Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3045 - (hide annotations) (download) (as text)
Thu Oct 18 03:49:39 2007 UTC (16 years, 5 months ago) by maya
Original Path: ttssh2/trunk/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 42676 byte(s) 
SSH2 の暗号化方式として Blowfish をサポートしたい。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40 yutakakn 2831 #include <openssl/dsa.h>
41 yutakakn 2728 #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51 maya 3045 * $Id: crypt.c,v 1.16 2007-10-18 03:49:39 maya Exp $ Cryptographic attack
52 yutakakn 2728 * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87 maya 3003 uint32 len, unsigned char FAR * IV)
88 yutakakn 2728 {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116 maya 3003 unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118 yutakakn 2728 {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191 maya 3003 int bytes)
192 yutakakn 2728 {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199 maya 3003 buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202 yutakakn 2728 default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204 maya 3003 buf, bytes, NULL) == DEATTACK_DETECTED;
205 yutakakn 2728 }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217 maya 3039 // ���O�������������������������������AAES192, AES256 ����
218 maya 3036 // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219 yutakakn 2728 static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220 maya 3003 int bytes)
221 yutakakn 2728 {
222     unsigned char *newbuf = malloc(bytes);
223     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
224    
225     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
226     if (bytes == 0)
227     return;
228    
229     if (newbuf == NULL)
230     return;
231    
232     if (bytes % block_size) {
233     char tmp[80];
234 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR1", pvar,
235 maya 3003 "AES128 encrypt error(1): bytes %d (%d)");
236 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
237 maya 3003 pvar->ts->UIMsg, bytes, block_size);
238 yutakakn 2728 notify_fatal_error(pvar, tmp);
239     goto error;
240     }
241    
242     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
243 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR2", pvar,
244 maya 3043 "AES128 encrypt error(2)");
245 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
246 maya 3043 goto error;
247 yutakakn 2728
248     } else {
249 maya 3045 memcpy(buf, newbuf, bytes);
250 yutakakn 2728
251     }
252    
253     error:
254     free(newbuf);
255     }
256    
257     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
258 maya 3003 int bytes)
259 yutakakn 2728 {
260     unsigned char *newbuf = malloc(bytes);
261     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
262    
263     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
264     if (bytes == 0)
265     return;
266    
267     if (newbuf == NULL)
268     return;
269    
270     if (bytes % block_size) {
271     char tmp[80];
272 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR1", pvar,
273 maya 3003 "AES128 decrypt error(1): bytes %d (%d)");
274 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
275 yutakakn 2728 notify_fatal_error(pvar, tmp);
276     goto error;
277     }
278    
279     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
280 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR2", pvar,
281 maya 3003 "AES128 decrypt error(2)");
282 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
283 maya 3043 goto error;
284 yutakakn 2728
285     } else {
286 maya 3045 memcpy(buf, newbuf, bytes);
287 yutakakn 2728
288     }
289    
290 maya 3043 error:
291 yutakakn 2728 free(newbuf);
292     }
293    
294    
295    
296     // for SSH2(yutaka)
297     static void c3DES_CBC_encrypt(PTInstVar pvar, unsigned char FAR * buf,
298 maya 3003 int bytes)
299 yutakakn 2728 {
300     unsigned char *newbuf = malloc(bytes);
301    
302     if (newbuf == NULL)
303     return;
304    
305 maya 3043 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
306     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR", pvar,
307     "3DES-CBC encrypt error");
308     notify_fatal_error(pvar, pvar->ts->UIMsg);
309     goto error;
310 yutakakn 2728
311     } else {
312 maya 3045 //unsigned char key[24], iv[8];
313 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
314 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
315 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
316 yutakakn 2728
317     //debug_print(50, key, 24);
318     //debug_print(51, iv, 8);
319     //debug_print(52, buf, bytes);
320     //debug_print(53, newbuf, bytes);
321    
322     memcpy(buf, newbuf, bytes);
323     }
324    
325 maya 3043 error:
326 yutakakn 2728 free(newbuf);
327     }
328    
329     static void c3DES_CBC_decrypt(PTInstVar pvar, unsigned char FAR * buf,
330 maya 3003 int bytes)
331 yutakakn 2728 {
332     unsigned char *newbuf = malloc(bytes);
333    
334     if (newbuf == NULL)
335     return;
336    
337     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
338 maya 3043 UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR", pvar,
339     "3DES-CBC decrypt error");
340     notify_fatal_error(pvar, pvar->ts->UIMsg);
341     goto error;
342 yutakakn 2728
343     } else {
344 maya 3045 //unsigned char key[24], iv[8];
345 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
346 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
347 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
