OpenSSH uses its own CTR mode implementation, correct? ?I seem to recall some discussion about why it hasn't/won't switch over to using OpenSSL's implementation, but I can't find the thread anymore. So... why doesn't OpenSSH use OpenSSL's CTR mode implementation? Thanks.
On 03/31/14 05:40 PM, no_spam_98 at yahoo.com wrote:> OpenSSH uses its own CTR mode implementation, correct? I seem to recall some discussion about why it hasn't/won't switch over to using OpenSSL's implementation, but I can't find the thread anymore. > > So... why doesn't OpenSSH use OpenSSL's CTR mode implementation?If you are speaking of CTR mode to AES, it does use OpenSSL for that. For some time it didn't, because OpenSSL's envelope API didn't provide it, but when OpenSSL introduced it, OpenSSH's own implementation was ditched [1]. Tomas [1] http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/cipher.c#rev1.84
On Mon, Mar 31, 2014 at 08:40:26AM -0700, no_spam_98 at yahoo.com wrote:> OpenSSH uses its own CTR mode implementation, correct? ?I seem to > recall some discussion about why it hasn't/won't switch over to using > OpenSSL's implementation, but I can't find the thread anymore. > > So... why doesn't OpenSSH use OpenSSL's CTR mode implementation?I believe as of 6.2, OpenSSH defaults to using OpenSSL's EVP_aes_*_ctr. I'm unaware of the history (hopefully one of the devs can jump in and help us there). What I do know is OpenSSL introduced AES-CTR support with 0.9.7. --mancha -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20140331/cb5f2bba/attachment.bin>
FYI, Openssl 0.9.7<= x <0.9.7c implement is but the implementation was broken. It gave me my share of headaches on a particular version of CentOS/RHEL 4.8 that was using 0.9.7a. More details on https://blog.0xbadc0de.be/archives/15 Aris Le 31/03/14 18:11, mancha a ?crit :> On Mon, Mar 31, 2014 at 08:40:26AM -0700, no_spam_98 at yahoo.com > wrote: >> OpenSSH uses its own CTR mode implementation, correct? I seem >> to recall some discussion about why it hasn't/won't switch over >> to using OpenSSL's implementation, but I can't find the thread >> anymore. >> >> So... why doesn't OpenSSH use OpenSSL's CTR mode implementation? > > I believe as of 6.2, OpenSSH defaults to using OpenSSL's > EVP_aes_*_ctr. > > I'm unaware of the history (hopefully one of the devs can jump in > and help us there). What I do know is OpenSSL introduced AES-CTR > support with 0.9.7. > > --mancha > > > > _______________________________________________ openssh-unix-dev > mailing list openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >