Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2995 - (hide annotations) (download) (as text)
Wed Aug 15 04:03:26 2007 UTC (16 years, 8 months ago) by maya
Original Path: ttssh2/trunk/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 37732 byte(s) 
$Log$ を削除した。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40 yutakakn 2831 #include <openssl/dsa.h>
41 yutakakn 2728 #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51 maya 2995 * $Id: crypt.c,v 1.11 2007-08-15 04:03:26 maya Exp $ Cryptographic attack
52 yutakakn 2728 * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87     uint32 len, unsigned char FAR * IV)
88     {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116     unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118     {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191     int bytes)
192     {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199     buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202     default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204     buf, bytes, NULL) == DEATTACK_DETECTED;
205     }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217     static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
218     int bytes)
219     {
220     // unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
221     unsigned char *newbuf = malloc(bytes);
222     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
223    
224     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
225     if (bytes == 0)
226     return;
227    
228     if (newbuf == NULL)
229     return;
230    
231     if (bytes % block_size) {
232     char tmp[80];
233 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR1", pvar,
234     "AES128 encrypt error(1): bytes %d (%d)");
235 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
236     pvar->ts->UIMsg, bytes, block_size);
237 yutakakn 2728 notify_fatal_error(pvar, tmp);
238     goto error;
239     }
240    
241     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
242     // TODO: failure
243 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR2", pvar,
244     "AES128 encrypt error(1): bytes %d (%d)");
245 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
246 yutakakn 2728
247     } else {
248     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
249     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
250     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
251    
252     //debug_print(50, key, 24);
253     //debug_print(51, iv, 8);
254     //debug_print(52, buf, bytes);
255     //debug_print(53, newbuf, bytes);
256    
257     memcpy(buf, newbuf, bytes);
258     }
259    
260     error:
261     free(newbuf);
262     }
263    
264     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
265     int bytes)
266     {
267     // unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
268     unsigned char *newbuf = malloc(bytes);
269     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
270    
271     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
272     if (bytes == 0)
273     return;
274    
275     if (newbuf == NULL)
276     return;
277    
278     if (bytes % block_size) {
279     char tmp[80];
280 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR1", pvar,
281     "AES128 decrypt error(1): bytes %d (%d)");
282 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
283 yutakakn 2728 notify_fatal_error(pvar, tmp);
284     goto error;
285     }
286    
287     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
288     // TODO:
289 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR2", pvar,
290     "AES128 decrypt error(2)");
291 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
292 yutakakn 2728
293     } else {
294     #if 0
295     memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
296     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
297     memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
298    
299     {
300     static int no = 70;
301     debug_print(no, buf, bytes);
302     //debug_print(no, key, AES128_KEYLEN);
303     //debug_print(10*no, iv, AES128_IVLEN);
304     debug_print(30*no, newbuf, bytes);
305     no++;
306     }
307     #endif
308    
309     memcpy(buf, newbuf, bytes);
310     }
311    
312     error:;
313     free(newbuf);
314     }
315    
316    
317    
318     // for SSH2(yutaka)
319     static void c3DES_CBC_encrypt(PTInstVar pvar, unsigned char FAR * buf,
320     int bytes)
321     {
322     unsigned char key[24], iv[8];
323     unsigned char *newbuf = malloc(bytes);
324    
325     if (newbuf == NULL)
326     return;
327    
328     #if 1
329    
330     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
331     // TODO: failure
332     } else {
333     memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
334     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
335     memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
336    
337     //debug_print(50, key, 24);
338     //debug_print(51, iv, 8);
