Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3043 - (hide annotations) (download) (as text)
Wed Oct 17 15:58:15 2007 UTC (16 years, 5 months ago) by maya
Original Path: ttssh2/trunk/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 40474 byte(s) 
エラーメッセージを追加した。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40 yutakakn 2831 #include <openssl/dsa.h>
41 yutakakn 2728 #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51 maya 3043 * $Id: crypt.c,v 1.15 2007-10-17 15:58:15 maya Exp $ Cryptographic attack
52 yutakakn 2728 * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87 maya 3003 uint32 len, unsigned char FAR * IV)
88 yutakakn 2728 {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116 maya 3003 unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118 yutakakn 2728 {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191 maya 3003 int bytes)
192 yutakakn 2728 {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199 maya 3003 buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202 yutakakn 2728 default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204 maya 3003 buf, bytes, NULL) == DEATTACK_DETECTED;
205 yutakakn 2728 }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217 maya 3039 // ���O�������������������������������AAES192, AES256 ����
218 maya 3036 // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219 yutakakn 2728 static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220 maya 3003 int bytes)
221 yutakakn 2728 {
222     // unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
223     unsigned char *newbuf = malloc(bytes);
224     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
225    
226     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
227     if (bytes == 0)
228     return;
229    
230     if (newbuf == NULL)
231     return;
232    
233     if (bytes % block_size) {
234     char tmp[80];
235 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR1", pvar,
236 maya 3003 "AES128 encrypt error(1): bytes %d (%d)");
237 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
238 maya 3003 pvar->ts->UIMsg, bytes, block_size);
239 yutakakn 2728 notify_fatal_error(pvar, tmp);
240     goto error;
241     }
242    
243     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
244 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR2", pvar,
245 maya 3043 "AES128 encrypt error(2)");
246 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
247 maya 3043 goto error;
248 yutakakn 2728
249     } else {
250     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
251     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
252     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
253    
254     //debug_print(50, key, 24);
255     //debug_print(51, iv, 8);
256     //debug_print(52, buf, bytes);
257     //debug_print(53, newbuf, bytes);
258    
259     memcpy(buf, newbuf, bytes);
260     }
261    
262     error:
263     free(newbuf);
264     }
265    
266     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
267 maya 3003 int bytes)
268 yutakakn 2728 {
269     // unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
270     unsigned char *newbuf = malloc(bytes);
271     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
272    
273     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
274     if (bytes == 0)
275     return;
276    
277     if (newbuf == NULL)
278     return;
279    
280     if (bytes % block_size) {
281     char tmp[80];
282 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR1", pvar,
283 maya 3003 "AES128 decrypt error(1): bytes %d (%d)");
284 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
285 yutakakn 2728 notify_fatal_error(pvar, tmp);
286     goto error;
287     }
288    
289     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
290 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR2", pvar,
291 maya 3003 "AES128 decrypt error(2)");
292 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
293 maya 3043 goto error;
294 yutakakn 2728
295     } else {
296 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
297 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
298 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
299 yutakakn 2728
300 maya 3043 //debug_print(70, key, AES128_KEYLEN);
301     //debug_print(71, iv, AES128_IVLEN);
302     //debug_print(72, buf, bytes);
303     //debug_print(73, newbuf, bytes);
304 yutakakn 2728
305     memcpy(buf, newbuf, bytes);
306     }
307    
308 maya 3043 error:
309 yutakakn 2728 free(newbuf);
310     }
311    
312    
313    
314     // for SSH2(yutaka)
315     static void c3DES_CBC_encrypt(PTInstVar pvar, unsigned char FAR * buf,
316 maya 3003 int bytes)
317 yutakakn 2728 {
318 maya 3043 // unsigned char key[24], iv[8];
319 yutakakn 2728 unsigned char *newbuf = malloc(bytes);
320    
321     if (newbuf == NULL)
322     return;
323    
324 maya 3043 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
325     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR", pvar,
326     "3DES-CBC encrypt error");
327     notify_fatal_error(pvar, pvar->ts->UIMsg);
328     goto error;
329 yutakakn 2728
330     } else {
331 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
