1 |
/* |
2 |
* Import from OpenSSH (TeraTerm Project 2008.11.18) |
3 |
*/ |
4 |
/* $OpenBSD: cipher-ctr.c,v 1.10 2006/08/03 03:34:42 deraadt Exp $ */ |
5 |
/* |
6 |
* Copyright (c) 2003 Markus Friedl <markus@openbsd.org> |
7 |
* |
8 |
* Permission to use, copy, modify, and distribute this software for any |
9 |
* purpose with or without fee is hereby granted, provided that the above |
10 |
* copyright notice and this permission notice appear in all copies. |
11 |
* |
12 |
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
13 |
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
14 |
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
15 |
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
16 |
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
17 |
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
18 |
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
19 |
*/ |
20 |
#include <sys/types.h> |
21 |
#include <malloc.h> |
22 |
#include <string.h> |
23 |
|
24 |
#include <openssl/evp.h> |
25 |
#include <openssl/aes.h> |
26 |
|
27 |
extern const EVP_CIPHER *evp_aes_128_ctr(void); |
28 |
|
29 |
struct ssh_aes_ctr_ctx |
30 |
{ |
31 |
AES_KEY aes_ctx; |
32 |
unsigned char aes_counter[AES_BLOCK_SIZE]; |
33 |
}; |
34 |
|
35 |
static void |
36 |
ssh_ctr_inc(unsigned char *ctr, unsigned int len) |
37 |
{ |
38 |
int i; |
39 |
|
40 |
for ( i = len - 1; i>= 0; i--) |
41 |
if (++ctr[i]) |
42 |
return; |
43 |
} |
44 |
|
45 |
static int |
46 |
ssh_aes_ctr(EVP_CIPHER_CTX *ctx, unsigned char *dest, const unsigned char *src, unsigned int len) |
47 |
{ |
48 |
struct ssh_aes_ctr_ctx *c; |
49 |
unsigned int n = 0; |
50 |
unsigned char buf[AES_BLOCK_SIZE]; |
51 |
|
52 |
if (len == 0) |
53 |
return (1); |
54 |
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) |
55 |
return (0); |
56 |
|
57 |
while ((len--) > 0) { |
58 |
if (n == 0) { |
59 |
AES_encrypt(c->aes_counter, buf, &c->aes_ctx); |
60 |
ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE); |
61 |
} |
62 |
*(dest++) = *(src++) ^ buf[n]; |
63 |
n = (n + 1) % AES_BLOCK_SIZE; |
64 |
} |
65 |
return (1); |
66 |
} |
67 |
|
68 |
static int |
69 |
ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) |
70 |
{ |
71 |
struct ssh_aes_ctr_ctx *c; |
72 |
|
73 |
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { |
74 |
c = malloc(sizeof(*c)); |
75 |
EVP_CIPHER_CTX_set_app_data(ctx, c); |
76 |
} |
77 |
if (key != NULL) |
78 |
AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, &c->aes_ctx); |
79 |
if (iv != NULL) |
80 |
memcpy(c->aes_counter, iv, AES_BLOCK_SIZE); |
81 |
return (1); |
82 |
} |
83 |
|
84 |
static int |
85 |
ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx) |
86 |
{ |
87 |
struct ssh_aes_ctr_ctx *c; |
88 |
|
89 |
if((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { |
90 |
memset(c, 0, sizeof(*c)); |
91 |
free(c); |
92 |
EVP_CIPHER_CTX_set_app_data(ctx, NULL); |
93 |
} |
94 |
return (1); |
95 |
} |
96 |
|
97 |
void |
98 |
ssh_aes_ctr_iv(EVP_CIPHER_CTX *evp, int doset, unsigned char * iv, unsigned int len) |
99 |
{ |
100 |
struct ssh_aes_ctr_ctx *c; |
101 |
|
102 |
if ((c = EVP_CIPHER_CTX_get_app_data(evp)) != NULL) |
103 |
if(doset) |
104 |
memcpy(c->aes_counter, iv, len); |
105 |
else |
106 |
memcpy(iv, c->aes_counter, len); |
107 |
} |
108 |
|
109 |
const EVP_CIPHER * |
110 |
evp_aes_128_ctr(void) |
111 |
{ |
112 |
static EVP_CIPHER aes_ctr; |
113 |
|
114 |
memset(&aes_ctr, 0, sizeof(EVP_CIPHER)); |
115 |
aes_ctr.nid = NID_undef; |
116 |
aes_ctr.block_size = AES_BLOCK_SIZE; |
117 |
aes_ctr.iv_len = AES_BLOCK_SIZE; |
118 |
aes_ctr.key_len = 16; |
119 |
aes_ctr.init = ssh_aes_ctr_init; |
120 |
aes_ctr.cleanup = ssh_aes_ctr_cleanup; |
121 |
aes_ctr.do_cipher = ssh_aes_ctr; |
122 |
#ifndef SSH_OLD_EVP |
123 |
aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; |
124 |
#endif |
125 |
return (&aes_ctr); |
126 |
} |