339     //debug_print(52, buf, bytes);
340     //debug_print(53, newbuf, bytes);
341    
342     memcpy(buf, newbuf, bytes);
343     }
344     free(newbuf);
345     #else
346    
347     memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
348     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
349     memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
350    
351     //debug_print(50, key, 24);
352     //debug_print(51, iv, 8);
353     //debug_print(52, buf, bytes);
354    
355     #if 0
356     DES_ede3_cbc_encrypt(
357     buf, newbuf, bytes,
358     (DES_key_schedule *)&key[0],
359     (DES_key_schedule *)&key[8],
360     (DES_key_schedule *)&key[16],
361     (DES_cblock *)iv,
362     DES_ENCRYPT);
363     #else
364     DES_ncbc_encrypt(buf, newbuf, bytes, (DES_key_schedule *)&key[0], (DES_cblock *)iv, DES_ENCRYPT);
365     DES_ncbc_encrypt(buf, newbuf, bytes, (DES_key_schedule *)&key[8], (DES_cblock *)iv, DES_DECRYPT);
366     DES_ncbc_encrypt(buf, newbuf, bytes, (DES_key_schedule *)&key[16], (DES_cblock *)iv, DES_ENCRYPT);
367    
368     #endif
369    
370     //debug_print(53, newbuf, bytes);
371    
372     memcpy(buf, newbuf, bytes);
373     free(newbuf);
374    
375     #endif
376     }
377    
378     static void c3DES_CBC_decrypt(PTInstVar pvar, unsigned char FAR * buf,
379     int bytes)
380     {
381     unsigned char key[24], iv[8];
382     unsigned char *newbuf = malloc(bytes);
383    
384     if (newbuf == NULL)
385     return;
386    
387     #if 1
388     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
389     // TODO:
390    
391     } else {
392     memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
393     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
394     memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
395    
396     //debug_print(70, key, 24);
397     //debug_print(71, iv, 8);
398     //debug_print(72, buf, bytes);
399     //debug_print(73, newbuf, bytes);
400    
401     memcpy(buf, newbuf, bytes);
402     }
403     free(newbuf);
404    
405     #else
406     unsigned char *key, iv[8];
407     unsigned char *newbuf = malloc(bytes);
408     if (newbuf == NULL)
409     return;
410    
411     key = pvar->ssh2_keys[MODE_IN].enc.key;
412     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
413     memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
414    
415     //debug_print(60, key, 24);
416     //debug_print(61, iv, 8);
417     //debug_print(62, buf, bytes);
418    
419     DES_ede3_cbc_encrypt(
420     buf, newbuf, bytes,
421     (DES_key_schedule *)&key[0],
422     (DES_key_schedule *)&key[8],
423     (DES_key_schedule *)&key[16],
424     (DES_cblock *)iv,
425     DES_DECRYPT);
426    
427     //debug_print(63, newbuf, bytes);
428    
429     memcpy(buf, newbuf, bytes);
430    
431     free(newbuf);
432     #endif
433     }
434    
435    
436     static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
437     int bytes)
438     {
439     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
440    
441     DES_ncbc_encrypt(buf, buf, bytes,
442     &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
443     DES_ncbc_encrypt(buf, buf, bytes,
444     &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
445     DES_ncbc_encrypt(buf, buf, bytes,
446     &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
447     }
448    
449     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
450     int bytes)
451     {
452     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
453    
454     DES_ncbc_encrypt(buf, buf, bytes,
455     &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
456     DES_ncbc_encrypt(buf, buf, bytes,
457     &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
458     DES_ncbc_encrypt(buf, buf, bytes,
459     &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
460     }
461    
462     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
463     int bytes)
464     {
465     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
466    
467     DES_ncbc_encrypt(buf, buf, bytes,
468     &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
469     }
470    
471     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
472     int bytes)
473     {
474     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
475    
476     DES_ncbc_encrypt(buf, buf, bytes,
477     &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
478     }
479    
480     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
481     int bytes)
482     {
483     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
484     int num = 0;
485    
486     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
487     encryptstate->ivec, &num, IDEA_ENCRYPT);
488     }
489    
490     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
491     int bytes)
492     {
493     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
494     int num = 0;
495    
496     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
497     decryptstate->ivec, &num, IDEA_DECRYPT);
498     }
499    
500     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
501     {
502     uint32 FAR *buf = (uint32 FAR *) cbuf;
503     int count = bytes / 4;
504    
505     while (count > 0) {
506     uint32 w = *buf;
507    
508     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
509     | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
510     count--;
511     buf++;
512     }
513     }
514    
515     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
516     int bytes)
517     {
518     CipherBlowfishState FAR *encryptstate =
519     &pvar->crypt_state.enc.cBlowfish;
520    
521     flip_endianness(buf, bytes);
522     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
523     BF_ENCRYPT);
524     flip_endianness(buf, bytes);
525     }
526    
527     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
528     int bytes)
529     {
530     CipherBlowfishState FAR *decryptstate =
531     &pvar->crypt_state.dec.cBlowfish;
532    
533     flip_endianness(buf, bytes);
534     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
535     BF_DECRYPT);
536     flip_endianness(buf, bytes);
537     }
538    
539     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
540     int bytes)
541     {
542     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
543     int num = 0;
544    
545     RC4(&encryptstate->k, bytes, buf, buf);
546     }
547    
548     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
549     int bytes)
550     {
551     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
552     int num = 0;
553    
554     RC4(&decryptstate->k, bytes, buf, buf);
555     }
556    
557     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
558     int bytes)
559     {
560     RAND_bytes(buf, bytes);
561     }
562    
563     void CRYPT_initialize_random_numbers(PTInstVar pvar)
564     {
565     RAND_screen();
566     }
567    
568     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
569     {
570     int bits = get_ushort16_MSBfirst(bytes);
571    
572     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
573     }
574    
575 yutakakn 2857 // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
576     RSA FAR *make_key(PTInstVar pvar,
577 yutakakn 2728 int bits, unsigned char FAR * exp,
578     unsigned char FAR * mod)
579     {
580     RSA FAR *key = RSA_new();
581    
582     if (key != NULL) {
583     key->e = get_bignum(exp);
584     key->n = get_bignum(mod);
585     }
586    
587     if (key == NULL || key->e == NULL || key->n == NULL) {
588 maya 2994 UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
589     "Error setting up RSA keys");
590 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
591 yutakakn 2728
592     if (key != NULL) {
593     if (key->e != NULL) {
594     BN_free(key->e);
595     }
596     if (key->n != NULL) {
597     BN_free(key->n);
598     }
599     RSA_free(key);
600     }
601    
602     return NULL;
603     } else {
604     return key;
605     }
606     }
607    
608     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
609     {
610     if (SSHv1(pvar)) {
611     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
612     } else {
613     memcpy(pvar->crypt_state.server_cookie, cookie,
614     SSH2_COOKIE_LENGTH);
615     }
616     }
617    
618     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
619     {
620     if (SSHv2(pvar)) {
621     memcpy(pvar->crypt_state.client_cookie, cookie,
622     SSH2_COOKIE_LENGTH);
623     }
624     }
625    
626     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
627     int bits, unsigned char FAR * exp,
628     unsigned char FAR * mod)
629     {
630     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
631    
632     return pvar->crypt_state.server_key.RSA_key != NULL;
633     }
634    
635     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
636     int bits, unsigned char FAR * exp,
637     unsigned char FAR * mod)
638     {
639     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
640    
641     return pvar->crypt_state.host_key.RSA_key != NULL;
642     }
643    
644     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
645     int receiver_ciphers)
646     {
647     int cipher_mask;
648    
649     if (SSHv1(pvar)) {
650     cipher_mask = (1 << SSH_CIPHER_DES)
651     | (1 << SSH_CIPHER_3DES)
652     | (1 << SSH_CIPHER_BLOWFISH);
653    
654     } else { // for SSH2(yutaka)
655     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
656     cipher_mask = (1 << SSH_CIPHER_3DES_CBC) | (1 << SSH_CIPHER_AES128);
657    
658     }
659    
660     sender_ciphers &= cipher_mask;
661     receiver_ciphers &= cipher_mask;
662     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
663     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
664    
665     if (sender_ciphers == 0) {
666 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
667     "The server does not support any of the TTSSH encryption algorithms.\n"
668     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
669     "The connection will be closed.");
670 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
671 yutakakn 2728 return FALSE;
672     } else if (receiver_ciphers == 0) {
673 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
674     "The server does not support any of the TTSSH encryption algorithms.\n"
675     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
676     "The connection will be closed.");
677 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
678 yutakakn 2728 return FALSE;
679     } else {
680     return TRUE;
681     }
682     }
683    
684     int CRYPT_get_decryption_block_size(PTInstVar pvar)
685     {
686     if (SSHv1(pvar)) {
687     return 8;
688     } else {
689     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
690     // cf. 3DES=8, AES128=16
691     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
692     }
693     }
694    
695     int CRYPT_get_encryption_block_size(PTInstVar pvar)
696     {
697     if (SSHv1(pvar)) {
698     return 8;
699     } else {
700     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
701     // cf. 3DES=8, AES128=16
702     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
703     }
704     }
705    
706     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
707     {
708     struct Mac *mac;
709    
710     if (SSHv1(pvar)) {
711     return 0;
712    
713     } else { // for SSH2(yutaka)
714     mac = &pvar->ssh2_keys[MODE_IN].mac;
715     if (mac == NULL || mac->enabled == 0)
716     return 0;
717    
718     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
719     }
720    
721     }
722    
723 yutakakn 2757 // HMAC������
724     // ���{������ SSH2 �������g�p�������B
725     // (2004.12.17 yutaka)
726 yutakakn 2728 BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
727     char FAR * data, int len, char FAR * MAC)
728     {
729 yutakakn 2757 HMAC_CTX c;
730     unsigned char m[EVP_MAX_MD_SIZE];
731     unsigned char b[4];
732     struct Mac *mac;
733    
734     mac = &pvar->ssh2_keys[MODE_IN].mac;
735    
736     // HMAC�������L���������������A����OK�����������B
737     if (mac == NULL || mac->enabled == 0)
738     return TRUE;
739    
740     if (mac->key == NULL)
741     goto error;
742    
743     if ((u_int)mac->mac_len > sizeof(m))
744     goto error;
745    
746     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
747     set_uint32_MSBfirst(b, sequence_number);
748     HMAC_Update(&c, b, sizeof(b));
749     HMAC_Update(&c, data, len);
750     HMAC_Final(&c, m, NULL);
751     HMAC_cleanup(&c);
752    
753     if (memcmp(m, MAC, mac->mac_len)) {
754     goto error;
755     }
756    
757 yutakakn 2728 return TRUE;
758 yutakakn 2757
759     error:
760     return FALSE;
761 yutakakn 2728 }
762    
763     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
764     {
765     struct Mac *mac;
766    
767     if (SSHv2(pvar)) { // for SSH2(yutaka)
768     mac = &pvar->ssh2_keys[MODE_OUT].mac;
769     if (mac == NULL || mac->enabled == 0)
770     return 0;
771    
772     return (mac->mac_len);
773     }
774    
775     return 0;
776     }
777    
778     // for SSH2
779     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
780     char FAR * data, int len, char FAR * MAC)
781     {
782     HMAC_CTX c;
783     static u_char m[EVP_MAX_MD_SIZE];
784     u_char b[4];
785     struct Mac *mac;
786    
787     if (SSHv2(pvar)) { // for SSH2(yutaka)
788     mac = &pvar->ssh2_keys[MODE_OUT].mac;
789     if (mac == NULL || mac->enabled == 0)
790     return FALSE;
791    
792     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
793     set_uint32_MSBfirst(b, sequence_number);
794     HMAC_Update(&c, b, sizeof(b));
795     HMAC_Update(&c, data, len);
796     HMAC_Final(&c, m, NULL);
797     HMAC_cleanup(&c);
798    
799     // 20�o�C�g�������R�s�[
800     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
801     // memcpy(MAC, m, sizeof(m));
802    
803     return TRUE;
804     }
805    
806     return TRUE;
807    
808     }
809    
810     static int choose_cipher(PTInstVar pvar, int supported)
811     {
812     int i;
813    
814     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
815     int cipher = pvar->session_settings.CipherOrder[i] - '0';
816    
817     if (cipher == SSH_CIPHER_NONE) {
818     break;
819     } else if ((supported & (1 << cipher)) != 0) {
820     return cipher;
821     }
822     }
823    
824     return SSH_CIPHER_NONE;
825     }
826    
827     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
828     {
829     if (SSHv1(pvar)) {
830     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
831     pvar->crypt_state.
832     supported_sender_ciphers);
833     pvar->crypt_state.receiver_cipher =
834     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
835    
836     } else { // SSH2(yutaka)
837     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
838     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
839    
840     }
841    