332 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
333 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
334 yutakakn 2728
335     //debug_print(50, key, 24);
336     //debug_print(51, iv, 8);
337     //debug_print(52, buf, bytes);
338     //debug_print(53, newbuf, bytes);
339    
340     memcpy(buf, newbuf, bytes);
341     }
342    
343 maya 3043 error:
344 yutakakn 2728 free(newbuf);
345     }
346    
347     static void c3DES_CBC_decrypt(PTInstVar pvar, unsigned char FAR * buf,
348 maya 3003 int bytes)
349 yutakakn 2728 {
350 maya 3043 // unsigned char key[24], iv[8];
351 yutakakn 2728 unsigned char *newbuf = malloc(bytes);
352    
353     if (newbuf == NULL)
354     return;
355    
356     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
357 maya 3043 UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR", pvar,
358     "3DES-CBC decrypt error");
359     notify_fatal_error(pvar, pvar->ts->UIMsg);
360     goto error;
361 yutakakn 2728
362     } else {
363 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
364 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
365 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
366 yutakakn 2728
367     //debug_print(70, key, 24);
368     //debug_print(71, iv, 8);
369     //debug_print(72, buf, bytes);
370     //debug_print(73, newbuf, bytes);
371    
372     memcpy(buf, newbuf, bytes);
373     }
374    
375 maya 3043 error:
376 yutakakn 2728 free(newbuf);
377     }
378    
379    
380     static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
381 maya 3003 int bytes)
382 yutakakn 2728 {
383     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
384    
385     DES_ncbc_encrypt(buf, buf, bytes,
386 maya 3003 &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
387 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
388 maya 3003 &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
389 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
390 maya 3003 &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
391 yutakakn 2728 }
392    
393     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
394 maya 3003 int bytes)
395 yutakakn 2728 {
396     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
397    
398     DES_ncbc_encrypt(buf, buf, bytes,
399 maya 3003 &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
400 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
401 maya 3003 &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
402 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
403 maya 3003 &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
404 yutakakn 2728 }
405    
406     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
407     int bytes)
408     {
409     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
410    
411     DES_ncbc_encrypt(buf, buf, bytes,
412 maya 3003 &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
413 yutakakn 2728 }
414    
415     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
416     int bytes)
417     {
418     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
419    
420     DES_ncbc_encrypt(buf, buf, bytes,
421 maya 3003 &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
422 yutakakn 2728 }
423    
424     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
425 maya 3003 int bytes)
426 yutakakn 2728 {
427     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
428     int num = 0;
429    
430     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
431 maya 3003 encryptstate->ivec, &num, IDEA_ENCRYPT);
432 yutakakn 2728 }
433    
434     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
435 maya 3003 int bytes)
436 yutakakn 2728 {
437     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
438     int num = 0;
439    
440     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
441 maya 3003 decryptstate->ivec, &num, IDEA_DECRYPT);
442 yutakakn 2728 }
443    
444     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
445     {
446     uint32 FAR *buf = (uint32 FAR *) cbuf;
447     int count = bytes / 4;
448    
449     while (count > 0) {
450     uint32 w = *buf;
451    
452     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
453 maya 3003 | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
454 yutakakn 2728 count--;
455     buf++;
456     }
457     }
458    
459     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
460 maya 3003 int bytes)
461 yutakakn 2728 {
462     CipherBlowfishState FAR *encryptstate =
463     &pvar->crypt_state.enc.cBlowfish;
464    
465     flip_endianness(buf, bytes);
466     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
467 maya 3003 BF_ENCRYPT);
468 yutakakn 2728 flip_endianness(buf, bytes);
469     }
470    
471     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
472 maya 3003 int bytes)
473 yutakakn 2728 {
474     CipherBlowfishState FAR *decryptstate =
475     &pvar->crypt_state.dec.cBlowfish;
476    
477     flip_endianness(buf, bytes);
478     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
479 maya 3003 BF_DECRYPT);
480 yutakakn 2728 flip_endianness(buf, bytes);
481     }
482    
483     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
484 maya 3003 int bytes)
485 yutakakn 2728 {
486     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
