| 1 |
/* $OpenBSD: cipher.h,v 1.34 2003/11/10 16:23:41 jakob Exp $ */ |
/* Imported from OpenSSH-8.5p1, TeraTerm Project */ |
| 2 |
|
|
| 3 |
|
/* $OpenBSD: cipher.h,v 1.44 2014/01/25 10:12:50 dtucker Exp $ */ |
| 4 |
|
|
| 5 |
/* |
/* |
| 6 |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 39 |
#ifndef CIPHER_H |
#ifndef CIPHER_H |
| 40 |
#define CIPHER_H |
#define CIPHER_H |
| 41 |
|
|
| 42 |
|
typedef unsigned int u_int; |
| 43 |
|
typedef unsigned char u_char; |
| 44 |
|
|
| 45 |
#include <openssl/evp.h> |
#include <openssl/evp.h> |
| 46 |
|
#include "cipher-chachapoly.h" |
| 47 |
|
|
| 48 |
/* |
/* |
| 49 |
* Cipher types for SSH-1. New types can be added, but old types should not |
* Cipher types for SSH-1. New types can be added, but old types should not |
| 50 |
* be removed for compatibility. The maximum allowed value is 31. |
* be removed for compatibility. The maximum allowed value is 31. |
| 52 |
#define SSH_CIPHER_SSH2 -3 |
#define SSH_CIPHER_SSH2 -3 |
| 53 |
#define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */ |
#define SSH_CIPHER_ILLEGAL -2 /* No valid cipher selected. */ |
| 54 |
#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ |
| 55 |
#define SSH_CIPHER_NONE 0 /* no encryption */ |
//#define SSH_CIPHER_NONE 0 /* no encryption */ |
| 56 |
#define SSH_CIPHER_IDEA 1 /* IDEA CFB */ |
//#define SSH_CIPHER_IDEA 1 /* IDEA CFB */ |
| 57 |
#define SSH_CIPHER_DES 2 /* DES CBC */ |
//#define SSH_CIPHER_DES 2 /* DES CBC */ |
| 58 |
#define SSH_CIPHER_3DES 3 /* 3DES CBC */ |
//#define SSH_CIPHER_3DES 3 /* 3DES CBC */ |
| 59 |
#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ |
//#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ |
| 60 |
#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ |
//#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ |
| 61 |
#define SSH_CIPHER_BLOWFISH 6 |
//#define SSH_CIPHER_BLOWFISH 6 |
| 62 |
#define SSH_CIPHER_RESERVED 7 |
//#define SSH_CIPHER_RESERVED 7 |
| 63 |
|
|
| 64 |
#define CIPHER_ENCRYPT 1 |
#define CIPHER_ENCRYPT 1 |
| 65 |
#define CIPHER_DECRYPT 0 |
#define CIPHER_DECRYPT 0 |
| 66 |
|
|
|
typedef struct Cipher Cipher; |
|
|
typedef struct CipherContext CipherContext; |
|
| 67 |
|
|
| 68 |
struct Cipher; |
typedef enum { |
| 69 |
struct CipherContext { |
// SSH1 |
| 70 |
int plaintext; |
SSH_CIPHER_NONE, SSH_CIPHER_IDEA, SSH_CIPHER_DES, SSH_CIPHER_3DES, |
| 71 |
|
SSH_CIPHER_TSS, SSH_CIPHER_RC4, SSH_CIPHER_BLOWFISH, |
| 72 |
|
// SSH2 |
| 73 |
|
SSH2_CIPHER_3DES_CBC, SSH2_CIPHER_AES128_CBC, |
| 74 |
|
SSH2_CIPHER_AES192_CBC, SSH2_CIPHER_AES256_CBC, |
| 75 |
|
SSH2_CIPHER_BLOWFISH_CBC, SSH2_CIPHER_AES128_CTR, |
| 76 |
|
SSH2_CIPHER_AES192_CTR, SSH2_CIPHER_AES256_CTR, |
| 77 |
|
SSH2_CIPHER_ARCFOUR, SSH2_CIPHER_ARCFOUR128, SSH2_CIPHER_ARCFOUR256, |
| 78 |
|
SSH2_CIPHER_CAST128_CBC, |
| 79 |
|
SSH2_CIPHER_3DES_CTR, SSH2_CIPHER_BLOWFISH_CTR, SSH2_CIPHER_CAST128_CTR, |
| 80 |
|
SSH2_CIPHER_CAMELLIA128_CBC, SSH2_CIPHER_CAMELLIA192_CBC, SSH2_CIPHER_CAMELLIA256_CBC, |
| 81 |
|
SSH2_CIPHER_CAMELLIA128_CTR, SSH2_CIPHER_CAMELLIA192_CTR, SSH2_CIPHER_CAMELLIA256_CTR, |
| 82 |
|
SSH2_CIPHER_AES128_GCM, SSH2_CIPHER_AES256_GCM, SSH2_CIPHER_CHACHAPOLY, |
| 83 |
|
SSH_CIPHER_MAX = SSH2_CIPHER_CHACHAPOLY, |
| 84 |
|
} SSHCipherId; |
| 85 |
|
|
| 86 |
|
struct ssh2cipher { |
| 87 |
|
SSHCipherId id; |
| 88 |
|
char *name; |
| 89 |
|
u_int block_size; |
| 90 |
|
u_int key_len; |
| 91 |
|
u_int discard_len; |
| 92 |
|
u_int iv_len; |
| 93 |
|
u_int auth_len; |
| 94 |
|