842     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
843     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
844 maya 2994 UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
845     "All the encryption algorithms that this program and the server both understand have been disabled.\n"
846     "To communicate with this server, you will have to enable some more ciphers\n"
847     "in the TTSSH Setup dialog box when you run Teraterm again.\n"
848     "This connection will now close.");
849 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
850 yutakakn 2728 return FALSE;
851     } else {
852     return TRUE;
853     }
854     }
855    
856     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
857     {
858     int server_key_bits =
859     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
860     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
861     int server_key_bytes = (server_key_bits + 7) / 8;
862     int host_key_bytes = (host_key_bits + 7) / 8;
863    
864     if (server_key_bits < host_key_bits) {
865     return host_key_bytes;
866     } else {
867     return server_key_bytes;
868     }
869     }
870    
871     int CRYPT_choose_session_key(PTInstVar pvar,
872     unsigned char FAR * encrypted_key_buf)
873     {
874     int server_key_bits =
875     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
876     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
877     int server_key_bytes = (server_key_bits + 7) / 8;
878     int host_key_bytes = (host_key_bits + 7) / 8;
879     int encrypted_key_bytes;
880     int bit_delta;
881    
882     if (server_key_bits < host_key_bits) {
883     encrypted_key_bytes = host_key_bytes;
884     bit_delta = host_key_bits - server_key_bits;
885     } else {
886     encrypted_key_bytes = server_key_bytes;
887     bit_delta = server_key_bits - host_key_bits;
888     }
889    
890     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
891 maya 2994 UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
892     "Server RSA keys are too weak. A secure connection cannot be established.");
893 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
894 yutakakn 2728 return 0;
895     } else {
896     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
897     for the session ID, rather than the one specified in the RFC */
898     int session_buf_len = server_key_bytes + host_key_bytes + 8;
899     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
900     char session_id[16];
901     int i;
902    
903     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
904     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
905     session_buf + host_key_bytes);
906     memcpy(session_buf + server_key_bytes + host_key_bytes,
907     pvar->crypt_state.server_cookie, 8);
908     MD5(session_buf, session_buf_len, session_id);
909    
910     free(session_buf);
911    
912     RAND_bytes(pvar->crypt_state.sender_cipher_key,
913     SSH_SESSION_KEY_LENGTH);
914     memcpy(pvar->crypt_state.receiver_cipher_key,
915     pvar->crypt_state.sender_cipher_key,
916     SSH_SESSION_KEY_LENGTH);
917    
918     memcpy(encrypted_key_buf + encrypted_key_bytes -
919     SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
920     SSH_SESSION_KEY_LENGTH);
921     for (i = 0; i < sizeof(session_id); i++) {
922     encrypted_key_buf[encrypted_key_bytes -
923     SSH_SESSION_KEY_LENGTH + i]
924     ^= session_id[i];
925     }
926    
927     if (host_key_bits > server_key_bits) {
928     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
929     encrypted_key_buf +
930     encrypted_key_bytes -
931     SSH_SESSION_KEY_LENGTH,
932     encrypted_key_buf +
933     encrypted_key_bytes - server_key_bytes,
934     pvar->crypt_state.server_key.RSA_key,
935     RSA_PKCS1_PADDING) < 0)
936     return 0;
937    
938     if (RSA_public_encrypt(server_key_bytes,
939     encrypted_key_buf +
940     encrypted_key_bytes - server_key_bytes,
941     encrypted_key_buf,
942     pvar->crypt_state.host_key.RSA_key,
943     RSA_PKCS1_PADDING) < 0)
944     return 0;
945     } else {
946     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
947     encrypted_key_buf +
948     encrypted_key_bytes -
949     SSH_SESSION_KEY_LENGTH,
950     encrypted_key_buf +
951     encrypted_key_bytes - host_key_bytes,
952     pvar->crypt_state.host_key.RSA_key,
953     RSA_PKCS1_PADDING) < 0)
954     return 0;
955    
956     if (RSA_public_encrypt(host_key_bytes,
957     encrypted_key_buf +
958     encrypted_key_bytes - host_key_bytes,
959     encrypted_key_buf,
960     pvar->crypt_state.server_key.RSA_key,
961     RSA_PKCS1_PADDING) < 0)
962     return 0;
963     }
964     }
965    
966     return 1;
967     }
968    
969     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
970     unsigned char FAR * challenge,
971     int challenge_len,
972     unsigned char FAR * response)
973     {
974     int server_key_bits =
975     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
