chacha: packet encryption

Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-11-27 13:21:11 +03:00 · 2018-02-28 10:24:53 -06:00
parent ebd76bf347
commit d038c4dee7
11 changed files with 288 additions and 62 deletions
--- a/include/libssh/crypto.h
+++ b/include/libssh/crypto.h
@@ -128,10 +128,12 @@ struct ssh_cipher_struct {
    const char *name; /* ssh name of the algorithm */
    unsigned int blocksize; /* blocksize of the algo */
    enum ssh_cipher_e ciphertype;
+    uint32_t lenfield_blocksize; /* blocksize of the packet length field */
 #ifdef HAVE_LIBGCRYPT
    size_t keylen; /* length of the key structure */
    gcry_cipher_hd_t *key;
 #elif defined HAVE_LIBCRYPTO
+    size_t keylen; /* length of the key structure */
    struct ssh_3des_key_schedule *des3_key;
    struct ssh_aes_key_schedule *aes_key;
    const EVP_CIPHER *cipher;
@@ -141,7 +143,9 @@ struct ssh_cipher_struct {
    mbedtls_cipher_context_t decrypt_ctx;
    mbedtls_cipher_type_t type;
 #endif
+    struct chacha20_poly1305_keysched *chacha20_schedule;
    unsigned int keysize; /* bytes of key used. != keylen */
+    size_t tag_size; /* overhead required for tag */
    /* sets the new key for immediate use */
    int (*set_encrypt_key)(struct ssh_cipher_struct *cipher, void *key, void *IV);
    int (*set_decrypt_key)(struct ssh_cipher_struct *cipher, void *key, void *IV);
@@ -149,6 +153,8 @@ struct ssh_cipher_struct {
        unsigned long len);
    void (*decrypt)(struct ssh_cipher_struct *cipher, void *in, void *out,
        unsigned long len);
+    void (*aead_encrypt)(struct ssh_cipher_struct *cipher, void *in, void *out,
+        size_t len, uint8_t *mac, uint64_t seq);
    void (*cleanup)(struct ssh_cipher_struct *cipher);
 };

--- a/include/libssh/libcrypto.h
+++ b/include/libssh/libcrypto.h
@@ -95,6 +95,7 @@ SHA512CTX sha512_init(void);
 void sha512_update(SHA512CTX c, const void *data, unsigned long len);
 void sha512_final(unsigned char *md, SHA512CTX c);

+void libcrypto_init(void);
 struct ssh_cipher_struct *ssh_get_ciphertab(void);

 #endif /* HAVE_LIBCRYPTO */
--- a/include/libssh/wrapper.h
+++ b/include/libssh/wrapper.h
@@ -39,7 +39,8 @@ enum ssh_hmac_e {
  SSH_HMAC_SHA256,
  SSH_HMAC_SHA384,
  SSH_HMAC_SHA512,
-  SSH_HMAC_MD5
+  SSH_HMAC_MD5,
+  SSH_HMAC_AEAD_POLY1305
 };

 enum ssh_des_e {