Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3169 - (hide annotations) (download) (as text)
Sat Nov 22 06:46:43 2008 UTC (15 years, 4 months ago) by doda
Original Path: ttssh2/trunk/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 50571 byte(s) 
SSH2 の共通鍵暗号方式として Arcfour128, Arcfour256 をサポート
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40 yutakakn 2831 #include <openssl/dsa.h>
41 yutakakn 2728 #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51 doda 3169 * $Id: crypt.c,v 1.26 2008-11-22 06:46:43 doda Exp $ Cryptographic attack
52 yutakakn 2728 * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87 maya 3003 uint32 len, unsigned char FAR * IV)
88 yutakakn 2728 {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116 maya 3003 unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118 yutakakn 2728 {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191 maya 3003 int bytes)
192 yutakakn 2728 {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199 maya 3003 buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202 yutakakn 2728 default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204 maya 3003 buf, bytes, NULL) == DEATTACK_DETECTED;
205 yutakakn 2728 }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217 maya 3039 // ���O�������������������������������AAES192, AES256 ����
218 maya 3036 // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219 yutakakn 2728 static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220 maya 3003 int bytes)
221 yutakakn 2728 {
222     unsigned char *newbuf = malloc(bytes);
223     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
224    
225     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
226     if (bytes == 0)
227 yutakapon 3118 goto error;
228 yutakakn 2728
229     if (newbuf == NULL)
230     return;
231    
232     if (bytes % block_size) {
233     char tmp[80];
234 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR1", pvar,
235 maya 3158 "AES128/192/256 encrypt error(1): bytes %d (%d)");
236 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
237 maya 3003 pvar->ts->UIMsg, bytes, block_size);
238 yutakakn 2728 notify_fatal_error(pvar, tmp);
239     goto error;
240     }
241    
242     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
243 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR2", pvar,
244 maya 3158 "AES128/192/256 encrypt error(2)");
245 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
246 maya 3043 goto error;
247 yutakakn 2728
248     } else {
249 maya 3046 //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
250     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
251     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
252     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
253    
254     //debug_print(50, key, 24);
255     //debug_print(51, iv, 8);
256     //debug_print(52, buf, bytes);
257     //debug_print(53, newbuf, bytes);
258    
259 maya 3045 memcpy(buf, newbuf, bytes);
260 yutakakn 2728 }
261    
262     error:
263     free(newbuf);
264     }
265    
266     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
267 maya 3003 int bytes)
268 yutakakn 2728 {
269     unsigned char *newbuf = malloc(bytes);
270     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
271    
272     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
273     if (bytes == 0)
274 yutakapon 3118 goto error;
275 yutakakn 2728
276     if (newbuf == NULL)
277     return;
278    
279     if (bytes % block_size) {
280     char tmp[80];
281 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR1", pvar,
282 maya 3158 "AES128/192/256 decrypt error(1): bytes %d (%d)");
283 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
284 yutakakn 2728 notify_fatal_error(pvar, tmp);
285     goto error;
286     }
287    
288     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
289 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR2", pvar,
290 maya 3158 "AES128/192/256 decrypt error(2)");
291 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
292 maya 3043 goto error;
293 yutakakn 2728
294     } else {
295 maya 3046 //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
296     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
297     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
298     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
299    
300     //debug_print(70, key, AES128_KEYLEN);
301     //debug_print(71, iv, AES128_IVLEN);
302     //debug_print(72, buf, bytes);
303     //debug_print(73, newbuf, bytes);
304    
305 maya 3045 memcpy(buf, newbuf, bytes);
306 yutakakn 2728 }
307    
308 maya 3043 error:
309 yutakakn 2728 free(newbuf);
310     }
311    
312    
313    
314     // for SSH2(yutaka)
315     static void c3DES_CBC_encrypt(PTInstVar pvar, unsigned char FAR * buf,
316 maya 3003 int bytes)
317 yutakakn 2728 {
318     unsigned char *newbuf = malloc(bytes);
319 maya 3046 int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
320 yutakakn 2728
321 maya 3046 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
322     if (bytes == 0)
323 yutakapon 3118 goto error;
324 maya 3046
325 yutakakn 2728 if (newbuf == NULL)
326     return;
327    
328 maya 3046 if (bytes % block_size) {
329     char tmp[80];
330     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR1", pvar,
331     "3DES-CBC encrypt error(1): bytes %d (%d)");
332     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
333     pvar->ts->UIMsg, bytes, block_size);
334     notify_fatal_error(pvar, tmp);
335     goto error;
336     }
337    
338 maya 3043 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
339 maya 3046 UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR2", pvar,
340     "3DES-CBC encrypt error(2)");
341 maya 3043 notify_fatal_error(pvar, pvar->ts->UIMsg);
342     goto error;
343 yutakakn 2728
344     } else {
345 maya 3045 //unsigned char key[24], iv[8];
346 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
347 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
348 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
349 yutakakn 2728
350     //debug_print(50, key, 24);
351     //debug_print(51, iv, 8);
352     //debug_print(52, buf, bytes);
353     //debug_print(53, newbuf, bytes);
354    
355     memcpy(buf, newbuf, bytes);
356     }
357    
358 maya 3043 error:
359 yutakakn 2728 free(newbuf);