976     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
977     int server_key_bytes = (server_key_bits + 7) / 8;
978     int host_key_bytes = (host_key_bits + 7) / 8;
979     int session_buf_len = server_key_bytes + host_key_bytes + 8;
980     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
981     char decrypted_challenge[48];
982     int decrypted_challenge_len;
983    
984     decrypted_challenge_len =
985     RSA_private_decrypt(challenge_len, challenge, challenge,
986     AUTH_get_cur_cred(pvar)->key_pair->RSA_key,
987     RSA_PKCS1_PADDING);
988     if (decrypted_challenge_len < 0) {
989     free(session_buf);
990     return 0;
991     }
992     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
993     memcpy(decrypted_challenge,
994     challenge + decrypted_challenge_len -
995     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
996     } else {
997     memset(decrypted_challenge, 0,
998     SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
999     memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
1000     decrypted_challenge_len, challenge,
1001     decrypted_challenge_len);
1002     }
1003    
1004     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1005     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1006     session_buf + host_key_bytes);
1007     memcpy(session_buf + server_key_bytes + host_key_bytes,
1008     pvar->crypt_state.server_cookie, 8);
1009     MD5(session_buf, session_buf_len, decrypted_challenge + 32);
1010    
1011     free(session_buf);
1012    
1013     MD5(decrypted_challenge, 48, response);
1014    
1015     return 1;
1016     }
1017    
1018     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1019     {
1020     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1021     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1022     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1023     memset(state->ivec1, 0, 8);
1024     memset(state->ivec2, 0, 8);
1025     memset(state->ivec3, 0, 8);
1026     }
1027    
1028     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1029     {
1030     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1031     memset(state->ivec, 0, 8);
1032     }
1033    
1034     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1035     {
1036     idea_set_encrypt_key(session_key, &state->k);
1037     memset(state->ivec, 0, 8);
1038     }
1039    
1040     static void cBlowfish_init(char FAR * session_key,
1041     CipherBlowfishState FAR * state)
1042     {
1043     BF_set_key(&state->k, 32, session_key);
1044     memset(state->ivec, 0, 8);
1045     }
1046    
1047    
1048     //
1049     // SSH2�p�A���S���Y����������
1050     //
1051     // for SSH2(yutaka)
1052     //
1053     void cipher_init_SSH2(
1054     EVP_CIPHER_CTX *evp,
1055     const u_char *key, u_int keylen,
1056     const u_char *iv, u_int ivlen,
1057     int encrypt,
1058     const EVP_CIPHER *(*func)(void)
1059     )
1060     {
1061     EVP_CIPHER *type;
1062     int klen;
1063    
1064     type = (EVP_CIPHER *)func();
1065    
1066     EVP_CIPHER_CTX_init(evp);
1067     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1068     // TODO:
1069     }
1070    
1071     klen = EVP_CIPHER_CTX_key_length(evp);
1072     if (klen > 0 && keylen != klen) {
1073     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1074     // TODO:
1075     }
1076     }
1077     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1078     // TODO:
1079     }
1080     }
1081    
1082    
1083     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1084     {
1085     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1086     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1087     BOOL isOK = TRUE;
1088    
1089     if (sender_flag) {
1090     switch (pvar->crypt_state.sender_cipher) {
1091     // for SSH2(yutaka)
1092     case SSH_CIPHER_3DES_CBC:
1093     {
1094     struct Enc *enc;
1095    
1096     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1097     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1098     enc->key, 24, enc->iv, 8,
1099     CIPHER_ENCRYPT,
1100     EVP_des_ede3_cbc);
1101    
1102     //debug_print(10, enc->key, 24);
1103     //debug_print(11, enc->iv, 24);
1104    
1105     pvar->crypt_state.encrypt = c3DES_CBC_encrypt;
1106     break;
1107     }
1108    
1109     // for SSH2(yutaka)
1110     case SSH_CIPHER_AES128:
1111     {
1112     struct Enc *enc;
1113    
1114     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1115     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1116     enc->key, 16, enc->iv, 16,
1117     CIPHER_ENCRYPT,
1118     EVP_aes_128_cbc);
1119    
1120     //debug_print(10, enc->key, 24);
1121     //debug_print(11, enc->iv, 24);
1122    
1123     pvar->crypt_state.encrypt = cAES128_encrypt;
1124     break;
1125     }
1126    
1127     case SSH_CIPHER_3DES:{
1128     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1129     pvar->crypt_state.encrypt = c3DES_encrypt;
1130     break;
1131     }
1132     case SSH_CIPHER_IDEA:{
