ -733,6 +734,28 @@ static struct crypto_struct ssh_ciphertab[] = { aes_ctr128_encrypt }, { + "aes192-ctr", + 16, + sizeof(AES_KEY), + NULL, + 192, + aes_set_encrypt_key, + aes_set_encrypt_key, + aes_ctr128_encrypt, + aes_ctr128_encrypt + }, + { + "aes256-ctr", + 16, + sizeof(AES_KEY), + NULL, + 256, + aes_set_encrypt_key, + aes_set_encrypt_key, + aes_ctr128_encrypt, + aes_ctr128_encrypt + }, + { "aes128-cbc", 16, sizeof(AES_KEY), |