Vendor/libssh2/Source/crypt.c

   1 /* Copyright (c) 2004-2007, Sara Golemon <sarag@libssh2.org>
   2  * All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms,
   5  * with or without modification, are permitted provided
   6  * that the following conditions are met:
   7  *
   8  *   Redistributions of source code must retain the above
   9  *   copyright notice, this list of conditions and the
  10  *   following disclaimer.
  11  *
  12  *   Redistributions in binary form must reproduce the above
  13  *   copyright notice, this list of conditions and the following
  14  *   disclaimer in the documentation and/or other materials
  15  *   provided with the distribution.
  16  *
  17  *   Neither the name of the copyright holder nor the names
  18  *   of any other contributors may be used to endorse or
  19  *   promote products derived from this software without
  20  *   specific prior written permission.
  21  *
  22  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
  23  * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
  24  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  25  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  26  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
  27  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  28  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
  29  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  30  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  31  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
  32  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  33  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
  34  * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
  35  * OF SUCH DAMAGE.
  36  */
  37
  38 #include "libssh2_priv.h"
  39
  40 #ifdef LIBSSH2_CRYPT_NONE
  41 /* {{{ libssh2_crypt_none_crypt
  42  * Minimalist cipher: VERY secure *wink*
  43  */
  44 static int
  45 libssh2_crypt_none_crypt(LIBSSH2_SESSION * session, unsigned char *buf,
  46                          void **abstract)
  47 {
  48     /* Do nothing to the data! */
  49     return 0;
  50 }
  51
  52 /* }}} */
  53
  54 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_none = {
  55     "none",
  56     8,                          /* blocksize (SSH2 defines minimum blocksize as 8) */
  57     0,                          /* iv_len */
  58     0,                          /* secret_len */
  59     0,                          /* flags */
  60     NULL,
  61     libssh2_crypt_none_crypt,
  62     NULL
  63 };
  64 #endif /* LIBSSH2_CRYPT_NONE */
  65
  66 struct crypt_ctx
  67 {
  68     int encrypt;
  69       _libssh2_cipher_type(algo);
  70     _libssh2_cipher_ctx h;
  71 };
  72
  73 static int
  74 _libssh2_init(LIBSSH2_SESSION * session,
  75               const LIBSSH2_CRYPT_METHOD * method,
  76               unsigned char *iv, int *free_iv,
  77               unsigned char *secret, int *free_secret,
  78               int encrypt, void **abstract)
  79 {
  80     struct crypt_ctx *ctx = LIBSSH2_ALLOC(session,
  81                                           sizeof(struct crypt_ctx));
  82     if (!ctx) {
  83         return -1;
  84     }
  85     ctx->encrypt = encrypt;
  86     ctx->algo = method->algo;
  87     if (_libssh2_cipher_init(&ctx->h, ctx->algo, iv, secret, encrypt)) {
  88         LIBSSH2_FREE(session, ctx);
  89         return -1;
  90     }
  91     *abstract = ctx;
  92     *free_iv = 1;
  93     *free_secret = 1;
  94     return 0;
  95 }
  96
  97 static int
  98 _libssh2_encrypt(LIBSSH2_SESSION * session, unsigned char *block,
  99                  void **abstract)
 100 {
 101     struct crypt_ctx *cctx = *(struct crypt_ctx **) abstract;
 102     (void) session;
 103     return _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block);
 104 }
 105
 106 static int
 107 _libssh2_dtor(LIBSSH2_SESSION * session, void **abstract)
 108 {
 109     struct crypt_ctx **cctx = (struct crypt_ctx **) abstract;
 110     if (cctx && *cctx) {
 111         _libssh2_cipher_dtor(&(*cctx)->h);
 112         LIBSSH2_FREE(session, *cctx);
 113         *abstract = NULL;
 114     }
 115     return 0;
 116 }
 117
 118 #if LIBSSH2_AES
 119 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes128_cbc = {
 120     "aes128-cbc",
 121     16,                         /* blocksize */
 122     16,                         /* initial value length */
 123     16,                         /* secret length -- 16*8 == 128bit */
 124     0,                          /* flags */