487     int num = 0;
488    
489     RC4(&encryptstate->k, bytes, buf, buf);
490     }
491    
492     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
493 maya 3003 int bytes)
494 yutakakn 2728 {
495     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
496     int num = 0;
497    
498     RC4(&decryptstate->k, bytes, buf, buf);
499     }
500    
501     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
502 maya 3003 int bytes)
503 yutakakn 2728 {
504     RAND_bytes(buf, bytes);
505     }
506    
507     void CRYPT_initialize_random_numbers(PTInstVar pvar)
508     {
509     RAND_screen();
510     }
511    
512     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
513     {
514     int bits = get_ushort16_MSBfirst(bytes);
515    
516     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
517     }
518    
519 yutakakn 2857 // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
520     RSA FAR *make_key(PTInstVar pvar,
521 maya 3003 int bits, unsigned char FAR * exp,
522     unsigned char FAR * mod)
523 yutakakn 2728 {
524     RSA FAR *key = RSA_new();
525    
526     if (key != NULL) {
527     key->e = get_bignum(exp);
528     key->n = get_bignum(mod);
529     }
530    
531     if (key == NULL || key->e == NULL || key->n == NULL) {
532 maya 2994 UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
533 maya 3003 "Error setting up RSA keys");
534 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
535 yutakakn 2728
536     if (key != NULL) {
537     if (key->e != NULL) {
538     BN_free(key->e);
539     }
540     if (key->n != NULL) {
541     BN_free(key->n);
542     }
543     RSA_free(key);
544     }
545    
546     return NULL;
547     } else {
548     return key;
549     }
550     }
551    
552     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
553     {
554     if (SSHv1(pvar)) {
555     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
556     } else {
557     memcpy(pvar->crypt_state.server_cookie, cookie,
558 maya 3003 SSH2_COOKIE_LENGTH);
559 yutakakn 2728 }
560     }
561    
562     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
563     {
564     if (SSHv2(pvar)) {
565     memcpy(pvar->crypt_state.client_cookie, cookie,
566 maya 3003 SSH2_COOKIE_LENGTH);
567 yutakakn 2728 }
568     }
569    
570     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
571 maya 3003 int bits, unsigned char FAR * exp,
572     unsigned char FAR * mod)
573 yutakakn 2728 {
574     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
575    
576     return pvar->crypt_state.server_key.RSA_key != NULL;
577     }
578    
579     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
580 maya 3003 int bits, unsigned char FAR * exp,
581     unsigned char FAR * mod)
582 yutakakn 2728 {
583     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
584    
585     return pvar->crypt_state.host_key.RSA_key != NULL;
586     }
587    
588     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
589 maya 3003 int receiver_ciphers)
590 yutakakn 2728 {
591     int cipher_mask;
592    
593     if (SSHv1(pvar)) {
594     cipher_mask = (1 << SSH_CIPHER_DES)
595 maya 3003 | (1 << SSH_CIPHER_3DES)
596     | (1 << SSH_CIPHER_BLOWFISH);
597 yutakakn 2728
598     } else { // for SSH2(yutaka)
599     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
600 maya 3036 cipher_mask = (1 << SSH_CIPHER_3DES_CBC)
601     | (1 << SSH_CIPHER_AES128)
602     #ifdef SSH2_BLOWFISH
603     | (1 << SSH_CIPHER_BLOWFISH)
604     #endif
605 maya 3039 | (1 << SSH_CIPHER_AES192)
606 maya 3036 | (1 << SSH_CIPHER_AES256);
607 yutakakn 2728 }
608    
609     sender_ciphers &= cipher_mask;
610     receiver_ciphers &= cipher_mask;
611     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
612     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
613    
614     if (sender_ciphers == 0) {
615 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
616 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
617     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
618     "The connection will be closed.");
619 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
620 yutakakn 2728 return FALSE;
621     } else if (receiver_ciphers == 0) {
622 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
623 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
624     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
625     "The connection will be closed.");
626 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
627 yutakakn 2728 return FALSE;
628     } else {
629     return TRUE;
630     }
631     }
632    
633     int CRYPT_get_decryption_block_size(PTInstVar pvar)
634     {
635     if (SSHv1(pvar)) {
636     return 8;
637     } else {
638     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
639     // cf. 3DES=8, AES128=16
640     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
641     }
642     }
643    
644     int CRYPT_get_encryption_block_size(PTInstVar pvar)
645     {
646     if (SSHv1(pvar)) {
647     return 8;
648     } else {
649     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
650     // cf. 3DES=8, AES128=16
651     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
652     }
653     }
654    
