Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3046 - (hide annotations) (download) (as text)
Thu Oct 18 07:56:33 2007 UTC (16 years, 5 months ago) by maya
Original Path: ttssh2/trunk/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 45049 byte(s) 
暗号化/復号するパケットがブロックサイズの倍数か確認するようにした。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40 yutakakn 2831 #include <openssl/dsa.h>
41 yutakakn 2728 #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51 maya 3046 * $Id: crypt.c,v 1.17 2007-10-18 07:56:33 maya Exp $ Cryptographic attack
52 yutakakn 2728 * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87 maya 3003 uint32 len, unsigned char FAR * IV)
88 yutakakn 2728 {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116 maya 3003 unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118 yutakakn 2728 {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191 maya 3003 int bytes)
192 yutakakn 2728 {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199 maya 3003 buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202 yutakakn 2728 default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204 maya 3003 buf, bytes, NULL) == DEATTACK_DETECTED;
205 yutakakn 2728 }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217 maya 3039 // ���O�������������������������������AAES192, AES256 ����
218 maya 3036 // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219 yutakakn 2728 static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220 maya 3003 int bytes)
221 yutakakn 2728 {
222     unsigned char *newbuf = malloc(bytes);
223     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
224    
225     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
226     if (bytes == 0)
227     return;
228    
229     if (newbuf == NULL)
230     return;
231    
232     if (bytes % block_size) {
233     char tmp[80];
234 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR1", pvar,
235 maya 3003 "AES128 encrypt error(1): bytes %d (%d)");
236 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
237 maya 3003 pvar->ts->UIMsg, bytes, block_size);
238 yutakakn 2728 notify_fatal_error(pvar, tmp);
239     goto error;
240     }
241    
242     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
243 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR2", pvar,
244 maya 3043 "AES128 encrypt error(2)");
245 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
246 maya 3043 goto error;
247 yutakakn 2728
248     } else {
249 maya 3046 //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
250     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
251     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
252     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
253    
254     //debug_print(50, key, 24);
255     //debug_print(51, iv, 8);
256     //debug_print(52, buf, bytes);
257     //debug_print(53, newbuf, bytes);
258    
259 maya 3045 memcpy(buf, newbuf, bytes);
260 yutakakn 2728 }
261    
262     error:
263     free(newbuf);
264     }
265    
266     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
267 maya 3003 int bytes)
268 yutakakn 2728 {
269     unsigned char *newbuf = malloc(bytes);
270     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
271    
272     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
273     if (bytes == 0)
274     return;
275    
276     if (newbuf == NULL)
277     return;
278    
279     if (bytes % block_size) {
280     char tmp[80];
281 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR1", pvar,
282 maya 3003 "AES128 decrypt error(1): bytes %d (%d)");
283 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
284 yutakakn 2728 notify_fatal_error(pvar, tmp);
285     goto error;
286     }
287    
288     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
289 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR2", pvar,
290 maya 3003 "AES128 decrypt error(2)");
291 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
292 maya 3043 goto error;
293 yutakakn 2728
294     } else {
295 maya 3046 //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
296     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
297     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
298     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
299    
300     //debug_print(70, key, AES128_KEYLEN);
301     //debug_print(71, iv, AES128_IVLEN);
302     //debug_print(72, buf, bytes);
303     //debug_print(73, newbuf, bytes);
304    
305 maya 3045 memcpy(buf, newbuf, bytes);
306 yutakakn 2728 }
307    
308 maya 3043 error:
309 yutakakn 2728 free(newbuf);
310     }
311    
312    
313    
314     // for SSH2(yutaka)
315     static void c3DES_CBC_encrypt(PTInstVar pvar, unsigned char FAR * buf,
316 maya 3003 int bytes)
317 yutakakn 2728 {
318     unsigned char *newbuf = malloc(bytes);
319 maya 3046 int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
320 yutakakn 2728
321 maya 3046 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
322     if (bytes == 0)
323     return;
324    
325 yutakakn 2728 if (newbuf == NULL)
326     return;
327    
328 maya 3046 if (bytes % block_size) {
329     char tmp[80];
330     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR1", pvar,
331     "3DES-CBC encrypt error(1): bytes %d (%d)");
332     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
333     pvar->ts->UIMsg, bytes, block_size);
334     notify_fatal_error(pvar, tmp);
335     goto error;
336     }
337    
338 maya 3043 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
339 maya 3046 UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR2", pvar,
340     "3DES-CBC encrypt error(2)");
341 maya 3043 notify_fatal_error(pvar, pvar->ts->UIMsg);