348 yutakakn 2728
349     //debug_print(70, key, 24);
350     //debug_print(71, iv, 8);
351     //debug_print(72, buf, bytes);
352     //debug_print(73, newbuf, bytes);
353    
354     memcpy(buf, newbuf, bytes);
355     }
356    
357 maya 3043 error:
358 yutakakn 2728 free(newbuf);
359     }
360    
361    
362 maya 3045 static void cBlowfish_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
363     int bytes)
364     {
365     unsigned char *newbuf = malloc(bytes);
366     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
367    
368     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
369     if (bytes == 0)
370     return;
371    
372     if (newbuf == NULL)
373     return;
374    
375     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
376     UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR", pvar,
377     "Blowfish encrypt error");
378     notify_fatal_error(pvar, pvar->ts->UIMsg);
379     goto error;
380    
381     } else {
382     memcpy(buf, newbuf, bytes);
383    
384     }
385    
386     error:
387     free(newbuf);
388     }
389    
390     static void cBlowfish_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
391     int bytes)
392     {
393     unsigned char *newbuf = malloc(bytes);
394     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
395    
396     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
397     if (bytes == 0)
398     return;
399    
400     if (newbuf == NULL)
401     return;
402    
403     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
404     UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR", pvar,
405     "Blowfish decrypt error");
406     notify_fatal_error(pvar, pvar->ts->UIMsg);
407     goto error;
408    
409     } else {
410     memcpy(buf, newbuf, bytes);
411    
412     }
413    
414     error:
415     free(newbuf);
416     }
417    
418    
419    
420 yutakakn 2728 static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
421 maya 3003 int bytes)
422 yutakakn 2728 {
423     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
424    
425     DES_ncbc_encrypt(buf, buf, bytes,
426 maya 3003 &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
427 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
428 maya 3003 &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
429 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
430 maya 3003 &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
431 yutakakn 2728 }
432    
433     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
434 maya 3003 int bytes)
435 yutakakn 2728 {
436     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
437    
438     DES_ncbc_encrypt(buf, buf, bytes,
439 maya 3003 &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
440 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
441 maya 3003 &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
442 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
443 maya 3003 &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
444 yutakakn 2728 }
445    
446     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
447     int bytes)
448     {
449     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
450    
451     DES_ncbc_encrypt(buf, buf, bytes,
452 maya 3003 &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
453 yutakakn 2728 }
454    
455     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
456     int bytes)
457     {
458     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
459    
460     DES_ncbc_encrypt(buf, buf, bytes,
461 maya 3003 &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
462 yutakakn 2728 }
463    
464     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
465 maya 3003 int bytes)
466 yutakakn 2728 {
467     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
468     int num = 0;
469    
470     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
471 maya 3003 encryptstate->ivec, &num, IDEA_ENCRYPT);
472 yutakakn 2728 }
473    
474     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
475 maya 3003 int bytes)
476 yutakakn 2728 {
477     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
478     int num = 0;
479    
480     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
481 maya 3003 decryptstate->ivec, &num, IDEA_DECRYPT);
482 yutakakn 2728 }
483    
484     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
485     {
486     uint32 FAR *buf = (uint32 FAR *) cbuf;
487     int count = bytes / 4;
488    
489     while (count > 0) {
490     uint32 w = *buf;
491    
492     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
493 maya 3003 | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
494 yutakakn 2728 count--;
495     buf++;
496     }
497     }
498    
499     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
500 maya 3003 int bytes)
501 yutakakn 2728 {
502     CipherBlowfishState FAR *encryptstate =
503     &pvar->crypt_state.enc.cBlowfish;
504    
505     flip_endianness(buf, bytes);
506     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
507 maya 3003 BF_ENCRYPT);
508 yutakakn 2728 flip_endianness(buf, bytes);
509     }
510    
511     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
512 maya 3003 int bytes)
513 yutakakn 2728 {
514     CipherBlowfishState FAR *decryptstate =
515     &pvar->crypt_state.dec.cBlowfish;
516    
517     flip_endianness(buf, bytes);
518     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
519 maya 3003 BF_DECRYPT);
520 yutakakn 2728 flip_endianness(buf, bytes);
521     }
