sync cvs as of 2012-12-14 (cipher-ctr.c removal)

ssh/CVS/Entries

@@ -186,32 +186,32 @@ D/sshd////
 /xmalloc.h/1.13/Fri Oct 12 15:53:56 2012//
 /PROTOCOL/1.18/Fri Dec 14 16:50:35 2012//
 /auth-options.c/1.57/Result of merge//
-/auth.c/1.98/Result of merge//
-/auth.h/1.72/Result of merge+Fri Dec 14 16:50:35 2012//
 /auth1.c/1.77/Result of merge//
-/auth2-chall.c/1.36/Result of merge+Fri Dec 14 16:50:35 2012//
-/auth2-gss.c/1.18/Result of merge+Fri Dec 14 16:50:35 2012//
-/auth2-jpake.c/1.5/Result of merge+Fri Dec 14 16:50:35 2012//
 /auth2-pubkey.c/1.33/Result of merge//
-/auth2.c/1.126/Result of merge+Fri Dec 14 16:50:36 2012//
-/authfile.c/1.94/Result of merge+Fri Dec 14 16:50:36 2012//
 /channels.c/1.319/Result of merge//
-/cipher.c/1.83/Result of merge+Fri Dec 14 16:50:36 2012//
-/cipher.h/1.38/Result of merge+Fri Dec 14 16:50:36 2012//
-/kex.h/1.53/Result of merge+Fri Dec 14 16:50:36 2012//
-/mac.c/1.21/Result of merge+Fri Dec 14 16:50:36 2012//
 /monitor.c/1.120/Result of merge//
 /monitor.h/1.17/Result of merge//
 /myproposal.h/1.31/Fri Dec 14 16:50:37 2012//
-/packet.c/1.178/Result of merge+Fri Dec 14 16:50:37 2012//
 /servconf.c/1.233/Result of merge//
 /servconf.h/1.106/Result of merge//
 /serverloop.c/1.164/Result of merge//
 /session.c/1.261/Result of merge//
 /ssh-add.1/1.58/Fri Dec 14 16:50:37 2012//
-/ssh-add.c/1.105/Result of merge+Fri Dec 14 16:50:37 2012//
-/ssh-keygen.c/1.220/Result of merge+Fri Dec 14 16:50:37 2012//
 /ssh_config.5/1.160/Fri Dec 14 16:50:37 2012//
-/sshconnect2.c/1.190/Result of merge+Fri Dec 14 16:50:37 2012//
 /sshd_config/1.88/Sun Nov 11 09:45:29 2012//
 /sshd_config.5/1.152/Fri Dec 14 16:50:37 2012//
+/auth.c/1.99/Result of merge//
+/auth.h/1.72/Result of merge//
+/auth2-chall.c/1.36/Result of merge//
+/auth2-gss.c/1.18/Result of merge//
+/auth2-jpake.c/1.5/Result of merge//
+/auth2.c/1.126/Result of merge//
+/authfile.c/1.94/Result of merge//
+/cipher.c/1.84/Result of merge+Mon Dec 17 20:16:06 2012//
+/cipher.h/1.38/Result of merge//
+/kex.h/1.53/Result of merge//
+/mac.c/1.21/Result of merge//
+/packet.c/1.179/Result of merge+Mon Dec 17 20:16:06 2012//
+/ssh-add.c/1.105/Result of merge//
+/ssh-keygen.c/1.220/Result of merge//
+/sshconnect2.c/1.190/Result of merge//

ssh/cipher-ctr.c

@@ -1,138 +0,0 @@
-/* $OpenBSD: cipher-ctr.c,v 1.11 2010/10/01 23:05:32 djm Exp $ */
-/*
- * Copyright (c) 2003 Markus Friedl <markus@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <sys/types.h>
-#include <string.h>
-#include <openssl/evp.h>
-#include <openssl/aes.h>
-
-#include "err.h"
-
-const EVP_CIPHER *evp_aes_128_ctr(void);
-int ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t);
-
-struct ssh_aes_ctr_ctx
-{
-	AES_KEY		aes_ctx;
-	u_char		aes_counter[AES_BLOCK_SIZE];
-};
-
-/*
- * increment counter 'ctr',
- * the counter is of size 'len' bytes and stored in network-byte-order.
- * (LSB at ctr[len-1], MSB at ctr[0])
- */
-static void
-ssh_ctr_inc(u_char *ctr, size_t len)
-{
-	int i;
-
-	for (i = len - 1; i >= 0; i--)
-		if (++ctr[i])	/* continue on overflow */
-			return;
-}
-
-static int
-ssh_aes_ctr(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src,
-    size_t len)
-{
-	struct ssh_aes_ctr_ctx *c;
-	size_t n = 0;
-	u_char buf[AES_BLOCK_SIZE];
-
-	if (len == 0)
-		return 1;
-	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL)
-		return 0;
-
-	while ((len--) > 0) {
-		if (n == 0) {
-			AES_encrypt(c->aes_counter, buf, &c->aes_ctx);
-			ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE);
-		}
-		*(dest++) = *(src++) ^ buf[n];
-		n = (n + 1) % AES_BLOCK_SIZE;
-	}
-	return 1;
-}
-
-static int
-ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
-    int enc)
-{
-	struct ssh_aes_ctr_ctx *c;
-
-	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {
-		if ((c = calloc(1, sizeof(*c))) == NULL)
-			return 0;
-		EVP_CIPHER_CTX_set_app_data(ctx, c);
-	}
-	if (key != NULL)
-		if (AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8,
-		    &c->aes_ctx) < 0) {
-			free(c);
-			EVP_CIPHER_CTX_set_app_data(ctx, NULL);
-		}
-	if (iv != NULL)
-		memcpy(c->aes_counter, iv, AES_BLOCK_SIZE);
-	return 1;
-}
-
-static int
-ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx)
-{
-	struct ssh_aes_ctr_ctx *c;
-
-	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
-		bzero(c, sizeof(*c));
-		free(c);
-		EVP_CIPHER_CTX_set_app_data(ctx, NULL);
-	}
-	return 1;
-}
-
-int
-ssh_aes_ctr_iv(EVP_CIPHER_CTX *evp, int doset, u_char * iv, size_t len)
-{
-	struct ssh_aes_ctr_ctx *c;
-
-	if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL)
-		return SSH_ERR_INTERNAL_ERROR;
-	if (doset)
-		memcpy(c->aes_counter, iv, len);
-	else
-		memcpy(iv, c->aes_counter, len);
-	return 0;
-}
-
-const EVP_CIPHER *
-evp_aes_128_ctr(void)
-{
-	static EVP_CIPHER aes_ctr;
-
-	bzero(&aes_ctr, sizeof(aes_ctr));
-	aes_ctr.nid = NID_undef;
-	aes_ctr.block_size = AES_BLOCK_SIZE;
-	aes_ctr.iv_len = AES_BLOCK_SIZE;
-	aes_ctr.key_len = 16;
-	aes_ctr.init = ssh_aes_ctr_init;
-	aes_ctr.cleanup = ssh_aes_ctr_cleanup;
-	aes_ctr.do_cipher = ssh_aes_ctr;
-	aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
-	    EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
-	return (&aes_ctr);
-}

