Index: openssh/cipher-ctr.c =================================================================== --- openssh/cipher-ctr.c (revision 6) +++ openssh/cipher-ctr.c (working copy) @@ -42,6 +42,19 @@ u_char aes_counter[AES_BLOCK_SIZE]; }; +#ifdef USE_CIPHER_CAMELLIA +#include + +const EVP_CIPHER *evp_camellia_128_ctr(void); +void ssh_camellia_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); + +struct ssh_camellia_ctr_ctx +{ + CAMELLIA_KEY camellia_ctx; + u_char camellia_counter[CAMELLIA_BLOCK_SIZE]; +}; +#endif + /* * increment counter 'ctr', * the counter is of size 'len' bytes and stored in network-byte-order. @@ -144,3 +157,94 @@ #endif return (&aes_ctr); } + +#ifdef USE_CIPHER_CAMELLIA +static int +ssh_camellia_ctr(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, + u_int len) +{ + struct ssh_camellia_ctr_ctx *c; + u_int n = 0; + u_char buf[CAMELLIA_BLOCK_SIZE]; + + if (len == 0) + return (1); + if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) + return (0); + + while ((len--) > 0) { + if (n == 0) { + Camellia_encrypt(c->camellia_counter, buf, &c->camellia_ctx); + ssh_ctr_inc(c->camellia_counter, CAMELLIA_BLOCK_SIZE); + } + *(dest++) = *(src++) ^ buf[n]; + n = (n + 1) % CAMELLIA_BLOCK_SIZE; + } + return (1); +} + +static int +ssh_camellia_ctr_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, + int enc) +{ + struct ssh_camellia_ctr_ctx *c; + + if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { + c = xmalloc(sizeof(*c)); + EVP_CIPHER_CTX_set_app_data(ctx, c); + } + if (key != NULL) + Camellia_set_key(key, + EVP_CIPHER_CTX_key_length(ctx) * 8, + &c->camellia_ctx); + if (iv != NULL) + memcpy(c->camellia_counter, iv, CAMELLIA_BLOCK_SIZE); + return (1); +} + +static int +ssh_camellia_ctr_cleanup(EVP_CIPHER_CTX *ctx) +{ + struct ssh_camellia_ctr_ctx *c; + + if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { + memset(c, 0, sizeof(*c)); + xfree(c); + EVP_CIPHER_CTX_set_app_data(ctx, NULL); + } + return (1); +} + +void +ssh_camellia_ctr_iv(EVP_CIPHER_CTX *evp, int doset, u_char * iv, u_int len) +{ + struct ssh_camellia_ctr_ctx *c; + + if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL) + fatal("ssh_camellia_ctr_iv: no context"); + if (doset) + memcpy(c->camellia_counter, iv, len); + else + memcpy(iv, c->camellia_counter, len); +} + +const EVP_CIPHER * +evp_camellia_128_ctr(void) +{ + static EVP_CIPHER camellia_ctr; + + memset(&camellia_ctr, 0, sizeof(EVP_CIPHER)); + camellia_ctr.nid = NID_undef; + camellia_ctr.block_size = CAMELLIA_BLOCK_SIZE; + camellia_ctr.iv_len = CAMELLIA_BLOCK_SIZE; + camellia_ctr.key_len = 16; + camellia_ctr.init = ssh_camellia_ctr_init; + camellia_ctr.cleanup = ssh_camellia_ctr_cleanup; + camellia_ctr.do_cipher = ssh_camellia_ctr; +#ifndef SSH_OLD_EVP + camellia_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | + EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; +#endif + return (&camellia_ctr); +} +#endif Index: openssh/myproposal.h =================================================================== --- openssh/myproposal.h (revision 6) +++ openssh/myproposal.h (working copy) @@ -42,6 +42,9 @@ #define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" #define KEX_DEFAULT_ENCRYPT \ + "camellia256-ctr,camellia256-cbc," \ + "camellia192-ctr,camellia192-cbc," \ + "camellia128-ctr,camellia128-cbc," \ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ "arcfour128,arcfour256,arcfour," \ "aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se," \ Index: openssh/cipher.c =================================================================== --- openssh/cipher.c (revision 6) +++ openssh/cipher.c (working copy) @@ -56,6 +56,10 @@ extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); extern const EVP_CIPHER *evp_aes_128_ctr(void); extern void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); +#ifdef USE_CIPHER_CAMELLIA +extern const EVP_CIPHER *evp_camellia_128_ctr(void); +extern void ssh_camellia_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); +#endif struct Cipher { char *name; @@ -87,6 +91,14 @@ #ifdef USE_CIPHER_ACSS { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss }, #endif +#ifdef USE_CIPHER_CAMELLIA + { "camellia128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_camellia_128_cbc }, + { "camellia192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_camellia_192_cbc }, + { "camellia256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_camellia_256_cbc }, + { "camellia128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, evp_camellia_128_ctr }, + { "camellia192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, evp_camellia_128_ctr }, + { "camellia256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, evp_camellia_128_ctr }, +#endif { NULL, SSH_CIPHER_INVALID, 0, 0, 0, NULL } }; @@ -346,6 +358,10 @@ #endif if (c->evptype == evp_aes_128_ctr) ssh_aes_ctr_iv(&cc->evp, 0, iv, len); +#ifdef USE_CIPHER_CAMELLIA + else if (c->evptype == evp_camellia_128_ctr) + ssh_camellia_ctr_iv(&cc->evp, 0, iv, len); +#endif else memcpy(iv, cc->evp.iv, len); break; @@ -377,6 +393,10 @@ #endif if (c->evptype == evp_aes_128_ctr) ssh_aes_ctr_iv(&cc->evp, 1, iv, evplen); +#ifdef USE_CIPHER_CAMELLIA + else if (c->evptype == evp_camellia_128_ctr) + ssh_camellia_ctr_iv(&cc->evp, 1, iv, evplen); +#endif else memcpy(cc->evp.iv, iv, evplen); break; Index: PortForwarder.vcproj =================================================================== --- PortForwarder.vcproj (revision 6) +++ PortForwarder.vcproj (working copy) @@ -50,7 +50,7 @@ Optimization="2" InlineFunctionExpansion="1" AdditionalIncludeDirectories=".,openssl\inc32,dummy_inc,openssh,zlib" - PreprocessorDefinitions="NDEBUG;_TOH_;USE_PAGEANT;WIN32;_WINDOWS;_PFPROXY_" + PreprocessorDefinitions="NDEBUG;_TOH_;USE_PAGEANT;WIN32;_WINDOWS;_PFPROXY_;USE_CIPHER_CAMELLIA" StringPooling="true" RuntimeLibrary="0" EnableFunctionLevelLinking="true" @@ -144,7 +144,7 @@ Name="VCCLCompilerTool" Optimization="0" AdditionalIncludeDirectories=".,openssl\inc32,dummy_inc,openssh,zlib" - PreprocessorDefinitions="_DEBUG;_TOH_;USE_PAGEANT;WIN32;_WINDOWS;_PFVERBOSE_;_PFPROXY_" + PreprocessorDefinitions="_DEBUG;_TOH_;USE_PAGEANT;WIN32;_WINDOWS;_PFVERBOSE_;_PFPROXY_;USE_CIPHER_CAMELLIA" BasicRuntimeChecks="3" RuntimeLibrary="1" PrecompiledHeaderFile=".\Debug/PortForwarder.pch"