360     }
361    
362     static void c3DES_CBC_decrypt(PTInstVar pvar, unsigned char FAR * buf,
363 maya 3003 int bytes)
364 yutakakn 2728 {
365     unsigned char *newbuf = malloc(bytes);
366 maya 3046 int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
367 yutakakn 2728
368 maya 3046 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
369     if (bytes == 0)
370 yutakapon 3118 goto error;
371 maya 3046
372 yutakakn 2728 if (newbuf == NULL)
373     return;
374    
375 maya 3046 if (bytes % block_size) {
376     char tmp[80];
377     UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR1", pvar,
378     "3DES-CBC decrypt error(1): bytes %d (%d)");
379     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
380     notify_fatal_error(pvar, tmp);
381     goto error;
382     }
383    
384 yutakakn 2728 if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
385 maya 3046 UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR2", pvar,
386     "3DES-CBC decrypt error(2)");
387 maya 3043 notify_fatal_error(pvar, pvar->ts->UIMsg);
388     goto error;
389 yutakakn 2728
390     } else {
391 maya 3045 //unsigned char key[24], iv[8];
392 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
393 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
394 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
395 yutakakn 2728
396     //debug_print(70, key, 24);
397     //debug_print(71, iv, 8);
398     //debug_print(72, buf, bytes);
399     //debug_print(73, newbuf, bytes);
400    
401     memcpy(buf, newbuf, bytes);
402     }
403    
404 maya 3043 error:
405 yutakakn 2728 free(newbuf);
406     }
407    
408    
409 maya 3045 static void cBlowfish_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
410     int bytes)
411     {
412     unsigned char *newbuf = malloc(bytes);
413     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
414    
415     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
416     if (bytes == 0)
417 yutakapon 3118 goto error;
418 maya 3045
419     if (newbuf == NULL)
420     return;
421    
422 maya 3046 if (bytes % block_size) {
423     char tmp[80];
424     UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR1", pvar,
425     "Blowfish encrypt error(1): bytes %d (%d)");
426     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
427     pvar->ts->UIMsg, bytes, block_size);
428     notify_fatal_error(pvar, tmp);
429     goto error;
430     }
431    
432 maya 3045 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
433 maya 3046 UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR2", pvar,
434     "Blowfish encrypt error(2)");
435 maya 3045 notify_fatal_error(pvar, pvar->ts->UIMsg);
436     goto error;
437    
438     } else {
439     memcpy(buf, newbuf, bytes);
440    
441     }
442    
443     error:
444     free(newbuf);
445     }
446    
447     static void cBlowfish_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
448     int bytes)
449     {
450     unsigned char *newbuf = malloc(bytes);
451     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
452    
453     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
454     if (bytes == 0)
455 yutakapon 3118 goto error;
456 maya 3045
457     if (newbuf == NULL)
458     return;
459    
460 maya 3046 if (bytes % block_size) {
461     char tmp[80];
462     UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR1", pvar,
463     "Blowfish decrypt error(1): bytes %d (%d)");
464     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
465     notify_fatal_error(pvar, tmp);
466     goto error;
467     }
468    
469 maya 3045 if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
470 maya 3046 UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR2", pvar,
471     "Blowfish decrypt error(2)");
472 maya 3045 notify_fatal_error(pvar, pvar->ts->UIMsg);
473     goto error;
474    
475     } else {
476     memcpy(buf, newbuf, bytes);
477    
478     }
479    
480     error:
481     free(newbuf);
482     }
483    
484 doda 3168 static void cArcfour_encrypt(PTInstVar pvar, unsigned char FAR * buf,
485     int bytes)
486     {
487     unsigned char *newbuf = malloc(bytes);
488     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
489 maya 3045
490 doda 3168 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
491     if (bytes == 0)
492     goto error;
493 maya 3045
494 doda 3168 if (newbuf == NULL)
495     return;
496    
497     if (bytes % block_size) {
498     char tmp[80];
499     UTIL_get_lang_msg("MSG_ARCFOUR_ENCRYPT_ERROR1", pvar,
500     "Arcfour encrypt error(1): bytes %d (%d)");
501     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
502     pvar->ts->UIMsg, bytes, block_size);
503     notify_fatal_error(pvar, tmp);
504     goto error;
505     }
506    
507     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
508     UTIL_get_lang_msg("MSG_ARCFOUR_ENCRYPT_ERROR2", pvar,
509     "Arcfour encrypt error(2)");
510     notify_fatal_error(pvar, pvar->ts->UIMsg);
511     goto error;
512    
513     } else {
514     memcpy(buf, newbuf, bytes);
515    
516     }
517    
518     error:
519     free(newbuf);
520     }
521    
522     static void cArcfour_decrypt(PTInstVar pvar, unsigned char FAR * buf,
523     int bytes)
524     {
525     unsigned char *newbuf = malloc(bytes);
526     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
527    
528     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
529     if (bytes == 0)
530     goto error;
531    
532     if (newbuf == NULL)
533     return;
534    
535     if (bytes % block_size) {
536     char tmp[80];
537     UTIL_get_lang_msg("MSG_ARCFOUR_DECRYPT_ERROR1", pvar,
538     "Arcfour decrypt error(1): bytes %d (%d)");
539     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
540     notify_fatal_error(pvar, tmp);
541     goto error;
542     }
543    
544     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
545     UTIL_get_lang_msg("MSG_ARCFOUR_DECRYPT_ERROR2", pvar,
546     "Arcfour decrypt error(2)");
547     notify_fatal_error(pvar, pvar->ts->UIMsg);
548     goto error;
549    
550     } else {
551     memcpy(buf, newbuf, bytes);
552    
553     }
554    
555     error:
556     free(newbuf);
557     }
558    
559    
560    
561 yutakakn 2728 static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
562 maya 3003 int bytes)
563 yutakakn 2728 {
