1 /* $OpenBSD: cipher-bf1.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */
3 * Copyright (c) 2003 Markus Friedl. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 #include <sys/types.h>
30 #include <openssl/evp.h>
37 #if OPENSSL_VERSION_NUMBER < 0x00906000L
42 * SSH1 uses a variation on Blowfish, all bytes must be swapped before
43 * and after encryption/decryption. Thus the swap_bytes stuff (yuk).
46 const EVP_CIPHER
* evp_ssh1_bf(void);
49 swap_bytes(const u_char
*src
, u_char
*dst
, int n
)
53 /* Process 4 bytes every lap. */
54 for (n
= n
/ 4; n
> 0; n
--) {
68 static void bf_ssh1_init (EVP_CIPHER_CTX
* ctx
, const unsigned char *key
,
69 const unsigned char *iv
, int enc
)
72 memcpy (&(ctx
->oiv
[0]), iv
, 8);
73 memcpy (&(ctx
->iv
[0]), &(ctx
->oiv
[0]), 8);
75 BF_set_key (&(ctx
->c
.bf_ks
), EVP_CIPHER_CTX_key_length (ctx
),
80 static int (*orig_bf
)(EVP_CIPHER_CTX
*, u_char
*, const u_char
*, u_int
) = NULL
;
83 bf_ssh1_cipher(EVP_CIPHER_CTX
*ctx
, u_char
*out
, const u_char
*in
, u_int len
)
87 swap_bytes(in
, out
, len
);
88 ret
= (*orig_bf
)(ctx
, out
, out
, len
);
89 swap_bytes(out
, out
, len
);
96 static EVP_CIPHER ssh1_bf
;
98 memcpy(&ssh1_bf
, EVP_bf_cbc(), sizeof(EVP_CIPHER
));
99 orig_bf
= ssh1_bf
.do_cipher
;
100 ssh1_bf
.nid
= NID_undef
;
102 ssh1_bf
.init
= bf_ssh1_init
;
104 ssh1_bf
.do_cipher
= bf_ssh1_cipher
;
105 ssh1_bf
.key_len
= 32;