Petr Šabata 81d24c
diff -up openssh-6.8p1/Makefile.in.ctr-cavs openssh-6.8p1/Makefile.in
Petr Šabata 81d24c
--- openssh-6.8p1/Makefile.in.ctr-cavs	2015-03-18 11:22:05.493289018 +0100
Petr Šabata 81d24c
+++ openssh-6.8p1/Makefile.in	2015-03-18 11:22:44.504196316 +0100
Petr Šabata 81d24c
@@ -28,6 +28,7 @@ SSH_KEYSIGN=$(libexecdir)/ssh-keysign
Petr Šabata 81d24c
 SFTP_SERVER=$(libexecdir)/sftp-server
Petr Šabata 81d24c
 SSH_KEYSIGN=$(libexecdir)/ssh-keysign
Petr Šabata 81d24c
 SSH_KEYCAT=$(libexecdir)/ssh-keycat
Petr Šabata 81d24c
+CTR_CAVSTEST=$(libexecdir)/ctr-cavstest
Petr Šabata 81d24c
 SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
Petr Šabata 81d24c
 SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper
Petr Šabata 81d24c
 PRIVSEP_PATH=@PRIVSEP_PATH@
Petr Šabata 81d24c
@@ -66,7 +67,7 @@ EXEEXT=@EXEEXT@
Petr Šabata 81d24c
 
Petr Šabata 81d24c
 .SUFFIXES: .lo
Petr Šabata 81d24c
 
Petr Šabata 81d24c
-TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) ssh-keycat$(EXEEXT)
Petr Šabata 81d24c
+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) ssh-keycat$(EXEEXT) ctr-cavstest$(EXEEXT)
Petr Šabata 81d24c
 
Petr Šabata 81d24c
 XMSS_OBJS=\
Petr Šabata 81d24c
 	ssh-xmss.o \
Petr Šabata 81d24c
@@ -194,6 +195,9 @@ ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) l
Petr Šabata 81d24c
 ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o
Petr Šabata 81d24c
 	$(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS)
Petr Šabata 81d24c
 
Petr Šabata 81d24c
+ctr-cavstest$(EXEEXT): $(LIBCOMPAT) libssh.a ctr-cavstest.o
Petr Šabata 81d24c
+	$(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
Petr Šabata 81d24c
+
Petr Šabata 81d24c
 ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS)
Petr Šabata 81d24c
 	$(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
Petr Šabata 81d24c
 
