crypto: Disable blowfish support by default

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>

CMakeLists.txt

@@ -227,6 +227,7 @@ message(STATUS "Pcap debugging support : ${WITH_PCAP}")
 message(STATUS "With static library: ${WITH_STATIC_LIB}")
 message(STATUS "Unit testing: ${UNIT_TESTING}")
 message(STATUS "Client code testing: ${CLIENT_TESTING}")
+message(STATUS "Blowfish cipher support: ${WITH_BLOWFISH_CIPHER}")
 set(_SERVER_TESTING OFF)
 if (WITH_SERVER)
     set(_SERVER_TESTING ${SERVER_TESTING})

ConfigureChecks.cmake

@@ -89,8 +89,10 @@ if (OPENSSL_FOUND)
         message(FATAL_ERROR "Could not detect openssl/aes.h")
     endif()
 
-    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
+    if (WITH_BLOWFISH_CIPHER)
-    check_include_file(openssl/blowfish.h HAVE_OPENSSL_BLOWFISH_H)
+        set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
+        check_include_file(openssl/blowfish.h HAVE_OPENSSL_BLOWFISH_H)
+    endif()
 
     set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
     check_include_file(openssl/ecdh.h HAVE_OPENSSL_ECDH_H)

DefineOptions.cmake

@@ -8,6 +8,7 @@ option(WITH_DEBUG_PACKET "Build with packet debug output" OFF)
 option(WITH_DEBUG_CALLTRACE "Build with calltrace debug output" ON)
 option(WITH_GCRYPT "Compile against libgcrypt" OFF)
 option(WITH_MBEDTLS "Compile against libmbedtls" OFF)
+option(WITH_BLOWFISH_CIPHER "Compile with blowfish support" OFF)
 option(WITH_PCAP "Compile with Pcap generation support" ON)
 option(WITH_INTERNAL_DOC "Compile doxygen internal documentation" OFF)
 option(UNIT_TESTING "Build with unit tests" OFF)

config.h.cmake

@@ -238,6 +238,9 @@
 /* Define to 1 if you want to enable server support */
 #cmakedefine WITH_SERVER 1
 
+/* Define to 1 if you want to enable blowfish cipher support */
+#cmakedefine WITH_BLOWFISH_CIPHER 1
+
 /* Define to 1 if you want to enable debug output for crypto functions */
 #cmakedefine DEBUG_CRYPTO 1
 

include/libssh/crypto.h

@@ -76,7 +76,9 @@ enum ssh_key_exchange_e {
 
 enum ssh_cipher_e {
     SSH_NO_CIPHER=0,
+#ifdef WITH_BLOWFISH_CIPHER
     SSH_BLOWFISH_CBC,
+#endif /* WITH_BLOWFISH_CIPHER */
     SSH_3DES_CBC,
     SSH_AES128_CBC,
     SSH_AES192_CBC,

src/kex.c

@@ -39,16 +39,24 @@
 #include "libssh/knownhosts.h"
 #include "libssh/misc.h"
 
+#ifdef WITH_BLOWFISH_CIPHER
+# if defined(HAVE_OPENSSL_BLOWFISH_H) || defined(HAVE_LIBGCRYPT) || defined(HAVE_LIBMBEDCRYPTO)
+#  define BLOWFISH "blowfish-cbc,"
+# else
+#  define BLOWFISH ""
+# endif
+#else
+# define BLOWFISH ""
+#endif
+
 #ifdef HAVE_LIBGCRYPT
-# define BLOWFISH "blowfish-cbc,"
 # define AES "aes256-gcm@openssh.com,aes128-gcm@openssh.com," \
              "aes256-ctr,aes192-ctr,aes128-ctr," \
              "aes256-cbc,aes192-cbc,aes128-cbc,"
 # define DES "3des-cbc"
 # define DES_SUPPORTED "3des-cbc"
 
-#elif defined HAVE_LIBMBEDCRYPTO
+#elif defined(HAVE_LIBMBEDCRYPTO)
-# define BLOWFISH "blowfish-cbc,"
 # ifdef MBEDTLS_GCM_C
 #  define GCM "aes256-gcm@openssh.com,aes128-gcm@openssh.com,"
 # else
@@ -60,13 +68,6 @@
 # define DES_SUPPORTED "3des-cbc"
 
