Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3158 - (hide annotations) (download) (as text)
Mon Nov 17 13:30:38 2008 UTC (15 years, 4 months ago) by maya
Original Path: ttssh2/trunk/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 45127 byte(s) 
SSH2 で現在サポートされている AES192/256 についてエラーメッセージに追加
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40 yutakakn 2831 #include <openssl/dsa.h>
41 yutakakn 2728 #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51 maya 3158 * $Id: crypt.c,v 1.23 2008-11-17 13:30:38 maya Exp $ Cryptographic attack
52 yutakakn 2728 * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87 maya 3003 uint32 len, unsigned char FAR * IV)
88 yutakakn 2728 {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116 maya 3003 unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118 yutakakn 2728 {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191 maya 3003 int bytes)
192 yutakakn 2728 {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199 maya 3003 buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202 yutakakn 2728 default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204 maya 3003 buf, bytes, NULL) == DEATTACK_DETECTED;
205 yutakakn 2728 }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217 maya 3039 // ���O�������������������������������AAES192, AES256 ����
218 maya 3036 // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219 yutakakn 2728 static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220 maya 3003 int bytes)
221 yutakakn 2728 {
222     unsigned char *newbuf = malloc(bytes);
223     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
224    
225     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
226     if (bytes == 0)
227 yutakapon 3118 goto error;
228 yutakakn 2728
229     if (newbuf == NULL)
230     return;
231    
232     if (bytes % block_size) {
233     char tmp[80];
234 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR1", pvar,
235 maya 3158 "AES128/192/256 encrypt error(1): bytes %d (%d)");
236 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
237 maya 3003 pvar->ts->UIMsg, bytes, block_size);
238 yutakakn 2728 notify_fatal_error(pvar, tmp);
239     goto error;
240     }
241    
242     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
243 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR2", pvar,
244 maya 3158 "AES128/192/256 encrypt error(2)");
245 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
246 maya 3043 goto error;
247 yutakakn 2728
248     } else {
249 maya 3046 //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
250     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
251     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
252     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
253    
254     //debug_print(50, key, 24);
255     //debug_print(51, iv, 8);
256     //debug_print(52, buf, bytes);
257     //debug_print(53, newbuf, bytes);
258    
259 maya 3045 memcpy(buf, newbuf, bytes);
260 yutakakn 2728 }
261    
262     error:
263     free(newbuf);
264     }
265    
266     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
267 maya 3003 int bytes)
268 yutakakn 2728 {
269     unsigned char *newbuf = malloc(bytes);
270     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
271    
272     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
273     if (bytes == 0)
274 yutakapon 3118 goto error;
275 yutakakn 2728
276     if (newbuf == NULL)
277     return;
278    
279     if (bytes % block_size) {
280     char tmp[80];
281 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR1", pvar,
282 maya 3158 "AES128/192/256 decrypt error(1): bytes %d (%d)");
283 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
284 yutakakn 2728 notify_fatal_error(pvar, tmp);
285     goto error;
286     }
287    
288     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
289 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR2", pvar,
290 maya 3158 "AES128/192/256 decrypt error(2)");
291 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
292 maya 3043 goto error;
293 yutakakn 2728
294     } else {
295 maya 3046 //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
296     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
297     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
298     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
299    
300     //debug_print(70, key, AES128_KEYLEN);
301     //debug_print(71, iv, AES128_IVLEN);
302     //debug_print(72, buf, bytes);
303     //debug_print(73, newbuf, bytes);
304    
305 maya 3045 memcpy(buf, newbuf, bytes);
306 yutakakn 2728 }
307    
308 maya 3043 error:
309 yutakakn 2728 free(newbuf);
310     }
311    
312    
313    
314     // for SSH2(yutaka)
315     static void c3DES_CBC_encrypt(PTInstVar pvar, unsigned char FAR * buf,
316 maya 3003 int bytes)
317 yutakakn 2728 {
318     unsigned char *newbuf = malloc(bytes);
319 maya 3046 int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
320 yutakakn 2728
321 maya 3046 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
322     if (bytes == 0)
323 yutakapon 3118 goto error;
324 maya 3046
325 yutakakn 2728 if (newbuf == NULL)
326     return;
327    
328 maya 3046 if (bytes % block_size) {
329     char tmp[80];
330     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR1", pvar,
331     "3DES-CBC encrypt error(1): bytes %d (%d)");
332     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
333     pvar->ts->UIMsg, bytes, block_size);
334     notify_fatal_error(pvar, tmp);
335     goto error;
336     }
337    
338 maya 3043 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
339 maya 3046 UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR2", pvar,
340     "3DES-CBC encrypt error(2)");