342     goto error;
343 yutakakn 2728
344     } else {
345 maya 3045 //unsigned char key[24], iv[8];
346 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
347 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
348 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
349 yutakakn 2728
350     //debug_print(50, key, 24);
351     //debug_print(51, iv, 8);
352     //debug_print(52, buf, bytes);
353     //debug_print(53, newbuf, bytes);
354    
355     memcpy(buf, newbuf, bytes);
356     }
357    
358 maya 3043 error:
359 yutakakn 2728 free(newbuf);
360     }
361    
362     static void c3DES_CBC_decrypt(PTInstVar pvar, unsigned char FAR * buf,
363 maya 3003 int bytes)
364 yutakakn 2728 {
365     unsigned char *newbuf = malloc(bytes);
366 maya 3046 int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
367 yutakakn 2728
368 maya 3046 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
369     if (bytes == 0)
370     return;
371    
372 yutakakn 2728 if (newbuf == NULL)
373     return;
374    
375 maya 3046 if (bytes % block_size) {
376     char tmp[80];
377     UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR1", pvar,
378     "3DES-CBC decrypt error(1): bytes %d (%d)");
379     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
380     notify_fatal_error(pvar, tmp);
381     goto error;
382     }
383    
384 yutakakn 2728 if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
385 maya 3046 UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR2", pvar,
386     "3DES-CBC decrypt error(2)");
387 maya 3043 notify_fatal_error(pvar, pvar->ts->UIMsg);
388     goto error;
389 yutakakn 2728
390     } else {
391 maya 3045 //unsigned char key[24], iv[8];
392 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
393 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
394 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
395 yutakakn 2728
396     //debug_print(70, key, 24);
397     //debug_print(71, iv, 8);
398     //debug_print(72, buf, bytes);
399     //debug_print(73, newbuf, bytes);
400    
401     memcpy(buf, newbuf, bytes);
402     }
403    
404 maya 3043 error:
405 yutakakn 2728 free(newbuf);
406     }
407    
408    
409 maya 3045 static void cBlowfish_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
410     int bytes)
411     {
412     unsigned char *newbuf = malloc(bytes);
413     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
414    
415     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
416     if (bytes == 0)
417     return;
418    
419     if (newbuf == NULL)
420     return;
421    
422 maya 3046 if (bytes % block_size) {
423     char tmp[80];
424     UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR1", pvar,
425     "Blowfish encrypt error(1): bytes %d (%d)");
426     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
427     pvar->ts->UIMsg, bytes, block_size);
428     notify_fatal_error(pvar, tmp);
429     goto error;
430     }
431    
432 maya 3045 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
433 maya 3046 UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR2", pvar,
434     "Blowfish encrypt error(2)");
435 maya 3045 notify_fatal_error(pvar, pvar->ts->UIMsg);
436     goto error;
437    
438     } else {
439     memcpy(buf, newbuf, bytes);
440    
441     }
442    
443     error:
444     free(newbuf);
445     }
446    
447     static void cBlowfish_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
448     int bytes)
449     {
450     unsigned char *newbuf = malloc(bytes);
451     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
452    
453     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
454     if (bytes == 0)
455     return;
456    
457     if (newbuf == NULL)
458     return;
459    
460 maya 3046 if (bytes % block_size) {
461     char tmp[80];
462     UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR1", pvar,
463     "Blowfish decrypt error(1): bytes %d (%d)");
464     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
465     notify_fatal_error(pvar, tmp);
466     goto error;
467     }
468    
469 maya 3045 if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
470 maya 3046 UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR2", pvar,
471     "Blowfish decrypt error(2)");
472 maya 3045 notify_fatal_error(pvar, pvar->ts->UIMsg);
473     goto error;
474    
475     } else {
476     memcpy(buf, newbuf, bytes);
477    
478     }
479    
480     error:
481     free(newbuf);
482     }
483    
484    
485    
486 yutakakn 2728 static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
487 maya 3003 int bytes)
488 yutakakn 2728 {
489     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
490    
491     DES_ncbc_encrypt(buf, buf, bytes,
492 maya 3003 &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
493 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
494 maya 3003 &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
495 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
496 maya 3003 &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
497 yutakakn 2728 }
498    
499     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
500 maya 3003 int bytes)
501 yutakakn 2728 {
502     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
503    
504     DES_ncbc_encrypt(buf, buf, bytes,
505 maya 3003 &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
506 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
507 maya 3003 &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
508 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
509 maya 3003 &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
510 yutakakn 2728 }
511    