 #elif defined(HAVE_LIBCRYPTO)
-
-# ifdef HAVE_OPENSSL_BLOWFISH_H
-#  define BLOWFISH "blowfish-cbc,"
-# else /* HAVE_OPENSSL_BLOWFISH_H */
-#  define BLOWFISH ""
-# endif /* HAVE_OPENSSL_BLOWFISH_H */
-
 # ifdef HAVE_OPENSSL_AES_H
 #  ifdef HAVE_OPENSSL_EVP_AES_GCM
 #   define GCM "aes256-gcm@openssh.com,aes128-gcm@openssh.com,"

src/libcrypto.c

@@ -514,10 +514,12 @@ static void evp_cipher_init(struct ssh_cipher_struct *cipher) {
     case SSH_3DES_CBC:
         cipher->cipher = EVP_des_ede3_cbc();
         break;
+#ifdef WITH_BLOWFISH_CIPHER
     case SSH_BLOWFISH_CBC:
         cipher->cipher = EVP_bf_cbc();
         break;
         /* ciphers not using EVP */
+#endif
     case SSH_AEAD_CHACHA20_POLY1305:
         SSH_LOG(SSH_LOG_WARNING, "The ChaCha cipher cannot be handled here");
         break;
@@ -881,6 +883,7 @@ evp_cipher_aead_decrypt(struct ssh_cipher_struct *cipher,
  * The table of supported ciphers
  */
 static struct ssh_cipher_struct ssh_ciphertab[] = {
+#ifdef WITH_BLOWFISH_CIPHER
   {
     .name = "blowfish-cbc",
     .blocksize = 8,
@@ -892,6 +895,7 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
     .decrypt = evp_cipher_decrypt,
     .cleanup = evp_cipher_cleanup
   },
+#endif
 #ifdef HAS_AES
 #ifndef BROKEN_AES_CTR
 /* OpenSSL until 0.9.7c has a broken AES_ctr128_encrypt implementation which

src/libgcrypt.c

@@ -311,6 +311,7 @@ void hmac_final(HMACCTX c, unsigned char *hashmacbuf, unsigned int *len) {
   gcry_md_close(c);
 }
 
+#ifdef WITH_BLOWFISH_CIPHER
 /* the wrapper functions for blowfish */
 static int blowfish_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){
   if (cipher->key == NULL) {
@@ -345,6 +346,7 @@ static void blowfish_decrypt(struct ssh_cipher_struct *cipher, void *in,
     void *out, unsigned long len) {
   gcry_cipher_decrypt(cipher->key[0], out, len, in, len);
 }
+#endif /* WITH_BLOWFISH_CIPHER */
 
 static int aes_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV) {
   int mode=GCRY_CIPHER_MODE_CBC;
@@ -610,6 +612,7 @@ static void des3_decrypt(struct ssh_cipher_struct *cipher, void *in,
 
 /* the table of supported ciphers */
 static struct ssh_cipher_struct ssh_ciphertab[] = {
+#ifdef WITH_BLOWFISH_CIPHER
   {
     .name            = "blowfish-cbc",
     .blocksize       = 8,
@@ -621,6 +624,7 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
     .encrypt     = blowfish_encrypt,
     .decrypt     = blowfish_decrypt
   },
+#endif /* WITH_BLOWFISH_CIPHER */
   {
     .name            = "aes128-ctr",
     .blocksize       = 16,

src/libmbedcrypto.c

@@ -951,6 +951,7 @@ static void cipher_cleanup(struct ssh_cipher_struct *cipher)
 }
 
 static struct ssh_cipher_struct ssh_ciphertab[] = {
+#ifdef WITH_BLOWFISH_CIPHER
     {
         .name = "blowfish-cbc",
         .blocksize = 8,
@@ -962,6 +963,7 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
         .decrypt = cipher_decrypt_cbc,
         .cleanup = cipher_cleanup
     },
+#endif /* WITH_BLOWFISH_CIPHER */
     {
         .name = "aes128-ctr",
         .blocksize = 16,

src/packet_crypt.c

@@ -33,7 +33,6 @@
 #endif
 
 #ifdef OPENSSL_CRYPTO
-#include <openssl/blowfish.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
 #endif

tests/client/torture_algorithms.c

@@ -269,6 +269,7 @@ static void torture_algorithms_3des_cbc_hmac_sha2_512(void **state) {
     test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-512");
 }
 
+#ifdef WITH_BLOWFISH_CIPHER
 #if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6)
 static void torture_algorithms_blowfish_cbc_hmac_sha1(void **state) {
     struct torture_state *s = *state;
@@ -288,6 +289,7 @@ static void torture_algorithms_blowfish_cbc_hmac_sha2_512(void **state) {
     test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-512");
 }
 #endif
+#endif /* WITH_BLOWFISH_CIPHER */
 
 static void torture_algorithms_chacha20_poly1305(void **state)
 {
@@ -508,6 +510,7 @@ int torture_run_tests(void) {
         cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha2_512,
                                         session_setup,
                                         session_teardown),
+#ifdef WITH_BLOWFISH_CIPHER
 #if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6)
         cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha1,
                                         session_setup,
@@ -519,6 +522,7 @@ int torture_run_tests(void) {
                                         session_setup,
                                         session_teardown),
 #endif
+#endif /* WITH_BLOWFISH_CIPHER */
         cmocka_unit_test_setup_teardown(torture_algorithms_chacha20_poly1305,
                                         session_setup,
                                         session_teardown),