Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3172 - (hide annotations) (download) (as text)
Sun Nov 23 07:44:05 2008 UTC (15 years, 4 months ago) by doda
Original Path: ttssh2/trunk/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 54241 byte(s) 
文脈上、pvar->crytp_state.receiver_cipherを使うのが正しいと思われるので修正。 [Ttssh2-devel 1253]
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40 yutakakn 2831 #include <openssl/dsa.h>
41 yutakakn 2728 #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51 doda 3172 * $Id: crypt.c,v 1.28 2008-11-23 07:44:05 doda Exp $ Cryptographic attack
52 yutakakn 2728 * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87 maya 3003 uint32 len, unsigned char FAR * IV)
88 yutakakn 2728 {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116 maya 3003 unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118 yutakakn 2728 {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191 maya 3003 int bytes)
192 yutakakn 2728 {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199 maya 3003 buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202 yutakakn 2728 default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204 maya 3003 buf, bytes, NULL) == DEATTACK_DETECTED;
205 yutakakn 2728 }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217 maya 3039 // ���O�������������������������������AAES192, AES256 ����
218 maya 3036 // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219 yutakakn 2728 static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220 maya 3003 int bytes)
221 yutakakn 2728 {
222     unsigned char *newbuf = malloc(bytes);
223     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
224    
225     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
226     if (bytes == 0)
227 yutakapon 3118 goto error;
228 yutakakn 2728
229     if (newbuf == NULL)
230     return;
231    
232     if (bytes % block_size) {
233     char tmp[80];
234 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR1", pvar,
235 maya 3158 "AES128/192/256 encrypt error(1): bytes %d (%d)");
236 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
237 maya 3003 pvar->ts->UIMsg, bytes, block_size);
238 yutakakn 2728 notify_fatal_error(pvar, tmp);
239     goto error;
240     }
241    
242     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
243 maya 2994 UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR2", pvar,
244 maya 3158 "AES128/192/256 encrypt error(2)");
245 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
246 maya 3043 goto error;
247 yutakakn 2728
248     } else {
249 maya 3046 //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
250     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
251     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
252     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
253    
254     //debug_print(50, key, 24);
255     //debug_print(51, iv, 8);
256     //debug_print(52, buf, bytes);
257     //debug_print(53, newbuf, bytes);
258    
259 maya 3045 memcpy(buf, newbuf, bytes);
260 yutakakn 2728 }
261    
262     error:
263     free(newbuf);
264     }
265    
266     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
267 maya 3003 int bytes)
268 yutakakn 2728 {
269     unsigned char *newbuf = malloc(bytes);
270     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
271    
272     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
273     if (bytes == 0)
274 yutakapon 3118 goto error;
275 yutakakn 2728
276     if (newbuf == NULL)
277     return;
278    
279     if (bytes % block_size) {
280     char tmp[80];
281 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR1", pvar,
282 maya 3158 "AES128/192/256 decrypt error(1): bytes %d (%d)");
283 maya 2992 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
284 yutakakn 2728 notify_fatal_error(pvar, tmp);
285     goto error;
286     }
287    
288     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
289 maya 2994 UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR2", pvar,
290 maya 3158 "AES128/192/256 decrypt error(2)");
291 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
292 maya 3043 goto error;
293 yutakakn 2728
294     } else {
295 maya 3046 //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
296     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
297     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
298     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
299    
300     //debug_print(70, key, AES128_KEYLEN);
301     //debug_print(71, iv, AES128_IVLEN);
302     //debug_print(72, buf, bytes);
303     //debug_print(73, newbuf, bytes);
304    
305 maya 3045 memcpy(buf, newbuf, bytes);
306 yutakakn 2728 }
307    
308 maya 3043 error:
309 yutakakn 2728 free(newbuf);
310     }
311    
312    
313    
314     // for SSH2(yutaka)
315     static void c3DES_CBC_encrypt(PTInstVar pvar, unsigned char FAR * buf,
316 maya 3003 int bytes)
317 yutakakn 2728 {
318     unsigned char *newbuf = malloc(bytes);
319 maya 3046 int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
320 yutakakn 2728
321 maya 3046 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
322     if (bytes == 0)
323 yutakapon 3118 goto error;
324 maya 3046
325 yutakakn 2728 if (newbuf == NULL)
326     return;
327    
328 maya 3046 if (bytes % block_size) {
329     char tmp[80];
330     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR1", pvar,
331     "3DES-CBC encrypt error(1): bytes %d (%d)");
332     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
333     pvar->ts->UIMsg, bytes, block_size);
334     notify_fatal_error(pvar, tmp);