512     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
513     int bytes)
514     {
515     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
516    
517     DES_ncbc_encrypt(buf, buf, bytes,
518 maya 3003 &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
519 yutakakn 2728 }
520    
521     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
522     int bytes)
523     {
524     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
525    
526     DES_ncbc_encrypt(buf, buf, bytes,
527 maya 3003 &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
528 yutakakn 2728 }
529    
530     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
531 maya 3003 int bytes)
532 yutakakn 2728 {
533     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
534     int num = 0;
535    
536     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
537 maya 3003 encryptstate->ivec, &num, IDEA_ENCRYPT);
538 yutakakn 2728 }
539    
540     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
541 maya 3003 int bytes)
542 yutakakn 2728 {
543     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
544     int num = 0;
545    
546     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
547 maya 3003 decryptstate->ivec, &num, IDEA_DECRYPT);
548 yutakakn 2728 }
549    
550     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
551     {
552     uint32 FAR *buf = (uint32 FAR *) cbuf;
553     int count = bytes / 4;
554    
555     while (count > 0) {
556     uint32 w = *buf;
557    
558     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
559 maya 3003 | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
560 yutakakn 2728 count--;
561     buf++;
562     }
563     }
564    
565     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
566 maya 3003 int bytes)
567 yutakakn 2728 {
568     CipherBlowfishState FAR *encryptstate =
569     &pvar->crypt_state.enc.cBlowfish;
570    
571     flip_endianness(buf, bytes);
572     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
573 maya 3003 BF_ENCRYPT);
574 yutakakn 2728 flip_endianness(buf, bytes);
575     }
576    
577     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
578 maya 3003 int bytes)
579 yutakakn 2728 {
580     CipherBlowfishState FAR *decryptstate =
581     &pvar->crypt_state.dec.cBlowfish;
582    
583     flip_endianness(buf, bytes);
584     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
585 maya 3003 BF_DECRYPT);
586 yutakakn 2728 flip_endianness(buf, bytes);
587     }
588    
589     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
590 maya 3003 int bytes)
591 yutakakn 2728 {
592     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
593     int num = 0;
594    
595     RC4(&encryptstate->k, bytes, buf, buf);
596     }
597    
598     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
599 maya 3003 int bytes)
600 yutakakn 2728 {
601     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
602     int num = 0;
603    
604     RC4(&decryptstate->k, bytes, buf, buf);
605     }
606    
607     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
608 maya 3003 int bytes)
609 yutakakn 2728 {
610     RAND_bytes(buf, bytes);
611     }
612    
613     void CRYPT_initialize_random_numbers(PTInstVar pvar)
614     {
615     RAND_screen();
616     }
617    
618     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
619     {
620     int bits = get_ushort16_MSBfirst(bytes);
621    
622     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
623     }
624    
625 yutakakn 2857 // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
626     RSA FAR *make_key(PTInstVar pvar,
627 maya 3003 int bits, unsigned char FAR * exp,
628     unsigned char FAR * mod)
629 yutakakn 2728 {
630     RSA FAR *key = RSA_new();
631    
632     if (key != NULL) {
633     key->e = get_bignum(exp);
634     key->n = get_bignum(mod);
635     }
636    
637     if (key == NULL || key->e == NULL || key->n == NULL) {
638 maya 2994 UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
639 maya 3003 "Error setting up RSA keys");
640 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
641 yutakakn 2728
642     if (key != NULL) {
643     if (key->e != NULL) {
644     BN_free(key->e);
645     }
646     if (key->n != NULL) {
647     BN_free(key->n);
648     }
649     RSA_free(key);
650     }
651    
652     return NULL;
653     } else {
654     return key;
655     }
656     }
657    
658     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
659     {
660     if (SSHv1(pvar)) {
661     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
662     } else {
663     memcpy(pvar->crypt_state.server_cookie, cookie,
664 maya 3003 SSH2_COOKIE_LENGTH);
665 yutakakn 2728 }
666     }
667    
668     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
669     {
670     if (SSHv2(pvar)) {
671     memcpy(pvar->crypt_state.client_cookie, cookie,
672 maya 3003 SSH2_COOKIE_LENGTH);
673 yutakakn 2728 }
674     }
675    
676     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
677 maya 3003 int bits, unsigned char FAR * exp,
678     unsigned char FAR * mod)
679 yutakakn 2728 {
680     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
681    
682     return pvar->crypt_state.server_key.RSA_key != NULL;
683     }
684    
685     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
686 maya 3003 int bits, unsigned char FAR * exp,
687     unsigned char FAR * mod)
688 yutakakn 2728 {
689     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
690    
691     return pvar->crypt_state.host_key.RSA_key != NULL;
692     }
693    
694     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
695 maya 3003 int receiver_ciphers)
696 yutakakn 2728 {
697     int cipher_mask;
