ssh/algorithm/encryption/
mod.rs

1#[cfg(feature = "deprecated-aes-cbc")]
2mod aes_cbc;
3mod aes_ctr;
4mod chacha20_poly1305_openssh;
5#[cfg(feature = "deprecated-des-cbc")]
6mod des_cbc;
7
8use crate::algorithm::hash::Hash;
9use crate::algorithm::mac::Mac;
10use crate::SshResult;
11
12use super::{hash::HashCtx, mac::MacNone, Enc};
13
14/// <https://www.rfc-editor.org/rfc/rfc4253#section-6.3>
15pub(crate) trait Encryption: Send + Sync {
16    fn bsize(&self) -> usize;
17    fn iv_size(&self) -> usize;
18    fn new(hash: Hash, mac: Box<dyn Mac>) -> Self
19    where
20        Self: Sized;
21    fn encrypt(&mut self, client_sequence_num: u32, buf: &mut Vec<u8>);
22    fn decrypt(&mut self, sequence_number: u32, buf: &mut [u8]) -> SshResult<Vec<u8>>;
23    fn packet_len(&mut self, sequence_number: u32, buf: &[u8]) -> usize;
24    fn data_len(&mut self, sequence_number: u32, buf: &[u8]) -> usize;
25    fn no_pad(&self) -> bool;
26}
27
28pub(crate) fn from(s: &Enc, hash: Hash, mac: Box<dyn Mac>) -> Box<dyn Encryption> {
29    match s {
30        Enc::Chacha20Poly1305Openssh => {
31            Box::new(chacha20_poly1305_openssh::ChaCha20Poly1305::new(hash, mac))
32        }
33        Enc::Aes128Ctr => Box::new(aes_ctr::Ctr128::new(hash, mac)),
34        Enc::Aes192Ctr => Box::new(aes_ctr::Ctr192::new(hash, mac)),
35        Enc::Aes256Ctr => Box::new(aes_ctr::Ctr256::new(hash, mac)),
36        #[cfg(feature = "deprecated-aes-cbc")]
37        Enc::Aes128Cbc => Box::new(aes_cbc::Cbc128::new(hash, mac)),
38        #[cfg(feature = "deprecated-aes-cbc")]
39        Enc::Aes192Cbc => Box::new(aes_cbc::Cbc192::new(hash, mac)),
40        #[cfg(feature = "deprecated-aes-cbc")]
41        Enc::Aes256Cbc => Box::new(aes_cbc::Cbc256::new(hash, mac)),
42        #[cfg(feature = "deprecated-des-cbc")]
43        Enc::TripleDesCbc => Box::new(des_cbc::Cbc::new(hash, mac)),
44    }
45}
46
47pub(crate) struct EncryptionNone {}
48
49impl Encryption for EncryptionNone {
50    fn bsize(&self) -> usize {
51        8
52    }
53    fn iv_size(&self) -> usize {
54        8
55    }
56
57    fn new(_hash: Hash, _mac: Box<dyn Mac>) -> Self
58    where
59        Self: Sized,
60    {
61        Self {}
62    }
63    fn encrypt(&mut self, _client_sequence_num: u32, _buf: &mut Vec<u8>) {
64        // do nothing
65    }
66    fn decrypt(&mut self, _sequence_number: u32, buf: &mut [u8]) -> SshResult<Vec<u8>> {
67        Ok(buf.to_vec())
68    }
69    fn packet_len(&mut self, _sequence_number: u32, buf: &[u8]) -> usize {
70        u32::from_be_bytes(buf[0..4].try_into().unwrap()) as usize
71    }
72    fn data_len(&mut self, sequence_number: u32, buf: &[u8]) -> usize {
73        self.packet_len(sequence_number, buf) + 4
74    }
75    fn no_pad(&self) -> bool {
76        false
77    }
78}
79
80impl Default for EncryptionNone {
81    fn default() -> Self {
82        let hash = Hash::new(HashCtx::new(), &[], super::hash::HashType::None);
83        let mac = Box::new(MacNone::new());
84        Self::new(hash, mac)
85    }
86}
ssh/algorithm/encryption/mod.rs

ssh/algorithm/encryption/
mod.rs