335     goto error;
336     }
337    
338 maya 3043 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
339 maya 3046 UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR2", pvar,
340     "3DES-CBC encrypt error(2)");
341 maya 3043 notify_fatal_error(pvar, pvar->ts->UIMsg);
342     goto error;
343 yutakakn 2728
344     } else {
345 maya 3045 //unsigned char key[24], iv[8];
346 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
347 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
348 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
349 yutakakn 2728
350     //debug_print(50, key, 24);
351     //debug_print(51, iv, 8);
352     //debug_print(52, buf, bytes);
353     //debug_print(53, newbuf, bytes);
354    
355     memcpy(buf, newbuf, bytes);
356     }
357    
358 maya 3043 error:
359 yutakakn 2728 free(newbuf);
360     }
361    
362     static void c3DES_CBC_decrypt(PTInstVar pvar, unsigned char FAR * buf,
363 maya 3003 int bytes)
364 yutakakn 2728 {
365     unsigned char *newbuf = malloc(bytes);
366 maya 3046 int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
367 yutakakn 2728
368 maya 3046 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
369     if (bytes == 0)
370 yutakapon 3118 goto error;
371 maya 3046
372 yutakakn 2728 if (newbuf == NULL)
373     return;
374    
375 maya 3046 if (bytes % block_size) {
376     char tmp[80];
377     UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR1", pvar,
378     "3DES-CBC decrypt error(1): bytes %d (%d)");
379     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
380     notify_fatal_error(pvar, tmp);
381     goto error;
382     }
383    
384 yutakakn 2728 if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
385 maya 3046 UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR2", pvar,
386     "3DES-CBC decrypt error(2)");
387 maya 3043 notify_fatal_error(pvar, pvar->ts->UIMsg);
388     goto error;
389 yutakakn 2728
390     } else {
391 maya 3045 //unsigned char key[24], iv[8];
392 maya 3043 //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
393 yutakakn 2728 // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
394 maya 3043 //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
395 yutakakn 2728
396     //debug_print(70, key, 24);
397     //debug_print(71, iv, 8);
398     //debug_print(72, buf, bytes);
399     //debug_print(73, newbuf, bytes);
400    
401     memcpy(buf, newbuf, bytes);
402     }
403    
404 maya 3043 error:
405 yutakakn 2728 free(newbuf);
406     }
407    
408    
409 maya 3045 static void cBlowfish_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
410     int bytes)
411     {
412     unsigned char *newbuf = malloc(bytes);
413     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
414    
415     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
416     if (bytes == 0)
417 yutakapon 3118 goto error;
418 maya 3045
419     if (newbuf == NULL)
420     return;
421    
422 maya 3046 if (bytes % block_size) {
423     char tmp[80];
424     UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR1", pvar,
425     "Blowfish encrypt error(1): bytes %d (%d)");
426     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
427     pvar->ts->UIMsg, bytes, block_size);
428     notify_fatal_error(pvar, tmp);
429     goto error;
430     }
431    
432 maya 3045 if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
433 maya 3046 UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR2", pvar,
434     "Blowfish encrypt error(2)");
435 maya 3045 notify_fatal_error(pvar, pvar->ts->UIMsg);
436     goto error;
437    
438     } else {
439     memcpy(buf, newbuf, bytes);
440    
441     }
442    
443     error:
444     free(newbuf);
445     }
446    
447     static void cBlowfish_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
448     int bytes)
449     {
450     unsigned char *newbuf = malloc(bytes);
451     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
452    
453     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
454     if (bytes == 0)
455 yutakapon 3118 goto error;
456 maya 3045
457     if (newbuf == NULL)
458     return;
459    
460 maya 3046 if (bytes % block_size) {
461     char tmp[80];
462     UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR1", pvar,
463     "Blowfish decrypt error(1): bytes %d (%d)");
464     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
465     notify_fatal_error(pvar, tmp);
466     goto error;
467     }
468    
469 maya 3045 if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
470 maya 3046 UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR2", pvar,
471     "Blowfish decrypt error(2)");
472 maya 3045 notify_fatal_error(pvar, pvar->ts->UIMsg);
473     goto error;
474    
475     } else {
476     memcpy(buf, newbuf, bytes);
477    
478     }
479    
480     error:
481     free(newbuf);
482     }
483    
484 doda 3168 static void cArcfour_encrypt(PTInstVar pvar, unsigned char FAR * buf,
485     int bytes)
486     {
487     unsigned char *newbuf = malloc(bytes);
488     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
489 maya 3045
490 doda 3168 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
491     if (bytes == 0)
492     goto error;
493 maya 3045
494 doda 3168 if (newbuf == NULL)
495     return;
496    
497     if (bytes % block_size) {
498     char tmp[80];
499     UTIL_get_lang_msg("MSG_ARCFOUR_ENCRYPT_ERROR1", pvar,
500     "Arcfour encrypt error(1): bytes %d (%d)");
501     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
502     pvar->ts->UIMsg, bytes, block_size);