698    
699     if (SSHv1(pvar)) {
700     cipher_mask = (1 << SSH_CIPHER_DES)
701 maya 3003 | (1 << SSH_CIPHER_3DES)
702     | (1 << SSH_CIPHER_BLOWFISH);
703 yutakakn 2728
704     } else { // for SSH2(yutaka)
705     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
706 maya 3045 cipher_mask = (1 << SSH2_CIPHER_3DES_CBC)
707     | (1 << SSH2_CIPHER_AES128)
708     | (1 << SSH2_CIPHER_BLOWFISH)
709     | (1 << SSH2_CIPHER_AES192)
710     | (1 << SSH2_CIPHER_AES256);
711 yutakakn 2728 }
712    
713     sender_ciphers &= cipher_mask;
714     receiver_ciphers &= cipher_mask;
715     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
716     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
717    
718     if (sender_ciphers == 0) {
719 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
720 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
721     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
722     "The connection will be closed.");
723 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
724 yutakakn 2728 return FALSE;
725     } else if (receiver_ciphers == 0) {
726 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
727 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
728     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
729     "The connection will be closed.");
730 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
731 yutakakn 2728 return FALSE;
732     } else {
733     return TRUE;
734     }
735     }
736    
737     int CRYPT_get_decryption_block_size(PTInstVar pvar)
738     {
739     if (SSHv1(pvar)) {
740     return 8;
741     } else {
742     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
743     // cf. 3DES=8, AES128=16
744     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
745     }
746     }
747    
748     int CRYPT_get_encryption_block_size(PTInstVar pvar)
749     {
750     if (SSHv1(pvar)) {
751     return 8;
752     } else {
753     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
754     // cf. 3DES=8, AES128=16
755     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
756     }
757     }
758    
759     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
760     {
761     struct Mac *mac;
762    
763     if (SSHv1(pvar)) {
764     return 0;
765    
766     } else { // for SSH2(yutaka)
767     mac = &pvar->ssh2_keys[MODE_IN].mac;
768     if (mac == NULL || mac->enabled == 0)
769     return 0;
770    
771     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
772     }
773    
774     }
775    
776 yutakakn 2757 // HMAC������
777     // ���{������ SSH2 �������g�p�������B
778     // (2004.12.17 yutaka)
779 yutakakn 2728 BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
780 maya 3003 char FAR * data, int len, char FAR * MAC)
781 yutakakn 2728 {
782 maya 3003 HMAC_CTX c;
783     unsigned char m[EVP_MAX_MD_SIZE];
784     unsigned char b[4];
785 yutakakn 2757 struct Mac *mac;
786    
787     mac = &pvar->ssh2_keys[MODE_IN].mac;
788    
789     // HMAC�������L���������������A����OK�����������B
790     if (mac == NULL || mac->enabled == 0)
791     return TRUE;
792    
793 maya 3003 if (mac->key == NULL)
794 yutakakn 2757 goto error;
795    
796 maya 3003 if ((u_int)mac->mac_len > sizeof(m))
797 yutakakn 2757 goto error;
798    
799 maya 3003 HMAC_Init(&c, mac->key, mac->key_len, mac->md);
800     set_uint32_MSBfirst(b, sequence_number);
801     HMAC_Update(&c, b, sizeof(b));
802     HMAC_Update(&c, data, len);
803     HMAC_Final(&c, m, NULL);
804     HMAC_cleanup(&c);
805 yutakakn 2757
806     if (memcmp(m, MAC, mac->mac_len)) {
807     goto error;
808     }
809    
810 yutakakn 2728 return TRUE;
811 yutakakn 2757
812     error:
813     return FALSE;
814 yutakakn 2728 }
815    
816     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
817     {
818     struct Mac *mac;
819    
820     if (SSHv2(pvar)) { // for SSH2(yutaka)
821     mac = &pvar->ssh2_keys[MODE_OUT].mac;
822     if (mac == NULL || mac->enabled == 0)
823     return 0;
824    
825     return (mac->mac_len);
826     }
827    
828     return 0;
829     }
830    
831     // for SSH2
832     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
833 maya 3003 char FAR * data, int len, char FAR * MAC)
834 yutakakn 2728 {
835 maya 3003 HMAC_CTX c;
836     static u_char m[EVP_MAX_MD_SIZE];
837 yutakakn 2728 u_char b[4];
838     struct Mac *mac;
839    
840     if (SSHv2(pvar)) { // for SSH2(yutaka)
841     mac = &pvar->ssh2_keys[MODE_OUT].mac;
842     if (mac == NULL || mac->enabled == 0)
843     return FALSE;
844 maya 3003
845     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
846 yutakakn 2728 set_uint32_MSBfirst(b, sequence_number);
847     HMAC_Update(&c, b, sizeof(b));
848     HMAC_Update(&c, data, len);
849     HMAC_Final(&c, m, NULL);
850     HMAC_cleanup(&c);
851    
852     // 20�o�C�g�������R�s�[
853     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
854     // memcpy(MAC, m, sizeof(m));
855    
856     return TRUE;
857     }
858    
859     return TRUE;
860    
861     }
862    
863     static int choose_cipher(PTInstVar pvar, int supported)
864     {
865     int i;
866    
867     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
868     int cipher = pvar->session_settings.CipherOrder[i] - '0';
869    
870     if (cipher == SSH_CIPHER_NONE) {
871     break;
872     } else if ((supported & (1 << cipher)) != 0) {
873     return cipher;
874     }
875     }
876    
877     return SSH_CIPHER_NONE;
878     }
879    
880     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
881     {
882     if (SSHv1(pvar)) {
883     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
884 maya 3003 pvar->crypt_state.