 125     &_libssh2_init,
 126     &_libssh2_encrypt,
 127     &_libssh2_dtor,
 128     _libssh2_cipher_aes128
 129 };
 130
 131 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes192_cbc = {
 132     "aes192-cbc",
 133     16,                         /* blocksize */
 134     16,                         /* initial value length */
 135     24,                         /* secret length -- 24*8 == 192bit */
 136     0,                          /* flags */
 137     &_libssh2_init,
 138     &_libssh2_encrypt,
 139     &_libssh2_dtor,
 140     _libssh2_cipher_aes192
 141 };
 142
 143 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes256_cbc = {
 144     "aes256-cbc",
 145     16,                         /* blocksize */
 146     16,                         /* initial value length */
 147     32,                         /* secret length -- 32*8 == 256bit */
 148     0,                          /* flags */
 149     &_libssh2_init,
 150     &_libssh2_encrypt,
 151     &_libssh2_dtor,
 152     _libssh2_cipher_aes256
 153 };
 154
 155 /* rijndael-cbc@lysator.liu.se == aes256-cbc */
 156 static const LIBSSH2_CRYPT_METHOD
 157     libssh2_crypt_method_rijndael_cbc_lysator_liu_se = {
 158     "rijndael-cbc@lysator.liu.se",
 159     16,                         /* blocksize */
 160     16,                         /* initial value length */
 161     32,                         /* secret length -- 32*8 == 256bit */
 162     0,                          /* flags */
 163     &_libssh2_init,
 164     &_libssh2_encrypt,
 165     &_libssh2_dtor,
 166     _libssh2_cipher_aes256
 167 };
 168 #endif /* LIBSSH2_AES */
 169
 170 #if LIBSSH2_BLOWFISH
 171 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_blowfish_cbc = {
 172     "blowfish-cbc",
 173     8,                          /* blocksize */
 174     8,                          /* initial value length */
 175     16,                         /* secret length */
 176     0,                          /* flags */
 177     &_libssh2_init,
 178     &_libssh2_encrypt,
 179     &_libssh2_dtor,
 180     _libssh2_cipher_blowfish
 181 };
 182 #endif /* LIBSSH2_BLOWFISH */
 183
 184 #if LIBSSH2_RC4
 185 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_arcfour = {
 186     "arcfour",
 187     8,                          /* blocksize */
 188     8,                          /* initial value length */
 189     16,                         /* secret length */
 190     0,                          /* flags */
 191     &_libssh2_init,
 192     &_libssh2_encrypt,
 193     &_libssh2_dtor,
 194     _libssh2_cipher_arcfour
 195 };
 196 #endif /* LIBSSH2_RC4 */
 197
 198 #if LIBSSH2_CAST
 199 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_cast128_cbc = {
 200     "cast128-cbc",
 201     8,                          /* blocksize */
 202     8,                          /* initial value length */
 203     16,                         /* secret length */
 204     0,                          /* flags */
 205     &_libssh2_init,
 206     &_libssh2_encrypt,
 207     &_libssh2_dtor,
 208     _libssh2_cipher_cast5
 209 };
 210 #endif /* LIBSSH2_CAST */
 211
 212 #if LIBSSH2_3DES
 213 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_3des_cbc = {
 214     "3des-cbc",
 215     8,                          /* blocksize */
 216     8,                          /* initial value length */
 217     24,                         /* secret length */
 218     0,                          /* flags */
 219     &_libssh2_init,
 220     &_libssh2_encrypt,
 221     &_libssh2_dtor,
 222     _libssh2_cipher_3des
 223 };
 224 #endif
 225
 226 static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = {
 227 #if LIBSSH2_AES
 228     &libssh2_crypt_method_aes256_cbc,
 229     &libssh2_crypt_method_rijndael_cbc_lysator_liu_se,  /* == aes256-cbc */
 230     &libssh2_crypt_method_aes192_cbc,
 231     &libssh2_crypt_method_aes128_cbc,
 232 #endif /* LIBSSH2_AES */
 233 #if LIBSSH2_BLOWFISH
 234     &libssh2_crypt_method_blowfish_cbc,
 235 #endif /* LIBSSH2_BLOWFISH */
 236 #if LIBSSH2_RC4
 237     &libssh2_crypt_method_arcfour,
 238 #endif /* LIBSSH2_RC4 */
 239 #if LIBSSH2_CAST
 240     &libssh2_crypt_method_cast128_cbc,
 241 #endif /* LIBSSH2_CAST */
 242 #if LIBSSH2_3DES
 243     &libssh2_crypt_method_3des_cbc,
 244 #endif /*  LIBSSH2_DES */
 245 #ifdef LIBSSH2_CRYPT_NONE
 246     &libssh2_crypt_method_none,
 247 #endif
 248     NULL
 249 };
 250
 251 /* Expose to kex.c */
 252 const LIBSSH2_CRYPT_METHOD **
 253 libssh2_crypt_methods(void)
 254 {
 255     return _libssh2_crypt_methods;
 256 }