341 maya 3043 notify_fatal_error(pvar, pvar->ts->UIMsg);
342     goto error;
343 yutakakn 2728
344     } else {
345 maya 3045 //unsigned char key[24], iv[8];
346 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
347 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
348 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
349 yutakakn 2728
350     //debug_print(50, key, 24);
351     //debug_print(51, iv, 8);
352     //debug_print(52, buf, bytes);
353     //debug_print(53, newbuf, bytes);
354    
355     memcpy(buf, newbuf, bytes);
356     }
357    
358 maya 3043 error:
359 yutakakn 2728 free(newbuf);
360     }
361    
362     static void c3DES_CBC_decrypt(PTInstVar pvar, unsigned char FAR * buf,
363 maya 3003 int bytes)
364 yutakakn 2728 {
365     unsigned char *newbuf = malloc(bytes);
366 maya 3046 int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
367 yutakakn 2728
368 maya 3046 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
369     if (bytes == 0)
370 yutakapon 3118 goto error;
371 maya 3046
372 yutakakn 2728 if (newbuf == NULL)
373     return;
374    
375 maya 3046 if (bytes % block_size) {
376     char tmp[80];
377     UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR1", pvar,
378     "3DES-CBC decrypt error(1): bytes %d (%d)");
379     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
380     notify_fatal_error(pvar, tmp);
381     goto error;
382     }
383    
384 yutakakn 2728 if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
385 maya 3046 UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR2", pvar,
386     "3DES-CBC decrypt error(2)");
387 maya 3043 notify_fatal_error(pvar, pvar->ts->UIMsg);
388     goto error;
389 yutakakn 2728
390     } else {
391 maya 3045 //unsigned char key[24], iv[8];
392 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
393 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
394 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
395 yutakakn 2728
396     //debug_print(70, key, 24);
397     //debug_print(71, iv, 8);
398     //debug_print(72, buf, bytes);
399     //debug_print(73, newbuf, bytes);
400    
401     memcpy(buf, newbuf, bytes);
402     }
403    
404 maya 3043 error:
405 yutakakn 2728 free(newbuf);
406     }
407    
408    
409 maya 3045 static void cBlowfish_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
410     int bytes)
411     {
412     unsigned char *newbuf = malloc(bytes);
413     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
414    
415     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
416     if (bytes == 0)
417 yutakapon 3118 goto error;
418 maya 3045
419     if (newbuf == NULL)
420     return;
421    
422 maya 3046 if (bytes % block_size) {
423     char tmp[80];
424     UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR1", pvar,
425     "Blowfish encrypt error(1): bytes %d (%d)");
426     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
427     pvar->ts->UIMsg, bytes, block_size);
428     notify_fatal_error(pvar, tmp);
429     goto error;
430     }
431    
432 maya 3045 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
433 maya 3046 UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR2", pvar,
434     "Blowfish encrypt error(2)");
435 maya 3045 notify_fatal_error(pvar, pvar->ts->UIMsg);
436     goto error;
437    
438     } else {
439     memcpy(buf, newbuf, bytes);
440    
441     }
442    
443     error:
444     free(newbuf);
445     }
446    
447     static void cBlowfish_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
448     int bytes)
449     {
450     unsigned char *newbuf = malloc(bytes);
451     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
452    
453     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
454     if (bytes == 0)
455 yutakapon 3118 goto error;
456 maya 3045
457     if (newbuf == NULL)
458     return;
459    
460 maya 3046 if (bytes % block_size) {
461     char tmp[80];
462     UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR1", pvar,
463     "Blowfish decrypt error(1): bytes %d (%d)");
464     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
465     notify_fatal_error(pvar, tmp);
466     goto error;
467     }
468    
469 maya 3045 if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
470 maya 3046 UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR2", pvar,
471     "Blowfish decrypt error(2)");
472 maya 3045 notify_fatal_error(pvar, pvar->ts->UIMsg);
473     goto error;
474    
475     } else {
476     memcpy(buf, newbuf, bytes);
477    
478     }
479    
480     error:
481     free(newbuf);
482     }
483    
484    
485    
486 yutakakn 2728 static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
487 maya 3003 int bytes)
488 yutakakn 2728 {
489     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
490    
491     DES_ncbc_encrypt(buf, buf, bytes,
492 maya 3003 &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
493 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
494 maya 3003 &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
495 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
496 maya 3003 &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
497 yutakakn 2728 }
498    
499     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
500 maya 3003 int bytes)
501 yutakakn 2728 {
502     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
503    
504     DES_ncbc_encrypt(buf, buf, bytes,
505 maya 3003 &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
506 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
507 maya 3003 &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
508 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
509 maya 3003 &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