655     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
656     {
657     struct Mac *mac;
658    
659     if (SSHv1(pvar)) {
660     return 0;
661    
662     } else { // for SSH2(yutaka)
663     mac = &pvar->ssh2_keys[MODE_IN].mac;
664     if (mac == NULL || mac->enabled == 0)
665     return 0;
666    
667     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
668     }
669    
670     }
671    
672 yutakakn 2757 // HMAC������
673     // ���{������ SSH2 �������g�p�������B
674     // (2004.12.17 yutaka)
675 yutakakn 2728 BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
676 maya 3003 char FAR * data, int len, char FAR * MAC)
677 yutakakn 2728 {
678 maya 3003 HMAC_CTX c;
679     unsigned char m[EVP_MAX_MD_SIZE];
680     unsigned char b[4];
681 yutakakn 2757 struct Mac *mac;
682    
683     mac = &pvar->ssh2_keys[MODE_IN].mac;
684    
685     // HMAC�������L���������������A����OK�����������B
686     if (mac == NULL || mac->enabled == 0)
687     return TRUE;
688    
689 maya 3003 if (mac->key == NULL)
690 yutakakn 2757 goto error;
691    
692 maya 3003 if ((u_int)mac->mac_len > sizeof(m))
693 yutakakn 2757 goto error;
694    
695 maya 3003 HMAC_Init(&c, mac->key, mac->key_len, mac->md);
696     set_uint32_MSBfirst(b, sequence_number);
697     HMAC_Update(&c, b, sizeof(b));
698     HMAC_Update(&c, data, len);
699     HMAC_Final(&c, m, NULL);
700     HMAC_cleanup(&c);
701 yutakakn 2757
702     if (memcmp(m, MAC, mac->mac_len)) {
703     goto error;
704     }
705    
706 yutakakn 2728 return TRUE;
707 yutakakn 2757
708     error:
709     return FALSE;
710 yutakakn 2728 }
711    
712     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
713     {
714     struct Mac *mac;
715    
716     if (SSHv2(pvar)) { // for SSH2(yutaka)
717     mac = &pvar->ssh2_keys[MODE_OUT].mac;
718     if (mac == NULL || mac->enabled == 0)
719     return 0;
720    
721     return (mac->mac_len);
722     }
723    
724     return 0;
725     }
726    
727     // for SSH2
728     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
729 maya 3003 char FAR * data, int len, char FAR * MAC)
730 yutakakn 2728 {
731 maya 3003 HMAC_CTX c;
732     static u_char m[EVP_MAX_MD_SIZE];
733 yutakakn 2728 u_char b[4];
734     struct Mac *mac;
735    
736     if (SSHv2(pvar)) { // for SSH2(yutaka)
737     mac = &pvar->ssh2_keys[MODE_OUT].mac;
738     if (mac == NULL || mac->enabled == 0)
739     return FALSE;
740 maya 3003
741     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
742 yutakakn 2728 set_uint32_MSBfirst(b, sequence_number);
743     HMAC_Update(&c, b, sizeof(b));
744     HMAC_Update(&c, data, len);
745     HMAC_Final(&c, m, NULL);
746     HMAC_cleanup(&c);
747    
748     // 20�o�C�g�������R�s�[
749     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
750     // memcpy(MAC, m, sizeof(m));
751    
752     return TRUE;
753     }
754    
755     return TRUE;
756    
757     }
758    
759     static int choose_cipher(PTInstVar pvar, int supported)
760     {
761     int i;
762    
763     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
764     int cipher = pvar->session_settings.CipherOrder[i] - '0';
765    
766     if (cipher == SSH_CIPHER_NONE) {
767     break;
768     } else if ((supported & (1 << cipher)) != 0) {
769     return cipher;
770     }
771     }
772    
773     return SSH_CIPHER_NONE;
774     }
775    
776     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
777     {
778     if (SSHv1(pvar)) {
779     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
780 maya 3003 pvar->crypt_state.
781     supported_sender_ciphers);
782 yutakakn 2728 pvar->crypt_state.receiver_cipher =
783     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
784    
785     } else { // SSH2(yutaka)
786     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
787     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
788    
789     }
790    
791     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
792     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
793 maya 2994 UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
794 maya 3003 "All the encryption algorithms that this program and the server both understand have been disabled.\n"
795     "To communicate with this server, you will have to enable some more ciphers\n"
796     "in the TTSSH Setup dialog box when you run Teraterm again.\n"
797     "This connection will now close.");
798 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
799 yutakakn 2728 return FALSE;
800     } else {
801     return TRUE;
802     }
803     }
804    
805     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
806     {
807     int server_key_bits =
808     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
809     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
810     int server_key_bytes = (server_key_bits + 7) / 8;
811     int host_key_bytes = (host_key_bits + 7) / 8;
812    
813     if (server_key_bits < host_key_bits) {
814     return host_key_bytes;
815     } else {
816     return server_key_bytes;
817     }
818     }
819    
820     int CRYPT_choose_session_key(PTInstVar pvar,
821 maya 3003 unsigned char FAR * encrypted_key_buf)
822 yutakakn 2728 {
823     int server_key_bits =
824     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