503     notify_fatal_error(pvar, tmp);
504     goto error;
505     }
506    
507     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
508     UTIL_get_lang_msg("MSG_ARCFOUR_ENCRYPT_ERROR2", pvar,
509     "Arcfour encrypt error(2)");
510     notify_fatal_error(pvar, pvar->ts->UIMsg);
511     goto error;
512    
513     } else {
514     memcpy(buf, newbuf, bytes);
515    
516     }
517    
518     error:
519     free(newbuf);
520     }
521    
522     static void cArcfour_decrypt(PTInstVar pvar, unsigned char FAR * buf,
523     int bytes)
524     {
525     unsigned char *newbuf = malloc(bytes);
526     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
527    
528     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
529     if (bytes == 0)
530     goto error;
531    
532     if (newbuf == NULL)
533     return;
534    
535     if (bytes % block_size) {
536     char tmp[80];
537     UTIL_get_lang_msg("MSG_ARCFOUR_DECRYPT_ERROR1", pvar,
538     "Arcfour decrypt error(1): bytes %d (%d)");
539     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
540     notify_fatal_error(pvar, tmp);
541     goto error;
542     }
543    
544     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
545     UTIL_get_lang_msg("MSG_ARCFOUR_DECRYPT_ERROR2", pvar,
546     "Arcfour decrypt error(2)");
547     notify_fatal_error(pvar, pvar->ts->UIMsg);
548     goto error;
549    
550     } else {
551     memcpy(buf, newbuf, bytes);
552    
553     }
554    
555     error:
556     free(newbuf);
557     }
558    
559 maya 3170 static void cCast128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
560     int bytes)
561     {
562     unsigned char *newbuf = malloc(bytes);
563     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
564 doda 3168
565 maya 3170 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
566     if (bytes == 0)
567     goto error;
568 doda 3168
569 maya 3170 if (newbuf == NULL)
570     return;
571    
572     if (bytes % block_size) {
573     char tmp[80];
574     UTIL_get_lang_msg("MSG_CAST128_ENCRYPT_ERROR1", pvar,
575     "CAST128 encrypt error(1): bytes %d (%d)");
576     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
577     pvar->ts->UIMsg, bytes, block_size);
578     notify_fatal_error(pvar, tmp);
579     goto error;
580     }
581    
582     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
583     UTIL_get_lang_msg("MSG_CAST128_ENCRYPT_ERROR2", pvar,
584     "CAST128 encrypt error(2)");
585     notify_fatal_error(pvar, pvar->ts->UIMsg);
586     goto error;
587    
588     } else {
589     memcpy(buf, newbuf, bytes);
590    
591     }
592    
593     error:
594     free(newbuf);
595     }
596    
597     static void cCast128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
598     int bytes)
599     {
600     unsigned char *newbuf = malloc(bytes);
601     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
602    
603     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
604     if (bytes == 0)
605     goto error;
606    
607     if (newbuf == NULL)
608     return;
609    
610     if (bytes % block_size) {
611     char tmp[80];
612     UTIL_get_lang_msg("MSG_CAST128_DECRYPT_ERROR1", pvar,
613     "CAST128 decrypt error(1): bytes %d (%d)");
614     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
615     notify_fatal_error(pvar, tmp);
616     goto error;
617     }
618    
619     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
620     UTIL_get_lang_msg("MSG_CAST128_DECRYPT_ERROR2", pvar,
621     "CAST128 decrypt error(2)");
622     notify_fatal_error(pvar, pvar->ts->UIMsg);
623     goto error;
624    
625     } else {
626     memcpy(buf, newbuf, bytes);
627    
628     }
629    
630     error:
631     free(newbuf);
632     }
633    
634    
635    
636 yutakakn 2728 static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
637 maya 3003 int bytes)
638 yutakakn 2728 {
639     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
640    
641     DES_ncbc_encrypt(buf, buf, bytes,
642 maya 3003 &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
643 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
644 maya 3003 &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
645 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
646 maya 3003 &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
647 yutakakn 2728 }
648    
649     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
650 maya 3003 int bytes)
651 yutakakn 2728 {
652     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
653    
654     DES_ncbc_encrypt(buf, buf, bytes,
655 maya 3003 &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
656 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
657 maya 3003 &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
658 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
659 maya 3003 &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
660 yutakakn 2728 }
661    
662     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
663     int bytes)
664     {
665     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
666    
667     DES_ncbc_encrypt(buf, buf, bytes,
668 maya 3003 &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
669 yutakakn 2728 }
670    
671     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
672     int bytes)
673     {
674     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
675    
676     DES_ncbc_encrypt(buf, buf, bytes,
677 maya 3003 &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
678 yutakakn 2728 }
679    
680     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