510 yutakakn 2728 }
511    
512     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
513     int bytes)
514     {
515     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
516    
517     DES_ncbc_encrypt(buf, buf, bytes,
518 maya 3003 &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
519 yutakakn 2728 }
520    
521     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
522     int bytes)
523     {
524     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
525    
526     DES_ncbc_encrypt(buf, buf, bytes,
527 maya 3003 &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
528 yutakakn 2728 }
529    
530     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
531 maya 3003 int bytes)
532 yutakakn 2728 {
533     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
534     int num = 0;
535    
536     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
537 maya 3003 encryptstate->ivec, &num, IDEA_ENCRYPT);
538 yutakakn 2728 }
539    
540     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
541 maya 3003 int bytes)
542 yutakakn 2728 {
543     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
544     int num = 0;
545    
546     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
547 maya 3003 decryptstate->ivec, &num, IDEA_DECRYPT);
548 yutakakn 2728 }
549    
550     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
551     {
552     uint32 FAR *buf = (uint32 FAR *) cbuf;
553     int count = bytes / 4;
554    
555     while (count > 0) {
556     uint32 w = *buf;
557    
558     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
559 maya 3003 | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
560 yutakakn 2728 count--;
561     buf++;
562     }
563     }
564    
565     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
566 maya 3003 int bytes)
567 yutakakn 2728 {
568     CipherBlowfishState FAR *encryptstate =
569     &pvar->crypt_state.enc.cBlowfish;
570    
571     flip_endianness(buf, bytes);
572     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
573 maya 3003 BF_ENCRYPT);
574 yutakakn 2728 flip_endianness(buf, bytes);
575     }
576    
577     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
578 maya 3003 int bytes)
579 yutakakn 2728 {
580     CipherBlowfishState FAR *decryptstate =
581     &pvar->crypt_state.dec.cBlowfish;
582    
583     flip_endianness(buf, bytes);
584     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
585 maya 3003 BF_DECRYPT);
586 yutakakn 2728 flip_endianness(buf, bytes);
587     }
588    
589     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
590 maya 3003 int bytes)
591 yutakakn 2728 {
592     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
593     int num = 0;
594    
595     RC4(&encryptstate->k, bytes, buf, buf);
596     }
597    
598     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
599 maya 3003 int bytes)
600 yutakakn 2728 {
601     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
602     int num = 0;
603    
604     RC4(&decryptstate->k, bytes, buf, buf);
605     }
606    
607     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
608 maya 3003 int bytes)
609 yutakakn 2728 {
610     RAND_bytes(buf, bytes);
611     }
612    
613     void CRYPT_initialize_random_numbers(PTInstVar pvar)
614     {
615     RAND_screen();
616     }
617    
618     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
619     {
620     int bits = get_ushort16_MSBfirst(bytes);
621    
622     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
623     }
624    
625 yutakakn 2857 // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
626     RSA FAR *make_key(PTInstVar pvar,
627 maya 3003 int bits, unsigned char FAR * exp,
628     unsigned char FAR * mod)
629 yutakakn 2728 {
630     RSA FAR *key = RSA_new();
631    
632     if (key != NULL) {
633     key->e = get_bignum(exp);
634     key->n = get_bignum(mod);
635     }
636    
637     if (key == NULL || key->e == NULL || key->n == NULL) {
638 maya 2994 UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
639 maya 3003 "Error setting up RSA keys");
640 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
641 yutakakn 2728
642     if (key != NULL) {
643     if (key->e != NULL) {
644     BN_free(key->e);
645     }
646     if (key->n != NULL) {
647     BN_free(key->n);
648     }
649     RSA_free(key);
650     }
651    
652     return NULL;
653     } else {
654     return key;
655     }
656     }
657    
658     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
659     {
660     if (SSHv1(pvar)) {
661     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
662     } else {
663     memcpy(pvar->crypt_state.server_cookie, cookie,
664 maya 3003 SSH2_COOKIE_LENGTH);
665 yutakakn 2728 }
666     }
667    
668     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
669     {
670     if (SSHv2(pvar)) {
671     memcpy(pvar->crypt_state.client_cookie, cookie,
672 maya 3003 SSH2_COOKIE_LENGTH);
673 yutakakn 2728 }
674     }
675    
676     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
677 maya 3003 int bits, unsigned char FAR * exp,
678     unsigned char FAR * mod)
679 yutakakn 2728 {
680     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
681    
682     return pvar->crypt_state.server_key.RSA_key != NULL;
683     }
684    
685     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
686 maya 3003 int bits, unsigned char FAR * exp,
687     unsigned char FAR * mod)
688 yutakakn 2728 {
689     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
690    
691     return pvar->crypt_state.host_key.RSA_key != NULL;
692     }
693    
694     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
695 maya 3003 int receiver_ciphers)
696 yutakakn 2728 {