522    
523     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
524 maya 3003 int bytes)
525 yutakakn 2728 {
526     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
527     int num = 0;
528    
529     RC4(&encryptstate->k, bytes, buf, buf);
530     }
531    
532     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
533 maya 3003 int bytes)
534 yutakakn 2728 {
535     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
536     int num = 0;
537    
538     RC4(&decryptstate->k, bytes, buf, buf);
539     }
540    
541     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
542 maya 3003 int bytes)
543 yutakakn 2728 {
544     RAND_bytes(buf, bytes);
545     }
546    
547     void CRYPT_initialize_random_numbers(PTInstVar pvar)
548     {
549     RAND_screen();
550     }
551    
552     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
553     {
554     int bits = get_ushort16_MSBfirst(bytes);
555    
556     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
557     }
558    
559 yutakakn 2857 // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
560     RSA FAR *make_key(PTInstVar pvar,
561 maya 3003 int bits, unsigned char FAR * exp,
562     unsigned char FAR * mod)
563 yutakakn 2728 {
564     RSA FAR *key = RSA_new();
565    
566     if (key != NULL) {
567     key->e = get_bignum(exp);
568     key->n = get_bignum(mod);
569     }
570    
571     if (key == NULL || key->e == NULL || key->n == NULL) {
572 maya 2994 UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
573 maya 3003 "Error setting up RSA keys");
574 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
575 yutakakn 2728
576     if (key != NULL) {
577     if (key->e != NULL) {
578     BN_free(key->e);
579     }
580     if (key->n != NULL) {
581     BN_free(key->n);
582     }
583     RSA_free(key);
584     }
585    
586     return NULL;
587     } else {
588     return key;
589     }
590     }
591    
592     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
593     {
594     if (SSHv1(pvar)) {
595     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
596     } else {
597     memcpy(pvar->crypt_state.server_cookie, cookie,
598 maya 3003 SSH2_COOKIE_LENGTH);
599 yutakakn 2728 }
600     }
601    
602     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
603     {
604     if (SSHv2(pvar)) {
605     memcpy(pvar->crypt_state.client_cookie, cookie,
606 maya 3003 SSH2_COOKIE_LENGTH);
607 yutakakn 2728 }
608     }
609    
610     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
611 maya 3003 int bits, unsigned char FAR * exp,
612     unsigned char FAR * mod)
613 yutakakn 2728 {
614     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
615    
616     return pvar->crypt_state.server_key.RSA_key != NULL;
617     }
618    
619     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
620 maya 3003 int bits, unsigned char FAR * exp,
621     unsigned char FAR * mod)
622 yutakakn 2728 {
623     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
624    
625     return pvar->crypt_state.host_key.RSA_key != NULL;
626     }
627    
628     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
629 maya 3003 int receiver_ciphers)
630 yutakakn 2728 {
631     int cipher_mask;
632    
633     if (SSHv1(pvar)) {
634     cipher_mask = (1 << SSH_CIPHER_DES)
635 maya 3003 | (1 << SSH_CIPHER_3DES)
636     | (1 << SSH_CIPHER_BLOWFISH);
637 yutakakn 2728
638     } else { // for SSH2(yutaka)
639     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
640 maya 3045 cipher_mask = (1 << SSH2_CIPHER_3DES_CBC)
641     | (1 << SSH2_CIPHER_AES128)
642     | (1 << SSH2_CIPHER_BLOWFISH)
643     | (1 << SSH2_CIPHER_AES192)
644     | (1 << SSH2_CIPHER_AES256);
645 yutakakn 2728 }
646    
647     sender_ciphers &= cipher_mask;
648     receiver_ciphers &= cipher_mask;
649     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
650     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
651    
652     if (sender_ciphers == 0) {
653 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
654 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
655     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
656     "The connection will be closed.");
657 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
658 yutakakn 2728 return FALSE;
659     } else if (receiver_ciphers == 0) {
660 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
661 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
662     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
663     "The connection will be closed.");
664 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
665 yutakakn 2728 return FALSE;
666     } else {
667     return TRUE;
668     }
669     }
670    
671     int CRYPT_get_decryption_block_size(PTInstVar pvar)
672     {
673     if (SSHv1(pvar)) {
674     return 8;
675     } else {
676     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
677     // cf. 3DES=8, AES128=16
678     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
679     }
680     }
681    
682     int CRYPT_get_encryption_block_size(PTInstVar pvar)
683     {
684     if (SSHv1(pvar)) {
685     return 8;
686     } else {
687     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
688     // cf. 3DES=8, AES128=16
689     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
690     }
691     }
692    
693     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
694     {
695     struct Mac *mac;
696    
697     if (SSHv1(pvar)) {
698     return 0;
699    
700     } else { // for SSH2(yutaka)