ssh/cipher.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.83 2012/12/11 22:31:18 markus Exp $ */
+/* $OpenBSD: cipher.c,v 1.84 2012/12/12 16:46:10 naddy Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -47,9 +47,7 @@
 
 extern const EVP_CIPHER *evp_ssh1_bf(void);
 extern const EVP_CIPHER *evp_ssh1_3des(void);
-extern const EVP_CIPHER *evp_aes_128_ctr(void);
 extern int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
-extern int ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);
 
 struct sshcipher {
 	char	*name;
@@ -76,9 +74,9 @@ struct sshcipher {
 	{ "aes256-cbc",		SSH_CIPHER_SSH2, 16, 32, 0, 1, EVP_aes_256_cbc },
 	{ "rijndael-cbc@lysator.liu.se",
 				SSH_CIPHER_SSH2, 16, 32, 0, 1, EVP_aes_256_cbc },
-	{ "aes128-ctr",		SSH_CIPHER_SSH2, 16, 16, 0, 0, evp_aes_128_ctr },
-	{ "aes192-ctr",		SSH_CIPHER_SSH2, 16, 24, 0, 0, evp_aes_128_ctr },
-	{ "aes256-ctr",		SSH_CIPHER_SSH2, 16, 32, 0, 0, evp_aes_128_ctr },
+	{ "aes128-ctr",		SSH_CIPHER_SSH2, 16, 16, 0, 0, EVP_aes_128_ctr },
+	{ "aes192-ctr",		SSH_CIPHER_SSH2, 16, 24, 0, 0, EVP_aes_192_ctr },
+	{ "aes256-ctr",		SSH_CIPHER_SSH2, 16, 32, 0, 0, EVP_aes_256_ctr },
 	{ "acss@openssh.org",	SSH_CIPHER_SSH2, 16, 5, 0, 0, EVP_acss },
 
 	{ NULL,			SSH_CIPHER_INVALID, 0, 0, 0, 0, NULL }
@@ -353,10 +351,7 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
 			return SSH_ERR_LIBCRYPTO_ERROR;
 		if ((u_int)evplen != len)
 			return SSH_ERR_INVALID_ARGUMENT;
-		if (c->evptype == evp_aes_128_ctr)
-			return ssh_aes_ctr_iv(&cc->evp, 0, iv, len);
-		else
-			memcpy(iv, cc->evp.iv, len);
+		memcpy(iv, cc->evp.iv, len);
 		return 0;
 	case SSH_CIPHER_3DES:
 		return ssh1_3des_iv(&cc->evp, 0, iv, 24);
@@ -378,10 +373,7 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv)
 		evplen = EVP_CIPHER_CTX_iv_length(&cc->evp);
 		if (evplen <= 0)
 			return SSH_ERR_LIBCRYPTO_ERROR;
-		if (c->evptype == evp_aes_128_ctr)
-			return ssh_aes_ctr_iv(&cc->evp, 1, (u_char *)iv, evplen);
-		else
-			memcpy(cc->evp.iv, iv, evplen);
+		memcpy(cc->evp.iv, iv, evplen);
 		return 0;
 	case SSH_CIPHER_3DES:
 		return ssh1_3des_iv(&cc->evp, 1, (u_char *)iv, 24);

ssh/lib/CVS/Entries

@@ -1,2 +1,2 @@
-/Makefile/1.65/Result of merge//
+/Makefile/1.66/Result of merge+Mon Dec 17 20:16:07 2012//
 D

ssh/lib/Makefile

@@ -1,10 +1,10 @@
-#	$OpenBSD: Makefile,v 1.65 2012/10/04 13:21:50 markus Exp $
+#	$OpenBSD: Makefile,v 1.66 2012/12/12 16:46:10 naddy Exp $
 
 .PATH:		${.CURDIR}/..
 
 LIB=	ssh
 SRCS=	authfd.c authfile.c canohost.c \
-	channels.c cipher.c cipher-3des1.c cipher-bf1.c cipher-ctr.c \
+	channels.c cipher.c cipher-3des1.c cipher-bf1.c \
 	cleanup.c compat.c crc32.c deattack.c fatal.c \
 	hostfile.c log.c match.c nchan.c packet.c readpass.c \
 	rsa.c ttymodes.c xmalloc.c atomicio.c \