697     int cipher_mask;
698    
699     if (SSHv1(pvar)) {
700     cipher_mask = (1 << SSH_CIPHER_DES)
701 maya 3003 | (1 << SSH_CIPHER_3DES)
702     | (1 << SSH_CIPHER_BLOWFISH);
703 yutakakn 2728
704     } else { // for SSH2(yutaka)
705     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
706 maya 3045 cipher_mask = (1 << SSH2_CIPHER_3DES_CBC)
707 maya 3157 | (1 << SSH2_CIPHER_AES128_CBC)
708     | (1 << SSH2_CIPHER_BLOWFISH_CBC)
709     | (1 << SSH2_CIPHER_AES192_CBC)
710     | (1 << SSH2_CIPHER_AES256_CBC);
711 yutakakn 2728 }
712    
713     sender_ciphers &= cipher_mask;
714     receiver_ciphers &= cipher_mask;
715     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
716     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
717    
718     if (sender_ciphers == 0) {
719 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
720 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
721     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
722     "The connection will be closed.");
723 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
724 yutakakn 2728 return FALSE;
725     } else if (receiver_ciphers == 0) {
726 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
727 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
728     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
729     "The connection will be closed.");
730 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
731 yutakakn 2728 return FALSE;
732     } else {
733     return TRUE;
734     }
735     }
736    
737     int CRYPT_get_decryption_block_size(PTInstVar pvar)
738     {
739     if (SSHv1(pvar)) {
740     return 8;
741     } else {
742     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
743     // cf. 3DES=8, AES128=16
744     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
745     }
746     }
747    
748     int CRYPT_get_encryption_block_size(PTInstVar pvar)
749     {
750     if (SSHv1(pvar)) {
751     return 8;
752     } else {
753     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
754     // cf. 3DES=8, AES128=16
755     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
756     }
757     }
758    
759     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
760     {
761     struct Mac *mac;
762    
763     if (SSHv1(pvar)) {
764     return 0;
765    
766     } else { // for SSH2(yutaka)
767     mac = &pvar->ssh2_keys[MODE_IN].mac;
768     if (mac == NULL || mac->enabled == 0)
769     return 0;
770    
771     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
772     }
773    
774     }
775    
776 yutakakn 2757 // HMAC������
777     // ���{������ SSH2 �������g�p�������B
778     // (2004.12.17 yutaka)
779 yutakakn 2728 BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
780 maya 3003 char FAR * data, int len, char FAR * MAC)
781 yutakakn 2728 {
782 maya 3003 HMAC_CTX c;
783     unsigned char m[EVP_MAX_MD_SIZE];
784     unsigned char b[4];
785 yutakakn 2757 struct Mac *mac;
786    
787     mac = &pvar->ssh2_keys[MODE_IN].mac;
788    
789     // HMAC�������L���������������A����OK�����������B
790     if (mac == NULL || mac->enabled == 0)
791     return TRUE;
792    
793 maya 3003 if (mac->key == NULL)
794 yutakakn 2757 goto error;
795    
796 maya 3003 if ((u_int)mac->mac_len > sizeof(m))
797 yutakakn 2757 goto error;
798    
799 maya 3003 HMAC_Init(&c, mac->key, mac->key_len, mac->md);
800     set_uint32_MSBfirst(b, sequence_number);
801     HMAC_Update(&c, b, sizeof(b));
802     HMAC_Update(&c, data, len);
803     HMAC_Final(&c, m, NULL);
804     HMAC_cleanup(&c);
805 yutakakn 2757
806     if (memcmp(m, MAC, mac->mac_len)) {
807     goto error;
808     }
809    
810 yutakakn 2728 return TRUE;
811 yutakakn 2757
812     error:
813     return FALSE;
814 yutakakn 2728 }
815    
816     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
817     {
818     struct Mac *mac;
819    
820     if (SSHv2(pvar)) { // for SSH2(yutaka)
821     mac = &pvar->ssh2_keys[MODE_OUT].mac;
822     if (mac == NULL || mac->enabled == 0)
823     return 0;
824    
825     return (mac->mac_len);
826     }
827    
828     return 0;
829     }
830    
831     // for SSH2
832     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
833 maya 3003 char FAR * data, int len, char FAR * MAC)
834 yutakakn 2728 {
835 maya 3003 HMAC_CTX c;
836     static u_char m[EVP_MAX_MD_SIZE];
837 yutakakn 2728 u_char b[4];
838     struct Mac *mac;
839    
840     if (SSHv2(pvar)) { // for SSH2(yutaka)
841     mac = &pvar->ssh2_keys[MODE_OUT].mac;
842     if (mac == NULL || mac->enabled == 0)
843     return FALSE;
844 maya 3003
845     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
846 yutakakn 2728 set_uint32_MSBfirst(b, sequence_number);
847     HMAC_Update(&c, b, sizeof(b));
848     HMAC_Update(&c, data, len);
849     HMAC_Final(&c, m, NULL);
850     HMAC_cleanup(&c);
851    
852     // 20�o�C�g�������R�s�[
853     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
854     // memcpy(MAC, m, sizeof(m));
855    
856     return TRUE;
857     }
858    
859     return TRUE;
860    
861     }
862    
863     static int choose_cipher(PTInstVar pvar, int supported)
864     {
865     int i;
866    
867     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
868     int cipher = pvar->session_settings.CipherOrder[i] - '0';
869    
870     if (cipher == SSH_CIPHER_NONE) {
871     break;
872     } else if ((supported & (1 << cipher)) != 0) {
873     return cipher;
874     }
875     }
876    
877     return SSH_CIPHER_NONE;
878     }
879    
880     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
881     {
882     if (SSHv1(pvar)) {
883     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
884 maya 3003 pvar->crypt_state.
