Hi,
FYI OpenSSL used to provide broken AES-CTR in version 0.9.7a, shipped in
RHEL 4.8. You can see more info on http://blog.0xbadc0de.be/archives/15
where I learned it the hard way when I got a bug reported to me in libssh.
You may want to detect that version and fall back to software
implementation.
Kr,
Aris
Le 11/12/12 15:01, Pawel Jakub Dawidek a ?crit :> Hi.
>
> OpenSSH currently has its own implementation of AES in counter mode
> (cipher-ctr.c). This is probably because it wasn't available in
OpenSSL.
> From what I see now, recent OpenSSL does implement
> EVP_aes_{128,192,256}_ctr() and it would be nice to use it whenever
> possible. The gain here is that OpenSSH's version uses software AES
> implementation and OpenSSL's version will use AES-NI if available.
>
> Just FYI, unfortunately I cannot prepare nice and clean patch for this
> right now, but changing all evp_aes_128_ctr to EVP_aes_128_ctr,
> EVP_aes_192_ctr and EVP_aes_256_ctr respectively in ciphers[] array just
> works (thanks to the fact that 'c->evptype == evp_aes_128_ctr'
is no
> longer true and IV is taken from cc->evp.iv)..
>
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>