701     mac = &pvar->ssh2_keys[MODE_IN].mac;
702     if (mac == NULL || mac->enabled == 0)
703     return 0;
704    
705     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
706     }
707    
708     }
709    
710 yutakakn 2757 // HMAC������
711     // ���{������ SSH2 �������g�p�������B
712     // (2004.12.17 yutaka)
713 yutakakn 2728 BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
714 maya 3003 char FAR * data, int len, char FAR * MAC)
715 yutakakn 2728 {
716 maya 3003 HMAC_CTX c;
717     unsigned char m[EVP_MAX_MD_SIZE];
718     unsigned char b[4];
719 yutakakn 2757 struct Mac *mac;
720    
721     mac = &pvar->ssh2_keys[MODE_IN].mac;
722    
723     // HMAC�������L���������������A����OK�����������B
724     if (mac == NULL || mac->enabled == 0)
725     return TRUE;
726    
727 maya 3003 if (mac->key == NULL)
728 yutakakn 2757 goto error;
729    
730 maya 3003 if ((u_int)mac->mac_len > sizeof(m))
731 yutakakn 2757 goto error;
732    
733 maya 3003 HMAC_Init(&c, mac->key, mac->key_len, mac->md);
734     set_uint32_MSBfirst(b, sequence_number);
735     HMAC_Update(&c, b, sizeof(b));
736     HMAC_Update(&c, data, len);
737     HMAC_Final(&c, m, NULL);
738     HMAC_cleanup(&c);
739 yutakakn 2757
740     if (memcmp(m, MAC, mac->mac_len)) {
741     goto error;
742     }
743    
744 yutakakn 2728 return TRUE;
745 yutakakn 2757
746     error:
747     return FALSE;
748 yutakakn 2728 }
749    
750     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
751     {
752     struct Mac *mac;
753    
754     if (SSHv2(pvar)) { // for SSH2(yutaka)
755     mac = &pvar->ssh2_keys[MODE_OUT].mac;
756     if (mac == NULL || mac->enabled == 0)
757     return 0;
758    
759     return (mac->mac_len);
760     }
761    
762     return 0;
763     }
764    
765     // for SSH2
766     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
767 maya 3003 char FAR * data, int len, char FAR * MAC)
768 yutakakn 2728 {
769 maya 3003 HMAC_CTX c;
770     static u_char m[EVP_MAX_MD_SIZE];
771 yutakakn 2728 u_char b[4];
772     struct Mac *mac;
773    
774     if (SSHv2(pvar)) { // for SSH2(yutaka)
775     mac = &pvar->ssh2_keys[MODE_OUT].mac;
776     if (mac == NULL || mac->enabled == 0)
777     return FALSE;
778 maya 3003
779     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
780 yutakakn 2728 set_uint32_MSBfirst(b, sequence_number);
781     HMAC_Update(&c, b, sizeof(b));
782     HMAC_Update(&c, data, len);
783     HMAC_Final(&c, m, NULL);
784     HMAC_cleanup(&c);
785    
786     // 20�o�C�g�������R�s�[
787     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
788     // memcpy(MAC, m, sizeof(m));
789    
790     return TRUE;
791     }
792    
793     return TRUE;
794    
795     }
796    
797     static int choose_cipher(PTInstVar pvar, int supported)
798     {
799     int i;
800    
801     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
802     int cipher = pvar->session_settings.CipherOrder[i] - '0';
803    
804     if (cipher == SSH_CIPHER_NONE) {
805     break;
806     } else if ((supported & (1 << cipher)) != 0) {
807     return cipher;
808     }
809     }
810    
811     return SSH_CIPHER_NONE;
812     }
813    
814     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
815     {
816     if (SSHv1(pvar)) {
817     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
818 maya 3003 pvar->crypt_state.
819     supported_sender_ciphers);
820 yutakakn 2728 pvar->crypt_state.receiver_cipher =
821     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
822    
823     } else { // SSH2(yutaka)
824     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
825     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
826    
827     }
828    
829     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
830     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
831 maya 2994 UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
832 maya 3003 "All the encryption algorithms that this program and the server both understand have been disabled.\n"
833     "To communicate with this server, you will have to enable some more ciphers\n"
834     "in the TTSSH Setup dialog box when you run Teraterm again.\n"
835     "This connection will now close.");
836 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
837 yutakakn 2728 return FALSE;
838     } else {
839     return TRUE;
840     }
841     }
842    
843     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
844     {
845     int server_key_bits =
846     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
847     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
848     int server_key_bytes = (server_key_bits + 7) / 8;
849     int host_key_bytes = (host_key_bits + 7) / 8;
850    
851     if (server_key_bits < host_key_bits) {
852     return host_key_bytes;
853     } else {
854     return server_key_bytes;
855     }
856     }
857    
858     int CRYPT_choose_session_key(PTInstVar pvar,
859 maya 3003 unsigned char FAR * encrypted_key_buf)
860 yutakakn 2728 {
861     int server_key_bits =
862     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
863     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
864     int server_key_bytes = (server_key_bits + 7) / 8;
865     int host_key_bytes = (host_key_bits + 7) / 8;
866     int encrypted_key_bytes;
867     int bit_delta;
868    
869     if (server_key_bits < host_key_bits) {
870     encrypted_key_bytes = host_key_bytes;
871     bit_delta = host_key_bits - server_key_bits;
872     } else {
873     encrypted_key_bytes = server_key_bytes;
