src/ssh/enc/aes128-cbc-botan.c aes128-cbc-botan.cpp aes128-cbc-openssl

BBS:      TELESC.NET.BR
Assunto:  src/ssh/enc/aes128-cbc-botan.c aes128-cbc-botan.cpp aes128-cbc-openssl
De:       Deuc¨
Data:     Sun, 3 May 2026 14:28:10 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/2a7e4b3dd5e742986c2f6be1
Added Files:
	src/ssh/enc/aes128-cbc-botan.c aes128-cbc-botan.cpp aes128-cbc-openssl.c
Modified Files:
	src/ssh/CMakeLists.txt deucessh-algorithms.h
Log Message:
DeuceSSH: add aes128-cbc encryption module for Mystic compatibility

Mystic BBS only offers aes128-cbc on its SSH server, so DeuceSSH-based
clients connecting to Mystic must register it.  This module should
not be enabled for general use  CBC is weaker than CTR (which is
why the original module list deliberately omitted it), and DeuceSSH-
based servers should continue offering only aes256-ctr.

Both backends:
- OpenSSL: EVP_CipherInit_ex / EVP_CipherUpdate (direction stored
  in the OpenSSL ctx; same do_crypt for encrypt and decrypt slots)
- Botan: Botan::Cipher_Mode "AES-128/CBC/NoPadding", direction-bound
  at create_or_throw

bufsz validated as a multiple of the 16-byte block on every call
(rx-side peer-controlled; tx-side ours but cheap to assert).

Co-Authored-By: Claude Opus 4.7 (1M context) 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]