681 maya 3003 int bytes)
682 yutakakn 2728 {
683     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
684     int num = 0;
685    
686     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
687 maya 3003 encryptstate->ivec, &num, IDEA_ENCRYPT);
688 yutakakn 2728 }
689    
690     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
691 maya 3003 int bytes)
692 yutakakn 2728 {
693     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
694     int num = 0;
695    
696     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
697 maya 3003 decryptstate->ivec, &num, IDEA_DECRYPT);
698 yutakakn 2728 }
699    
700     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
701     {
702     uint32 FAR *buf = (uint32 FAR *) cbuf;
703     int count = bytes / 4;
704    
705     while (count > 0) {
706     uint32 w = *buf;
707    
708     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
709 maya 3003 | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
710 yutakakn 2728 count--;
711     buf++;
712     }
713     }
714    
715     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
716 maya 3003 int bytes)
717 yutakakn 2728 {
718     CipherBlowfishState FAR *encryptstate =
719     &pvar->crypt_state.enc.cBlowfish;
720    
721     flip_endianness(buf, bytes);
722     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
723 maya 3003 BF_ENCRYPT);
724 yutakakn 2728 flip_endianness(buf, bytes);
725     }
726    
727     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
728 maya 3003 int bytes)
729 yutakakn 2728 {
730     CipherBlowfishState FAR *decryptstate =
731     &pvar->crypt_state.dec.cBlowfish;
732    
733     flip_endianness(buf, bytes);
734     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
735 maya 3003 BF_DECRYPT);
736 yutakakn 2728 flip_endianness(buf, bytes);
737     }
738    
739     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
740 maya 3003 int bytes)
741 yutakakn 2728 {
742     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
743     int num = 0;
744    
745     RC4(&encryptstate->k, bytes, buf, buf);
746     }
747    
748     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
749 maya 3003 int bytes)
750 yutakakn 2728 {
751     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
752     int num = 0;
753    
754     RC4(&decryptstate->k, bytes, buf, buf);
755     }
756    
757     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
758 maya 3003 int bytes)
759 yutakakn 2728 {
760     RAND_bytes(buf, bytes);
761     }
762    
763     void CRYPT_initialize_random_numbers(PTInstVar pvar)
764     {
765     RAND_screen();
766     }
767    
768     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
769     {
770     int bits = get_ushort16_MSBfirst(bytes);
771    
772     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
773     }
774    
775 yutakakn 2857 // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
776     RSA FAR *make_key(PTInstVar pvar,
777 maya 3003 int bits, unsigned char FAR * exp,
778     unsigned char FAR * mod)
779 yutakakn 2728 {
780     RSA FAR *key = RSA_new();
781    
782     if (key != NULL) {
783     key->e = get_bignum(exp);
784     key->n = get_bignum(mod);
785     }
786    
787     if (key == NULL || key->e == NULL || key->n == NULL) {
788 maya 2994 UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
789 maya 3003 "Error setting up RSA keys");
790 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
791 yutakakn 2728
792     if (key != NULL) {
793     if (key->e != NULL) {
794     BN_free(key->e);
795     }
796     if (key->n != NULL) {
797     BN_free(key->n);
798     }
799     RSA_free(key);
800     }
801    
802     return NULL;
803     } else {
804     return key;
805     }
806     }
807    
808     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
809     {
810     if (SSHv1(pvar)) {
811     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
812     } else {
813     memcpy(pvar->crypt_state.server_cookie, cookie,
814 maya 3003 SSH2_COOKIE_LENGTH);
815 yutakakn 2728 }
816     }
817    
818     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
819     {
820     if (SSHv2(pvar)) {
821     memcpy(pvar->crypt_state.client_cookie, cookie,
822 maya 3003 SSH2_COOKIE_LENGTH);
823 yutakakn 2728 }
824     }
825    
826     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
827 maya 3003 int bits, unsigned char FAR * exp,
828     unsigned char FAR * mod)
829 yutakakn 2728 {
830     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
831    
832     return pvar->crypt_state.server_key.RSA_key != NULL;
833     }
834    
835     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
836 maya 3003 int bits, unsigned char FAR * exp,
837     unsigned char FAR * mod)
838 yutakakn 2728 {
839     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
840    
841     return pvar->crypt_state.host_key.RSA_key != NULL;
842     }
843    
844     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
845 maya 3003 int receiver_ciphers)
846 yutakakn 2728 {
847     int cipher_mask;
848    
849     if (SSHv1(pvar)) {
850     cipher_mask = (1 << SSH_CIPHER_DES)
851 maya 3003 | (1 << SSH_CIPHER_3DES)
852     | (1 << SSH_CIPHER_BLOWFISH);
853 yutakakn 2728
854     } else { // for SSH2(yutaka)
855     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
856 maya 3045 cipher_mask = (1 << SSH2_CIPHER_3DES_CBC)
857 maya 3157 | (1 << SSH2_CIPHER_AES128_CBC)
858 maya 3159 | (1 << SSH2_CIPHER_AES192_CBC)
859     | (1 << SSH2_CIPHER_AES256_CBC)
860 maya 3157 | (1 << SSH2_CIPHER_BLOWFISH_CBC)