874     bit_delta = server_key_bits - host_key_bits;
875     }
876    
877     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
878 maya 2994 UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
879 maya 3003 "Server RSA keys are too weak. A secure connection cannot be established.");
880 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
881 yutakakn 2728 return 0;
882     } else {
883     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
884     for the session ID, rather than the one specified in the RFC */
885     int session_buf_len = server_key_bytes + host_key_bytes + 8;
886     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
887     char session_id[16];
888     int i;
889    
890     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
891     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
892 maya 3003 session_buf + host_key_bytes);
893 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
894 maya 3003 pvar->crypt_state.server_cookie, 8);
895 yutakakn 2728 MD5(session_buf, session_buf_len, session_id);
896    
897     free(session_buf);
898    
899     RAND_bytes(pvar->crypt_state.sender_cipher_key,
900 maya 3003 SSH_SESSION_KEY_LENGTH);
901 yutakakn 2728 memcpy(pvar->crypt_state.receiver_cipher_key,
902 maya 3003 pvar->crypt_state.sender_cipher_key,
903     SSH_SESSION_KEY_LENGTH);
904 yutakakn 2728
905     memcpy(encrypted_key_buf + encrypted_key_bytes -
906 maya 3003 SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
907     SSH_SESSION_KEY_LENGTH);
908 yutakakn 2728 for (i = 0; i < sizeof(session_id); i++) {
909     encrypted_key_buf[encrypted_key_bytes -
910 maya 3003 SSH_SESSION_KEY_LENGTH + i]
911 yutakakn 2728 ^= session_id[i];
912     }
913    
914     if (host_key_bits > server_key_bits) {
915     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
916 maya 3003 encrypted_key_buf +
917     encrypted_key_bytes -
918     SSH_SESSION_KEY_LENGTH,
919     encrypted_key_buf +
920     encrypted_key_bytes - server_key_bytes,
921     pvar->crypt_state.server_key.RSA_key,
922     RSA_PKCS1_PADDING) < 0)
923 yutakakn 2728 return 0;
924    
925     if (RSA_public_encrypt(server_key_bytes,
926 maya 3003 encrypted_key_buf +
927     encrypted_key_bytes - server_key_bytes,
928     encrypted_key_buf,
929     pvar->crypt_state.host_key.RSA_key,
930     RSA_PKCS1_PADDING) < 0)
931 yutakakn 2728 return 0;
932     } else {
933     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
934 maya 3003 encrypted_key_buf +
935     encrypted_key_bytes -
936     SSH_SESSION_KEY_LENGTH,
937     encrypted_key_buf +
938     encrypted_key_bytes - host_key_bytes,
939     pvar->crypt_state.host_key.RSA_key,
940     RSA_PKCS1_PADDING) < 0)
941 yutakakn 2728 return 0;
942    
943     if (RSA_public_encrypt(host_key_bytes,
944 maya 3003 encrypted_key_buf +
945     encrypted_key_bytes - host_key_bytes,
946     encrypted_key_buf,
947     pvar->crypt_state.server_key.RSA_key,
948     RSA_PKCS1_PADDING) < 0)
949 yutakakn 2728 return 0;
950     }
951     }
952    
953     return 1;
954     }
955    
956     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
957 maya 3003 unsigned char FAR * challenge,
958     int challenge_len,
959     unsigned char FAR * response)
960 yutakakn 2728 {
961     int server_key_bits =
962     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
963     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
964     int server_key_bytes = (server_key_bits + 7) / 8;
965     int host_key_bytes = (host_key_bits + 7) / 8;
966     int session_buf_len = server_key_bytes + host_key_bytes + 8;
967     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
968     char decrypted_challenge[48];
969     int decrypted_challenge_len;
970    
971     decrypted_challenge_len =
972     RSA_private_decrypt(challenge_len, challenge, challenge,
973 maya 3003 AUTH_get_cur_cred(pvar)->key_pair->RSA_key,
974     RSA_PKCS1_PADDING);
975 yutakakn 2728 if (decrypted_challenge_len < 0) {
976     free(session_buf);
977     return 0;
978     }
979     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
980     memcpy(decrypted_challenge,
981 maya 3003 challenge + decrypted_challenge_len -
982     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
983 yutakakn 2728 } else {
984     memset(decrypted_challenge, 0,
985 maya 3003 SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
986 yutakakn 2728 memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
987 maya 3003 decrypted_challenge_len, challenge,
988     decrypted_challenge_len);
989 yutakakn 2728 }
990    
991     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
992     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
993 maya 3003 session_buf + host_key_bytes);
994 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
995 maya 3003 pvar->crypt_state.server_cookie, 8);
996 yutakakn 2728 MD5(session_buf, session_buf_len, decrypted_challenge + 32);
997    
998     free(session_buf);
999    
1000     MD5(decrypted_challenge, 48, response);
1001    
1002     return 1;
1003     }
1004    
1005     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1006     {
1007     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1008     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1009     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1010     memset(state->ivec1, 0, 8);
1011     memset(state->ivec2, 0, 8);
1012     memset(state->ivec3, 0, 8);
1013     }
1014    
1015     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1016     {