825     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
826     int server_key_bytes = (server_key_bits + 7) / 8;
827     int host_key_bytes = (host_key_bits + 7) / 8;
828     int encrypted_key_bytes;
829     int bit_delta;
830    
831     if (server_key_bits < host_key_bits) {
832     encrypted_key_bytes = host_key_bytes;
833     bit_delta = host_key_bits - server_key_bits;
834     } else {
835     encrypted_key_bytes = server_key_bytes;
836     bit_delta = server_key_bits - host_key_bits;
837     }
838    
839     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
840 maya 2994 UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
841 maya 3003 "Server RSA keys are too weak. A secure connection cannot be established.");
842 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
843 yutakakn 2728 return 0;
844     } else {
845     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
846     for the session ID, rather than the one specified in the RFC */
847     int session_buf_len = server_key_bytes + host_key_bytes + 8;
848     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
849     char session_id[16];
850     int i;
851    
852     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
853     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
854 maya 3003 session_buf + host_key_bytes);
855 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
856 maya 3003 pvar->crypt_state.server_cookie, 8);
857 yutakakn 2728 MD5(session_buf, session_buf_len, session_id);
858    
859     free(session_buf);
860    
861     RAND_bytes(pvar->crypt_state.sender_cipher_key,
862 maya 3003 SSH_SESSION_KEY_LENGTH);
863 yutakakn 2728 memcpy(pvar->crypt_state.receiver_cipher_key,
864 maya 3003 pvar->crypt_state.sender_cipher_key,
865     SSH_SESSION_KEY_LENGTH);
866 yutakakn 2728
867     memcpy(encrypted_key_buf + encrypted_key_bytes -
868 maya 3003 SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
869     SSH_SESSION_KEY_LENGTH);
870 yutakakn 2728 for (i = 0; i < sizeof(session_id); i++) {
871     encrypted_key_buf[encrypted_key_bytes -
872 maya 3003 SSH_SESSION_KEY_LENGTH + i]
873 yutakakn 2728 ^= session_id[i];
874     }
875    
876     if (host_key_bits > server_key_bits) {
877     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
878 maya 3003 encrypted_key_buf +
879     encrypted_key_bytes -
880     SSH_SESSION_KEY_LENGTH,
881     encrypted_key_buf +
882     encrypted_key_bytes - server_key_bytes,
883     pvar->crypt_state.server_key.RSA_key,
884     RSA_PKCS1_PADDING) < 0)
885 yutakakn 2728 return 0;
886    
887     if (RSA_public_encrypt(server_key_bytes,
888 maya 3003 encrypted_key_buf +
889     encrypted_key_bytes - server_key_bytes,
890     encrypted_key_buf,
891     pvar->crypt_state.host_key.RSA_key,
892     RSA_PKCS1_PADDING) < 0)
893 yutakakn 2728 return 0;
894     } else {
895     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
896 maya 3003 encrypted_key_buf +
897     encrypted_key_bytes -
898     SSH_SESSION_KEY_LENGTH,
899     encrypted_key_buf +
900     encrypted_key_bytes - host_key_bytes,
901     pvar->crypt_state.host_key.RSA_key,
902     RSA_PKCS1_PADDING) < 0)
903 yutakakn 2728 return 0;
904    
905     if (RSA_public_encrypt(host_key_bytes,
906 maya 3003 encrypted_key_buf +
907     encrypted_key_bytes - host_key_bytes,
908     encrypted_key_buf,
909     pvar->crypt_state.server_key.RSA_key,
910     RSA_PKCS1_PADDING) < 0)
911 yutakakn 2728 return 0;
912     }
913     }
914    
915     return 1;
916     }
917    
918     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
919 maya 3003 unsigned char FAR * challenge,
920     int challenge_len,
921     unsigned char FAR * response)
922 yutakakn 2728 {
923     int server_key_bits =
924     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
925     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
926     int server_key_bytes = (server_key_bits + 7) / 8;
927     int host_key_bytes = (host_key_bits + 7) / 8;
928     int session_buf_len = server_key_bytes + host_key_bytes + 8;
929     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
930     char decrypted_challenge[48];
931     int decrypted_challenge_len;
932    
933     decrypted_challenge_len =
934     RSA_private_decrypt(challenge_len, challenge, challenge,
935 maya 3003 AUTH_get_cur_cred(pvar)->key_pair->RSA_key,
936     RSA_PKCS1_PADDING);
937 yutakakn 2728 if (decrypted_challenge_len < 0) {
938     free(session_buf);
939     return 0;
940     }
941     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
942     memcpy(decrypted_challenge,
943 maya 3003 challenge + decrypted_challenge_len -
944     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
945 yutakakn 2728 } else {
946     memset(decrypted_challenge, 0,
947 maya 3003 SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
948 yutakakn 2728 memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
949 maya 3003 decrypted_challenge_len, challenge,
950     decrypted_challenge_len);
951 yutakakn 2728 }
952    
953     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
954     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
955 maya 3003 session_buf + host_key_bytes);
956 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
