search for: sshcipher_ctx

...equates to + * 2**32 blocks / 64GB data. + */ + return (uint64_t)1 << (c->block_size * 2); +} + u_int cipher_keylen(const struct sshcipher *c) { diff --git a/cipher.h b/cipher.h index 1a591cd..68be9ed 100644 --- a/cipher.h +++ b/cipher.h @@ -63,6 +63,7 @@ int cipher_get_length(struct sshcipher_ctx *, u_int *, u_int, const u_char *, u_int); void cipher_free(struct sshcipher_ctx *); u_int cipher_blocksize(const struct sshcipher *); +uint64_t cipher_rekey_blocks(const struct sshcipher *); u_int cipher_keylen(const struct sshcipher *); u_int cipher_seclen(const struct sshcipher *);...

...this equates to + * 2**32 blocks / 64GB data. + */ + return (uint64_t)1 << (c->block_size * 2); +} + u_int cipher_keylen(const struct sshcipher *c) { diff --git a/cipher.h b/cipher.h index 1a591cd..68be9ed 100644 --- a/cipher.h +++ b/cipher.h @@ -63,6 +63,7 @@ int cipher_get_length(struct sshcipher_ctx *, u_int *, u_int, const u_char *, u_int); void cipher_free(struct sshcipher_ctx *); u_int cipher_blocksize(const struct sshcipher *); +uint64_t cipher_rekey_blocks(const struct sshcipher *); u_int cipher_keylen(const struct sshcipher *); u_int cipher_seclen(const struct sshcipher *); u_int cipher_...

...; + return (uint64_t)1 << (c->block_size * 2); > +} > + > u_int > cipher_keylen(const struct sshcipher *c) > { > diff --git a/cipher.h b/cipher.h > index 1a591cd..68be9ed 100644 > --- a/cipher.h > +++ b/cipher.h > @@ -63,6 +63,7 @@ int cipher_get_length(struct sshcipher_ctx *, u_int *, > u_int, > const u_char *, u_int); > void cipher_free(struct sshcipher_ctx *); > u_int cipher_blocksize(const struct sshcipher *); > +uint64_t cipher_rekey_blocks(const struct sshcipher *); > u_int cipher_keylen(const struct sshcipher *); > u_int cipher_seclen(const...

I was wondering if there was something specific to the internal chacha20 cipher as opposed to OpenSSL implementation. I can't just change the block size because it breaks compatibility. I can do something like as a hack (though it would probably be better to do it with the compat function): if (strstr(enc->name, "chacha")) *max_blocks = (u_int64_t)1 << (16*2);

...; + return (uint64_t)1 << (c->block_size * 2); > +} > + > u_int > cipher_keylen(const struct sshcipher *c) > { > diff --git a/cipher.h b/cipher.h > index 1a591cd..68be9ed 100644 > --- a/cipher.h > +++ b/cipher.h > @@ -63,6 +63,7 @@ int cipher_get_length(struct sshcipher_ctx *, u_int *, > u_int, > const u_char *, u_int); > void cipher_free(struct sshcipher_ctx *); > u_int cipher_blocksize(const struct sshcipher *); > +uint64_t cipher_rekey_blocks(const struct sshcipher *); > u_int cipher_keylen(const struct sshcipher *); > u_int cipher_seclen(const...

...sshkey **pubkeyp, struct sshkey_vault **vault_infop) ?{ ??? ?char *ciphername = NULL, *kdfname = NULL; ??? ?const struct sshcipher *cipher = NULL; @@ -4038,12 +4081,21 @@ private2_decrypt(struct sshbuf *decoded, const char *passphrase, ??? ?struct sshbuf *kdf = NULL, *decrypted = NULL; ??? ?struct sshcipher_ctx *ciphercontext = NULL; ??? ?struct sshkey *pubkey = NULL; +?? ?struct sshkey_vault *vault_info = NULL; ??? ?u_char *key = NULL, *salt = NULL, *dp; ??? ?u_int blocksize, rounds, nkeys, encrypted_len, check1, check2; ? ??? ?if (decoded == NULL || decryptedp == NULL || pubkeyp == NULL) ??? ??? ?return...

Hi, OpenSSH 7.2 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains many bugfixes and several new features. The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is available via Git at https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at