1017     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1018     memset(state->ivec, 0, 8);
1019     }
1020    
1021     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1022     {
1023     idea_set_encrypt_key(session_key, &state->k);
1024     memset(state->ivec, 0, 8);
1025     }
1026    
1027     static void cBlowfish_init(char FAR * session_key,
1028 maya 3003 CipherBlowfishState FAR * state)
1029 yutakakn 2728 {
1030     BF_set_key(&state->k, 32, session_key);
1031     memset(state->ivec, 0, 8);
1032     }
1033    
1034    
1035     //
1036     // SSH2�p�A���S���Y����������
1037     //
1038     // for SSH2(yutaka)
1039     //
1040 maya 3003 void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1041     const u_char *key, u_int keylen,
1042     const u_char *iv, u_int ivlen,
1043     int encrypt,
1044 maya 3043 const EVP_CIPHER *(*func)(void),
1045     PTInstVar pvar)
1046 yutakakn 2728 {
1047     EVP_CIPHER *type;
1048     int klen;
1049 maya 3043 char tmp[80];
1050 yutakakn 2728
1051     type = (EVP_CIPHER *)func();
1052    
1053     EVP_CIPHER_CTX_init(evp);
1054     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1055 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1056     "Cipher initialize error(%d)");
1057     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1058     notify_fatal_error(pvar, tmp);
1059     return;
1060 yutakakn 2728 }
1061    
1062     klen = EVP_CIPHER_CTX_key_length(evp);
1063     if (klen > 0 && keylen != klen) {
1064     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1065 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1066     "Cipher initialize error(%d)");
1067     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1068     notify_fatal_error(pvar, tmp);
1069     return;
1070 yutakakn 2728 }
1071     }
1072     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1073 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1074     "Cipher initialize error(%d)");
1075     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1076     notify_fatal_error(pvar, tmp);
1077     return;
1078 yutakakn 2728 }
1079     }
1080    
1081    
1082     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1083     {
1084     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1085     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1086     BOOL isOK = TRUE;
1087    
1088     if (sender_flag) {
1089     switch (pvar->crypt_state.sender_cipher) {
1090     // for SSH2(yutaka)
1091 maya 3045 case SSH2_CIPHER_3DES_CBC:
1092 yutakakn 2728 {
1093     struct Enc *enc;
1094    
1095     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1096 maya 3003 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1097 maya 3036 enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1098     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1099 maya 3003 CIPHER_ENCRYPT,
1100 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1101     pvar);
1102 yutakakn 2728
1103 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1104     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1105 yutakakn 2728
1106     pvar->crypt_state.encrypt = c3DES_CBC_encrypt;
1107     break;
1108     }
1109    
1110     // for SSH2(yutaka)
1111 maya 3045 case SSH2_CIPHER_AES128:
1112     case SSH2_CIPHER_AES192:
1113     case SSH2_CIPHER_AES256:
1114 yutakakn 2728 {
1115     struct Enc *enc;
1116    
1117     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1118 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1119     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1120     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1121 maya 3003 CIPHER_ENCRYPT,
1122 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1123     pvar);
1124 yutakakn 2728
1125 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1126     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1127 yutakakn 2728
1128     pvar->crypt_state.encrypt = cAES128_encrypt;
1129     break;
1130     }
1131    
1132 maya 3045 case SSH2_CIPHER_BLOWFISH:
1133     {
1134     struct Enc *enc;
1135    
1136     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1137     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1138     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1139     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1140     CIPHER_ENCRYPT,
1141     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1142     pvar);
1143    
1144     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1145     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1146    
1147     pvar->crypt_state.encrypt = cBlowfish_encrypt2;
1148     break;
1149     }
1150    
1151 yutakakn 2728 case SSH_CIPHER_3DES:{
1152     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1153     pvar->crypt_state.encrypt = c3DES_encrypt;
1154     break;
1155     }
1156     case SSH_CIPHER_IDEA:{
1157     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1158     pvar->crypt_state.encrypt = cIDEA_encrypt;
1159     break;
1160     }
1161     case SSH_CIPHER_DES:{
1162     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1163     pvar->crypt_state.encrypt = cDES_encrypt;
1164     break;
1165     }
1166     case SSH_CIPHER_RC4:{
1167     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1168     encryption_key + 16);
1169     pvar->crypt_state.encrypt = cRC4_encrypt;
1170     break;
1171     }
1172     case SSH_CIPHER_BLOWFISH:{
1173     cBlowfish_init(encryption_key,
1174 maya 3003 &pvar->crypt_state.enc.cBlowfish);
1175 yutakakn 2728 pvar->crypt_state.encrypt = cBlowfish_encrypt;