885     supported_sender_ciphers);
886 yutakakn 2728 pvar->crypt_state.receiver_cipher =
887     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
888    
889     } else { // SSH2(yutaka)
890     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
891     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
892    
893     }
894    
895     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
896     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
897 maya 2994 UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
898 maya 3003 "All the encryption algorithms that this program and the server both understand have been disabled.\n"
899     "To communicate with this server, you will have to enable some more ciphers\n"
900     "in the TTSSH Setup dialog box when you run Teraterm again.\n"
901     "This connection will now close.");
902 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
903 yutakakn 2728 return FALSE;
904     } else {
905     return TRUE;
906     }
907     }
908    
909     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
910     {
911     int server_key_bits =
912     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
913     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
914     int server_key_bytes = (server_key_bits + 7) / 8;
915     int host_key_bytes = (host_key_bits + 7) / 8;
916    
917     if (server_key_bits < host_key_bits) {
918     return host_key_bytes;
919     } else {
920     return server_key_bytes;
921     }
922     }
923    
924     int CRYPT_choose_session_key(PTInstVar pvar,
925 maya 3003 unsigned char FAR * encrypted_key_buf)
926 yutakakn 2728 {
927     int server_key_bits =
928     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
929     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
930     int server_key_bytes = (server_key_bits + 7) / 8;
931     int host_key_bytes = (host_key_bits + 7) / 8;
932     int encrypted_key_bytes;
933     int bit_delta;
934    
935     if (server_key_bits < host_key_bits) {
936     encrypted_key_bytes = host_key_bytes;
937     bit_delta = host_key_bits - server_key_bits;
938     } else {
939     encrypted_key_bytes = server_key_bytes;
940     bit_delta = server_key_bits - host_key_bits;
941     }
942    
943     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
944 maya 2994 UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
945 maya 3003 "Server RSA keys are too weak. A secure connection cannot be established.");
946 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
947 yutakakn 2728 return 0;
948     } else {
949     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
950     for the session ID, rather than the one specified in the RFC */
951     int session_buf_len = server_key_bytes + host_key_bytes + 8;
952     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
953     char session_id[16];
954     int i;
955    
956     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
957     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
958 maya 3003 session_buf + host_key_bytes);
959 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
960 maya 3003 pvar->crypt_state.server_cookie, 8);
961 yutakakn 2728 MD5(session_buf, session_buf_len, session_id);
962    
963     free(session_buf);
964    
965     RAND_bytes(pvar->crypt_state.sender_cipher_key,
966 maya 3003 SSH_SESSION_KEY_LENGTH);
967 yutakakn 2728 memcpy(pvar->crypt_state.receiver_cipher_key,
968 maya 3003 pvar->crypt_state.sender_cipher_key,
969     SSH_SESSION_KEY_LENGTH);
970 yutakakn 2728
971     memcpy(encrypted_key_buf + encrypted_key_bytes -
972 maya 3003 SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
973     SSH_SESSION_KEY_LENGTH);
974 yutakakn 2728 for (i = 0; i < sizeof(session_id); i++) {
975     encrypted_key_buf[encrypted_key_bytes -
976 maya 3003 SSH_SESSION_KEY_LENGTH + i]
977 yutakakn 2728 ^= session_id[i];
978     }
979    
980     if (host_key_bits > server_key_bits) {
981     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
982 maya 3003 encrypted_key_buf +
983     encrypted_key_bytes -
984     SSH_SESSION_KEY_LENGTH,
985     encrypted_key_buf +
986     encrypted_key_bytes - server_key_bytes,
987     pvar->crypt_state.server_key.RSA_key,
988     RSA_PKCS1_PADDING) < 0)
989 yutakakn 2728 return 0;
990    
991     if (RSA_public_encrypt(server_key_bytes,
992 maya 3003 encrypted_key_buf +
993     encrypted_key_bytes - server_key_bytes,
994     encrypted_key_buf,
995     pvar->crypt_state.host_key.RSA_key,
996     RSA_PKCS1_PADDING) < 0)
997 yutakakn 2728 return 0;
998     } else {
999     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1000 maya 3003 encrypted_key_buf +
1001     encrypted_key_bytes -
1002     SSH_SESSION_KEY_LENGTH,
1003     encrypted_key_buf +
1004     encrypted_key_bytes - host_key_bytes,
1005     pvar->crypt_state.host_key.RSA_key,
1006     RSA_PKCS1_PADDING) < 0)
1007 yutakakn 2728 return 0;
1008    
1009     if (RSA_public_encrypt(host_key_bytes,
1010 maya 3003 encrypted_key_buf +
1011     encrypted_key_bytes - host_key_bytes,
1012     encrypted_key_buf,
1013     pvar->crypt_state.server_key.RSA_key,
1014     RSA_PKCS1_PADDING) < 0)
1015 yutakakn 2728 return 0;
1016     }
1017     }
1018    
1019     return 1;
1020     }
1021    
1022     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
1023 maya 3003 unsigned char FAR * challenge,
1024     int challenge_len,
1025     unsigned char FAR * response)
1026 yutakakn 2728 {
1027     int server_key_bits =
1028     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1029     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1030     int server_key_bytes = (server_key_bits + 7) / 8;
1031     int host_key_bytes = (host_key_bits + 7) / 8;
1032     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1033     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1034     char decrypted_challenge[48];
1035     int decrypted_challenge_len;
1036    
1037     decrypted_challenge_len =
1038     RSA_private_decrypt(challenge_len, challenge, challenge,
1039 maya 3003 AUTH_get_cur_cred(pvar)->key_pair->RSA_key,