564     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
565    
566     DES_ncbc_encrypt(buf, buf, bytes,
567 maya 3003 &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
568 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
569 maya 3003 &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
570 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
571 maya 3003 &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
572 yutakakn 2728 }
573    
574     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
575 maya 3003 int bytes)
576 yutakakn 2728 {
577     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
578    
579     DES_ncbc_encrypt(buf, buf, bytes,
580 maya 3003 &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
581 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
582 maya 3003 &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
583 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
584 maya 3003 &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
585 yutakakn 2728 }
586    
587     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
588     int bytes)
589     {
590     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
591    
592     DES_ncbc_encrypt(buf, buf, bytes,
593 maya 3003 &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
594 yutakakn 2728 }
595    
596     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
597     int bytes)
598     {
599     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
600    
601     DES_ncbc_encrypt(buf, buf, bytes,
602 maya 3003 &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
603 yutakakn 2728 }
604    
605     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
606 maya 3003 int bytes)
607 yutakakn 2728 {
608     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
609     int num = 0;
610    
611     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
612 maya 3003 encryptstate->ivec, &num, IDEA_ENCRYPT);
613 yutakakn 2728 }
614    
615     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
616 maya 3003 int bytes)
617 yutakakn 2728 {
618     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
619     int num = 0;
620    
621     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
622 maya 3003 decryptstate->ivec, &num, IDEA_DECRYPT);
623 yutakakn 2728 }
624    
625     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
626     {
627     uint32 FAR *buf = (uint32 FAR *) cbuf;
628     int count = bytes / 4;
629    
630     while (count > 0) {
631     uint32 w = *buf;
632    
633     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
634 maya 3003 | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
635 yutakakn 2728 count--;
636     buf++;
637     }
638     }
639    
640     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
641 maya 3003 int bytes)
642 yutakakn 2728 {
643     CipherBlowfishState FAR *encryptstate =
644     &pvar->crypt_state.enc.cBlowfish;
645    
646     flip_endianness(buf, bytes);
647     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
648 maya 3003 BF_ENCRYPT);
649 yutakakn 2728 flip_endianness(buf, bytes);
650     }
651    
652     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
653 maya 3003 int bytes)
654 yutakakn 2728 {
655     CipherBlowfishState FAR *decryptstate =
656     &pvar->crypt_state.dec.cBlowfish;
657    
658     flip_endianness(buf, bytes);
659     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
660 maya 3003 BF_DECRYPT);
661 yutakakn 2728 flip_endianness(buf, bytes);
662     }
663    
664     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
665 maya 3003 int bytes)
666 yutakakn 2728 {
667     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
668     int num = 0;
669    
670     RC4(&encryptstate->k, bytes, buf, buf);
671     }
672    
673     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
674 maya 3003 int bytes)
675 yutakakn 2728 {
676     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
677     int num = 0;
678    
679     RC4(&decryptstate->k, bytes, buf, buf);
680     }
681    
682     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
683 maya 3003 int bytes)
684 yutakakn 2728 {
685     RAND_bytes(buf, bytes);
686     }
687    
688     void CRYPT_initialize_random_numbers(PTInstVar pvar)
689     {
690     RAND_screen();
691     }
692    
693     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
694     {
695     int bits = get_ushort16_MSBfirst(bytes);
696    
697     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
698     }
699    
700 yutakakn 2857 // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
701     RSA FAR *make_key(PTInstVar pvar,
702 maya 3003 int bits, unsigned char FAR * exp,
703     unsigned char FAR * mod)
704 yutakakn 2728 {
705     RSA FAR *key = RSA_new();
706    
707     if (key != NULL) {
708     key->e = get_bignum(exp);
709     key->n = get_bignum(mod);
710     }
711    
712     if (key == NULL || key->e == NULL || key->n == NULL) {
713 maya 2994 UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
714 maya 3003 "Error setting up RSA keys");
715 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
716 yutakakn 2728
717     if (key != NULL) {
718     if (key->e != NULL) {
719     BN_free(key->e);
720     }
721     if (key->n != NULL) {
722     BN_free(key->n);
723     }
724     RSA_free(key);
725     }
726    
727     return NULL;
728     } else {
729     return key;
730     }
731     }
732    
733     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
734     {
735     if (SSHv1(pvar)) {
736     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
737     } else {
738     memcpy(pvar->crypt_state.server_cookie, cookie,
739 maya 3003 SSH2_COOKIE_LENGTH);
740 yutakakn 2728 }
741     }
742    
743     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
744     {
745     if (SSHv2(pvar)) {
746     memcpy(pvar->crypt_state.client_cookie, cookie,
747 maya 3003 SSH2_COOKIE_LENGTH);
748 yutakakn 2728 }
749     }
750    
751     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
752 maya 3003 int bits, unsigned char FAR * exp,
753     unsigned char FAR * mod)
754 yutakakn 2728 {
755     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
756    
757     return pvar->crypt_state.server_key.RSA_key != NULL;
758     }
759    
760     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