885     supported_sender_ciphers);
886 yutakakn 2728 pvar->crypt_state.receiver_cipher =
887     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
888    
889     } else { // SSH2(yutaka)
890     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
891     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
892    
893     }
894    
895     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
896     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
897 maya 2994 UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
898 maya 3003 "All the encryption algorithms that this program and the server both understand have been disabled.\n"
899     "To communicate with this server, you will have to enable some more ciphers\n"
900 doda 3134 "in the TTSSH Setup dialog box when you run Tera Term again.\n"
901 maya 3003 "This connection will now close.");
902 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
903 yutakakn 2728 return FALSE;
904     } else {
905     return TRUE;
906     }
907     }
908    
909     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
910     {
911     int server_key_bits =
912     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
913     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
914     int server_key_bytes = (server_key_bits + 7) / 8;
915     int host_key_bytes = (host_key_bits + 7) / 8;
916    
917     if (server_key_bits < host_key_bits) {
918     return host_key_bytes;
919     } else {
920     return server_key_bytes;
921     }
922     }
923    
924     int CRYPT_choose_session_key(PTInstVar pvar,
925 maya 3003 unsigned char FAR * encrypted_key_buf)
926 yutakakn 2728 {
927     int server_key_bits =
928     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
929     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
930     int server_key_bytes = (server_key_bits + 7) / 8;
931     int host_key_bytes = (host_key_bits + 7) / 8;
932     int encrypted_key_bytes;
933     int bit_delta;
934    
935     if (server_key_bits < host_key_bits) {
936     encrypted_key_bytes = host_key_bytes;
937     bit_delta = host_key_bits - server_key_bits;
938     } else {
939     encrypted_key_bytes = server_key_bytes;
940     bit_delta = server_key_bits - host_key_bits;
941     }
942    
943     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
944 maya 2994 UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
945 maya 3003 "Server RSA keys are too weak. A secure connection cannot be established.");
946 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
947 yutakakn 2728 return 0;
948     } else {
949     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
950     for the session ID, rather than the one specified in the RFC */
951     int session_buf_len = server_key_bytes + host_key_bytes + 8;
952     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
953     char session_id[16];
954     int i;
955    
956     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
957     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
958 maya 3003 session_buf + host_key_bytes);
959 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
960 maya 3003 pvar->crypt_state.server_cookie, 8);
961 yutakakn 2728 MD5(session_buf, session_buf_len, session_id);
962    
963     free(session_buf);
964    
965     RAND_bytes(pvar->crypt_state.sender_cipher_key,
966 maya 3003 SSH_SESSION_KEY_LENGTH);
967 yutakakn 2728 memcpy(pvar->crypt_state.receiver_cipher_key,
968 maya 3003 pvar->crypt_state.sender_cipher_key,
969     SSH_SESSION_KEY_LENGTH);
970 yutakakn 2728
971     memcpy(encrypted_key_buf + encrypted_key_bytes -
972 maya 3003 SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
973     SSH_SESSION_KEY_LENGTH);
974 yutakakn 2728 for (i = 0; i < sizeof(session_id); i++) {
975     encrypted_key_buf[encrypted_key_bytes -
976 maya 3003 SSH_SESSION_KEY_LENGTH + i]
977 yutakakn 2728 ^= session_id[i];
978     }
979    
980     if (host_key_bits > server_key_bits) {
981     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
982 maya 3003 encrypted_key_buf +
983     encrypted_key_bytes -
984     SSH_SESSION_KEY_LENGTH,
985     encrypted_key_buf +
986     encrypted_key_bytes - server_key_bytes,
987     pvar->crypt_state.server_key.RSA_key,
988     RSA_PKCS1_PADDING) < 0)
989 yutakakn 2728 return 0;
990    
991     if (RSA_public_encrypt(server_key_bytes,
992 maya 3003 encrypted_key_buf +
993     encrypted_key_bytes - server_key_bytes,
994     encrypted_key_buf,
995     pvar->crypt_state.host_key.RSA_key,
996     RSA_PKCS1_PADDING) < 0)
997 yutakakn 2728 return 0;
998     } else {
999     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1000 maya 3003 encrypted_key_buf +
1001     encrypted_key_bytes -
1002     SSH_SESSION_KEY_LENGTH,
1003     encrypted_key_buf +
1004     encrypted_key_bytes - host_key_bytes,
1005     pvar->crypt_state.host_key.RSA_key,
1006     RSA_PKCS1_PADDING) < 0)
1007 yutakakn 2728 return 0;
1008    
1009     if (RSA_public_encrypt(host_key_bytes,
1010 maya 3003 encrypted_key_buf +
1011     encrypted_key_bytes - host_key_bytes,
1012     encrypted_key_buf,
1013     pvar->crypt_state.server_key.RSA_key,
1014     RSA_PKCS1_PADDING) < 0)
1015 yutakakn 2728 return 0;
1016     }
1017     }
1018    
1019     return 1;
1020     }
1021    
1022     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
1023 maya 3003 unsigned char FAR * challenge,
1024     int challenge_len,
1025     unsigned char FAR * response)
1026 yutakakn 2728 {
1027     int server_key_bits =
1028     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1029     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1030     int server_key_bytes = (server_key_bits + 7) / 8;
1031     int host_key_bytes = (host_key_bits + 7) / 8;
1032     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1033     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1034     char decrypted_challenge[48];
1035     int decrypted_challenge_len;
1036    
1037     decrypted_challenge_len =
1038     RSA_private_decrypt(challenge_len, challenge, challenge,
1039 maya 3003 AUTH_get_cur_cred(pvar)->key_pair->RSA_key,
