summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog11
-rw-r--r--Makefile.in15
-rw-r--r--acss.c264
-rw-r--r--acss.h47
-rw-r--r--cipher-acss.c84
-rw-r--r--cipher.c21
6 files changed, 430 insertions, 12 deletions
diff --git a/ChangeLog b/ChangeLog
index 0ba506f5..61b71434 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+20040127
+ - (djm) OpenBSD CVS Sync
+ - hshoexer@cvs.openbsd.org 2004/01/23 17:06:03
+ [cipher.c]
+ enable acss for ssh
+ ok deraadt@ markus@
+ - (djm) [acss.c acss.h cipher-acss.c] Portable support for ACSS
+ if libcrypto lacks it
+
20040126
- (tim) Typo in regress/README.regress
- (tim) [regress/test-exec.sh] RhostsAuthentication is deprecated.
@@ -1737,4 +1746,4 @@
- Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
Report from murple@murple.net, diagnosis from dtucker@zip.com.au
-$Id: ChangeLog,v 1.3192 2004/01/27 05:40:35 tim Exp $
+$Id: ChangeLog,v 1.3193 2004/01/27 10:19:21 djm Exp $
diff --git a/Makefile.in b/Makefile.in
index f1098fcb..1f6a4d43 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.253 2003/11/21 12:48:55 djm Exp $
+# $Id: Makefile.in,v 1.254 2004/01/27 10:19:22 djm Exp $
# uncomment if you run a non bourne compatable shell. Ie. csh
#SHELL = @SH@
@@ -61,12 +61,13 @@ INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT)
-LIBSSH_OBJS=authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o \
- cipher.o cipher-aes.o cipher-bf1.o cipher-ctr.o cipher-3des1.o \
- cleanup.o compat.o compress.o crc32.o deattack.o fatal.o \
- hostfile.o log.o match.o moduli.o mpaux.o nchan.o packet.o \
- readpass.o rsa.o tildexpand.o ttymodes.o xmalloc.o atomicio.o \
- key.o dispatch.o kex.o mac.o uuencode.o misc.o \
+LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o buffer.o \
+ canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
+ cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \
+ compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \
+ log.o match.o moduli.o mpaux.o nchan.o packet.o \
+ readpass.o rsa.o tildexpand.o ttymodes.o xmalloc.o \
+ atomicio.o key.o dispatch.o kex.o mac.o uuencode.o misc.o \
rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o kexgex.o \
kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \
entropy.o scard-opensc.o gss-genr.o
diff --git a/acss.c b/acss.c
new file mode 100644
index 00000000..65f5fa16
--- /dev/null
+++ b/acss.c
@@ -0,0 +1,264 @@
+/* $Id: */
+/*
+ * Copyright (c) 2004 The OpenBSD project
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "includes.h"
+#include <openssl/evp.h>
+
+#if !defined(EVP_CTRL_SET_ACSS_MODE) && (OPENSSL_VERSION_NUMBER >= 0x00906000L)
+
+#include "acss.h"
+
+/* decryption sbox */
+static unsigned char sboxdec[] = {
+ 0x33, 0x73, 0x3b, 0x26, 0x63, 0x23, 0x6b, 0x76,
+ 0x3e, 0x7e, 0x36, 0x2b, 0x6e, 0x2e, 0x66, 0x7b,
+ 0xd3, 0x93, 0xdb, 0x06, 0x43, 0x03, 0x4b, 0x96,
+ 0xde, 0x9e, 0xd6, 0x0b, 0x4e, 0x0e, 0x46, 0x9b,