1176     break;
1177     }
1178     default:
1179     isOK = FALSE;
1180     }
1181     }
1182    
1183    
1184     if (receiver_flag) {
1185     switch (pvar->crypt_state.receiver_cipher) {
1186     // for SSH2(yutaka)
1187 maya 3045 case SSH2_CIPHER_3DES_CBC:
1188 yutakakn 2728 {
1189     struct Enc *enc;
1190    
1191     enc = &pvar->ssh2_keys[MODE_IN].enc;
1192 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1193     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1194     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1195 maya 3003 CIPHER_DECRYPT,
1196 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1197     pvar);
1198 yutakakn 2728
1199 maya 3045 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1200     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1201 yutakakn 2728
1202     pvar->crypt_state.decrypt = c3DES_CBC_decrypt;
1203     break;
1204     }
1205    
1206     // for SSH2(yutaka)
1207 maya 3045 case SSH2_CIPHER_AES128:
1208     case SSH2_CIPHER_AES192:
1209     case SSH2_CIPHER_AES256:
1210 yutakakn 2728 {
1211     struct Enc *enc;
1212    
1213     enc = &pvar->ssh2_keys[MODE_IN].enc;
1214 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1215     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1216     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1217 maya 3003 CIPHER_DECRYPT,
1218 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1219     pvar);
1220 yutakakn 2728
1221 maya 3045 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1222     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1223 yutakakn 2728
1224     pvar->crypt_state.decrypt = cAES128_decrypt;
1225     break;
1226     }
1227    
1228 maya 3045 case SSH2_CIPHER_BLOWFISH:
1229     {
1230     struct Enc *enc;
1231    
1232     enc = &pvar->ssh2_keys[MODE_IN].enc;
1233     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1234     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1235     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1236     CIPHER_DECRYPT,
1237     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1238     pvar);
1239    
1240     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1241     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1242    
1243     pvar->crypt_state.decrypt = cBlowfish_decrypt2;
1244     break;
1245     }
1246    
1247 yutakakn 2728 case SSH_CIPHER_3DES:{
1248     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1249     pvar->crypt_state.decrypt = c3DES_decrypt;
1250     break;
1251     }
1252     case SSH_CIPHER_IDEA:{
1253     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1254     pvar->crypt_state.decrypt = cIDEA_decrypt;
1255     break;
1256     }
1257     case SSH_CIPHER_DES:{
1258     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1259     pvar->crypt_state.decrypt = cDES_decrypt;
1260     break;
1261     }
1262     case SSH_CIPHER_RC4:{
1263     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1264     pvar->crypt_state.decrypt = cRC4_decrypt;
1265     break;
1266     }
1267     case SSH_CIPHER_BLOWFISH:{
1268     cBlowfish_init(decryption_key,
1269 maya 3003 &pvar->crypt_state.dec.cBlowfish);
1270 yutakakn 2728 pvar->crypt_state.decrypt = cBlowfish_decrypt;
1271     break;
1272     }
1273     default:
1274     isOK = FALSE;
1275     }
1276     }
1277    
1278    
1279     if (!isOK) {
1280 maya 2994 UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1281 maya 3003 "No cipher selected!");
1282 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1283 yutakakn 2728 return FALSE;
1284     } else {
1285     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1286     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1287     return TRUE;
1288     }
1289     }
1290    
1291     void CRYPT_init(PTInstVar pvar)
1292     {
1293     pvar->crypt_state.encrypt = no_encrypt;
1294     pvar->crypt_state.decrypt = no_encrypt;
1295     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1296     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1297     pvar->crypt_state.server_key.RSA_key = NULL;
1298     pvar->crypt_state.host_key.RSA_key = NULL;
1299    
1300     pvar->crypt_state.detect_attack_statics.h = NULL;
1301     pvar->crypt_state.detect_attack_statics.n =
1302     HASH_MINSIZE / HASH_ENTRYSIZE;
1303     }
1304    
1305     static char FAR *get_cipher_name(int cipher)
1306     {
1307     switch (cipher) {
1308     case SSH_CIPHER_NONE:
1309     return "None";
1310     case SSH_CIPHER_3DES:
1311     return "3DES (168 key bits)";
1312     case SSH_CIPHER_DES:
1313     return "DES (56 key bits)";
1314     case SSH_CIPHER_IDEA:
1315     return "IDEA (128 key bits)";
1316     case SSH_CIPHER_RC4:
1317     return "RC4 (128 key bits)";
1318     case SSH_CIPHER_BLOWFISH:
1319     return "Blowfish (256 key bits)";
1320    
1321     // SSH2
1322 maya 3045 case SSH2_CIPHER_3DES_CBC:
1323 yutakakn 2728 return "3DES-CBC";
1324 maya 3045 case SSH2_CIPHER_AES128:
1325 yutakakn 2728 return "AES128";
1326 maya 3045 case SSH2_CIPHER_AES192:
1327 maya 3039 return "AES192";
1328 maya 3045 case SSH2_CIPHER_AES256:
1329 maya 3036 return "AES256";
1330 maya 3045 case SSH2_CIPHER_BLOWFISH:
1331     return "Blowfish";
1332 yutakakn 2728
1333     default:
1334     return "Unknown";
1335     }
1336     }
1337    
1338     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1339     {
1340 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1341 maya 3003 "%s to server, %s from server");
