Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6

Re: AES-CTR not available upon configure ibssh2 1.2.6

From: Simon Josefsson <simon_at_josefsson.org>
Date: Thu, 05 Aug 2010 23:32:18 +0200

"A. Mark" <gougolith_at_gmail.com> writes:

>> If your OpenSSL doesn't have AES-CTR,
>> libssh2 implements it internally instead.
>
> That sounds terrific, is there a way to selects which cipher should be
> used during the session?

Hmm, I don't think so. The ordering is hard coded in src/crypt.c. The
ssh2 protocol will negotiate the "best" mutually supported algorithm.

(I should have mentioned that libssh2 will only support AES-CTR if AES
is available: we don't implement AES ourselves, only the CTR mode.)

static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = {
#if LIBSSH2_AES_CTR
  &libssh2_crypt_method_aes128_ctr,
  &libssh2_crypt_method_aes192_ctr,
  &libssh2_crypt_method_aes256_ctr,
#endif /* LIBSSH2_AES */
#if LIBSSH2_AES
    &libssh2_crypt_method_aes256_cbc,
    &libssh2_crypt_method_rijndael_cbc_lysator_liu_se, /* == aes256-cbc */
    &libssh2_crypt_method_aes192_cbc,
    &libssh2_crypt_method_aes128_cbc,
#endif /* LIBSSH2_AES */
#if LIBSSH2_BLOWFISH
    &libssh2_crypt_method_blowfish_cbc,
#endif /* LIBSSH2_BLOWFISH */
#if LIBSSH2_RC4
    &libssh2_crypt_method_arcfour128,
    &libssh2_crypt_method_arcfour,
#endif /* LIBSSH2_RC4 */
#if LIBSSH2_CAST
    &libssh2_crypt_method_cast128_cbc,
#endif /* LIBSSH2_CAST */
#if LIBSSH2_3DES
    &libssh2_crypt_method_3des_cbc,
#endif /* LIBSSH2_DES */
#ifdef LIBSSH2_CRYPT_NONE
    &libssh2_crypt_method_none,
#endif
    NULL
};

/Simon
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-08-05