957 maya 3003 pvar->crypt_state.server_cookie, 8);
958 yutakakn 2728 MD5(session_buf, session_buf_len, decrypted_challenge + 32);
959    
960     free(session_buf);
961    
962     MD5(decrypted_challenge, 48, response);
963    
964     return 1;
965     }
966    
967     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
968     {
969     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
970     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
971     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
972     memset(state->ivec1, 0, 8);
973     memset(state->ivec2, 0, 8);
974     memset(state->ivec3, 0, 8);
975     }
976    
977     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
978     {
979     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
980     memset(state->ivec, 0, 8);
981     }
982    
983     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
984     {
985     idea_set_encrypt_key(session_key, &state->k);
986     memset(state->ivec, 0, 8);
987     }
988    
989     static void cBlowfish_init(char FAR * session_key,
990 maya 3003 CipherBlowfishState FAR * state)
991 yutakakn 2728 {
992     BF_set_key(&state->k, 32, session_key);
993     memset(state->ivec, 0, 8);
994     }
995    
996    
997     //
998     // SSH2�p�A���S���Y����������
999     //
1000     // for SSH2(yutaka)
1001     //
1002 maya 3003 void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1003     const u_char *key, u_int keylen,
1004     const u_char *iv, u_int ivlen,
1005     int encrypt,
1006 maya 3043 const EVP_CIPHER *(*func)(void),
1007     PTInstVar pvar)
1008 yutakakn 2728 {
1009     EVP_CIPHER *type;
1010     int klen;
1011 maya 3043 char tmp[80];
1012 yutakakn 2728
1013     type = (EVP_CIPHER *)func();
1014    
1015     EVP_CIPHER_CTX_init(evp);
1016     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1017 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1018     "Cipher initialize error(%d)");
1019     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1020     notify_fatal_error(pvar, tmp);
1021     return;
1022 yutakakn 2728 }
1023    
1024     klen = EVP_CIPHER_CTX_key_length(evp);
1025     if (klen > 0 && keylen != klen) {
1026     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1027 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1028     "Cipher initialize error(%d)");
1029     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1030     notify_fatal_error(pvar, tmp);
1031     return;
1032 yutakakn 2728 }
1033     }
1034     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1035 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1036     "Cipher initialize error(%d)");
1037     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1038     notify_fatal_error(pvar, tmp);
1039     return;
1040 yutakakn 2728 }
1041     }
1042    
1043    
1044     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1045     {
1046     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1047     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1048     BOOL isOK = TRUE;
1049    
1050     if (sender_flag) {
1051     switch (pvar->crypt_state.sender_cipher) {
1052     // for SSH2(yutaka)
1053     case SSH_CIPHER_3DES_CBC:
1054     {
1055     struct Enc *enc;
1056    
1057     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1058 maya 3003 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1059 maya 3036 enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1060     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1061 maya 3003 CIPHER_ENCRYPT,
1062 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1063     pvar);
1064 yutakakn 2728
1065 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1066     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1067 yutakakn 2728
1068     pvar->crypt_state.encrypt = c3DES_CBC_encrypt;
1069     break;
1070     }
1071    
1072     // for SSH2(yutaka)
1073     case SSH_CIPHER_AES128:
1074 maya 3039 case SSH_CIPHER_AES192:
1075 maya 3036 case SSH_CIPHER_AES256:
1076 yutakakn 2728 {
1077     struct Enc *enc;
1078    
1079     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1080 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1081     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1082     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1083 maya 3003 CIPHER_ENCRYPT,
1084 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1085     pvar);
1086 yutakakn 2728
1087 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1088     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1089 yutakakn 2728
1090     pvar->crypt_state.encrypt = cAES128_encrypt;
1091     break;
1092     }
1093    
1094     case SSH_CIPHER_3DES:{
1095     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1096     pvar->crypt_state.encrypt = c3DES_encrypt;
1097     break;
1098     }
1099     case SSH_CIPHER_IDEA:{
1100     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1101     pvar->crypt_state.encrypt = cIDEA_encrypt;
1102     break;
1103     }
1104     case SSH_CIPHER_DES:{
1105     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1106     pvar->crypt_state.encrypt = cDES_encrypt;
1107     break;
1108     }
1109     case SSH_CIPHER_RC4:{
