nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-01 11:32:48 -05:00
Code Issues Projects Releases Wiki Activity

Split ssh2_cipher's keylen field into two.

Browse Source 
The revamp of key generation in commit e460f3083 made the assumption
that you could decide how many bytes of key material to generate by
converting cipher->keylen from bits to bytes. This is a good
assumption for all ciphers except DES/3DES: since the SSH DES key
setup ignores one bit in every byte of key material it's given, you
need more bytes than its keylen field would have you believe. So
currently the DES ciphers aren't being keyed correctly.

The original keylen field is used for deciding how big a DH group to
request, and on that basis I think it still makes sense to keep it
reflecting the true entropy of a cipher key. So it turns out we need
two _separate_ key length fields per cipher - one for the real
entropy, and one for the much more obvious purpose of knowing how much
data to ask for from ssh2_mkkey.

A compensatory advantage, though, is that we can now measure the
latter directly in bytes rather than bits, so we no longer have to
faff about with dividing by 8 and rounding up.
This commit is contained in:
Simon Tatham
2015-09-10 08:10:52 +01:00
parent b08895f02c
commit 43be90e287
7 changed files with 35 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
sshaes.c
View File

@ -1173,7 +1173,7 @@ static const struct ssh2_cipher ssh_aes128_ctr = {
aes_make_context, aes_free_context, aes_iv, aes128_key,
aes_ssh2_sdctr, aes_ssh2_sdctr, NULL, NULL,
"aes128-ctr",
16, 128, 0, "AES-128 SDCTR",
16, 128, 16, 0, "AES-128 SDCTR",
NULL
};
@ -1181,7 +1181,7 @@ static const struct ssh2_cipher ssh_aes192_ctr = {
aes_make_context, aes_free_context, aes_iv, aes192_key,
aes_ssh2_sdctr, aes_ssh2_sdctr, NULL, NULL,
"aes192-ctr",
16, 192, 0, "AES-192 SDCTR",
16, 192, 24, 0, "AES-192 SDCTR",
NULL
};
@ -1189,7 +1189,7 @@ static const struct ssh2_cipher ssh_aes256_ctr = {
aes_make_context, aes_free_context, aes_iv, aes256_key,
aes_ssh2_sdctr, aes_ssh2_sdctr, NULL, NULL,
"aes256-ctr",
16, 256, 0, "AES-256 SDCTR",
16, 256, 32, 0, "AES-256 SDCTR",
NULL
};
@ -1197,7 +1197,7 @@ static const struct ssh2_cipher ssh_aes128 = {
aes_make_context, aes_free_context, aes_iv, aes128_key,
aes_ssh2_encrypt_blk, aes_ssh2_decrypt_blk, NULL, NULL,
"aes128-cbc",
16, 128, SSH_CIPHER_IS_CBC, "AES-128 CBC",
16, 128, 16, SSH_CIPHER_IS_CBC, "AES-128 CBC",
NULL
};
@ -1205,7 +1205,7 @@ static const struct ssh2_cipher ssh_aes192 = {
aes_make_context, aes_free_context, aes_iv, aes192_key,
aes_ssh2_encrypt_blk, aes_ssh2_decrypt_blk, NULL, NULL,
"aes192-cbc",
16, 192, SSH_CIPHER_IS_CBC, "AES-192 CBC",
16, 192, 24, SSH_CIPHER_IS_CBC, "AES-192 CBC",
NULL
};
@ -1213,7 +1213,7 @@ static const struct ssh2_cipher ssh_aes256 = {
aes_make_context, aes_free_context, aes_iv, aes256_key,
aes_ssh2_encrypt_blk, aes_ssh2_decrypt_blk, NULL, NULL,
"aes256-cbc",
16, 256, SSH_CIPHER_IS_CBC, "AES-256 CBC",
16, 256, 32, SSH_CIPHER_IS_CBC, "AES-256 CBC",
NULL
};
@ -1221,7 +1221,7 @@ static const struct ssh2_cipher ssh_rijndael_lysator = {
aes_make_context, aes_free_context, aes_iv, aes256_key,
aes_ssh2_encrypt_blk, aes_ssh2_decrypt_blk, NULL, NULL,
"rijndael-cbc@lysator.liu.se",
16, 256, SSH_CIPHER_IS_CBC, "AES-256 CBC",
16, 256, 32, SSH_CIPHER_IS_CBC, "AES-256 CBC",
NULL
};