761 maya 3003 int bits, unsigned char FAR * exp,
762     unsigned char FAR * mod)
763 yutakakn 2728 {
764     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
765    
766     return pvar->crypt_state.host_key.RSA_key != NULL;
767     }
768    
769     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
770 maya 3003 int receiver_ciphers)
771 yutakakn 2728 {
772     int cipher_mask;
773    
774     if (SSHv1(pvar)) {
775     cipher_mask = (1 << SSH_CIPHER_DES)
776 maya 3003 | (1 << SSH_CIPHER_3DES)
777     | (1 << SSH_CIPHER_BLOWFISH);
778 yutakakn 2728
779     } else { // for SSH2(yutaka)
780     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
781 maya 3045 cipher_mask = (1 << SSH2_CIPHER_3DES_CBC)
782 maya 3157 | (1 << SSH2_CIPHER_AES128_CBC)
783 maya 3159 | (1 << SSH2_CIPHER_AES192_CBC)
784     | (1 << SSH2_CIPHER_AES256_CBC)
785 maya 3157 | (1 << SSH2_CIPHER_BLOWFISH_CBC)
786 maya 3159 | (1 << SSH2_CIPHER_AES128_CTR)
787     | (1 << SSH2_CIPHER_AES192_CTR)
788 doda 3168 | (1 << SSH2_CIPHER_AES256_CTR)
789 doda 3169 | (1 << SSH2_CIPHER_ARCFOUR)
790     | (1 << SSH2_CIPHER_ARCFOUR128)
791     | (1 << SSH2_CIPHER_ARCFOUR256);
792 yutakakn 2728 }
793    
794     sender_ciphers &= cipher_mask;
795     receiver_ciphers &= cipher_mask;
796     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
797     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
798    
799     if (sender_ciphers == 0) {
800 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
801 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
802     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
803     "The connection will be closed.");
804 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
805 yutakakn 2728 return FALSE;
806     } else if (receiver_ciphers == 0) {
807 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
808 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
809     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
810     "The connection will be closed.");
811 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
812 yutakakn 2728 return FALSE;
813     } else {
814     return TRUE;
815     }
816     }
817    
818     int CRYPT_get_decryption_block_size(PTInstVar pvar)
819     {
820     if (SSHv1(pvar)) {
821     return 8;
822     } else {
823     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
824     // cf. 3DES=8, AES128=16
825     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
826     }
827     }
828    
829     int CRYPT_get_encryption_block_size(PTInstVar pvar)
830     {
831     if (SSHv1(pvar)) {
832     return 8;
833     } else {
834     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
835     // cf. 3DES=8, AES128=16
836     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
837     }
838     }
839    
840     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
841     {
842     struct Mac *mac;
843    
844     if (SSHv1(pvar)) {
845     return 0;
846    
847     } else { // for SSH2(yutaka)
848     mac = &pvar->ssh2_keys[MODE_IN].mac;
849     if (mac == NULL || mac->enabled == 0)
850     return 0;
851    
852     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
853     }
854    
855     }
856    
857 yutakakn 2757 // HMAC������
858     // ���{������ SSH2 �������g�p�������B
859     // (2004.12.17 yutaka)
860 yutakakn 2728 BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
861 maya 3003 char FAR * data, int len, char FAR * MAC)
862 yutakakn 2728 {
863 maya 3003 HMAC_CTX c;
864     unsigned char m[EVP_MAX_MD_SIZE];
865     unsigned char b[4];
866 yutakakn 2757 struct Mac *mac;
867    
868     mac = &pvar->ssh2_keys[MODE_IN].mac;
869    
870     // HMAC�������L���������������A����OK�����������B
871     if (mac == NULL || mac->enabled == 0)
872     return TRUE;
873    
874 maya 3003 if (mac->key == NULL)
875 yutakakn 2757 goto error;
876    
877 maya 3003 if ((u_int)mac->mac_len > sizeof(m))
878 yutakakn 2757 goto error;
879    
880 maya 3003 HMAC_Init(&c, mac->key, mac->key_len, mac->md);
881     set_uint32_MSBfirst(b, sequence_number);
882     HMAC_Update(&c, b, sizeof(b));
883     HMAC_Update(&c, data, len);
884     HMAC_Final(&c, m, NULL);
885     HMAC_cleanup(&c);
886 yutakakn 2757
887     if (memcmp(m, MAC, mac->mac_len)) {
888     goto error;
889     }
890    
891 yutakakn 2728 return TRUE;
892 yutakakn 2757
893     error:
894     return FALSE;
895 yutakakn 2728 }
896    
897     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
898     {
899     struct Mac *mac;
900    
901     if (SSHv2(pvar)) { // for SSH2(yutaka)
902     mac = &pvar->ssh2_keys[MODE_OUT].mac;
903     if (mac == NULL || mac->enabled == 0)
904     return 0;
905    
906     return (mac->mac_len);
907     }
908    
909     return 0;
910     }
911    
912     // for SSH2
913     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
914 maya 3003 char FAR * data, int len, char FAR * MAC)
915 yutakakn 2728 {
916 maya 3003 HMAC_CTX c;
917     static u_char m[EVP_MAX_MD_SIZE];
918 yutakakn 2728 u_char b[4];
919     struct Mac *mac;
920    
921     if (SSHv2(pvar)) { // for SSH2(yutaka)
922     mac = &pvar->ssh2_keys[MODE_OUT].mac;
923     if (mac == NULL || mac->enabled == 0)
924     return FALSE;
925 maya 3003
926     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
927 yutakakn 2728 set_uint32_MSBfirst(b, sequence_number);
928     HMAC_Update(&c, b, sizeof(b));
929     HMAC_Update(&c, data, len);
930     HMAC_Final(&c, m, NULL);
931     HMAC_cleanup(&c);
932    
933     // 20�o�C�g�������R�s�[
934     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
935     // memcpy(MAC, m, sizeof(m));
936    
937     return TRUE;
938     }
939    
940     return TRUE;
941    
942     }
943    
944     static int choose_cipher(PTInstVar pvar, int supported)
945     {
946     int i;
947    
948     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
949     int cipher = pvar->session_settings.CipherOrder[i] - '0';
950    
951     if (cipher == SSH_CIPHER_NONE) {
952     break;
953     } else if ((supported & (1 << cipher)) != 0) {
954     return cipher;
955     }
956     }
957    
958     return SSH_CIPHER_NONE;
959     }
960    
961     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
962     {
963     if (SSHv1(pvar)) {
964     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
965 maya 3003 pvar->crypt_state.