1040     RSA_PKCS1_PADDING);
1041 yutakakn 2728 if (decrypted_challenge_len < 0) {
1042     free(session_buf);
1043     return 0;
1044     }
1045     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
1046     memcpy(decrypted_challenge,
1047 maya 3003 challenge + decrypted_challenge_len -
1048     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
1049 yutakakn 2728 } else {
1050     memset(decrypted_challenge, 0,
1051 maya 3003 SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
1052 yutakakn 2728 memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
1053 maya 3003 decrypted_challenge_len, challenge,
1054     decrypted_challenge_len);
1055 yutakakn 2728 }
1056    
1057     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1058     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1059 maya 3003 session_buf + host_key_bytes);
1060 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
1061 maya 3003 pvar->crypt_state.server_cookie, 8);
1062 yutakakn 2728 MD5(session_buf, session_buf_len, decrypted_challenge + 32);
1063    
1064     free(session_buf);
1065    
1066     MD5(decrypted_challenge, 48, response);
1067    
1068     return 1;
1069     }
1070    
1071     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1072     {
1073     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1074     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1075     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1076     memset(state->ivec1, 0, 8);
1077     memset(state->ivec2, 0, 8);
1078     memset(state->ivec3, 0, 8);
1079     }
1080    
1081     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1082     {
1083     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1084     memset(state->ivec, 0, 8);
1085     }
1086    
1087     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1088     {
1089     idea_set_encrypt_key(session_key, &state->k);
1090     memset(state->ivec, 0, 8);
1091     }
1092    
1093     static void cBlowfish_init(char FAR * session_key,
1094 maya 3003 CipherBlowfishState FAR * state)
1095 yutakakn 2728 {
1096     BF_set_key(&state->k, 32, session_key);
1097     memset(state->ivec, 0, 8);
1098     }
1099    
1100    
1101     //
1102     // SSH2�p�A���S���Y����������
1103     //
1104     // for SSH2(yutaka)
1105     //
1106 maya 3003 void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1107     const u_char *key, u_int keylen,
1108     const u_char *iv, u_int ivlen,
1109     int encrypt,
1110 maya 3043 const EVP_CIPHER *(*func)(void),
1111     PTInstVar pvar)
1112 yutakakn 2728 {
1113     EVP_CIPHER *type;
1114     int klen;
1115 maya 3043 char tmp[80];
1116 yutakakn 2728
1117     type = (EVP_CIPHER *)func();
1118    
1119     EVP_CIPHER_CTX_init(evp);
1120     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1121 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1122     "Cipher initialize error(%d)");
1123     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1124     notify_fatal_error(pvar, tmp);
1125     return;
1126 yutakakn 2728 }
1127    
1128     klen = EVP_CIPHER_CTX_key_length(evp);
1129     if (klen > 0 && keylen != klen) {
1130     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1131 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1132     "Cipher initialize error(%d)");
1133     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1134     notify_fatal_error(pvar, tmp);
1135     return;
1136 yutakakn 2728 }
1137     }
1138     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1139 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1140     "Cipher initialize error(%d)");
1141     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1142     notify_fatal_error(pvar, tmp);
1143     return;
1144 yutakakn 2728 }
1145     }
1146    
1147    
1148     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1149     {
1150     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1151     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1152     BOOL isOK = TRUE;
1153    
1154     if (sender_flag) {
1155     switch (pvar->crypt_state.sender_cipher) {
1156     // for SSH2(yutaka)
1157 maya 3045 case SSH2_CIPHER_3DES_CBC:
1158 yutakakn 2728 {
1159     struct Enc *enc;
1160    
1161     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1162 maya 3003 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1163 maya 3036 enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1164     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1165 maya 3003 CIPHER_ENCRYPT,
1166 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1167     pvar);
1168 yutakakn 2728
1169 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1170     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1171 yutakakn 2728
1172     pvar->crypt_state.encrypt = c3DES_CBC_encrypt;
1173     break;
1174     }
1175    
1176     // for SSH2(yutaka)
1177 maya 3045 case SSH2_CIPHER_AES128:
1178     case SSH2_CIPHER_AES192:
1179     case SSH2_CIPHER_AES256:
1180 yutakakn 2728 {
1181     struct Enc *enc;
1182    
1183     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1184 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1185     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1186     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1187 maya 3003 CIPHER_ENCRYPT,
1188 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1189     pvar);
1190 yutakakn 2728
1191 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1192     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1193 yutakakn 2728
1194     pvar->crypt_state.encrypt = cAES128_encrypt;
1195     break;
1196     }
1197    
1198 maya 3045 case SSH2_CIPHER_BLOWFISH:
1199     {
1200     struct Enc *enc;
1201    
1202     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1203     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1204     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1205     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1206     CIPHER_ENCRYPT,
1207     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1208     pvar);
1209    
