Now that we've got at least some SDCTR modes working (and aes256-ctr is our

default preferred cipher), add code to inject SSH_MSG_IGNOREs to randomise the IV when using CBC-mode ciphers. Each cipher has a flag to indicate whether it needs this workaround, and the SSH packet output maze has gained some extra complexity to implement it. [originally from svn r5659]
2025-07-09 15:23:50 -05:00 · 2005-04-23 16:22:51 +00:00
parent b28330fc35
commit f2b0335c48
6 changed files with 48 additions and 19 deletions
--- a/ssh.h
+++ b/ssh.h
@ -154,6 +154,8 @@ struct ssh2_cipher {
    char *name;
    int blksize;
    int keylen;
+    unsigned int flags;
+#define SSH_CIPHER_IS_CBC	1
    char *text_name;
 };