966     supported_sender_ciphers);
967 yutakakn 2728 pvar->crypt_state.receiver_cipher =
968     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
969    
970     } else { // SSH2(yutaka)
971     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
972     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
973    
974     }
975    
976     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
977     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
978 maya 2994 UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
979 maya 3003 "All the encryption algorithms that this program and the server both understand have been disabled.\n"
980     "To communicate with this server, you will have to enable some more ciphers\n"
981 doda 3134 "in the TTSSH Setup dialog box when you run Tera Term again.\n"
982 maya 3003 "This connection will now close.");
983 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
984 yutakakn 2728 return FALSE;
985     } else {
986     return TRUE;
987     }
988     }
989    
990     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
991     {
992     int server_key_bits =
993     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
994     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
995     int server_key_bytes = (server_key_bits + 7) / 8;
996     int host_key_bytes = (host_key_bits + 7) / 8;
997    
998     if (server_key_bits < host_key_bits) {
999     return host_key_bytes;
1000     } else {
1001     return server_key_bytes;
1002     }
1003     }
1004    
1005     int CRYPT_choose_session_key(PTInstVar pvar,
1006 maya 3003 unsigned char FAR * encrypted_key_buf)
1007 yutakakn 2728 {
1008     int server_key_bits =
1009     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1010     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1011     int server_key_bytes = (server_key_bits + 7) / 8;
1012     int host_key_bytes = (host_key_bits + 7) / 8;
1013     int encrypted_key_bytes;
1014     int bit_delta;
1015    
1016     if (server_key_bits < host_key_bits) {
1017     encrypted_key_bytes = host_key_bytes;
1018     bit_delta = host_key_bits - server_key_bits;
1019     } else {
1020     encrypted_key_bytes = server_key_bytes;
1021     bit_delta = server_key_bits - host_key_bits;
1022     }
1023    
1024     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
1025 maya 2994 UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
1026 maya 3003 "Server RSA keys are too weak. A secure connection cannot be established.");
1027 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1028 yutakakn 2728 return 0;
1029     } else {
1030     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
1031     for the session ID, rather than the one specified in the RFC */
1032     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1033     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1034     char session_id[16];
1035     int i;
1036    
1037     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1038     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1039 maya 3003 session_buf + host_key_bytes);
1040 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
1041 maya 3003 pvar->crypt_state.server_cookie, 8);
1042 yutakakn 2728 MD5(session_buf, session_buf_len, session_id);
1043    
1044     free(session_buf);
1045    
1046     RAND_bytes(pvar->crypt_state.sender_cipher_key,
1047 maya 3003 SSH_SESSION_KEY_LENGTH);
1048 yutakakn 2728 memcpy(pvar->crypt_state.receiver_cipher_key,
1049 maya 3003 pvar->crypt_state.sender_cipher_key,
1050     SSH_SESSION_KEY_LENGTH);
1051 yutakakn 2728
1052     memcpy(encrypted_key_buf + encrypted_key_bytes -
1053 maya 3003 SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
1054     SSH_SESSION_KEY_LENGTH);
1055 yutakakn 2728 for (i = 0; i < sizeof(session_id); i++) {
1056     encrypted_key_buf[encrypted_key_bytes -
1057 maya 3003 SSH_SESSION_KEY_LENGTH + i]
1058 yutakakn 2728 ^= session_id[i];
1059     }
1060    
1061     if (host_key_bits > server_key_bits) {
1062     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1063 maya 3003 encrypted_key_buf +
1064     encrypted_key_bytes -
1065     SSH_SESSION_KEY_LENGTH,
1066     encrypted_key_buf +
1067     encrypted_key_bytes - server_key_bytes,
1068     pvar->crypt_state.server_key.RSA_key,
1069     RSA_PKCS1_PADDING) < 0)
1070 yutakakn 2728 return 0;
1071    
1072     if (RSA_public_encrypt(server_key_bytes,
1073 maya 3003 encrypted_key_buf +
1074     encrypted_key_bytes - server_key_bytes,
1075     encrypted_key_buf,
1076     pvar->crypt_state.host_key.RSA_key,
1077     RSA_PKCS1_PADDING) < 0)
1078 yutakakn 2728 return 0;
1079     } else {
1080     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1081 maya 3003 encrypted_key_buf +
1082     encrypted_key_bytes -
1083     SSH_SESSION_KEY_LENGTH,
1084     encrypted_key_buf +
1085     encrypted_key_bytes - host_key_bytes,
1086     pvar->crypt_state.host_key.RSA_key,
1087     RSA_PKCS1_PADDING) < 0)
1088 yutakakn 2728 return 0;
1089    
1090     if (RSA_public_encrypt(host_key_bytes,
1091 maya 3003 encrypted_key_buf +
1092     encrypted_key_bytes - host_key_bytes,
1093     encrypted_key_buf,
1094     pvar->crypt_state.server_key.RSA_key,
1095     RSA_PKCS1_PADDING) < 0)
1096 yutakakn 2728 return 0;
1097     }
1098     }
1099    
1100     return 1;
1101     }
1102    
1103     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
1104 maya 3003 unsigned char FAR * challenge,
1105     int challenge_len,
1106     unsigned char FAR * response)
1107 yutakakn 2728 {
1108     int server_key_bits =
1109     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1110     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1111     int server_key_bytes = (server_key_bits + 7) / 8;
1112     int host_key_bytes = (host_key_bits + 7) / 8;
1113     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1114     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1115     char decrypted_challenge[48];
1116     int decrypted_challenge_len;
1117    
1118     decrypted_challenge_len =
1119     RSA_private_decrypt(challenge_len, challenge, challenge,
1120 maya 3003 AUTH_get_cur_cred(pvar)->key_pair->RSA_key,
1121     RSA_PKCS1_PADDING);
1122 yutakakn 2728 if (decrypted_challenge_len < 0) {
1123     free(session_buf);
1124     return 0;
1125     }
1126     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
1127     memcpy(decrypted_challenge,
1128 maya 3003 challenge + decrypted_challenge_len -
1129     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
1130 yutakakn 2728 } else {
1131     memset(decrypted_challenge, 0,
1132 maya 3003 SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
1133 yutakakn 2728 memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
1134 maya 3003 decrypted_challenge_len, challenge,
1135     decrypted_challenge_len);
1136 yutakakn 2728 }
1137    
