Displaying 7 results from an estimated 7 matches for "cipher_authlen".
2015 Mar 14
6
[Bug 2366] New: ssh-keygen doesn't correctly decode new format GCM-encrypted keys
...e error happens for all key types when
using the new private key format.
The error is in the call inside sshkey_parse_private2() where it passes
in the length of the encrypted buffer:
if ((r = cipher_crypt(&ciphercontext, 0, dp,
sshbuf_ptr(decoded),
sshbuf_len(decoded), 0, cipher_authlen(cipher))) != 0) {
The length here should be encrypted_len, not sshbuf_len(decoded), as
that includes the cipher_authlen(cipher) additional MAC bytes.
A few additional changes are needed to use encrypted_len safely here
and to later properly consume the auth data. I have attached a patch
which I b...
2023 Mar 29
2
ChaCha20 Rekey Frequency
...t *, u_int,
const u_char *, u_int);
void cipher_free(struct sshcipher_ctx *);
u_int cipher_blocksize(const struct sshcipher *);
+uint64_t cipher_rekey_blocks(const struct sshcipher *);
u_int cipher_keylen(const struct sshcipher *);
u_int cipher_seclen(const struct sshcipher *);
u_int cipher_authlen(const struct sshcipher *);
diff --git a/packet.c b/packet.c
index a71820f..377f608 100644
--- a/packet.c
+++ b/packet.c
@@ -55,6 +55,7 @@
#include <poll.h>
#include <signal.h>
#include <time.h>
+#include <util.h>
#ifdef WITH_ZLIB
#include <zlib.h>
@@ -850,6 +851...
2023 Mar 29
1
[EXTERNAL] Re: ChaCha20 Rekey Frequency
...her_ctx *, u_int *, u_int,
const u_char *, u_int);
void cipher_free(struct sshcipher_ctx *);
u_int cipher_blocksize(const struct sshcipher *);
+uint64_t cipher_rekey_blocks(const struct sshcipher *);
u_int cipher_keylen(const struct sshcipher *);
u_int cipher_seclen(const struct sshcipher *);
u_int cipher_authlen(const struct sshcipher *);
diff --git a/packet.c b/packet.c
index a71820f..377f608 100644
--- a/packet.c
+++ b/packet.c
@@ -55,6 +55,7 @@
#include <poll.h>
#include <signal.h>
#include <time.h>
+#include <util.h>
#ifdef WITH_ZLIB
#include <zlib.h>
@@ -850,6 +851,7 @@...
2023 Mar 29
1
[EXTERNAL] Re: ChaCha20 Rekey Frequency
...st u_char *, u_int);
> void cipher_free(struct sshcipher_ctx *);
> u_int cipher_blocksize(const struct sshcipher *);
> +uint64_t cipher_rekey_blocks(const struct sshcipher *);
> u_int cipher_keylen(const struct sshcipher *);
> u_int cipher_seclen(const struct sshcipher *);
> u_int cipher_authlen(const struct sshcipher *);
> diff --git a/packet.c b/packet.c
> index a71820f..377f608 100644
> --- a/packet.c
> +++ b/packet.c
> @@ -55,6 +55,7 @@
> #include <poll.h>
> #include <signal.h>
> #include <time.h>
> +#include <util.h>
>
> #ifdef...
2023 Mar 29
1
ChaCha20 Rekey Frequency
I was wondering if there was something specific to the internal chacha20
cipher as opposed to OpenSSL implementation.
I can't just change the block size because it breaks compatibility. I
can do something like as a hack (though it would probably be better to
do it with the compat function):
if (strstr(enc->name, "chacha"))
*max_blocks = (u_int64_t)1 << (16*2);
2023 Mar 29
1
[EXTERNAL] Re: ChaCha20 Rekey Frequency
...st u_char *, u_int);
> void cipher_free(struct sshcipher_ctx *);
> u_int cipher_blocksize(const struct sshcipher *);
> +uint64_t cipher_rekey_blocks(const struct sshcipher *);
> u_int cipher_keylen(const struct sshcipher *);
> u_int cipher_seclen(const struct sshcipher *);
> u_int cipher_authlen(const struct sshcipher *);
> diff --git a/packet.c b/packet.c
> index a71820f..377f608 100644
> --- a/packet.c
> +++ b/packet.c
> @@ -55,6 +55,7 @@
> #include <poll.h>
> #include <signal.h>
> #include <time.h>
> +#include <util.h>
>
> #ifdef...
2017 Jun 13
7
[Bug 2729] New: Can connect with MAC hmac-sha1 even though it's not configured on the server
https://bugzilla.mindrot.org/show_bug.cgi?id=2729
Bug ID: 2729
Summary: Can connect with MAC hmac-sha1 even though it's not
configured on the server
Product: Portable OpenSSH
Version: 7.5p1
Hardware: All
OS: Linux
Status: NEW
Severity: security
Priority: P5