Petr Šabata 81d24c
@@ -326,6 +330,7 @@ install-files:
Petr Šabata 81d24c
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
Petr Šabata 81d24c
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-sk-helper$(EXEEXT) $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT)
Petr Šabata 81d24c
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keycat$(EXEEXT) $(DESTDIR)$(libexecdir)/ssh-keycat$(EXEEXT)
Petr Šabata 81d24c
+	$(INSTALL) -m 0755 $(STRIP_OPT) ctr-cavstest$(EXEEXT) $(DESTDIR)$(libexecdir)/ctr-cavstest$(EXEEXT)
Petr Šabata 81d24c
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
Petr Šabata 81d24c
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
Petr Šabata 81d24c
 	$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
Petr Šabata 81d24c
diff -up openssh-6.8p1/ctr-cavstest.c.ctr-cavs openssh-6.8p1/ctr-cavstest.c
Petr Šabata 81d24c
--- openssh-6.8p1/ctr-cavstest.c.ctr-cavs	2015-03-18 11:22:05.521288952 +0100
Petr Šabata 81d24c
+++ openssh-6.8p1/ctr-cavstest.c	2015-03-18 11:22:05.521288952 +0100
Petr Šabata 81d24c
@@ -0,0 +1,215 @@
Petr Šabata 81d24c
+/*
Petr Šabata 81d24c
+ *
Petr Šabata 81d24c
+ * invocation (all of the following are equal):
Petr Šabata 81d24c
+ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6
Petr Šabata 81d24c
+ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6 --iv 00000000000000000000000000000000
Petr Šabata 81d24c
+ * echo -n a6deca405eef2e8e4609abf3c3ccf4a6 | ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt
Petr Šabata 81d24c
+ */
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+#include "includes.h"
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+#include <sys/types.h>
Petr Šabata 81d24c
+#include <sys/param.h>
Petr Šabata 81d24c
+#include <stdarg.h>
Petr Šabata 81d24c
+#include <stdio.h>
Petr Šabata 81d24c
+#include <stdlib.h>
Petr Šabata 81d24c
+#include <string.h>
Petr Šabata 81d24c
+#include <ctype.h>
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+#include "xmalloc.h"
Petr Šabata 81d24c
+#include "log.h"
Petr Šabata 81d24c
+#include "ssherr.h"
Petr Šabata 81d24c
+#include "cipher.h"
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+/* compatibility with old or broken OpenSSL versions */
Petr Šabata 81d24c
+#include "openbsd-compat/openssl-compat.h"
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+void usage(void) {
Petr Šabata 81d24c
+        fprintf(stderr, "Usage: ctr-cavstest --algo <ssh-crypto-algorithm>\n"
Petr Šabata 81d24c
+                        "                    --key <hexadecimal-key> --mode <encrypt|decrypt>\n"
Petr Šabata 81d24c
+                        "                    [--iv <hexadecimal-iv>] --data <hexadecimal-data>\n\n"
Petr Šabata 81d24c
+                        "Hexadecimal output is printed to stdout.\n"
Petr Šabata 81d24c
+                        "Hexadecimal input data can be alternatively read from stdin.\n");
Petr Šabata 81d24c
+        exit(1);
Petr Šabata 81d24c
+}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+void *fromhex(char *hex, size_t *len)
Petr Šabata 81d24c
+{
Petr Šabata 81d24c
+        unsigned char *bin;
Petr Šabata 81d24c
+        char *p;
Petr Šabata 81d24c
+        size_t n = 0;
Petr Šabata 81d24c
+        int shift = 4;
Petr Šabata 81d24c
+        unsigned char out = 0;
Petr Šabata 81d24c
+        unsigned char *optr;
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        bin = xmalloc(strlen(hex)/2);
Petr Šabata 81d24c
+        optr = bin;
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        for (p = hex; *p != '\0'; ++p) {
Petr Šabata 81d24c
+                unsigned char c;
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+                c = *p;
Petr Šabata 81d24c
+                if (isspace(c))
Petr Šabata 81d24c
+                        continue;
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+                if (c >= '0' && c <= '9') {
Petr Šabata 81d24c
+                        c = c - '0';
Petr Šabata 81d24c
+                } else if (c >= 'A' && c <= 'F') {
Petr Šabata 81d24c
+                        c = c - 'A' + 10;
Petr Šabata 81d24c
+                } else if (c >= 'a' && c <= 'f') {
Petr Šabata 81d24c
+                        c = c - 'a' + 10;
Petr Šabata 81d24c
+                } else {
Petr Šabata 81d24c
+                        /* truncate on nonhex cipher */
Petr Šabata 81d24c
+                        break;
Petr Šabata 81d24c
+                }
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+                out |= c << shift;
Petr Šabata 81d24c
+                shift = (shift + 4) % 8;
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+                if (shift) {
Petr Šabata 81d24c
+                        *(optr++) = out;
Petr Šabata 81d24c
+                        out = 0;
Petr Šabata 81d24c
+                        ++n;
Petr Šabata 81d24c
+                }
Petr Šabata 81d24c
+        }
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        *len = n;
Petr Šabata 81d24c
+        return bin;
Petr Šabata 81d24c
+}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+#define READ_CHUNK 4096
Petr Šabata 81d24c
+#define MAX_READ_SIZE 1024*1024*100
Petr Šabata 81d24c
+char *read_stdin(void)
Petr Šabata 81d24c
+{
Petr Šabata 81d24c
+        char *buf;
Petr Šabata 81d24c
+        size_t n, total = 0;
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        buf = xmalloc(READ_CHUNK);
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        do {
Petr Šabata 81d24c
+                n = fread(buf + total, 1, READ_CHUNK, stdin);
Petr Šabata 81d24c
+                if (n < READ_CHUNK) /* terminate on short read */
Petr Šabata 81d24c
+                        break;
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+                total += n;
