Do not compile aes*-ctr with <=OpenSSL 0.9.7b

author: Aris Adamantiadis <aris@0xbadc0de.be> 2010-04-14 20:43:06 +0200
committer: Aris Adamantiadis <aris@0xbadc0de.be> 2010-04-14 20:43:06 +0200
commit: 08a1bebb5887834fe55e65a2427b25c7a6563083 (patch)
tree: 835ba8e1ea6f661da0698013c8d7c78c42222dcd /libssh/wrapper.c
parent: 6195b133bf88d3dd2312530af2975ede8e12299a (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/libssh/wrapper.c b/libssh/wrapper.c
index 807f743a..c3a31237 100644
--- a/libssh/wrapper.c
+++ b/libssh/wrapper.c
@@ -614,6 +614,11 @@ static void aes_decrypt(struct crypto_struct *cipher, void *in, void *out,
   AES_cbc_encrypt(in, out, len, cipher->key, IV, AES_DECRYPT);
 }
 
+#ifndef BROKEN_AES_CTR
+/* OpenSSL until 0.9.7c has a broken AES_ctr128_encrypt implementation which
+ * increments the counter from 2^64 instead of 1. It's better not to use it
+ */
+
 /** @internal
  * @brief encrypts/decrypts data with stream cipher AES_ctr128. 128 bits is actually
  * the size of the CTR counter and incidentally the blocksize, but not the keysize.
@@ -631,6 +636,7 @@ static void aes_ctr128_encrypt(struct crypto_struct *cipher, void *in, void *out
    */
   AES_ctr128_encrypt(in, out, len, cipher->key, IV, tmp_buffer, &num);
 }
+#endif /* BROKEN_AES_CTR */
 #endif /* HAS_AES */
 
 #ifdef HAS_DES
@@ -722,6 +728,7 @@ static struct crypto_struct ssh_ciphertab[] = {
   },
 #endif /* HAS_BLOWFISH */
 #ifdef HAS_AES
+#ifndef BROKEN_AES_CTR
   {
     "aes128-ctr",
     16,
@@ -755,6 +762,7 @@ static struct crypto_struct ssh_ciphertab[] = {
     aes_ctr128_encrypt,
     aes_ctr128_encrypt
   },
+#endif /* BROKEN_AES_CTR */
   {
     "aes128-cbc",
     16,
author	Aris Adamantiadis <aris@0xbadc0de.be>	2010-04-14 20:43:06 +0200
committer	Aris Adamantiadis <aris@0xbadc0de.be>	2010-04-14 20:43:06 +0200
commit	08a1bebb5887834fe55e65a2427b25c7a6563083 (patch)
tree	835ba8e1ea6f661da0698013c8d7c78c42222dcd /libssh/wrapper.c
parent	6195b133bf88d3dd2312530af2975ede8e12299a (diff)