1133     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1134     pvar->crypt_state.encrypt = cIDEA_encrypt;
1135     break;
1136     }
1137     case SSH_CIPHER_DES:{
1138     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1139     pvar->crypt_state.encrypt = cDES_encrypt;
1140     break;
1141     }
1142     case SSH_CIPHER_RC4:{
1143     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1144     encryption_key + 16);
1145     pvar->crypt_state.encrypt = cRC4_encrypt;
1146     break;
1147     }
1148     case SSH_CIPHER_BLOWFISH:{
1149     cBlowfish_init(encryption_key,
1150     &pvar->crypt_state.enc.cBlowfish);
1151     pvar->crypt_state.encrypt = cBlowfish_encrypt;
1152     break;
1153     }
1154     default:
1155     isOK = FALSE;
1156     }
1157     }
1158    
1159    
1160     if (receiver_flag) {
1161     switch (pvar->crypt_state.receiver_cipher) {
1162     // for SSH2(yutaka)
1163     case SSH_CIPHER_3DES_CBC:
1164     {
1165     struct Enc *enc;
1166    
1167     enc = &pvar->ssh2_keys[MODE_IN].enc;
1168     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1169     enc->key, 24, enc->iv, 8,
1170     CIPHER_DECRYPT,
1171     EVP_des_ede3_cbc);
1172    
1173     //debug_print(12, enc->key, 24);
1174     //debug_print(13, enc->iv, 24);
1175    
1176     pvar->crypt_state.decrypt = c3DES_CBC_decrypt;
1177     break;
1178     }
1179    
1180     // for SSH2(yutaka)
1181     case SSH_CIPHER_AES128:
1182     {
1183     struct Enc *enc;
1184    
1185     enc = &pvar->ssh2_keys[MODE_IN].enc;
1186     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1187     enc->key, 16, enc->iv, 16,
1188     CIPHER_DECRYPT,
1189     EVP_aes_128_cbc);
1190    
1191     //debug_print(12, enc->key, 24);
1192     //debug_print(13, enc->iv, 24);
1193    
1194     pvar->crypt_state.decrypt = cAES128_decrypt;
1195     break;
1196     }
1197    
1198     case SSH_CIPHER_3DES:{
1199     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1200     pvar->crypt_state.decrypt = c3DES_decrypt;
1201     break;
1202     }
1203     case SSH_CIPHER_IDEA:{
1204     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1205     pvar->crypt_state.decrypt = cIDEA_decrypt;
1206     break;
1207     }
1208     case SSH_CIPHER_DES:{
1209     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1210     pvar->crypt_state.decrypt = cDES_decrypt;
1211     break;
1212     }
1213     case SSH_CIPHER_RC4:{
1214     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1215     pvar->crypt_state.decrypt = cRC4_decrypt;
1216     break;
1217     }
1218     case SSH_CIPHER_BLOWFISH:{
1219     cBlowfish_init(decryption_key,
1220     &pvar->crypt_state.dec.cBlowfish);
1221     pvar->crypt_state.decrypt = cBlowfish_decrypt;
1222     break;
1223     }
1224     default:
1225     isOK = FALSE;
1226     }
1227     }
1228    
1229    
1230     if (!isOK) {
1231 maya 2994 UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1232     "No cipher selected!");
1233 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1234 yutakakn 2728 return FALSE;
1235     } else {
1236     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1237     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1238     return TRUE;
1239     }
1240     }
1241    
1242     void CRYPT_init(PTInstVar pvar)
1243     {
1244     pvar->crypt_state.encrypt = no_encrypt;
1245     pvar->crypt_state.decrypt = no_encrypt;
1246     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1247     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1248     pvar->crypt_state.server_key.RSA_key = NULL;
1249     pvar->crypt_state.host_key.RSA_key = NULL;
1250    
1251     pvar->crypt_state.detect_attack_statics.h = NULL;
1252     pvar->crypt_state.detect_attack_statics.n =
1253     HASH_MINSIZE / HASH_ENTRYSIZE;
1254     }
1255    
1256     static char FAR *get_cipher_name(int cipher)
1257     {
1258     switch (cipher) {
1259     case SSH_CIPHER_NONE:
1260     return "None";
1261     case SSH_CIPHER_3DES:
1262     return "3DES (168 key bits)";
1263     case SSH_CIPHER_DES:
1264     return "DES (56 key bits)";
1265     case SSH_CIPHER_IDEA:
1266     return "IDEA (128 key bits)";
1267     case SSH_CIPHER_RC4:
1268     return "RC4 (128 key bits)";
1269     case SSH_CIPHER_BLOWFISH:
1270     return "Blowfish (256 key bits)";
1271    
1272     // SSH2
1273     case SSH_CIPHER_3DES_CBC:
1274     return "3DES-CBC";
1275     case SSH_CIPHER_AES128:
1276     return "AES128";
1277    
1278     default:
1279     return "Unknown";
1280     }
1281     }
1282    
1283     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1284     {
1285 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1286     "%s to server, %s from server");
1287 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1288 maya 2949 get_cipher_name(pvar->crypt_state.sender_cipher),
1289     get_cipher_name(pvar->crypt_state.receiver_cipher));
1290 yutakakn 2728 }
1291    
1292     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1293     {