1138     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1139     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1140 maya 3003 session_buf + host_key_bytes);
1141 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
1142 maya 3003 pvar->crypt_state.server_cookie, 8);
1143 yutakakn 2728 MD5(session_buf, session_buf_len, decrypted_challenge + 32);
1144    
1145     free(session_buf);
1146    
1147     MD5(decrypted_challenge, 48, response);
1148    
1149     return 1;
1150     }
1151    
1152     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1153     {
1154     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1155     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1156     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1157     memset(state->ivec1, 0, 8);
1158     memset(state->ivec2, 0, 8);
1159     memset(state->ivec3, 0, 8);
1160     }
1161    
1162     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1163     {
1164     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1165     memset(state->ivec, 0, 8);
1166     }
1167    
1168     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1169     {
1170     idea_set_encrypt_key(session_key, &state->k);
1171     memset(state->ivec, 0, 8);
1172     }
1173    
1174     static void cBlowfish_init(char FAR * session_key,
1175 maya 3003 CipherBlowfishState FAR * state)
1176 yutakakn 2728 {
1177     BF_set_key(&state->k, 32, session_key);
1178     memset(state->ivec, 0, 8);
1179     }
1180    
1181    
1182     //
1183     // SSH2�p�A���S���Y����������
1184     //
1185     // for SSH2(yutaka)
1186     //
1187 maya 3003 void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1188     const u_char *key, u_int keylen,
1189     const u_char *iv, u_int ivlen,
1190     int encrypt,
1191 maya 3093 const EVP_CIPHER *type,
1192 doda 3169 int discard_len,
1193 maya 3043 PTInstVar pvar)
1194 yutakakn 2728 {
1195     int klen;
1196 maya 3043 char tmp[80];
1197 doda 3169 unsigned char *junk = NULL, *discard = NULL;
1198 yutakakn 2728
1199     EVP_CIPHER_CTX_init(evp);
1200     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1201 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1202     "Cipher initialize error(%d)");
1203     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1204     notify_fatal_error(pvar, tmp);
1205     return;
1206 yutakakn 2728 }
1207    
1208     klen = EVP_CIPHER_CTX_key_length(evp);
1209     if (klen > 0 && keylen != klen) {
1210     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1211 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1212     "Cipher initialize error(%d)");
1213     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1214     notify_fatal_error(pvar, tmp);
1215     return;
1216 yutakakn 2728 }
1217     }
1218     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1219 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1220     "Cipher initialize error(%d)");
1221     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1222     notify_fatal_error(pvar, tmp);
1223     return;
1224 yutakakn 2728 }
1225 doda 3169
1226     if (discard_len > 0) {
1227     junk = malloc(discard_len);
1228     discard = malloc(discard_len);
1229     if (junk == NULL || discard == NULL ||
1230     EVP_Cipher(evp, discard, junk, discard_len) == 0) {
1231     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1232     "Cipher initialize error(%d)");
1233     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
1234     pvar->ts->UIMsg, 3);
1235     notify_fatal_error(pvar, tmp);
1236     }
1237     else {
1238     memset(discard, 0, discard_len);
1239     }
1240     free(junk);
1241     free(discard);
1242     }
1243 yutakakn 2728 }
1244    
1245    
1246     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1247     {
1248     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1249     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1250     BOOL isOK = TRUE;
1251    
1252     if (sender_flag) {
1253     switch (pvar->crypt_state.sender_cipher) {
1254     // for SSH2(yutaka)
1255 maya 3045 case SSH2_CIPHER_3DES_CBC:
1256 yutakakn 2728 {
1257     struct Enc *enc;
1258    
1259     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1260 maya 3003 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1261 maya 3036 enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1262     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1263 maya 3003 CIPHER_ENCRYPT,
1264 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1265 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1266 maya 3043 pvar);
1267 yutakakn 2728
1268 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1269     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1270 yutakakn 2728
1271     pvar->crypt_state.encrypt = c3DES_CBC_encrypt;
1272     break;
1273     }
1274    
1275     // for SSH2(yutaka)
1276 maya 3157 case SSH2_CIPHER_AES128_CBC:
1277     case SSH2_CIPHER_AES192_CBC:
1278     case SSH2_CIPHER_AES256_CBC:
1279 maya 3159 case SSH2_CIPHER_AES128_CTR:
1280     case SSH2_CIPHER_AES192_CTR:
1281     case SSH2_CIPHER_AES256_CTR:
1282 yutakakn 2728 {
1283     struct Enc *enc;
1284    
1285     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1286 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1287     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1288     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1289 maya 3003 CIPHER_ENCRYPT,
1290 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1291 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1292 maya 3043 pvar);
1293 yutakakn 2728
1294 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1295     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1296 yutakakn 2728
1297     pvar->crypt_state.encrypt = cAES128_encrypt;
1298     break;
1299     }
1300    
1301 maya 3157 case SSH2_CIPHER_BLOWFISH_CBC:
1302 maya 3045 {
1303     struct Enc *enc;
1304    
1305     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1306     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1307     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1308     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1309     CIPHER_ENCRYPT,
1310     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1311 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1312 maya 3045 pvar);
1313    
1314     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1315     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1316    
1317     pvar->crypt_state.encrypt = cBlowfish_encrypt2;
1318     break;
1319     }
1320    
1321 doda 3168 case SSH2_CIPHER_ARCFOUR:
1322 doda 3169 case SSH2_CIPHER_ARCFOUR128:
1323     case SSH2_CIPHER_ARCFOUR256:
1324 doda 3168 {
1325     struct Enc *enc;
1326    
1327     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1328     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1329     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1330     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1331     CIPHER_ENCRYPT,