1210     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1211     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1212    
1213     pvar->crypt_state.encrypt = cBlowfish_encrypt2;
1214     break;
1215     }
1216    
1217 yutakakn 2728 case SSH_CIPHER_3DES:{
1218     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1219     pvar->crypt_state.encrypt = c3DES_encrypt;
1220     break;
1221     }
1222     case SSH_CIPHER_IDEA:{
1223     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1224     pvar->crypt_state.encrypt = cIDEA_encrypt;
1225     break;
1226     }
1227     case SSH_CIPHER_DES:{
1228     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1229     pvar->crypt_state.encrypt = cDES_encrypt;
1230     break;
1231     }
1232     case SSH_CIPHER_RC4:{
1233     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1234     encryption_key + 16);
1235     pvar->crypt_state.encrypt = cRC4_encrypt;
1236     break;
1237     }
1238     case SSH_CIPHER_BLOWFISH:{
1239     cBlowfish_init(encryption_key,
1240 maya 3003 &pvar->crypt_state.enc.cBlowfish);
1241 yutakakn 2728 pvar->crypt_state.encrypt = cBlowfish_encrypt;
1242     break;
1243     }
1244     default:
1245     isOK = FALSE;
1246     }
1247     }
1248    
1249    
1250     if (receiver_flag) {
1251     switch (pvar->crypt_state.receiver_cipher) {
1252     // for SSH2(yutaka)
1253 maya 3045 case SSH2_CIPHER_3DES_CBC:
1254 yutakakn 2728 {
1255     struct Enc *enc;
1256    
1257     enc = &pvar->ssh2_keys[MODE_IN].enc;
1258 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1259     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1260     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1261 maya 3003 CIPHER_DECRYPT,
1262 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1263     pvar);
1264 yutakakn 2728
1265 maya 3045 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1266     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1267 yutakakn 2728
1268     pvar->crypt_state.decrypt = c3DES_CBC_decrypt;
1269     break;
1270     }
1271    
1272     // for SSH2(yutaka)
1273 maya 3045 case SSH2_CIPHER_AES128:
1274     case SSH2_CIPHER_AES192:
1275     case SSH2_CIPHER_AES256:
1276 yutakakn 2728 {
1277     struct Enc *enc;
1278    
1279     enc = &pvar->ssh2_keys[MODE_IN].enc;
1280 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1281     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1282     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1283 maya 3003 CIPHER_DECRYPT,
1284 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1285     pvar);
1286 yutakakn 2728
1287 maya 3045 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1288     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1289 yutakakn 2728
1290     pvar->crypt_state.decrypt = cAES128_decrypt;
1291     break;
1292     }
1293    
1294 maya 3045 case SSH2_CIPHER_BLOWFISH:
1295     {
1296     struct Enc *enc;
1297    
1298     enc = &pvar->ssh2_keys[MODE_IN].enc;
1299     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1300     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1301     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1302     CIPHER_DECRYPT,
1303     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1304     pvar);
1305    
1306     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1307     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1308    
1309     pvar->crypt_state.decrypt = cBlowfish_decrypt2;
1310     break;
1311     }
1312    
1313 yutakakn 2728 case SSH_CIPHER_3DES:{
1314     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1315     pvar->crypt_state.decrypt = c3DES_decrypt;
1316     break;
1317     }
1318     case SSH_CIPHER_IDEA:{
1319     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1320     pvar->crypt_state.decrypt = cIDEA_decrypt;
1321     break;
1322     }
1323     case SSH_CIPHER_DES:{
1324     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1325     pvar->crypt_state.decrypt = cDES_decrypt;
1326     break;
1327     }
1328     case SSH_CIPHER_RC4:{
1329     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1330     pvar->crypt_state.decrypt = cRC4_decrypt;
1331     break;
1332     }
1333     case SSH_CIPHER_BLOWFISH:{
1334     cBlowfish_init(decryption_key,
1335 maya 3003 &pvar->crypt_state.dec.cBlowfish);
1336 yutakakn 2728 pvar->crypt_state.decrypt = cBlowfish_decrypt;
1337     break;
1338     }
1339     default:
1340     isOK = FALSE;
1341     }
1342     }
1343    
1344    
1345     if (!isOK) {
1346 maya 2994 UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1347 maya 3003 "No cipher selected!");
1348 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1349 yutakakn 2728 return FALSE;
1350     } else {
1351     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1352     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1353     return TRUE;
1354     }
1355     }
1356    
1357     void CRYPT_init(PTInstVar pvar)
1358     {
1359     pvar->crypt_state.encrypt = no_encrypt;
1360     pvar->crypt_state.decrypt = no_encrypt;
1361     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1362     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1363     pvar->crypt_state.server_key.RSA_key = NULL;
1364     pvar->crypt_state.host_key.RSA_key = NULL;
1365    
1366     pvar->crypt_state.detect_attack_statics.h = NULL;
1367     pvar->crypt_state.detect_attack_statics.n =
1368     HASH_MINSIZE / HASH_ENTRYSIZE;
1369     }
1370    
1371     static char FAR *get_cipher_name(int cipher)
1372     {
1373     switch (cipher) {
1374     case SSH_CIPHER_NONE:
1375     return "None";
1376     case SSH_CIPHER_3DES:
1377     return "3DES (168 key bits)";
1378     case SSH_CIPHER_DES:
1379     return "DES (56 key bits)";
1380     case SSH_CIPHER_IDEA:
1381     return "IDEA (128 key bits)";
1382     case SSH_CIPHER_RC4:
1383     return "RC4 (128 key bits)";
1384     case SSH_CIPHER_BLOWFISH:
1385     return "Blowfish (256 key bits)";
1386    
1387     // SSH2
1388 maya 3045 case SSH2_CIPHER_3DES_CBC:
1389 yutakakn 2728 return "3DES-CBC";
1390 maya 3045 case SSH2_CIPHER_AES128:
