Rest in Peace SSHv1

Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2025-11-30 13:01:23 +03:00 · 2018-06-28 17:52:58 +02:00
parent 81b4320318
commit 206f3ff895
56 changed files with 328 additions and 3139 deletions
--- a/src/libmbedcrypto.c
+++ b/src/libmbedcrypto.c
@@ -835,129 +835,6 @@ static void cipher_cleanup(struct ssh_cipher_struct *cipher)
    mbedtls_cipher_free(&cipher->decrypt_ctx);
 }

-static int des3_set_encrypt_key(struct ssh_cipher_struct *cipher, void *key,
-        void *IV)
-{
-    const mbedtls_cipher_info_t *cipher_info = NULL;
-    unsigned char *des3_key = NULL;
-    size_t des_key_size = 0;
-    int rc;
-
-    mbedtls_cipher_init(&cipher->encrypt_ctx);
-    cipher_info = mbedtls_cipher_info_from_type(cipher->type);
-
-    rc = mbedtls_cipher_setup(&cipher->encrypt_ctx, cipher_info);
-    if (rc != 0) {
-        SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_setup failed");
-        goto error;
-    }
-
-    des3_key = malloc(cipher_info->key_bitlen / 8);
-    if (des3_key == NULL) {
-        SSH_LOG(SSH_LOG_WARNING, "error allocating memory for key");
-        goto error;
-    }
-
-    des_key_size = cipher_info->key_bitlen / (8 * 3);
-    memcpy(des3_key, key, des_key_size);
-    memcpy(des3_key + des_key_size, (unsigned char * )key + des_key_size,
-            des_key_size);
-    memcpy(des3_key + 2 * des_key_size,
-            (unsigned char *) key + 2 * des_key_size, des_key_size);
-
-    rc = mbedtls_cipher_setkey(&cipher->encrypt_ctx, des3_key,
-                               cipher_info->key_bitlen,
-                               MBEDTLS_ENCRYPT);
-    if (rc != 0) {
-        SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_setkey failed");
-        goto error;
-    }
-
-    rc = mbedtls_cipher_set_iv(&cipher->encrypt_ctx, IV, cipher_info->iv_size);
-
-    if (rc != 0) {
-        SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_set_iv failed");
-        goto error;
-    }
-
-    rc = mbedtls_cipher_reset(&cipher->encrypt_ctx);
-
-    if (rc != 0) {
-        SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_reset failed");
-        goto error;
-    }
-
-    SAFE_FREE(des3_key);
-    return SSH_OK;
-error:
-    mbedtls_cipher_free(&cipher->encrypt_ctx);
-    SAFE_FREE(des3_key);
-    return SSH_ERROR;
-}
-
-static int des3_set_decrypt_key(struct ssh_cipher_struct *cipher, void *key,
-        void *IV)
-{
-    const mbedtls_cipher_info_t *cipher_info = NULL;
-    unsigned char *des3_key = NULL;
-    size_t des_key_size = 0;
-    int rc;
-
-    mbedtls_cipher_init(&cipher->decrypt_ctx);
-    cipher_info = mbedtls_cipher_info_from_type(cipher->type);
-
-    rc = mbedtls_cipher_setup(&cipher->decrypt_ctx, cipher_info);
-    if (rc != 0) {
-        SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_setup failed");
-        goto error;
-    }
-
-    des3_key = malloc(cipher_info->key_bitlen / 8);
-    if (des3_key == NULL) {
-        SSH_LOG(SSH_LOG_WARNING, "error allocating memory for key");
-        goto error;
-    }
-
-    des_key_size = cipher_info->key_bitlen / (8 * 3);
-    memcpy(des3_key, key, des_key_size);
-    memcpy(des3_key + des_key_size, (unsigned char *) key + des_key_size,
-            des_key_size);
-    memcpy(des3_key + 2 * des_key_size,
-            (unsigned char *) key + 2 * des_key_size,
-            des_key_size);
-
-    rc = mbedtls_cipher_setkey(&cipher->decrypt_ctx, des3_key,
-                               cipher_info->key_bitlen,
-                               MBEDTLS_DECRYPT);
-    if (rc != 0) {
-        SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_setkey failed");
-        goto error;
-    }
-
-    rc = mbedtls_cipher_set_iv(&cipher->decrypt_ctx, IV, cipher_info->iv_size);
-
-    if (rc != 0) {
-        SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_set_iv failed");
-        goto error;
-    }
-
-    rc = mbedtls_cipher_reset(&cipher->decrypt_ctx);
-
-    if (rc != 0) {
-        SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_reset failed");
-        goto error;
-    }
-
-    SAFE_FREE(des3_key);
-    return SSH_OK;
-error:
-    mbedtls_cipher_free(&cipher->decrypt_ctx);
-    if (des3_key != NULL) {
-        SAFE_FREE(des3_key);
-    }
-    return SSH_ERROR;
-}
-
 static struct ssh_cipher_struct ssh_ciphertab[] = {
    {
        .name = "blowfish-cbc",
@@ -1047,27 +924,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
        .decrypt = cipher_decrypt_cbc,
        .cleanup = cipher_cleanup
    },
-    {
-        .name = "3des-cbc-ssh1",
-        .blocksize = 8,
-        .keysize = 192,
-        .type = MBEDTLS_CIPHER_DES_CBC,
-        .set_encrypt_key = des3_set_encrypt_key,
-        .set_decrypt_key = des3_set_decrypt_key,
-        .encrypt = cipher_encrypt_cbc,
-        .decrypt = cipher_decrypt_cbc,
-        .cleanup = cipher_cleanup
-    },
-    {
-        .name = "des-cbc-ssh1",
-        .blocksize = 8,
-        .keysize = 64,
-        .type = MBEDTLS_CIPHER_DES_CBC,
-        .set_encrypt_key = cipher_set_encrypt_key_cbc,
-        .set_decrypt_key = cipher_set_decrypt_key_cbc,
-        .encrypt = cipher_encrypt_cbc,
-        .decrypt = cipher_decrypt_cbc,
-    },
    {
        .name = "chacha20-poly1305@openssh.com"
    },