1040     RSA_PKCS1_PADDING);
1041 yutakakn 2728 if (decrypted_challenge_len < 0) {
1042     free(session_buf);
1043     return 0;
1044     }
1045     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
1046     memcpy(decrypted_challenge,
1047 maya 3003 challenge + decrypted_challenge_len -
1048     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
1049 yutakakn 2728 } else {
1050     memset(decrypted_challenge, 0,
1051 maya 3003 SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
1052 yutakakn 2728 memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
1053 maya 3003 decrypted_challenge_len, challenge,
1054     decrypted_challenge_len);
1055 yutakakn 2728 }
1056    
1057     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1058     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1059 maya 3003 session_buf + host_key_bytes);
1060 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
1061 maya 3003 pvar->crypt_state.server_cookie, 8);
1062 yutakakn 2728 MD5(session_buf, session_buf_len, decrypted_challenge + 32);
1063    
1064     free(session_buf);
1065    
1066     MD5(decrypted_challenge, 48, response);
1067    
1068     return 1;
1069     }
1070    
1071     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1072     {
1073     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1074     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1075     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1076     memset(state->ivec1, 0, 8);
1077     memset(state->ivec2, 0, 8);
1078     memset(state->ivec3, 0, 8);
1079     }
1080    
1081     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1082     {
1083     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1084     memset(state->ivec, 0, 8);
1085     }
1086    
1087     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1088     {
1089     idea_set_encrypt_key(session_key, &state->k);
1090     memset(state->ivec, 0, 8);
1091     }
1092    
1093     static void cBlowfish_init(char FAR * session_key,
1094 maya 3003 CipherBlowfishState FAR * state)
1095 yutakakn 2728 {
1096     BF_set_key(&state->k, 32, session_key);
1097     memset(state->ivec, 0, 8);
1098     }
1099    
1100    
1101     //
1102     // SSH2�p�A���S���Y����������
1103     //
1104     // for SSH2(yutaka)
1105     //
1106 maya 3003 void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1107     const u_char *key, u_int keylen,
1108     const u_char *iv, u_int ivlen,
1109     int encrypt,
1110 maya 3093 const EVP_CIPHER *type,
1111 maya 3043 PTInstVar pvar)
1112 yutakakn 2728 {
1113     int klen;
1114 maya 3043 char tmp[80];
1115 yutakakn 2728
1116     EVP_CIPHER_CTX_init(evp);
1117     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1118 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1119     "Cipher initialize error(%d)");
1120     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1121     notify_fatal_error(pvar, tmp);
1122     return;
1123 yutakakn 2728 }
1124    
1125     klen = EVP_CIPHER_CTX_key_length(evp);
1126     if (klen > 0 && keylen != klen) {
1127     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1128 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1129     "Cipher initialize error(%d)");
1130     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1131     notify_fatal_error(pvar, tmp);
1132     return;
1133 yutakakn 2728 }
1134     }
1135     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1136 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1137     "Cipher initialize error(%d)");
1138     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1139     notify_fatal_error(pvar, tmp);
1140     return;
1141 yutakakn 2728 }
1142     }
1143    
1144    
1145     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1146     {
1147     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1148     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1149     BOOL isOK = TRUE;
1150    
1151     if (sender_flag) {
1152     switch (pvar->crypt_state.sender_cipher) {
1153     // for SSH2(yutaka)
1154 maya 3045 case SSH2_CIPHER_3DES_CBC:
1155 yutakakn 2728 {
1156     struct Enc *enc;
1157    
1158     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1159 maya 3003 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1160 maya 3036 enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1161     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1162 maya 3003 CIPHER_ENCRYPT,
1163 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1164     pvar);
1165 yutakakn 2728
1166 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1167     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1168 yutakakn 2728
1169     pvar->crypt_state.encrypt = c3DES_CBC_encrypt;
1170     break;
1171     }
1172    
1173     // for SSH2(yutaka)
1174 maya 3157 case SSH2_CIPHER_AES128_CBC:
1175     case SSH2_CIPHER_AES192_CBC:
1176     case SSH2_CIPHER_AES256_CBC:
1177 yutakakn 2728 {
1178     struct Enc *enc;
1179    
1180     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1181 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1182     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1183     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1184 maya 3003 CIPHER_ENCRYPT,
1185 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1186     pvar);
1187 yutakakn 2728
1188 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1189     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1190 yutakakn 2728
1191     pvar->crypt_state.encrypt = cAES128_encrypt;
1192     break;
1193     }
1194    
1195 maya 3157 case SSH2_CIPHER_BLOWFISH_CBC:
1196 maya 3045 {
1197     struct Enc *enc;
1198    
1199     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1200     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1201     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1202     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1203     CIPHER_ENCRYPT,
1204     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1205     pvar);
1206    