Petr Šabata 81d24c
+                buf = xreallocarray(buf, total + READ_CHUNK, 1);
Petr Šabata 81d24c
+        } while(total < MAX_READ_SIZE);
Petr Šabata 81d24c
+        return buf;
Petr Šabata 81d24c
+}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+int main (int argc, char *argv[])
Petr Šabata 81d24c
+{
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        const struct sshcipher *c;
Petr Šabata 81d24c
+        struct sshcipher_ctx *cc;
Petr Šabata 81d24c
+        char *algo = "aes128-ctr";
Petr Šabata 81d24c
+        char *hexkey = NULL;
Petr Šabata 81d24c
+        char *hexiv = "00000000000000000000000000000000";
Petr Šabata 81d24c
+        char *hexdata = NULL;
Petr Šabata 81d24c
+        char *p;
Petr Šabata 81d24c
+        int i, r;
Petr Šabata 81d24c
+        int encrypt = 1;
Petr Šabata 81d24c
+        void *key;
Petr Šabata 81d24c
+        size_t keylen;
Petr Šabata 81d24c
+        void *iv;
Petr Šabata 81d24c
+        size_t ivlen;
Petr Šabata 81d24c
+        void *data;
Petr Šabata 81d24c
+        size_t datalen;
Petr Šabata 81d24c
+        void *outdata;
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        for (i = 1; i < argc; ++i) {
Petr Šabata 81d24c
+                if (strcmp(argv[i], "--algo") == 0) {
Petr Šabata 81d24c
+                        algo = argv[++i];
Petr Šabata 81d24c
+                } else if (strcmp(argv[i], "--key") == 0) {
Petr Šabata 81d24c
+                        hexkey = argv[++i];
Petr Šabata 81d24c
+                } else if (strcmp(argv[i], "--mode") == 0) {
Petr Šabata 81d24c
+                        ++i;
Petr Šabata 81d24c
+                        if (argv[i] == NULL) {
Petr Šabata 81d24c
+                                usage();
Petr Šabata 81d24c
+                        }
Petr Šabata 81d24c
+                        if (strncmp(argv[i], "enc", 3) == 0) {
Petr Šabata 81d24c
+                                encrypt = 1;
Petr Šabata 81d24c
+                        } else if (strncmp(argv[i], "dec", 3) == 0) {
Petr Šabata 81d24c
+                                encrypt = 0;
Petr Šabata 81d24c
+                        } else {
Petr Šabata 81d24c
+                                usage();
Petr Šabata 81d24c
+                        }
Petr Šabata 81d24c
+                } else if (strcmp(argv[i], "--iv") == 0) {
Petr Šabata 81d24c
+                        hexiv = argv[++i];
Petr Šabata 81d24c
+                } else if (strcmp(argv[i], "--data") == 0) {
Petr Šabata 81d24c
+                        hexdata = argv[++i];
Petr Šabata 81d24c
+                }
Petr Šabata 81d24c
+        }
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        if (hexkey == NULL || algo == NULL) {
Petr Šabata 81d24c
+                usage();
Petr Šabata 81d24c
+        }
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	OpenSSL_add_all_algorithms();
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	c = cipher_by_name(algo);
Petr Šabata 81d24c
+	if (c == NULL) {
Petr Šabata 81d24c
+		fprintf(stderr, "Error: unknown algorithm\n");
Petr Šabata 81d24c
+		return 2;
Petr Šabata 81d24c
+	}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        if (hexdata == NULL) {
Petr Šabata 81d24c
+                hexdata = read_stdin();
Petr Šabata 81d24c
+        } else {
Petr Šabata 81d24c
+                hexdata = xstrdup(hexdata);
Petr Šabata 81d24c
+        }
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        key = fromhex(hexkey, &keylen);
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	if (keylen != 16 && keylen != 24 && keylen == 32) {
Petr Šabata 81d24c
+		fprintf(stderr, "Error: unsupported key length\n");
Petr Šabata 81d24c
+		return 2;
Petr Šabata 81d24c
+	}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        iv = fromhex(hexiv, &ivlen);
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        if (ivlen != 16) {
Petr Šabata 81d24c
+		fprintf(stderr, "Error: unsupported iv length\n");
Petr Šabata 81d24c
+		return 2;
Petr Šabata 81d24c
+        }
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        data = fromhex(hexdata, &datalen);
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	if (data == NULL || datalen == 0) {
Petr Šabata 81d24c
+		fprintf(stderr, "Error: no data to encrypt/decrypt\n");
Petr Šabata 81d24c
+		return 2;
Petr Šabata 81d24c
+	}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	if ((r = cipher_init(&cc, c, key, keylen, iv, ivlen, encrypt)) != 0) {
Petr Šabata 81d24c
+		fprintf(stderr, "Error: cipher_init failed: %s\n", ssh_err(r));
Petr Šabata 81d24c
+		return 2;
Petr Šabata 81d24c
+	}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	free(key);
Petr Šabata 81d24c
+	free(iv);
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	outdata = malloc(datalen);
Petr Šabata 81d24c
+	if(outdata == NULL) {
Petr Šabata 81d24c
+		fprintf(stderr, "Error: memory allocation failure\n");
Petr Šabata 81d24c
+		return 2;
Petr Šabata 81d24c
+	}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	if ((r = cipher_crypt(cc, 0, outdata, data, datalen, 0, 0)) != 0) {
Petr Šabata 81d24c
+		fprintf(stderr, "Error: cipher_crypt failed: %s\n", ssh_err(r));
Petr Šabata 81d24c
+		return 2;
Petr Šabata 81d24c
+	}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	free(data);
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+	cipher_free(cc);
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        for (p = outdata; datalen > 0; ++p, --datalen) {
Petr Šabata 81d24c
+		printf("%02X", (unsigned char)*p);
Petr Šabata 81d24c
+	}
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        free(outdata);
Petr Šabata 81d24c
+
Petr Šabata 81d24c
+        printf("\n");
Petr Šabata 81d24c
+        return 0;
Petr Šabata 81d24c
+}
Petr Šabata 81d24c
+