1391 yutakakn 2728 return "AES128";
1392 maya 3045 case SSH2_CIPHER_AES192:
1393 maya 3039 return "AES192";
1394 maya 3045 case SSH2_CIPHER_AES256:
1395 maya 3036 return "AES256";
1396 maya 3045 case SSH2_CIPHER_BLOWFISH:
1397     return "Blowfish";
1398 yutakakn 2728
1399     default:
1400     return "Unknown";
1401     }
1402     }
1403    
1404     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1405     {
1406 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1407 maya 3003 "%s to server, %s from server");
1408 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1409 maya 3003 get_cipher_name(pvar->crypt_state.sender_cipher),
1410     get_cipher_name(pvar->crypt_state.receiver_cipher));
1411 yutakakn 2728 }
1412    
1413     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1414     {
1415     if (SSHv1(pvar)) {
1416     if (pvar->crypt_state.server_key.RSA_key == NULL
1417 maya 3003 || pvar->crypt_state.host_key.RSA_key == NULL) {
1418 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1419 maya 2992 strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1420 yutakakn 2728 } else {
1421 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1422 maya 3003 "%d-bit server key, %d-bit host key");
1423 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1424 maya 3003 BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1425     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1426 yutakakn 2728 }
1427     } else { // SSH2
1428 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1429 maya 3003 "%d-bit server key, %d-bit host key");
1430 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1431 maya 3003 pvar->server_key_bits,
1432     pvar->client_key_bits);
1433 yutakakn 2728 }
1434     }
1435    
1436     static void destroy_public_key(CRYPTPublicKey FAR * key)
1437     {
1438     if (key->RSA_key != NULL) {
1439     RSA_free(key->RSA_key);
1440     key->RSA_key = NULL;
1441     }
1442     }
1443    
1444     void CRYPT_free_public_key(CRYPTPublicKey FAR * key)
1445     {
1446     destroy_public_key(key);
1447     free(key);
1448     }
1449    
1450     void CRYPT_end(PTInstVar pvar)
1451     {
1452     destroy_public_key(&pvar->crypt_state.host_key);
1453     destroy_public_key(&pvar->crypt_state.server_key);
1454    
1455     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1456     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1457 maya 3003 pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1458 yutakakn 2728 free(pvar->crypt_state.detect_attack_statics.h);
1459     }
1460    
1461     memset(pvar->crypt_state.sender_cipher_key, 0,
1462 maya 3003 sizeof(pvar->crypt_state.sender_cipher_key));
1463 yutakakn 2728 memset(pvar->crypt_state.receiver_cipher_key, 0,
1464 maya 3003 sizeof(pvar->crypt_state.receiver_cipher_key));
1465 yutakakn 2728 memset(pvar->crypt_state.server_cookie, 0,
1466 maya 3003 sizeof(pvar->crypt_state.server_cookie));
1467 yutakakn 2728 memset(pvar->crypt_state.client_cookie, 0,
1468 maya 3003 sizeof(pvar->crypt_state.client_cookie));
1469 yutakakn 2728 memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1470     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1471     }
1472    
1473     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1474 maya 3003 char FAR * buf, int bytes)
1475 yutakakn 2728 {
1476     unsigned char passphrase_key[16];
1477    
1478     MD5(passphrase, strlen(passphrase), passphrase_key);
1479    
1480     switch (cipher) {
1481     case SSH_CIPHER_3DES:{
1482     Cipher3DESState state;
1483    
1484     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1485 maya 3003 &state.k1);
1486 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1487 maya 3003 &state.k2);
1488 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) passphrase_key,
1489 maya 3003 &state.k3);
1490 yutakakn 2728 memset(state.ivec1, 0, 8);
1491     memset(state.ivec2, 0, 8);
1492     memset(state.ivec3, 0, 8);
1493     DES_ncbc_encrypt(buf, buf, bytes,
1494 maya 3003 &state.k3, &state.ivec3, DES_DECRYPT);
1495 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1496 maya 3003 &state.k2, &state.ivec2, DES_ENCRYPT);
1497 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1498 maya 3003 &state.k1, &state.ivec1, DES_DECRYPT);
1499 yutakakn 2728 break;
1500     }
1501    
1502     case SSH_CIPHER_IDEA:{
1503     CipherIDEAState state;
1504     int num = 0;
1505    
1506     cIDEA_init(passphrase_key, &state);
1507     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1508 maya 3003 &num, IDEA_DECRYPT);
1509 yutakakn 2728 break;
1510     }
1511    
1512     case SSH_CIPHER_DES:{
1513     CipherDESState state;
1514    
1515     cDES_init(passphrase_key, &state);
1516     DES_ncbc_encrypt(buf, buf, bytes,
1517 maya 3003 &state.k, &state.ivec, DES_DECRYPT);
1518 yutakakn 2728 break;
1519     }
1520    
1521     case SSH_CIPHER_RC4:{
1522     CipherRC4State state;
1523     int num = 0;
1524    
1525     RC4_set_key(&state.k, 16, passphrase_key);
1526     RC4(&state.k, bytes, buf, buf);
1527     break;
1528     }
1529    
1530     case SSH_CIPHER_BLOWFISH:{
1531     CipherBlowfishState state;
1532    
1533     BF_set_key(&state.k, 16, passphrase_key);
1534     memset(state.ivec, 0, 8);
1535     flip_endianness(buf, bytes);
1536     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1537     BF_DECRYPT);
1538     flip_endianness(buf, bytes);
1539     break;
1540     }
1541    
1542     case SSH_CIPHER_NONE:
1543     break;
1544    
1545     default:
1546     memset(passphrase_key, 0, sizeof(passphrase_key));
1547     return 0;
1548     }
1549    
1550     memset(passphrase_key, 0, sizeof(passphrase_key));
1551     return 1;
1552     }
1553    
1554     void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair)
1555     {
1556 yutakakn 2762 if (key_pair->RSA_key != NULL)
1557     RSA_free(key_pair->RSA_key);
1558    
1559     if (key_pair->DSA_key != NULL)
1560     DSA_free(key_pair->DSA_key);
1561    
1562 yutakakn 2728 free(key_pair);
1563     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help