xref: /freebsd/crypto/openssh/cipher.h (revision 27beb2e98db3193bd22010b9eb00cc7787bb0a2f) 
1 /*
2  * Author: Tatu Ylonen <ylo@cs.hut.fi>
3  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4  *                    All rights reserved
5  *
6  * As far as I am concerned, the code I have written for this software
7  * can be used freely for any purpose.  Any derived versions of this
8  * software must be clearly marked as such, and if the derived work is
9  * incompatible with the protocol description in the RFC file, it must be
10  * called by a name other than "ssh" or "Secure Shell".
11  */
12 
13 /* RCSID("$OpenBSD: cipher.h,v 1.19 2000/09/07 20:27:50 deraadt Exp $"); */
14 /* $FreeBSD$ */
15 
16 #ifndef CIPHER_H
17 #define CIPHER_H
18 
19 #include <openssl/des.h>
20 #include <openssl/blowfish.h>
21 #include <openssl/rc4.h>
22 #include <openssl/cast.h>
23 
24 /* Cipher types.  New types can be added, but old types should not be removed
25    for compatibility.  The maximum allowed value is 31. */
26 #define SSH_CIPHER_ILLEGAL	-2	/* No valid cipher selected. */
27 #define SSH_CIPHER_NOT_SET	-1	/* None selected (invalid number). */
28 #define SSH_CIPHER_NONE		0	/* no encryption */
29 #define SSH_CIPHER_IDEA		1	/* IDEA CFB */
30 #define SSH_CIPHER_DES		2	/* DES CBC */
31 #define SSH_CIPHER_3DES		3	/* 3DES CBC */
32 #define SSH_CIPHER_BROKEN_TSS	4	/* TRI's Simple Stream encryption CBC */
33 #define SSH_CIPHER_BROKEN_RC4	5	/* Alleged RC4 */
34 #define SSH_CIPHER_BLOWFISH	6
35 #define SSH_CIPHER_RESERVED	7
36 
37 /* these ciphers are used in SSH2: */
38 #define SSH_CIPHER_BLOWFISH_CBC	8
39 #define SSH_CIPHER_3DES_CBC	9
40 #define SSH_CIPHER_ARCFOUR	10	/* Alleged RC4 */
41 #define SSH_CIPHER_CAST128_CBC	11
42 
43 typedef struct {
44 	unsigned int type;
45 	union {
46 		struct {
47 			des_key_schedule key1;
48 			des_key_schedule key2;
49 			des_cblock iv2;
50 			des_key_schedule key3;
51 			des_cblock iv3;
52 		}       des3;
53 		struct {
54 			struct bf_key_st key;
55 			unsigned char iv[8];
56 		}       bf;
57 		struct {
58 			CAST_KEY key;
59 			unsigned char iv[8];
60 		} cast;
61 		RC4_KEY rc4;
62 	}       u;
63 }       CipherContext;
64 /*
65  * Returns a bit mask indicating which ciphers are supported by this
66  * implementation.  The bit mask has the corresponding bit set of each
67  * supported cipher.
68  */
69 unsigned int cipher_mask();
70 unsigned int cipher_mask1();
71 unsigned int cipher_mask2();
72 
73 /* Returns the name of the cipher. */
74 const char *cipher_name(int cipher);
75 
76 /*
77  * Parses the name of the cipher.  Returns the number of the corresponding
78  * cipher, or -1 on error.
79  */
80 int     cipher_number(const char *name);
81 
82 /* returns 1 if all ciphers are supported (ssh2 only) */
83 int     ciphers_valid(const char *names);
84 
85 /*
86  * Selects the cipher to use and sets the key.  If for_encryption is true,
87  * the key is setup for encryption; otherwise it is setup for decryption.
88  */
89 void
90 cipher_set_key(CipherContext * context, int cipher,
91     const unsigned char *key, int keylen);
92 void
93 cipher_set_key_iv(CipherContext * context, int cipher,
94     const unsigned char *key, int keylen,
95     const unsigned char *iv, int ivlen);
96 
97 /*
98  * Sets key for the cipher by computing the MD5 checksum of the passphrase,
99  * and using the resulting 16 bytes as the key.
100  */
101 void
102 cipher_set_key_string(CipherContext * context, int cipher,
103     const char *passphrase);
104 
105 /* Encrypts data using the cipher. */
106 void
107 cipher_encrypt(CipherContext * context, unsigned char *dest,
108     const unsigned char *src, unsigned int len);
109 
110 /* Decrypts data using the cipher. */
111 void
112 cipher_decrypt(CipherContext * context, unsigned char *dest,
113     const unsigned char *src, unsigned int len);
114 
115 #endif				/* CIPHER_H */
116