1207     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1208     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1209    
1210     pvar->crypt_state.encrypt = cBlowfish_encrypt2;
1211     break;
1212     }
1213    
1214 yutakakn 2728 case SSH_CIPHER_3DES:{
1215     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1216     pvar->crypt_state.encrypt = c3DES_encrypt;
1217     break;
1218     }
1219     case SSH_CIPHER_IDEA:{
1220     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1221     pvar->crypt_state.encrypt = cIDEA_encrypt;
1222     break;
1223     }
1224     case SSH_CIPHER_DES:{
1225     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1226     pvar->crypt_state.encrypt = cDES_encrypt;
1227     break;
1228     }
1229     case SSH_CIPHER_RC4:{
1230     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1231     encryption_key + 16);
1232     pvar->crypt_state.encrypt = cRC4_encrypt;
1233     break;
1234     }
1235     case SSH_CIPHER_BLOWFISH:{
1236     cBlowfish_init(encryption_key,
1237 maya 3003 &pvar->crypt_state.enc.cBlowfish);
1238 yutakakn 2728 pvar->crypt_state.encrypt = cBlowfish_encrypt;
1239     break;
1240     }
1241     default:
1242     isOK = FALSE;
1243     }
1244     }
1245    
1246    
1247     if (receiver_flag) {
1248     switch (pvar->crypt_state.receiver_cipher) {
1249     // for SSH2(yutaka)
1250 maya 3045 case SSH2_CIPHER_3DES_CBC:
1251 yutakakn 2728 {
1252     struct Enc *enc;
1253    
1254     enc = &pvar->ssh2_keys[MODE_IN].enc;
1255 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1256     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1257     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1258 maya 3003 CIPHER_DECRYPT,
1259 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1260     pvar);
1261 yutakakn 2728
1262 maya 3045 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1263     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1264 yutakakn 2728
1265     pvar->crypt_state.decrypt = c3DES_CBC_decrypt;
1266     break;
1267     }
1268    
1269     // for SSH2(yutaka)
1270 maya 3157 case SSH2_CIPHER_AES128_CBC:
1271     case SSH2_CIPHER_AES192_CBC:
1272     case SSH2_CIPHER_AES256_CBC:
1273 yutakakn 2728 {
1274     struct Enc *enc;
1275    
1276     enc = &pvar->ssh2_keys[MODE_IN].enc;
1277 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1278     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1279     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1280 maya 3003 CIPHER_DECRYPT,
1281 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1282     pvar);
1283 yutakakn 2728
1284 maya 3045 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1285     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1286 yutakakn 2728
1287     pvar->crypt_state.decrypt = cAES128_decrypt;
1288     break;
1289     }
1290    
1291 maya 3157 case SSH2_CIPHER_BLOWFISH_CBC:
1292 maya 3045 {
1293     struct Enc *enc;
1294    
1295     enc = &pvar->ssh2_keys[MODE_IN].enc;
1296     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1297     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1298     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1299     CIPHER_DECRYPT,
1300     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1301     pvar);
1302    
1303     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1304     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1305    
1306     pvar->crypt_state.decrypt = cBlowfish_decrypt2;
1307     break;
1308     }
1309    
1310 yutakakn 2728 case SSH_CIPHER_3DES:{
1311     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1312     pvar->crypt_state.decrypt = c3DES_decrypt;
1313     break;
1314     }
1315     case SSH_CIPHER_IDEA:{
1316     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1317     pvar->crypt_state.decrypt = cIDEA_decrypt;
1318     break;
1319     }
1320     case SSH_CIPHER_DES:{
1321     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1322     pvar->crypt_state.decrypt = cDES_decrypt;
1323     break;
1324     }
1325     case SSH_CIPHER_RC4:{
1326     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1327     pvar->crypt_state.decrypt = cRC4_decrypt;
1328     break;
1329     }
1330     case SSH_CIPHER_BLOWFISH:{
1331     cBlowfish_init(decryption_key,
1332 maya 3003 &pvar->crypt_state.dec.cBlowfish);
1333 yutakakn 2728 pvar->crypt_state.decrypt = cBlowfish_decrypt;
1334     break;
1335     }
1336     default:
1337     isOK = FALSE;
1338     }
1339     }
1340    
1341    
1342     if (!isOK) {
1343 maya 2994 UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1344 maya 3003 "No cipher selected!");
1345 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1346 yutakakn 2728 return FALSE;
1347     } else {
1348     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1349     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1350     return TRUE;
1351     }
1352     }
1353    
1354     void CRYPT_init(PTInstVar pvar)
1355     {
1356     pvar->crypt_state.encrypt = no_encrypt;
1357     pvar->crypt_state.decrypt = no_encrypt;
1358     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1359     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1360     pvar->crypt_state.server_key.RSA_key = NULL;
1361     pvar->crypt_state.host_key.RSA_key = NULL;
1362    
1363     pvar->crypt_state.detect_attack_statics.h = NULL;
1364     pvar->crypt_state.detect_attack_statics.n =
1365     HASH_MINSIZE / HASH_ENTRYSIZE;
1366     }
1367    
1368     static char FAR *get_cipher_name(int cipher)
1369     {
1370     switch (cipher) {
1371     case SSH_CIPHER_NONE:
1372     return "None";
1373     case SSH_CIPHER_3DES:
1374     return "3DES (168 key bits)";
1375     case SSH_CIPHER_DES:
1376     return "DES (56 key bits)";
1377     case SSH_CIPHER_IDEA:
1378     return "IDEA (128 key bits)";
1379     case SSH_CIPHER_RC4:
1380     return "RC4 (128 key bits)";
1381     case SSH_CIPHER_BLOWFISH:
1382     return "Blowfish (256 key bits)";
1383    
1384     // SSH2
1385 maya 3045 case SSH2_CIPHER_3DES_CBC:
1386 yutakakn 2728 return "3DES-CBC";