+ 0x57, 0x17, 0x5f, 0x82, 0xc7, 0x87, 0xcf, 0x12,
+ 0x5a, 0x1a, 0x52, 0x8f, 0xca, 0x8a, 0xc2, 0x1f,
+ 0xd9, 0x99, 0xd1, 0x00, 0x49, 0x09, 0x41, 0x90,
+ 0xd8, 0x98, 0xd0, 0x01, 0x48, 0x08, 0x40, 0x91,
+ 0x3d, 0x7d, 0x35, 0x24, 0x6d, 0x2d, 0x65, 0x74,
+ 0x3c, 0x7c, 0x34, 0x25, 0x6c, 0x2c, 0x64, 0x75,
+ 0xdd, 0x9d, 0xd5, 0x04, 0x4d, 0x0d, 0x45, 0x94,
+ 0xdc, 0x9c, 0xd4, 0x05, 0x4c, 0x0c, 0x44, 0x95,
+ 0x59, 0x19, 0x51, 0x80, 0xc9, 0x89, 0xc1, 0x10,
+ 0x58, 0x18, 0x50, 0x81, 0xc8, 0x88, 0xc0, 0x11,
+ 0xd7, 0x97, 0xdf, 0x02, 0x47, 0x07, 0x4f, 0x92,
+ 0xda, 0x9a, 0xd2, 0x0f, 0x4a, 0x0a, 0x42, 0x9f,
+ 0x53, 0x13, 0x5b, 0x86, 0xc3, 0x83, 0xcb, 0x16,
+ 0x5e, 0x1e, 0x56, 0x8b, 0xce, 0x8e, 0xc6, 0x1b,
+ 0xb3, 0xf3, 0xbb, 0xa6, 0xe3, 0xa3, 0xeb, 0xf6,
+ 0xbe, 0xfe, 0xb6, 0xab, 0xee, 0xae, 0xe6, 0xfb,
+ 0x37, 0x77, 0x3f, 0x22, 0x67, 0x27, 0x6f, 0x72,
+ 0x3a, 0x7a, 0x32, 0x2f, 0x6a, 0x2a, 0x62, 0x7f,
+ 0xb9, 0xf9, 0xb1, 0xa0, 0xe9, 0xa9, 0xe1, 0xf0,
+ 0xb8, 0xf8, 0xb0, 0xa1, 0xe8, 0xa8, 0xe0, 0xf1,
+ 0x5d, 0x1d, 0x55, 0x84, 0xcd, 0x8d, 0xc5, 0x14,
+ 0x5c, 0x1c, 0x54, 0x85, 0xcc, 0x8c, 0xc4, 0x15,
+ 0xbd, 0xfd, 0xb5, 0xa4, 0xed, 0xad, 0xe5, 0xf4,
+ 0xbc, 0xfc, 0xb4, 0xa5, 0xec, 0xac, 0xe4, 0xf5,
+ 0x39, 0x79, 0x31, 0x20, 0x69, 0x29, 0x61, 0x70,
+ 0x38, 0x78, 0x30, 0x21, 0x68, 0x28, 0x60, 0x71,
+ 0xb7, 0xf7, 0xbf, 0xa2, 0xe7, 0xa7, 0xef, 0xf2,
+ 0xba, 0xfa, 0xb2, 0xaf, 0xea, 0xaa, 0xe2, 0xff
+};
+
+/* encryption sbox */
+static unsigned char sboxenc[] = {
+ 0x33, 0x3b, 0x73, 0x15, 0x53, 0x5b, 0x13, 0x75,
+ 0x3d, 0x35, 0x7d, 0x1b, 0x5d, 0x55, 0x1d, 0x7b,
+ 0x67, 0x6f, 0x27, 0x81, 0xc7, 0xcf, 0x87, 0x21,
+ 0x69, 0x61, 0x29, 0x8f, 0xc9, 0xc1, 0x89, 0x2f,
+ 0xe3, 0xeb, 0xa3, 0x05, 0x43, 0x4b, 0x03, 0xa5,
+ 0xed, 0xe5, 0xad, 0x0b, 0x4d, 0x45, 0x0d, 0xab,
+ 0xea, 0xe2, 0xaa, 0x00, 0x4a, 0x42, 0x0a, 0xa0,
+ 0xe8, 0xe0, 0xa8, 0x02, 0x48, 0x40, 0x08, 0xa2,
+ 0x3e, 0x36, 0x7e, 0x14, 0x5e, 0x56, 0x1e, 0x74,
+ 0x3c, 0x34, 0x7c, 0x16, 0x5c, 0x54, 0x1c, 0x76,
+ 0x6a, 0x62, 0x2a, 0x80, 0xca, 0xc2, 0x8a, 0x20,
+ 0x68, 0x60, 0x28, 0x82, 0xc8, 0xc0, 0x88, 0x22,
+ 0xee, 0xe6, 0xae, 0x04, 0x4e, 0x46, 0x0e, 0xa4,
+ 0xec, 0xe4, 0xac, 0x06, 0x4c, 0x44, 0x0c, 0xa6,
+ 0xe7, 0xef, 0xa7, 0x01, 0x47, 0x4f, 0x07, 0xa1,
+ 0xe9, 0xe1, 0xa9, 0x0f, 0x49, 0x41, 0x09, 0xaf,
+ 0x63, 0x6b, 0x23, 0x85, 0xc3, 0xcb, 0x83, 0x25,
+ 0x6d, 0x65, 0x2d, 0x8b, 0xcd, 0xc5, 0x8d, 0x2b,
+ 0x37, 0x3f, 0x77, 0x11, 0x57, 0x5f, 0x17, 0x71,
+ 0x39, 0x31, 0x79, 0x1f, 0x59, 0x51, 0x19, 0x7f,
+ 0xb3, 0xbb, 0xf3, 0x95, 0xd3, 0xdb, 0x93, 0xf5,
+ 0xbd, 0xb5, 0xfd, 0x9b, 0xdd, 0xd5, 0x9d, 0xfb,
+ 0xba, 0xb2, 0xfa, 0x90, 0xda, 0xd2, 0x9a, 0xf0,
+ 0xb8, 0xb0, 0xf8, 0x92, 0xd8, 0xd0, 0x98, 0xf2,
+ 0x6e, 0x66, 0x2e, 0x84, 0xce, 0xc6, 0x8e, 0x24,
+ 0x6c, 0x64, 0x2c, 0x86, 0xcc, 0xc4, 0x8c, 0x26,
+ 0x3a, 0x32, 0x7a, 0x10, 0x5a, 0x52, 0x1a, 0x70,
+ 0x38, 0x30, 0x78, 0x12, 0x58, 0x50, 0x18, 0x72,