const EVP_CIPHER *(*func)(void); |
| 95 |
|
}; |
| 96 |
|
|
| 97 |
|
struct sshcipher_ctx { |
| 98 |
|
// TTSSH では SSH_CIPHER_NONE が無効なので、plaintext は使用されない |
| 99 |
|
// int plaintext; |
| 100 |
|
|
| 101 |
|
// TTSSH では CRYPT_encrypt_aead(), CRYPT_decrypt_aead() が別れていて encrypt で切り替えないので使用されない |
| 102 |
|
// int encrypt; |
| 103 |
|
|
| 104 |
EVP_CIPHER_CTX *evp; |
EVP_CIPHER_CTX *evp; |
| 105 |
Cipher *cipher; |
struct chachapoly_ctx *cp_ctx; |
| 106 |
|
|
| 107 |
|
// OpenSSH で ifndef WITH_OPENSSL の時に使用されるものなので、ac_ctx は使用されない |
| 108 |
|
// aesctr_ctx ac_ctx; /* XXX union with evp? */ |
| 109 |
|
|
| 110 |
|
// OpenSSH では const struct sshcipher *cipher; |
| 111 |
|
const struct ssh2cipher *cipher; |
| 112 |
}; |
}; |
| 113 |
|
|
|
u_int cipher_mask_ssh1(int); |
|
|
Cipher *cipher_by_name(const char *); |
|
|
Cipher *cipher_by_number(int); |
|
|
int cipher_number(const char *); |
|
|
char *cipher_name(int); |
|
|
int ciphers_valid(const char *); |
|
|
void cipher_init(CipherContext *, Cipher *, const u_char *, u_int, |
|
|
const u_char *, u_int, int); |
|
|
void cipher_crypt(CipherContext *, u_char *, const u_char *, u_int); |
|
|
void cipher_cleanup(CipherContext *); |
|
|
void cipher_set_key_string(CipherContext *, Cipher *, const char *, int); |
|
|
u_int cipher_blocksize(const Cipher *); |
|
|
u_int cipher_keylen(const Cipher *); |
|
|
|
|
|
u_int cipher_get_number(const Cipher *); |
|
|
void cipher_get_keyiv(CipherContext *, u_char *, u_int); |
|
|
void cipher_set_keyiv(CipherContext *, u_char *); |
|
|
int cipher_get_keyiv_len(const CipherContext *); |
|
|
int cipher_get_keycontext(const CipherContext *, u_char *); |
|
|
void cipher_set_keycontext(CipherContext *, u_char *); |
|
|
|
|
|
void cipher_init_SSH2( |
|
|
EVP_CIPHER_CTX *evp, |
|
|
const u_char *key, u_int keylen, |
|
|
const u_char *iv, u_int ivlen, |
|
|
int encrypt, |
|
|
const EVP_CIPHER *type, |
|
|
int discard_len, |
|
|
unsigned int authlen, |
|
|
PTInstVar pvar |
|
|
); |
|
| 114 |
|
|
| 115 |
void cipher_cleanup_SSH2(EVP_CIPHER_CTX *evp); |
int get_cipher_id(const struct ssh2cipher *cipher); |
| 116 |
|
u_int get_cipher_block_size(const struct ssh2cipher *cipher); |
| 117 |
|
u_int get_cipher_key_len(const struct ssh2cipher *cipher); |
| 118 |
|
u_int get_cipher_discard_len(const struct ssh2cipher *cipher); |
| 119 |
|
u_int get_cipher_iv_len(const struct ssh2cipher *cipher); |
| 120 |
|
u_int get_cipher_auth_len(const struct ssh2cipher *cipher); |
| 121 |
|
const EVP_CIPHER *get_cipher_EVP_CIPHER(const struct ssh2cipher *cipher); |
| 122 |
|
char *get_cipher_string(const struct ssh2cipher *cipher); |
| 123 |
|
const struct ssh2cipher* get_cipher_by_name(char *name); |
| 124 |
|
char *get_cipher_name(int cipher_id); |
| 125 |
|
wchar_t *get_listbox_cipher_nameW(int cipher_id, PTInstVar pvar); |
| 126 |
|
|
| 127 |
|
void normalize_cipher_order(char *buf); |
| 128 |
|
const struct ssh2cipher *choose_SSH2_cipher_algorithm(char *server_proposal, char *my_proposal); |
| 129 |
|
void SSH2_update_cipher_myproposal(PTInstVar pvar); |
| 130 |
|
|
| 131 |
|
int cipher_init_SSH2( |
| 132 |
|
struct sshcipher_ctx **ccp, const struct ssh2cipher *cipher, |
| 133 |
|
const u_char *key, u_int keylen, |
| 134 |
|
const u_char *iv, u_int ivlen, |
| 135 |
|
int do_encrypt, |
| 136 |
|
PTInstVar pvar |
| 137 |
|
); |
| 138 |
|
void cipher_free_SSH2(struct sshcipher_ctx *cc); |
| 139 |
|
|
| 140 |
#endif /* CIPHER_H */ |
#endif /* CIPHER_H */ |
Tera Term
Parent Directory
Revision Log
Patch