861 maya 3159 | (1 << SSH2_CIPHER_AES128_CTR)
862     | (1 << SSH2_CIPHER_AES192_CTR)
863 doda 3168 | (1 << SSH2_CIPHER_AES256_CTR)
864 doda 3169 | (1 << SSH2_CIPHER_ARCFOUR)
865     | (1 << SSH2_CIPHER_ARCFOUR128)
866 maya 3170 | (1 << SSH2_CIPHER_ARCFOUR256)
867     | (1 << SSH2_CIPHER_CAST128_CBC);
868 yutakakn 2728 }
869    
870     sender_ciphers &= cipher_mask;
871     receiver_ciphers &= cipher_mask;
872     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
873     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
874    
875     if (sender_ciphers == 0) {
876 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
877 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
878     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
879     "The connection will be closed.");
880 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
881 yutakakn 2728 return FALSE;
882     } else if (receiver_ciphers == 0) {
883 maya 2994 UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
884 maya 3003 "The server does not support any of the TTSSH encryption algorithms.\n"
885     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
886     "The connection will be closed.");
887 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
888 yutakakn 2728 return FALSE;
889     } else {
890     return TRUE;
891     }
892     }
893    
894     int CRYPT_get_decryption_block_size(PTInstVar pvar)
895     {
896     if (SSHv1(pvar)) {
897     return 8;
898     } else {
899     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
900     // cf. 3DES=8, AES128=16
901     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
902     }
903     }
904    
905     int CRYPT_get_encryption_block_size(PTInstVar pvar)
906     {
907     if (SSHv1(pvar)) {
908     return 8;
909     } else {
910     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
911     // cf. 3DES=8, AES128=16
912     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
913     }
914     }
915    
916     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
917     {
918     struct Mac *mac;
919    
920     if (SSHv1(pvar)) {
921     return 0;
922    
923     } else { // for SSH2(yutaka)
924     mac = &pvar->ssh2_keys[MODE_IN].mac;
925     if (mac == NULL || mac->enabled == 0)
926     return 0;
927    
928     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
929     }
930    
931     }
932    
933 yutakakn 2757 // HMAC������
934     // ���{������ SSH2 �������g�p�������B
935     // (2004.12.17 yutaka)
936 yutakakn 2728 BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
937 maya 3003 char FAR * data, int len, char FAR * MAC)
938 yutakakn 2728 {
939 maya 3003 HMAC_CTX c;
940     unsigned char m[EVP_MAX_MD_SIZE];
941     unsigned char b[4];
942 yutakakn 2757 struct Mac *mac;
943    
944     mac = &pvar->ssh2_keys[MODE_IN].mac;
945    
946     // HMAC�������L���������������A����OK�����������B
947     if (mac == NULL || mac->enabled == 0)
948     return TRUE;
949    
950 maya 3003 if (mac->key == NULL)
951 yutakakn 2757 goto error;
952    
953 maya 3003 if ((u_int)mac->mac_len > sizeof(m))
954 yutakakn 2757 goto error;
955    
956 maya 3003 HMAC_Init(&c, mac->key, mac->key_len, mac->md);
957     set_uint32_MSBfirst(b, sequence_number);
958     HMAC_Update(&c, b, sizeof(b));
959     HMAC_Update(&c, data, len);
960     HMAC_Final(&c, m, NULL);
961     HMAC_cleanup(&c);
962 yutakakn 2757
963     if (memcmp(m, MAC, mac->mac_len)) {
964     goto error;
965     }
966    
967 yutakakn 2728 return TRUE;
968 yutakakn 2757
969     error:
970     return FALSE;
971 yutakakn 2728 }
972    
973     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
974     {
975     struct Mac *mac;
976    
977     if (SSHv2(pvar)) { // for SSH2(yutaka)
978     mac = &pvar->ssh2_keys[MODE_OUT].mac;
979     if (mac == NULL || mac->enabled == 0)
980     return 0;
981    
982     return (mac->mac_len);
983     }
984    
985     return 0;
986     }
987    
988     // for SSH2
989     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
990 maya 3003 char FAR * data, int len, char FAR * MAC)
991 yutakakn 2728 {
992 maya 3003 HMAC_CTX c;
993     static u_char m[EVP_MAX_MD_SIZE];
994 yutakakn 2728 u_char b[4];
995     struct Mac *mac;
996    
997     if (SSHv2(pvar)) { // for SSH2(yutaka)
998     mac = &pvar->ssh2_keys[MODE_OUT].mac;
999     if (mac == NULL || mac->enabled == 0)
1000     return FALSE;
1001 maya 3003
1002     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
1003 yutakakn 2728 set_uint32_MSBfirst(b, sequence_number);
1004     HMAC_Update(&c, b, sizeof(b));
1005     HMAC_Update(&c, data, len);
1006     HMAC_Final(&c, m, NULL);
1007     HMAC_cleanup(&c);
1008    
1009     // 20�o�C�g�������R�s�[
1010     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
1011     // memcpy(MAC, m, sizeof(m));
1012    
1013     return TRUE;
1014     }
1015    
1016     return TRUE;
1017    
1018     }
1019    
1020     static int choose_cipher(PTInstVar pvar, int supported)
1021     {
1022     int i;
1023    
1024     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
1025     int cipher = pvar->session_settings.CipherOrder[i] - '0';
1026    
1027     if (cipher == SSH_CIPHER_NONE) {
1028     break;
1029     } else if ((supported & (1 << cipher)) != 0) {
1030     return cipher;
1031     }
1032     }
1033    
1034     return SSH_CIPHER_NONE;
1035     }
1036    
1037     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
1038     {
1039     if (SSHv1(pvar)) {
1040     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
1041 maya 3003 pvar->crypt_state.