+ 0xbe, 0xb6, 0xfe, 0x94, 0xde, 0xd6, 0x9e, 0xf4,
+ 0xbc, 0xb4, 0xfc, 0x96, 0xdc, 0xd4, 0x9c, 0xf6,
+ 0xb7, 0xbf, 0xf7, 0x91, 0xd7, 0xdf, 0x97, 0xf1,
+ 0xb9, 0xb1, 0xf9, 0x9f, 0xd9, 0xd1, 0x99, 0xff
+};
+
+static unsigned char reverse[] = {
+ 0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0,
+ 0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0,
+ 0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8,
+ 0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8,
+ 0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4,
+ 0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4,
+ 0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec,
+ 0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc,
+ 0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2,
+ 0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2,
+ 0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea,
+ 0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa,
+ 0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6,
+ 0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6,
+ 0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee,
+ 0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe,
+ 0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1,
+ 0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1,
+ 0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9,
+ 0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9,
+ 0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5,
+ 0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5,
+ 0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed,
+ 0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd,
+ 0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3,
+ 0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3,
+ 0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb,
+ 0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb,
+ 0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7,
+ 0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7,
+ 0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef,
+ 0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff
+};
+
+/*
+ * Two linear feedback shift registers are used:
+ *
+ * lfsr17: polynomial of degree 17, primitive modulo 2 (listed in Schneier)
+ * x^15 + x + 1
+ * lfsr25: polynomial of degree 25, not know if primitive modulo 2
+ * x^13 + x^5 + x^4 + x^1 + 1
+ *
+ * Output bits are discarded, instead the feedback bits are added to produce
+ * the cipher stream. Depending on the mode, feedback bytes may be inverted
+ * bit-wise before addition.
+ *
+ * The lfsrs are seeded with bytes from the raw key:
+ *
+ * lfsr17: byte 0[0:7] at bit 9
+ * byte 1[0:7] at bit 0
+ *
+ * lfsr25: byte 2[0:4] at bit 16
+ * byte 2[5:7] at bit 22
+ * byte 3[0:7] at bit 8
+ * byte 4[0:7] at bit 0
+ *
+ * To prevent 0 cycles, 1's are inject at bit 8 in lfrs17 and bit 21 in
+ * lfsr25.