1294     if (SSHv1(pvar)) {
1295     if (pvar->crypt_state.server_key.RSA_key == NULL
1296     || pvar->crypt_state.host_key.RSA_key == NULL) {
1297 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1298 maya 2992 strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1299 yutakakn 2728 } else {
1300 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1301     "%d-bit server key, %d-bit host key");
1302 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1303 maya 2949 BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1304     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1305 yutakakn 2728 }
1306     } else { // SSH2
1307 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1308     "%d-bit server key, %d-bit host key");
1309 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1310 maya 2949 pvar->server_key_bits,
1311     pvar->client_key_bits);
1312 yutakakn 2728 }
1313     }
1314    
1315     static void destroy_public_key(CRYPTPublicKey FAR * key)
1316     {
1317     if (key->RSA_key != NULL) {
1318     RSA_free(key->RSA_key);
1319     key->RSA_key = NULL;
1320     }
1321     }
1322    
1323     void CRYPT_free_public_key(CRYPTPublicKey FAR * key)
1324     {
1325     destroy_public_key(key);
1326     free(key);
1327     }
1328    
1329     void CRYPT_end(PTInstVar pvar)
1330     {
1331     destroy_public_key(&pvar->crypt_state.host_key);
1332     destroy_public_key(&pvar->crypt_state.server_key);
1333    
1334     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1335     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1336     pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1337     free(pvar->crypt_state.detect_attack_statics.h);
1338     }
1339    
1340     memset(pvar->crypt_state.sender_cipher_key, 0,
1341     sizeof(pvar->crypt_state.sender_cipher_key));
1342     memset(pvar->crypt_state.receiver_cipher_key, 0,
1343     sizeof(pvar->crypt_state.receiver_cipher_key));
1344     memset(pvar->crypt_state.server_cookie, 0,
1345     sizeof(pvar->crypt_state.server_cookie));
1346     memset(pvar->crypt_state.client_cookie, 0,
1347     sizeof(pvar->crypt_state.client_cookie));
1348     memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1349     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1350     }
1351    
1352     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1353     char FAR * buf, int bytes)
1354     {
1355     unsigned char passphrase_key[16];
1356    
1357     MD5(passphrase, strlen(passphrase), passphrase_key);
1358    
1359     switch (cipher) {
1360     case SSH_CIPHER_3DES:{
1361     Cipher3DESState state;
1362    
1363     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1364     &state.k1);
1365     DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1366     &state.k2);
1367     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1368     &state.k3);
1369     memset(state.ivec1, 0, 8);
1370     memset(state.ivec2, 0, 8);
1371     memset(state.ivec3, 0, 8);
1372     DES_ncbc_encrypt(buf, buf, bytes,
1373     &state.k3, &state.ivec3, DES_DECRYPT);
1374     DES_ncbc_encrypt(buf, buf, bytes,
1375     &state.k2, &state.ivec2, DES_ENCRYPT);
1376     DES_ncbc_encrypt(buf, buf, bytes,
1377     &state.k1, &state.ivec1, DES_DECRYPT);
1378     break;
1379     }
1380    
1381     case SSH_CIPHER_IDEA:{
1382     CipherIDEAState state;
1383     int num = 0;
1384    
1385     cIDEA_init(passphrase_key, &state);
1386     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1387     &num, IDEA_DECRYPT);
1388     break;
1389     }
1390    
1391     case SSH_CIPHER_DES:{
1392     CipherDESState state;
1393    
1394     cDES_init(passphrase_key, &state);
1395     DES_ncbc_encrypt(buf, buf, bytes,
1396     &state.k, &state.ivec, DES_DECRYPT);
1397     break;
1398     }
1399    
1400     case SSH_CIPHER_RC4:{
1401     CipherRC4State state;
1402     int num = 0;
1403    
1404     RC4_set_key(&state.k, 16, passphrase_key);
1405     RC4(&state.k, bytes, buf, buf);
1406     break;
1407     }
1408    
1409     case SSH_CIPHER_BLOWFISH:{
1410     CipherBlowfishState state;
1411    
1412     BF_set_key(&state.k, 16, passphrase_key);
1413     memset(state.ivec, 0, 8);
1414     flip_endianness(buf, bytes);
1415     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1416     BF_DECRYPT);
1417     flip_endianness(buf, bytes);
1418     break;
1419     }
1420    
1421     case SSH_CIPHER_NONE:
1422     break;
1423    
1424     default:
1425     memset(passphrase_key, 0, sizeof(passphrase_key));
1426     return 0;
1427     }
1428    
1429     memset(passphrase_key, 0, sizeof(passphrase_key));
1430     return 1;
1431     }
1432    
1433     void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair)
1434     {
1435 yutakakn 2762 if (key_pair->RSA_key != NULL)
1436     RSA_free(key_pair->RSA_key);
1437    
1438     if (key_pair->DSA_key != NULL)
1439     DSA_free(key_pair->DSA_key);
1440    
1441 yutakakn 2728 free(key_pair);
1442     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help