1042     supported_sender_ciphers);
1043 yutakakn 2728 pvar->crypt_state.receiver_cipher =
1044     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
1045    
1046     } else { // SSH2(yutaka)
1047     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
1048     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
1049    
1050     }
1051    
1052     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
1053     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
1054 maya 2994 UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
1055 maya 3003 "All the encryption algorithms that this program and the server both understand have been disabled.\n"
1056     "To communicate with this server, you will have to enable some more ciphers\n"
1057 doda 3134 "in the TTSSH Setup dialog box when you run Tera Term again.\n"
1058 maya 3003 "This connection will now close.");
1059 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1060 yutakakn 2728 return FALSE;
1061     } else {
1062     return TRUE;
1063     }
1064     }
1065    
1066     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
1067     {
1068     int server_key_bits =
1069     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1070     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1071     int server_key_bytes = (server_key_bits + 7) / 8;
1072     int host_key_bytes = (host_key_bits + 7) / 8;
1073    
1074     if (server_key_bits < host_key_bits) {
1075     return host_key_bytes;
1076     } else {
1077     return server_key_bytes;
1078     }
1079     }
1080    
1081     int CRYPT_choose_session_key(PTInstVar pvar,
1082 maya 3003 unsigned char FAR * encrypted_key_buf)
1083 yutakakn 2728 {
1084     int server_key_bits =
1085     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1086     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1087     int server_key_bytes = (server_key_bits + 7) / 8;
1088     int host_key_bytes = (host_key_bits + 7) / 8;
1089     int encrypted_key_bytes;
1090     int bit_delta;
1091    
1092     if (server_key_bits < host_key_bits) {
1093     encrypted_key_bytes = host_key_bytes;
1094     bit_delta = host_key_bits - server_key_bits;
1095     } else {
1096     encrypted_key_bytes = server_key_bytes;
1097     bit_delta = server_key_bits - host_key_bits;
1098     }
1099    
1100     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
1101 maya 2994 UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
1102 maya 3003 "Server RSA keys are too weak. A secure connection cannot be established.");
1103 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1104 yutakakn 2728 return 0;
1105     } else {
1106     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
1107     for the session ID, rather than the one specified in the RFC */
1108     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1109     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1110     char session_id[16];
1111     int i;
1112    
1113     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1114     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1115 maya 3003 session_buf + host_key_bytes);
1116 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
1117 maya 3003 pvar->crypt_state.server_cookie, 8);
1118 yutakakn 2728 MD5(session_buf, session_buf_len, session_id);
1119    
1120     free(session_buf);
1121    
1122     RAND_bytes(pvar->crypt_state.sender_cipher_key,
1123 maya 3003 SSH_SESSION_KEY_LENGTH);
1124 yutakakn 2728 memcpy(pvar->crypt_state.receiver_cipher_key,
1125 maya 3003 pvar->crypt_state.sender_cipher_key,
1126     SSH_SESSION_KEY_LENGTH);
1127 yutakakn 2728
1128     memcpy(encrypted_key_buf + encrypted_key_bytes -
1129 maya 3003 SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
1130     SSH_SESSION_KEY_LENGTH);
1131 yutakakn 2728 for (i = 0; i < sizeof(session_id); i++) {
1132     encrypted_key_buf[encrypted_key_bytes -
1133 maya 3003 SSH_SESSION_KEY_LENGTH + i]
1134 yutakakn 2728 ^= session_id[i];
1135     }
1136    
1137     if (host_key_bits > server_key_bits) {
1138     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1139 maya 3003 encrypted_key_buf +
1140     encrypted_key_bytes -
1141     SSH_SESSION_KEY_LENGTH,
1142     encrypted_key_buf +
1143     encrypted_key_bytes - server_key_bytes,
1144     pvar->crypt_state.server_key.RSA_key,
1145     RSA_PKCS1_PADDING) < 0)
1146 yutakakn 2728 return 0;
1147    
1148     if (RSA_public_encrypt(server_key_bytes,
1149 maya 3003 encrypted_key_buf +
1150     encrypted_key_bytes - server_key_bytes,
1151     encrypted_key_buf,
1152     pvar->crypt_state.host_key.RSA_key,
1153     RSA_PKCS1_PADDING) < 0)
1154 yutakakn 2728 return 0;
1155     } else {
1156     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1157 maya 3003 encrypted_key_buf +
1158     encrypted_key_bytes -
1159     SSH_SESSION_KEY_LENGTH,
1160     encrypted_key_buf +
1161     encrypted_key_bytes - host_key_bytes,
1162     pvar->crypt_state.host_key.RSA_key,
1163     RSA_PKCS1_PADDING) < 0)
1164 yutakakn 2728 return 0;
1165    
1166     if (RSA_public_encrypt(host_key_bytes,
1167 maya 3003 encrypted_key_buf +
1168     encrypted_key_bytes - host_key_bytes,
1169     encrypted_key_buf,
1170     pvar->crypt_state.server_key.RSA_key,
1171     RSA_PKCS1_PADDING) < 0)
1172 yutakakn 2728 return 0;
1173     }
1174     }
1175    
1176     return 1;
1177     }