1110     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1111     encryption_key + 16);
1112     pvar->crypt_state.encrypt = cRC4_encrypt;
1113     break;
1114     }
1115     case SSH_CIPHER_BLOWFISH:{
1116     cBlowfish_init(encryption_key,
1117 maya 3003 &pvar->crypt_state.enc.cBlowfish);
1118 yutakakn 2728 pvar->crypt_state.encrypt = cBlowfish_encrypt;
1119     break;
1120     }
1121     default:
1122     isOK = FALSE;
1123     }
1124     }
1125    
1126    
1127     if (receiver_flag) {
1128     switch (pvar->crypt_state.receiver_cipher) {
1129     // for SSH2(yutaka)
1130     case SSH_CIPHER_3DES_CBC:
1131     {
1132     struct Enc *enc;
1133    
1134     enc = &pvar->ssh2_keys[MODE_IN].enc;
1135 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1136     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1137     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1138 maya 3003 CIPHER_DECRYPT,
1139 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1140     pvar);
1141 yutakakn 2728
1142     //debug_print(12, enc->key, 24);
1143     //debug_print(13, enc->iv, 24);
1144    
1145     pvar->crypt_state.decrypt = c3DES_CBC_decrypt;
1146     break;
1147     }
1148    
1149     // for SSH2(yutaka)
1150     case SSH_CIPHER_AES128:
1151 maya 3039 case SSH_CIPHER_AES192:
1152 maya 3036 case SSH_CIPHER_AES256:
1153 yutakakn 2728 {
1154     struct Enc *enc;
1155    
1156     enc = &pvar->ssh2_keys[MODE_IN].enc;
1157 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1158     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1159     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1160 maya 3003 CIPHER_DECRYPT,
1161 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1162     pvar);
1163 yutakakn 2728
1164     //debug_print(12, enc->key, 24);
1165     //debug_print(13, enc->iv, 24);
1166    
1167     pvar->crypt_state.decrypt = cAES128_decrypt;
1168     break;
1169     }
1170    
1171     case SSH_CIPHER_3DES:{
1172     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1173     pvar->crypt_state.decrypt = c3DES_decrypt;
1174     break;
1175     }
1176     case SSH_CIPHER_IDEA:{
1177     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1178     pvar->crypt_state.decrypt = cIDEA_decrypt;
1179     break;
1180     }
1181     case SSH_CIPHER_DES:{
1182     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1183     pvar->crypt_state.decrypt = cDES_decrypt;
1184     break;
1185     }
1186     case SSH_CIPHER_RC4:{
1187     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1188     pvar->crypt_state.decrypt = cRC4_decrypt;
1189     break;
1190     }
1191     case SSH_CIPHER_BLOWFISH:{
1192     cBlowfish_init(decryption_key,
1193 maya 3003 &pvar->crypt_state.dec.cBlowfish);
1194 yutakakn 2728 pvar->crypt_state.decrypt = cBlowfish_decrypt;
1195     break;
1196     }
1197     default:
1198     isOK = FALSE;
1199     }
1200     }
1201    
1202    
1203     if (!isOK) {
1204 maya 2994 UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1205 maya 3003 "No cipher selected!");
1206 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1207 yutakakn 2728 return FALSE;
1208     } else {
1209     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1210     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1211     return TRUE;
1212     }
1213     }
1214    
1215     void CRYPT_init(PTInstVar pvar)
1216     {
1217     pvar->crypt_state.encrypt = no_encrypt;
1218     pvar->crypt_state.decrypt = no_encrypt;
1219     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1220     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1221     pvar->crypt_state.server_key.RSA_key = NULL;
1222     pvar->crypt_state.host_key.RSA_key = NULL;
1223    
1224     pvar->crypt_state.detect_attack_statics.h = NULL;
1225     pvar->crypt_state.detect_attack_statics.n =
1226     HASH_MINSIZE / HASH_ENTRYSIZE;
1227     }
1228    
1229     static char FAR *get_cipher_name(int cipher)
1230     {
1231     switch (cipher) {
1232     case SSH_CIPHER_NONE:
1233     return "None";
1234     case SSH_CIPHER_3DES:
1235     return "3DES (168 key bits)";
1236     case SSH_CIPHER_DES:
1237     return "DES (56 key bits)";
1238     case SSH_CIPHER_IDEA:
1239     return "IDEA (128 key bits)";
1240     case SSH_CIPHER_RC4:
1241     return "RC4 (128 key bits)";
1242     case SSH_CIPHER_BLOWFISH:
1243     return "Blowfish (256 key bits)";
1244    
1245     // SSH2
1246     case SSH_CIPHER_3DES_CBC:
1247     return "3DES-CBC";
1248     case SSH_CIPHER_AES128:
1249     return "AES128";
1250 maya 3039 case SSH_CIPHER_AES192:
1251     return "AES192";
1252 maya 3036 case SSH_CIPHER_AES256:
1253     return "AES256";
1254 yutakakn 2728
1255     default:
1256     return "Unknown";
1257     }
1258     }
1259    
1260     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1261     {
1262 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1263 maya 3003 "%s to server, %s from server");
1264 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1265 maya 3003 get_cipher_name(pvar->crypt_state.sender_cipher),
1266     get_cipher_name(pvar->crypt_state.receiver_cipher));
1267 yutakakn 2728 }
1268    
1269     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1270     {
1271     if (SSHv1(pvar)) {