1342 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1343 maya 3003 get_cipher_name(pvar->crypt_state.sender_cipher),
1344     get_cipher_name(pvar->crypt_state.receiver_cipher));
1345 yutakakn 2728 }
1346    
1347     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1348     {
1349     if (SSHv1(pvar)) {
1350     if (pvar->crypt_state.server_key.RSA_key == NULL
1351 maya 3003 || pvar->crypt_state.host_key.RSA_key == NULL) {
1352 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1353 maya 2992 strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1354 yutakakn 2728 } else {
1355 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1356 maya 3003 "%d-bit server key, %d-bit host key");
1357 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1358 maya 3003 BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1359     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1360 yutakakn 2728 }
1361     } else { // SSH2
1362 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1363 maya 3003 "%d-bit server key, %d-bit host key");
1364 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1365 maya 3003 pvar->server_key_bits,
1366     pvar->client_key_bits);
1367 yutakakn 2728 }
1368     }
1369    
1370     static void destroy_public_key(CRYPTPublicKey FAR * key)
1371     {
1372     if (key->RSA_key != NULL) {
1373     RSA_free(key->RSA_key);
1374     key->RSA_key = NULL;
1375     }
1376     }
1377    
1378     void CRYPT_free_public_key(CRYPTPublicKey FAR * key)
1379     {
1380     destroy_public_key(key);
1381     free(key);
1382     }
1383    
1384     void CRYPT_end(PTInstVar pvar)
1385     {
1386     destroy_public_key(&pvar->crypt_state.host_key);
1387     destroy_public_key(&pvar->crypt_state.server_key);
1388    
1389     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1390     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1391 maya 3003 pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1392 yutakakn 2728 free(pvar->crypt_state.detect_attack_statics.h);
1393     }
1394    
1395     memset(pvar->crypt_state.sender_cipher_key, 0,
1396 maya 3003 sizeof(pvar->crypt_state.sender_cipher_key));
1397 yutakakn 2728 memset(pvar->crypt_state.receiver_cipher_key, 0,
1398 maya 3003 sizeof(pvar->crypt_state.receiver_cipher_key));
1399 yutakakn 2728 memset(pvar->crypt_state.server_cookie, 0,
1400 maya 3003 sizeof(pvar->crypt_state.server_cookie));
1401 yutakakn 2728 memset(pvar->crypt_state.client_cookie, 0,
1402 maya 3003 sizeof(pvar->crypt_state.client_cookie));
1403 yutakakn 2728 memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1404     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1405     }
1406    
1407     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1408 maya 3003 char FAR * buf, int bytes)
1409 yutakakn 2728 {
1410     unsigned char passphrase_key[16];
1411    
1412     MD5(passphrase, strlen(passphrase), passphrase_key);
1413    
1414     switch (cipher) {
1415     case SSH_CIPHER_3DES:{
1416     Cipher3DESState state;
1417    
1418     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1419 maya 3003 &state.k1);
1420 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1421 maya 3003 &state.k2);
1422 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) passphrase_key,
1423 maya 3003 &state.k3);
1424 yutakakn 2728 memset(state.ivec1, 0, 8);
1425     memset(state.ivec2, 0, 8);
1426     memset(state.ivec3, 0, 8);
1427     DES_ncbc_encrypt(buf, buf, bytes,
1428 maya 3003 &state.k3, &state.ivec3, DES_DECRYPT);
1429 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1430 maya 3003 &state.k2, &state.ivec2, DES_ENCRYPT);
1431 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1432 maya 3003 &state.k1, &state.ivec1, DES_DECRYPT);
1433 yutakakn 2728 break;
1434     }
1435    
1436     case SSH_CIPHER_IDEA:{
1437     CipherIDEAState state;
1438     int num = 0;
1439    
1440     cIDEA_init(passphrase_key, &state);
1441     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1442 maya 3003 &num, IDEA_DECRYPT);
1443 yutakakn 2728 break;
1444     }
1445    
1446     case SSH_CIPHER_DES:{
1447     CipherDESState state;
1448    
1449     cDES_init(passphrase_key, &state);
1450     DES_ncbc_encrypt(buf, buf, bytes,
1451 maya 3003 &state.k, &state.ivec, DES_DECRYPT);
1452 yutakakn 2728 break;
1453     }
1454    
1455     case SSH_CIPHER_RC4:{
1456     CipherRC4State state;
1457     int num = 0;
1458    
1459     RC4_set_key(&state.k, 16, passphrase_key);
1460     RC4(&state.k, bytes, buf, buf);
1461     break;
1462     }
1463    
1464     case SSH_CIPHER_BLOWFISH:{
1465     CipherBlowfishState state;
1466    
1467     BF_set_key(&state.k, 16, passphrase_key);
1468     memset(state.ivec, 0, 8);
1469     flip_endianness(buf, bytes);
1470     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1471     BF_DECRYPT);
1472     flip_endianness(buf, bytes);
1473     break;
1474     }
1475    
1476     case SSH_CIPHER_NONE:
1477     break;
1478    
1479     default:
1480     memset(passphrase_key, 0, sizeof(passphrase_key));
1481     return 0;
1482     }
1483    
1484     memset(passphrase_key, 0, sizeof(passphrase_key));
1485     return 1;
1486     }
1487    
1488     void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair)
1489     {
1490 yutakakn 2762 if (key_pair->RSA_key != NULL)
1491     RSA_free(key_pair->RSA_key);
1492    
1493     if (key_pair->DSA_key != NULL)
1494     DSA_free(key_pair->DSA_key);
1495    
1496 yutakakn 2728 free(key_pair);
1497     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help