1178    
1179     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
1180 maya 3003 unsigned char FAR * challenge,
1181     int challenge_len,
1182     unsigned char FAR * response)
1183 yutakakn 2728 {
1184     int server_key_bits =
1185     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1186     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1187     int server_key_bytes = (server_key_bits + 7) / 8;
1188     int host_key_bytes = (host_key_bits + 7) / 8;
1189     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1190     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1191     char decrypted_challenge[48];
1192     int decrypted_challenge_len;
1193    
1194     decrypted_challenge_len =
1195     RSA_private_decrypt(challenge_len, challenge, challenge,
1196 maya 3003 AUTH_get_cur_cred(pvar)->key_pair->RSA_key,
1197     RSA_PKCS1_PADDING);
1198 yutakakn 2728 if (decrypted_challenge_len < 0) {
1199     free(session_buf);
1200     return 0;
1201     }
1202     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
1203     memcpy(decrypted_challenge,
1204 maya 3003 challenge + decrypted_challenge_len -
1205     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
1206 yutakakn 2728 } else {
1207     memset(decrypted_challenge, 0,
1208 maya 3003 SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
1209 yutakakn 2728 memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
1210 maya 3003 decrypted_challenge_len, challenge,
1211     decrypted_challenge_len);
1212 yutakakn 2728 }
1213    
1214     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1215     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1216 maya 3003 session_buf + host_key_bytes);
1217 yutakakn 2728 memcpy(session_buf + server_key_bytes + host_key_bytes,
1218 maya 3003 pvar->crypt_state.server_cookie, 8);
1219 yutakakn 2728 MD5(session_buf, session_buf_len, decrypted_challenge + 32);
1220    
1221     free(session_buf);
1222    
1223     MD5(decrypted_challenge, 48, response);
1224    
1225     return 1;
1226     }
1227    
1228     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1229     {
1230     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1231     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1232     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1233     memset(state->ivec1, 0, 8);
1234     memset(state->ivec2, 0, 8);
1235     memset(state->ivec3, 0, 8);
1236     }
1237    
1238     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1239     {
1240     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1241     memset(state->ivec, 0, 8);
1242     }
1243    
1244     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1245     {
1246     idea_set_encrypt_key(session_key, &state->k);
1247     memset(state->ivec, 0, 8);
1248     }
1249    
1250     static void cBlowfish_init(char FAR * session_key,
1251 maya 3003 CipherBlowfishState FAR * state)
1252 yutakakn 2728 {
1253     BF_set_key(&state->k, 32, session_key);
1254     memset(state->ivec, 0, 8);
1255     }
1256    
1257    
1258     //
1259     // SSH2�p�A���S���Y����������
1260     //
1261     // for SSH2(yutaka)
1262     //
1263 maya 3003 void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1264     const u_char *key, u_int keylen,
1265     const u_char *iv, u_int ivlen,
1266     int encrypt,
1267 maya 3093 const EVP_CIPHER *type,
1268 doda 3169 int discard_len,
1269 maya 3043 PTInstVar pvar)
1270 yutakakn 2728 {
1271     int klen;
1272 maya 3043 char tmp[80];
1273 doda 3169 unsigned char *junk = NULL, *discard = NULL;
1274 yutakakn 2728
1275     EVP_CIPHER_CTX_init(evp);
1276     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1277 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1278     "Cipher initialize error(%d)");
1279     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1280     notify_fatal_error(pvar, tmp);
1281     return;
1282 yutakakn 2728 }
1283    
1284     klen = EVP_CIPHER_CTX_key_length(evp);
1285     if (klen > 0 && keylen != klen) {
1286     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1287 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1288     "Cipher initialize error(%d)");
1289     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1290     notify_fatal_error(pvar, tmp);
1291     return;
1292 yutakakn 2728 }
1293     }
1294     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1295 maya 3043 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1296     "Cipher initialize error(%d)");
1297     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1298     notify_fatal_error(pvar, tmp);
1299     return;
1300 yutakakn 2728 }
1301 doda 3169
1302     if (discard_len > 0) {
1303     junk = malloc(discard_len);
1304     discard = malloc(discard_len);
1305     if (junk == NULL || discard == NULL ||
1306     EVP_Cipher(evp, discard, junk, discard_len) == 0) {
1307     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1308     "Cipher initialize error(%d)");
1309     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
1310     pvar->ts->UIMsg, 3);
1311     notify_fatal_error(pvar, tmp);
1312     }
1313     else {
1314     memset(discard, 0, discard_len);
1315     }
1316     free(junk);
1317     free(discard);
1318     }
1319 yutakakn 2728 }
1320    
1321    
1322     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1323     {