+ *
+ */
+
+int
+acss(ACSS_KEY *key, unsigned long len, const unsigned char *in,
+ unsigned char *out)
+{
+ unsigned long i;
+ unsigned long lfsr17tmp, lfsr25tmp, lfsrsumtmp;
+
+ lfsrsumtmp = lfsr17tmp = lfsr25tmp = 0;
+
+ /* keystream is sum of lfsrs */
+ for (i = 0; i < len; i++) {
+ lfsr17tmp = key->lfsr17 ^ (key->lfsr17 >> 14);
+ key->lfsr17 = (key->lfsr17 >> 8)
+ ^ (lfsr17tmp << 9)
+ ^ (lfsr17tmp << 12)
+ ^ (lfsr17tmp << 15);
+ key->lfsr17 &= 0x1ffff; /* 17 bit LFSR */
+
+ lfsr25tmp = key->lfsr25
+ ^ (key->lfsr25 >> 3)
+ ^ (key->lfsr25 >> 4)
+ ^ (key->lfsr25 >> 12);
+ key->lfsr25 = (key->lfsr25 >> 8) ^ (lfsr25tmp << 17);
+ key->lfsr25 &= 0x1ffffff; /* 25 bit LFSR */
+
+ lfsrsumtmp = key->lfsrsum;
+
+ /* addition */
+ switch (key->mode) {
+ case ACSS_AUTHENTICATE:
+ case ACSS_DATA:
+ key->lfsrsum = 0xff & ~(key->lfsr17 >> 9);
+ key->lfsrsum += key->lfsr25 >> 17;
+ break;
+ case ACSS_SESSIONKEY:
+ key->lfsrsum = key->lfsr17 >> 9;
+ key->lfsrsum += key->lfsr25 >> 17;
+ break;
+ case ACSS_TITLEKEY:
+ key->lfsrsum = key->lfsr17 >> 9;
+ key->lfsrsum += 0xff & ~(key->lfsr25 >> 17);
+ break;
+ default:
+ return 1;
+ }
+ key->lfsrsum += (lfsrsumtmp >> 8);
+
+ if (key->encrypt) {
+ out[i] = sboxenc[(in[i] ^ key->lfsrsum) & 0xff];
+ } else {
+ out[i] = (sboxdec[in[i]] ^ key->lfsrsum) & 0xff;
+ }
+ }
+
+ return 0;
+}
+
+static void
+acss_seed(ACSS_KEY *key)
+{
+ int i;
+
+ /* if available, mangle with subkey */
+ if (key->subkey_avilable) {
+ for (i = 0; i < ACSS_KEYSIZE; i++)
+ key->seed[i] = reverse[key->data[i] ^ key->subkey[i]];
+ } else {
+ for (i = 0; i < ACSS_KEYSIZE; i++)
+ key->seed[i] = reverse[key->data[i]];
+ }
+
+ /* seed lfsrs */
+ key->lfsr17 = key->seed[1]
+ | (key->seed[0] << 9)
+ | (1 << 8); /* inject 1 at bit 9 */
+ key->lfsr25 = key->seed[4]
+ | (key->seed[3] << 8)
+ | ((key->seed[2] & 0x1f) << 16)
+ | ((key->seed[2] & 0xe0) << 17)
+ | (1 << 21); /* inject 1 at bit 22 */
+
+ key->lfsrsum = 0;
+}
+
+void
+acss_setkey(ACSS_KEY *key, const unsigned char *data, int enc, int mode)
+{
+ memcpy(key->data, data, sizeof(key->data));
+ memset(key->subkey, 0, sizeof(key->subkey));
+
+ if (enc != -1)
+ key->encrypt = enc;
+ key->mode = mode;
+ key->subkey_avilable = 0;
+
+ acss_seed(key);
+}
+
+void
+acss_setsubkey(ACSS_KEY *key, const unsigned char *subkey)
+{
+ memcpy(key->subkey, subkey, sizeof(key->subkey));
+ key->subkey_avilable = 1;
+ acss_seed(key);
+}
+#endif
diff --git a/acss.h b/acss.h
new file mode 100644
index 00000000..fc6344dc
--- /dev/null
+++ b/acss.h
@@ -0,0 +1,47 @@
+/* $Id: */
+/*
+ * Copyright (c) 2004 The OpenBSD project
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef _ACSS_H_
+#define _ACSS_H_
+
+/* 40bit key */
+#define ACSS_KEYSIZE 5
+
+/* modes of acss */
+#define ACSS_AUTHENTICATE 0
+#define ACSS_SESSIONKEY 1
+#define ACSS_TITLEKEY 2
+#define ACSS_DATA 3
+
+typedef struct acss_key_st {
+ unsigned int lfsr17; /* current state of lfsrs */
+ unsigned int lfsr25;
+ unsigned int lfsrsum;
+ unsigned char seed[ACSS_KEYSIZE];
+ unsigned char data[ACSS_KEYSIZE];
+ unsigned char subkey[ACSS_KEYSIZE];
+ int encrypt; /* XXX make these bit flags? */
+ int mode;
+ int seeded;
+ int subkey_avilable;
+} ACSS_KEY;
+
+void acss_setkey(ACSS_KEY *, const unsigned char *, int, int);
+void acss_setsubkey(ACSS_KEY *, const unsigned char *);
+int acss(ACSS_KEY *, unsigned long, const unsigned char *, unsigned char *);
+
+#endif /* ifndef _ACSS_H_ */
diff --git a/cipher-acss.c b/cipher-acss.c
new file mode 100644
index 00000000..e2e3a406