1387 maya 3157 case SSH2_CIPHER_AES128_CBC:
1388     return "AES128-CBC";
1389     case SSH2_CIPHER_AES192_CBC:
1390     return "AES192-CBC";
1391     case SSH2_CIPHER_AES256_CBC:
1392     return "AES256-CBC";
1393     case SSH2_CIPHER_BLOWFISH_CBC:
1394     return "Blowfish-CBC";
1395 yutakakn 2728
1396     default:
1397     return "Unknown";
1398     }
1399     }
1400    
1401     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1402     {
1403 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1404 maya 3003 "%s to server, %s from server");
1405 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1406 maya 3003 get_cipher_name(pvar->crypt_state.sender_cipher),
1407     get_cipher_name(pvar->crypt_state.receiver_cipher));
1408 yutakakn 2728 }
1409    
1410     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1411     {
1412     if (SSHv1(pvar)) {
1413     if (pvar->crypt_state.server_key.RSA_key == NULL
1414 maya 3003 || pvar->crypt_state.host_key.RSA_key == NULL) {
1415 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1416 maya 2992 strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1417 yutakakn 2728 } else {
1418 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1419 maya 3003 "%d-bit server key, %d-bit host key");
1420 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1421 maya 3003 BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1422     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1423 yutakakn 2728 }
1424     } else { // SSH2
1425 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1426 maya 3003 "%d-bit server key, %d-bit host key");
1427 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1428 maya 3003 pvar->server_key_bits,
1429     pvar->client_key_bits);
1430 yutakakn 2728 }
1431     }
1432    
1433     static void destroy_public_key(CRYPTPublicKey FAR * key)
1434     {
1435     if (key->RSA_key != NULL) {
1436     RSA_free(key->RSA_key);
1437     key->RSA_key = NULL;
1438     }
1439     }
1440    
1441     void CRYPT_free_public_key(CRYPTPublicKey FAR * key)
1442     {
1443     destroy_public_key(key);
1444     free(key);
1445     }
1446    
1447     void CRYPT_end(PTInstVar pvar)
1448     {
1449     destroy_public_key(&pvar->crypt_state.host_key);
1450     destroy_public_key(&pvar->crypt_state.server_key);
1451    
1452     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1453     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1454 maya 3003 pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1455 yutakakn 2728 free(pvar->crypt_state.detect_attack_statics.h);
1456     }
1457    
1458     memset(pvar->crypt_state.sender_cipher_key, 0,
1459 maya 3003 sizeof(pvar->crypt_state.sender_cipher_key));
1460 yutakakn 2728 memset(pvar->crypt_state.receiver_cipher_key, 0,
1461 maya 3003 sizeof(pvar->crypt_state.receiver_cipher_key));
1462 yutakakn 2728 memset(pvar->crypt_state.server_cookie, 0,
1463 maya 3003 sizeof(pvar->crypt_state.server_cookie));
1464 yutakakn 2728 memset(pvar->crypt_state.client_cookie, 0,
1465 maya 3003 sizeof(pvar->crypt_state.client_cookie));
1466 yutakakn 2728 memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1467     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1468     }
1469    
1470     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1471 maya 3003 char FAR * buf, int bytes)
1472 yutakakn 2728 {
1473     unsigned char passphrase_key[16];
1474    
1475     MD5(passphrase, strlen(passphrase), passphrase_key);
1476    
1477     switch (cipher) {
1478     case SSH_CIPHER_3DES:{
1479     Cipher3DESState state;
1480    
1481     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1482 maya 3003 &state.k1);
1483 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1484 maya 3003 &state.k2);
1485 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) passphrase_key,
1486 maya 3003 &state.k3);
1487 yutakakn 2728 memset(state.ivec1, 0, 8);
1488     memset(state.ivec2, 0, 8);
1489     memset(state.ivec3, 0, 8);
1490     DES_ncbc_encrypt(buf, buf, bytes,
1491 maya 3003 &state.k3, &state.ivec3, DES_DECRYPT);
1492 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1493 maya 3003 &state.k2, &state.ivec2, DES_ENCRYPT);
1494 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1495 maya 3003 &state.k1, &state.ivec1, DES_DECRYPT);
1496 yutakakn 2728 break;
1497     }
1498    
1499     case SSH_CIPHER_IDEA:{
1500     CipherIDEAState state;
1501     int num = 0;
1502    
1503     cIDEA_init(passphrase_key, &state);
1504     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1505 maya 3003 &num, IDEA_DECRYPT);
1506 yutakakn 2728 break;
1507     }
1508    
1509     case SSH_CIPHER_DES:{
1510     CipherDESState state;
1511    
1512     cDES_init(passphrase_key, &state);
1513     DES_ncbc_encrypt(buf, buf, bytes,
1514 maya 3003 &state.k, &state.ivec, DES_DECRYPT);
1515 yutakakn 2728 break;
1516     }
1517    
1518     case SSH_CIPHER_RC4:{
1519     CipherRC4State state;
1520     int num = 0;
1521    
1522     RC4_set_key(&state.k, 16, passphrase_key);
1523     RC4(&state.k, bytes, buf, buf);
1524     break;
1525     }
1526    
1527     case SSH_CIPHER_BLOWFISH:{
1528     CipherBlowfishState state;
1529    
1530     BF_set_key(&state.k, 16, passphrase_key);
1531     memset(state.ivec, 0, 8);
1532     flip_endianness(buf, bytes);
1533     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1534     BF_DECRYPT);
1535     flip_endianness(buf, bytes);
1536     break;
1537     }
1538    
1539     case SSH_CIPHER_NONE:
1540     break;
1541    
1542     default:
1543     memset(passphrase_key, 0, sizeof(passphrase_key));
1544     return 0;
1545     }
1546    
1547     memset(passphrase_key, 0, sizeof(passphrase_key));
1548     return 1;
1549     }
1550    
1551     void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair)
1552     {
1553 yutakakn 2762 if (key_pair->RSA_key != NULL)
1554     RSA_free(key_pair->RSA_key);
1555    
1556     if (key_pair->DSA_key != NULL)
1557     DSA_free(key_pair->DSA_key);
1558    
1559 yutakakn 2728 free(key_pair);
1560     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help