1272     if (pvar->crypt_state.server_key.RSA_key == NULL
1273 maya 3003 || pvar->crypt_state.host_key.RSA_key == NULL) {
1274 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1275 maya 2992 strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1276 yutakakn 2728 } else {
1277 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1278 maya 3003 "%d-bit server key, %d-bit host key");
1279 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1280 maya 3003 BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1281     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1282 yutakakn 2728 }
1283     } else { // SSH2
1284 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1285 maya 3003 "%d-bit server key, %d-bit host key");
1286 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1287 maya 3003 pvar->server_key_bits,
1288     pvar->client_key_bits);
1289 yutakakn 2728 }
1290     }
1291    
1292     static void destroy_public_key(CRYPTPublicKey FAR * key)
1293     {
1294     if (key->RSA_key != NULL) {
1295     RSA_free(key->RSA_key);
1296     key->RSA_key = NULL;
1297     }
1298     }
1299    
1300     void CRYPT_free_public_key(CRYPTPublicKey FAR * key)
1301     {
1302     destroy_public_key(key);
1303     free(key);
1304     }
1305    
1306     void CRYPT_end(PTInstVar pvar)
1307     {
1308     destroy_public_key(&pvar->crypt_state.host_key);
1309     destroy_public_key(&pvar->crypt_state.server_key);
1310    
1311     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1312     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1313 maya 3003 pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1314 yutakakn 2728 free(pvar->crypt_state.detect_attack_statics.h);
1315     }
1316    
1317     memset(pvar->crypt_state.sender_cipher_key, 0,
1318 maya 3003 sizeof(pvar->crypt_state.sender_cipher_key));
1319 yutakakn 2728 memset(pvar->crypt_state.receiver_cipher_key, 0,
1320 maya 3003 sizeof(pvar->crypt_state.receiver_cipher_key));
1321 yutakakn 2728 memset(pvar->crypt_state.server_cookie, 0,
1322 maya 3003 sizeof(pvar->crypt_state.server_cookie));
1323 yutakakn 2728 memset(pvar->crypt_state.client_cookie, 0,
1324 maya 3003 sizeof(pvar->crypt_state.client_cookie));
1325 yutakakn 2728 memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1326     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1327     }
1328    
1329     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1330 maya 3003 char FAR * buf, int bytes)
1331 yutakakn 2728 {
1332     unsigned char passphrase_key[16];
1333    
1334     MD5(passphrase, strlen(passphrase), passphrase_key);
1335    
1336     switch (cipher) {
1337     case SSH_CIPHER_3DES:{
1338     Cipher3DESState state;
1339    
1340     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1341 maya 3003 &state.k1);
1342 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1343 maya 3003 &state.k2);
1344 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) passphrase_key,
1345 maya 3003 &state.k3);
1346 yutakakn 2728 memset(state.ivec1, 0, 8);
1347     memset(state.ivec2, 0, 8);
1348     memset(state.ivec3, 0, 8);
1349     DES_ncbc_encrypt(buf, buf, bytes,
1350 maya 3003 &state.k3, &state.ivec3, DES_DECRYPT);
1351 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1352 maya 3003 &state.k2, &state.ivec2, DES_ENCRYPT);
1353 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1354 maya 3003 &state.k1, &state.ivec1, DES_DECRYPT);
1355 yutakakn 2728 break;
1356     }
1357    
1358     case SSH_CIPHER_IDEA:{
1359     CipherIDEAState state;
1360     int num = 0;
1361    
1362     cIDEA_init(passphrase_key, &state);
1363     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1364 maya 3003 &num, IDEA_DECRYPT);
1365 yutakakn 2728 break;
1366     }
1367    
1368     case SSH_CIPHER_DES:{
1369     CipherDESState state;
1370    
1371     cDES_init(passphrase_key, &state);
1372     DES_ncbc_encrypt(buf, buf, bytes,
1373 maya 3003 &state.k, &state.ivec, DES_DECRYPT);
1374 yutakakn 2728 break;
1375     }
1376    
1377     case SSH_CIPHER_RC4:{
1378     CipherRC4State state;
1379     int num = 0;
1380    
1381     RC4_set_key(&state.k, 16, passphrase_key);
1382     RC4(&state.k, bytes, buf, buf);
1383     break;
1384     }
1385    
1386     case SSH_CIPHER_BLOWFISH:{
1387     CipherBlowfishState state;
1388    
1389     BF_set_key(&state.k, 16, passphrase_key);
1390     memset(state.ivec, 0, 8);
1391     flip_endianness(buf, bytes);
1392     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1393     BF_DECRYPT);
1394     flip_endianness(buf, bytes);
1395     break;
1396     }
1397    
1398     case SSH_CIPHER_NONE:
1399     break;
1400    
1401     default:
1402     memset(passphrase_key, 0, sizeof(passphrase_key));
1403     return 0;
1404     }
1405    
1406     memset(passphrase_key, 0, sizeof(passphrase_key));
1407     return 1;
1408     }
1409    
1410     void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair)
1411     {
1412 yutakakn 2762 if (key_pair->RSA_key != NULL)
1413     RSA_free(key_pair->RSA_key);
1414    
1415     if (key_pair->DSA_key != NULL)
1416     DSA_free(key_pair->DSA_key);
1417    
1418 yutakakn 2728 free(key_pair);
1419     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help