--- /dev/null
+++ b/cipher-acss.c
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 2004 The OpenBSD project
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "includes.h"
+#include <openssl/evp.h>
+
+RCSID("$Id: cipher-acss.c,v 1.1 2004/01/27 10:19:22 djm Exp $");
+
+#if !defined(EVP_CTRL_SET_ACSS_MODE) && (OPENSSL_VERSION_NUMBER >= 0x00906000L)
+
+#include "acss.h"
+
+#define data(ctx) ((EVP_ACSS_KEY *)(ctx)->cipher_data)
+
+typedef struct {
+ ACSS_KEY ks;
+} EVP_ACSS_KEY;
+
+#define EVP_CTRL_SET_ACSS_MODE 0xff06
+#define EVP_CTRL_SET_ACSS_SUBKEY 0xff07
+
+static int
+acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ acss_setkey(&data(ctx)->ks,key,enc,ACSS_DATA);
+ return 1;
+}
+
+static int
+acss_ciph(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
+ unsigned int inl)
+{
+ acss(&data(ctx)->ks,inl,in,out);
+ return 1;
+}
+
+static int
+acss_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+{
+ switch(type) {
+ case EVP_CTRL_SET_ACSS_MODE:
+ data(ctx)->ks.mode = arg;
+ return 1;
+ case EVP_CTRL_SET_ACSS_SUBKEY:
+ acss_setsubkey(&data(ctx)->ks,(unsigned char *)ptr);
+ return 1;
+ default:
+ return -1;
+ }
+}
+
+const EVP_CIPHER *
+evp_acss(void)
+{
+ static EVP_CIPHER acss_cipher;
+
+ memset(&acss_cipher, 0, sizeof(EVP_CIPHER));
+
+ acss_cipher.nid = NID_undef;
+ acss_cipher.block_size = 1;
+ acss_cipher.key_len = 5;
+ acss_cipher.init = acss_init_key;
+ acss_cipher.do_cipher = acss_ciph;
+ acss_cipher.ctx_size = sizeof(EVP_ACSS_KEY);
+ acss_cipher.ctrl = acss_ctrl;
+
+ return (&acss_cipher);
+}
+#endif
+
diff --git a/cipher.c b/cipher.c
index a1c40cc4..190b8688 100644
--- a/cipher.c
+++ b/cipher.c
@@ -35,7 +35,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.66 2003/11/10 16:23:41 jakob Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.67 2004/01/23 17:06:03 hshoexer Exp $");
#include "xmalloc.h"
#include "log.h"
@@ -52,6 +52,17 @@ RCSID("$OpenBSD: cipher.c,v 1.66 2003/11/10 16:23:41 jakob Exp $");
extern const EVP_CIPHER *evp_rijndael(void);
extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);
#endif
+
+#if !defined(EVP_CTRL_SET_ACSS_MODE)
+# if (OPENSSL_VERSION_NUMBER >= 0x00906000L)
+extern const EVP_CIPHER *evp_acss(void);
+# define EVP_acss evp_acss
+# define EVP_CTRL_SET_ACSS_MODE xxx /* used below */
+# else
+# define EVP_acss NULL /* Don't try to support ACSS on older OpenSSL */
+# endif /* (OPENSSL_VERSION_NUMBER >= 0x00906000L) */
+#endif /* !defined(EVP_CTRL_SET_ACSS_MODE) */
+
extern const EVP_CIPHER *evp_ssh1_bf(void);
extern const EVP_CIPHER *evp_ssh1_3des(void);
extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
@@ -92,7 +103,9 @@ struct Cipher {
{ "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr },
{ "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr },
#endif
-
+#if defined(EVP_CTRL_SET_ACSS_MODE)
+ { "acss@openbsd.org", SSH_CIPHER_SSH2, 16, 5, EVP_acss },
+#endif
{ NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL }
};
@@ -402,7 +415,7 @@ cipher_get_keycontext(const CipherContext *cc, u_char *dat)
Cipher *c = cc->cipher;
int plen = 0;
- if (c->evptype == EVP_rc4) {
+ if (c->evptype == EVP_rc4 || c->evptype == EVP_acss) {
plen = EVP_X_STATE_LEN(cc->evp);
if (dat == NULL)
return (plen);
@@ -417,7 +430,7 @@ cipher_set_keycontext(CipherContext *cc, u_char *dat)
Cipher *c = cc->cipher;
int plen;
- if (c->evptype == EVP_rc4) {
+ if (c->evptype == EVP_rc4 || c->evptype == EVP_acss) {
plen = EVP_X_STATE_LEN(cc->evp);
memcpy(EVP_X_STATE(cc->evp), dat, plen);
}