xref: /freebsd/crypto/openssh/cipher.h (revision a79b71281cd63ad7a6cc43a6d5673a2510b51630) 
1 /*
2  *
3  * cipher.h
4  *
5  * Author: Tatu Ylonen <ylo@cs.hut.fi>
6  *
7  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8  *                    All rights reserved
9  *
10  * Created: Wed Apr 19 16:50:42 1995 ylo
11  *
12  * $FreeBSD$
13  */
14 
15 /* RCSID("$Id: cipher.h,v 1.17 2000/05/08 17:12:15 markus Exp $"); */
16 
17 #ifndef CIPHER_H
18 #define CIPHER_H
19 
20 #include <openssl/des.h>
21 #include <openssl/blowfish.h>
22 #include <openssl/rc4.h>
23 #include <openssl/cast.h>
24 
25 /* Cipher types.  New types can be added, but old types should not be removed
26    for compatibility.  The maximum allowed value is 31. */
27 #define SSH_CIPHER_ILLEGAL	-2	/* No valid cipher selected. */
28 #define SSH_CIPHER_NOT_SET	-1	/* None selected (invalid number). */
29 #define SSH_CIPHER_NONE		0	/* no encryption */
30 #define SSH_CIPHER_IDEA		1	/* IDEA CFB */
31 #define SSH_CIPHER_DES		2	/* DES CBC */
32 #define SSH_CIPHER_3DES		3	/* 3DES CBC */
33 #define SSH_CIPHER_BROKEN_TSS	4	/* TRI's Simple Stream encryption CBC */
34 #define SSH_CIPHER_BROKEN_RC4	5	/* Alleged RC4 */
35 #define SSH_CIPHER_BLOWFISH	6
36 #define SSH_CIPHER_RESERVED	7
37 
38 /* these ciphers are used in SSH2: */
39 #define SSH_CIPHER_BLOWFISH_CBC	8
40 #define SSH_CIPHER_3DES_CBC	9
41 #define SSH_CIPHER_ARCFOUR	10	/* Alleged RC4 */
42 #define SSH_CIPHER_CAST128_CBC	11
43 
44 typedef struct {
45 	unsigned int type;
46 	union {
47 		struct {
48 			des_key_schedule key1;
49 			des_key_schedule key2;
50 			des_cblock iv2;
51 			des_key_schedule key3;
52 			des_cblock iv3;
53 		}       des3;
54 		struct {
55 			struct bf_key_st key;
56 			unsigned char iv[8];
57 		}       bf;
58 		struct {
59 			CAST_KEY key;
60 			unsigned char iv[8];
61 		} cast;
62 		RC4_KEY rc4;
63 	}       u;
64 }       CipherContext;
65 /*
66  * Returns a bit mask indicating which ciphers are supported by this
67  * implementation.  The bit mask has the corresponding bit set of each
68  * supported cipher.
69  */
70 unsigned int cipher_mask();
71 unsigned int cipher_mask1();
72 unsigned int cipher_mask2();
73 
74 /* Returns the name of the cipher. */
75 const char *cipher_name(int cipher);
76 
77 /*
78  * Parses the name of the cipher.  Returns the number of the corresponding
79  * cipher, or -1 on error.
80  */
81 int     cipher_number(const char *name);
82 
83 /* returns 1 if all ciphers are supported (ssh2 only) */
84 int     ciphers_valid(const char *names);
85 
86 /*
87  * Selects the cipher to use and sets the key.  If for_encryption is true,
88  * the key is setup for encryption; otherwise it is setup for decryption.
89  */
90 void
91 cipher_set_key(CipherContext * context, int cipher,
92     const unsigned char *key, int keylen);
93 void
94 cipher_set_key_iv(CipherContext * context, int cipher,
95     const unsigned char *key, int keylen,
96     const unsigned char *iv, int ivlen);
97 
98 /*
99  * Sets key for the cipher by computing the MD5 checksum of the passphrase,
100  * and using the resulting 16 bytes as the key.
101  */
102 void
103 cipher_set_key_string(CipherContext * context, int cipher,
104     const char *passphrase);
105 
106 /* Encrypts data using the cipher. */
107 void
108 cipher_encrypt(CipherContext * context, unsigned char *dest,
109     const unsigned char *src, unsigned int len);
110 
111 /* Decrypts data using the cipher. */
112 void
113 cipher_decrypt(CipherContext * context, unsigned char *dest,
114     const unsigned char *src, unsigned int len);
115 
116 #endif				/* CIPHER_H */
117