1332     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1333 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1334 doda 3168 pvar);
1335     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1336     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1337    
1338     pvar->crypt_state.encrypt = cArcfour_encrypt;
1339     break;
1340     }
1341    
1342 yutakakn 2728 case SSH_CIPHER_3DES:{
1343     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1344     pvar->crypt_state.encrypt = c3DES_encrypt;
1345     break;
1346     }
1347     case SSH_CIPHER_IDEA:{
1348     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1349     pvar->crypt_state.encrypt = cIDEA_encrypt;
1350     break;
1351     }
1352     case SSH_CIPHER_DES:{
1353     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1354     pvar->crypt_state.encrypt = cDES_encrypt;
1355     break;
1356     }
1357     case SSH_CIPHER_RC4:{
1358     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1359     encryption_key + 16);
1360     pvar->crypt_state.encrypt = cRC4_encrypt;
1361     break;
1362     }
1363     case SSH_CIPHER_BLOWFISH:{
1364     cBlowfish_init(encryption_key,
1365 maya 3003 &pvar->crypt_state.enc.cBlowfish);
1366 yutakakn 2728 pvar->crypt_state.encrypt = cBlowfish_encrypt;
1367     break;
1368     }
1369     default:
1370     isOK = FALSE;
1371     }
1372     }
1373    
1374    
1375     if (receiver_flag) {
1376     switch (pvar->crypt_state.receiver_cipher) {
1377     // for SSH2(yutaka)
1378 maya 3045 case SSH2_CIPHER_3DES_CBC:
1379 yutakakn 2728 {
1380     struct Enc *enc;
1381    
1382     enc = &pvar->ssh2_keys[MODE_IN].enc;
1383 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1384     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1385     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1386 maya 3003 CIPHER_DECRYPT,
1387 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1388 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1389 maya 3043 pvar);
1390 yutakakn 2728
1391 maya 3045 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1392     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1393 yutakakn 2728
1394     pvar->crypt_state.decrypt = c3DES_CBC_decrypt;
1395     break;
1396     }
1397    
1398     // for SSH2(yutaka)
1399 maya 3157 case SSH2_CIPHER_AES128_CBC:
1400     case SSH2_CIPHER_AES192_CBC:
1401     case SSH2_CIPHER_AES256_CBC:
1402 maya 3159 case SSH2_CIPHER_AES128_CTR:
1403     case SSH2_CIPHER_AES192_CTR:
1404     case SSH2_CIPHER_AES256_CTR:
1405 yutakakn 2728 {
1406     struct Enc *enc;
1407    
1408     enc = &pvar->ssh2_keys[MODE_IN].enc;
1409 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1410     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1411     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1412 maya 3003 CIPHER_DECRYPT,
1413 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1414 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1415 maya 3043 pvar);
1416 yutakakn 2728
1417 maya 3045 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1418     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1419 yutakakn 2728
1420     pvar->crypt_state.decrypt = cAES128_decrypt;
1421     break;
1422     }
1423    
1424 maya 3157 case SSH2_CIPHER_BLOWFISH_CBC:
1425 maya 3045 {
1426     struct Enc *enc;
1427    
1428     enc = &pvar->ssh2_keys[MODE_IN].enc;
1429     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1430     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1431     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1432     CIPHER_DECRYPT,
1433     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1434 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1435 maya 3045 pvar);
1436    
1437     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1438     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1439    
1440     pvar->crypt_state.decrypt = cBlowfish_decrypt2;
1441     break;
1442     }
1443    
1444 doda 3168 case SSH2_CIPHER_ARCFOUR:
1445 doda 3169 case SSH2_CIPHER_ARCFOUR128:
1446     case SSH2_CIPHER_ARCFOUR256:
1447 doda 3168 {
1448     struct Enc *enc;
1449    
1450     enc = &pvar->ssh2_keys[MODE_IN].enc;
1451     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1452     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1453     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1454     CIPHER_DECRYPT,
1455     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1456 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1457 doda 3168 pvar);
1458    
1459     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1460     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1461    
1462     pvar->crypt_state.decrypt = cArcfour_decrypt;
1463     break;
1464     }
1465    
1466 yutakakn 2728 case SSH_CIPHER_3DES:{
1467     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1468     pvar->crypt_state.decrypt = c3DES_decrypt;
1469     break;
1470     }
1471     case SSH_CIPHER_IDEA:{
1472     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1473     pvar->crypt_state.decrypt = cIDEA_decrypt;
1474     break;
1475     }
1476     case SSH_CIPHER_DES:{
1477     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1478     pvar->crypt_state.decrypt = cDES_decrypt;
1479     break;
1480     }
1481     case SSH_CIPHER_RC4:{
1482     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1483     pvar->crypt_state.decrypt = cRC4_decrypt;
1484     break;
1485     }
1486     case SSH_CIPHER_BLOWFISH:{
1487     cBlowfish_init(decryption_key,
1488 maya 3003 &pvar->crypt_state.dec.cBlowfish);
1489 yutakakn 2728 pvar->crypt_state.decrypt = cBlowfish_decrypt;
1490     break;
1491     }
1492     default:
1493     isOK = FALSE;
1494     }
1495     }
1496    
1497    
1498     if (!isOK) {
1499 maya 2994 UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1500 maya 3003 "No cipher selected!");
1501 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1502 yutakakn 2728 return FALSE;
1503     } else {
1504     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1505     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1506     return TRUE;
1507     }
1508     }
1509    
1510     void CRYPT_init(PTInstVar pvar)
1511     {
1512     pvar->crypt_state.encrypt = no_encrypt;
1513     pvar->crypt_state.decrypt = no_encrypt;
1514     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1515     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1516     pvar->crypt_state.server_key.RSA_key = NULL;
1517     pvar->crypt_state.host_key.RSA_key = NULL;
1518    
1519     pvar->crypt_state.detect_attack_statics.h = NULL;
1520     pvar->crypt_state.detect_attack_statics.n =
1521     HASH_MINSIZE / HASH_ENTRYSIZE;
1522     }
1523    
1524     static char FAR *get_cipher_name(int cipher)
1525     {
1526     switch (cipher) {
1527     case SSH_CIPHER_NONE:
1528     return "None";
1529     case SSH_CIPHER_3DES:
1530     return "3DES (168 key bits)";
1531     case SSH_CIPHER_DES:
1532     return "DES (56 key bits)";
1533     case SSH_CIPHER_IDEA:
1534     return "IDEA (128 key bits)";
1535     case SSH_CIPHER_RC4:
1536     return "RC4 (128 key bits)";
1537     case SSH_CIPHER_BLOWFISH:
1538     return "Blowfish (256 key bits)";
1539    
1540     // SSH2
1541 maya 3045 case SSH2_CIPHER_3DES_CBC:
1542 yutakakn 2728 return "3DES-CBC";
1543 maya 3157 case SSH2_CIPHER_AES128_CBC:
1544     return "AES128-CBC";
1545     case SSH2_CIPHER_AES192_CBC:
1546     return "AES192-CBC";
1547     case SSH2_CIPHER_AES256_CBC:
1548     return "AES256-CBC";
1549     case SSH2_CIPHER_BLOWFISH_CBC:
1550     return "Blowfish-CBC";
1551 maya 3159 case SSH2_CIPHER_AES128_CTR:
1552     return "AES128-CTR";
1553     case SSH2_CIPHER_AES192_CTR:
1554     return "AES192-CTR";
1555     case SSH2_CIPHER_AES256_CTR:
1556     return "AES256-CTR";
1557 doda 3168 case SSH2_CIPHER_ARCFOUR:
1558 doda 3169 return "Arcfour";
1559     case SSH2_CIPHER_ARCFOUR128:
1560     return "Arcfour128";
1561     case SSH2_CIPHER_ARCFOUR256:
1562     return "Arcfour256";
1563 yutakakn 2728
1564     default:
1565     return "Unknown";
1566     }
1567     }
1568    
1569     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1570     {
1571 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1572 maya 3003 "%s to server, %s from server");
1573 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1574 maya 3003 get_cipher_name(pvar->crypt_state.sender_cipher),
1575     get_cipher_name(pvar->crypt_state.receiver_cipher));
1576 yutakakn 2728 }
1577    
1578     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1579     {
1580     if (SSHv1(pvar)) {
1581     if (pvar->crypt_state.server_key.RSA_key == NULL
1582 maya 3003 || pvar->crypt_state.host_key.RSA_key == NULL) {
1583 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1584 maya 2992 strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1585 yutakakn 2728 } else {
1586 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1587 maya 3003 "%d-bit server key, %d-bit host key");
1588 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1589 maya 3003 BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1590     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1591 yutakakn 2728 }
1592     } else { // SSH2
1593 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1594 maya 3003 "%d-bit server key, %d-bit host key");
1595 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1596 maya 3003 pvar->server_key_bits,
1597     pvar->client_key_bits);
1598 yutakakn 2728 }
1599     }
1600    
1601     static void destroy_public_key(CRYPTPublicKey FAR * key)
1602     {
1603     if (key->RSA_key != NULL) {
1604     RSA_free(key->RSA_key);
1605     key->RSA_key = NULL;
1606     }
1607     }
1608    
1609     void CRYPT_free_public_key(CRYPTPublicKey FAR * key)
1610     {
1611     destroy_public_key(key);
1612     free(key);
1613     }
1614    
1615     void CRYPT_end(PTInstVar pvar)
1616     {
1617     destroy_public_key(&pvar->crypt_state.host_key);
1618     destroy_public_key(&pvar->crypt_state.server_key);
1619    
1620     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1621     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1622 maya 3003 pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1623 yutakakn 2728 free(pvar->crypt_state.detect_attack_statics.h);
1624     }
1625    
1626     memset(pvar->crypt_state.sender_cipher_key, 0,
1627 maya 3003 sizeof(pvar->crypt_state.sender_cipher_key));
1628 yutakakn 2728 memset(pvar->crypt_state.receiver_cipher_key, 0,
1629 maya 3003 sizeof(pvar->crypt_state.receiver_cipher_key));
1630 yutakakn 2728 memset(pvar->crypt_state.server_cookie, 0,
1631 maya 3003 sizeof(pvar->crypt_state.server_cookie));
1632 yutakakn 2728 memset(pvar->crypt_state.client_cookie, 0,
1633 maya 3003 sizeof(pvar->crypt_state.client_cookie));
1634 yutakakn 2728 memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1635     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1636     }
1637    
1638     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1639 maya 3003 char FAR * buf, int bytes)
1640 yutakakn 2728 {
1641     unsigned char passphrase_key[16];
1642    
1643     MD5(passphrase, strlen(passphrase), passphrase_key);
1644    
1645     switch (cipher) {
1646     case SSH_CIPHER_3DES:{
1647     Cipher3DESState state;
1648    
1649     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1650 maya 3003 &state.k1);
1651 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1652 maya 3003 &state.k2);
1653 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) passphrase_key,
1654 maya 3003 &state.k3);
1655 yutakakn 2728 memset(state.ivec1, 0, 8);
1656     memset(state.ivec2, 0, 8);
1657     memset(state.ivec3, 0, 8);
1658     DES_ncbc_encrypt(buf, buf, bytes,
1659 maya 3003 &state.k3, &state.ivec3, DES_DECRYPT);
1660 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1661 maya 3003 &state.k2, &state.ivec2, DES_ENCRYPT);
1662 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1663 maya 3003 &state.k1, &state.ivec1, DES_DECRYPT);
1664 yutakakn 2728 break;
1665     }
1666    
1667     case SSH_CIPHER_IDEA:{
1668     CipherIDEAState state;
1669     int num = 0;
1670    
1671     cIDEA_init(passphrase_key, &state);
1672     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1673 maya 3003 &num, IDEA_DECRYPT);
1674 yutakakn 2728 break;
1675     }
1676    
1677     case SSH_CIPHER_DES:{
1678     CipherDESState state;
1679    
1680     cDES_init(passphrase_key, &state);
1681     DES_ncbc_encrypt(buf, buf, bytes,
1682 maya 3003 &state.k, &state.ivec, DES_DECRYPT);
1683 yutakakn 2728 break;
1684     }
1685    
1686     case SSH_CIPHER_RC4:{
1687     CipherRC4State state;
1688     int num = 0;
1689    
1690     RC4_set_key(&state.k, 16, passphrase_key);
1691     RC4(&state.k, bytes, buf, buf);
1692     break;
1693     }
1694    
1695     case SSH_CIPHER_BLOWFISH:{
1696     CipherBlowfishState state;
1697    
1698     BF_set_key(&state.k, 16, passphrase_key);
1699     memset(state.ivec, 0, 8);
1700     flip_endianness(buf, bytes);
1701     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1702     BF_DECRYPT);
1703     flip_endianness(buf, bytes);
1704     break;
1705     }
1706    
1707     case SSH_CIPHER_NONE:
1708     break;
1709    
1710     default:
1711     memset(passphrase_key, 0, sizeof(passphrase_key));
1712     return 0;
1713     }
1714    
1715     memset(passphrase_key, 0, sizeof(passphrase_key));
1716     return 1;
1717     }
1718    
1719     void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair)
1720     {
1721 yutakakn 2762 if (key_pair->RSA_key != NULL)
1722     RSA_free(key_pair->RSA_key);
1723    
1724     if (key_pair->DSA_key != NULL)
1725     DSA_free(key_pair->DSA_key);
1726    
1727 yutakakn 2728 free(key_pair);
1728     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help