1324     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1325     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1326     BOOL isOK = TRUE;
1327    
1328     if (sender_flag) {
1329     switch (pvar->crypt_state.sender_cipher) {
1330     // for SSH2(yutaka)
1331 maya 3045 case SSH2_CIPHER_3DES_CBC:
1332 yutakakn 2728 {
1333     struct Enc *enc;
1334    
1335     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1336 maya 3003 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1337 maya 3036 enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1338     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1339 maya 3003 CIPHER_ENCRYPT,
1340 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1341 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1342 maya 3043 pvar);
1343 yutakakn 2728
1344 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1345     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1346 yutakakn 2728
1347     pvar->crypt_state.encrypt = c3DES_CBC_encrypt;
1348     break;
1349     }
1350    
1351     // for SSH2(yutaka)
1352 maya 3157 case SSH2_CIPHER_AES128_CBC:
1353     case SSH2_CIPHER_AES192_CBC:
1354     case SSH2_CIPHER_AES256_CBC:
1355 maya 3159 case SSH2_CIPHER_AES128_CTR:
1356     case SSH2_CIPHER_AES192_CTR:
1357     case SSH2_CIPHER_AES256_CTR:
1358 yutakakn 2728 {
1359     struct Enc *enc;
1360    
1361     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1362 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1363     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1364     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1365 maya 3003 CIPHER_ENCRYPT,
1366 maya 3043 get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1367 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1368 maya 3043 pvar);
1369 yutakakn 2728
1370 maya 3036 //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1371     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1372 yutakakn 2728
1373     pvar->crypt_state.encrypt = cAES128_encrypt;
1374     break;
1375     }
1376    
1377 maya 3157 case SSH2_CIPHER_BLOWFISH_CBC:
1378 maya 3045 {
1379     struct Enc *enc;
1380    
1381     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1382     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1383     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1384     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1385     CIPHER_ENCRYPT,
1386     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1387 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1388 maya 3045 pvar);
1389    
1390     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1391     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1392    
1393     pvar->crypt_state.encrypt = cBlowfish_encrypt2;
1394     break;
1395     }
1396    
1397 doda 3168 case SSH2_CIPHER_ARCFOUR:
1398 doda 3169 case SSH2_CIPHER_ARCFOUR128:
1399     case SSH2_CIPHER_ARCFOUR256:
1400 doda 3168 {
1401     struct Enc *enc;
1402    
1403     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1404     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1405     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1406     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1407     CIPHER_ENCRYPT,
1408     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1409 doda 3169 get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1410 doda 3168 pvar);
1411     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1412     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1413    
1414     pvar->crypt_state.encrypt = cArcfour_encrypt;
1415     break;
1416     }
1417    
1418 maya 3170 case SSH2_CIPHER_CAST128_CBC:
1419     {
1420     struct Enc *enc;
1421    
1422     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1423     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1424     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1425     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1426     CIPHER_ENCRYPT,
1427     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1428     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1429     pvar);
1430     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1431     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1432    
1433     pvar->crypt_state.encrypt = cCast128_encrypt;
1434     break;
1435     }
1436    
1437 yutakakn 2728 case SSH_CIPHER_3DES:{
1438     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1439     pvar->crypt_state.encrypt = c3DES_encrypt;
1440     break;
1441     }
1442     case SSH_CIPHER_IDEA:{
1443     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1444     pvar->crypt_state.encrypt = cIDEA_encrypt;
1445     break;
1446     }
1447     case SSH_CIPHER_DES:{
1448     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1449     pvar->crypt_state.encrypt = cDES_encrypt;
1450     break;
1451     }
1452     case SSH_CIPHER_RC4:{
1453     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1454     encryption_key + 16);
1455     pvar->crypt_state.encrypt = cRC4_encrypt;
1456     break;
1457     }
1458     case SSH_CIPHER_BLOWFISH:{
1459     cBlowfish_init(encryption_key,
1460 maya 3003 &pvar->crypt_state.enc.cBlowfish);
1461 yutakakn 2728 pvar->crypt_state.encrypt = cBlowfish_encrypt;
1462     break;
1463     }
1464     default:
1465     isOK = FALSE;
1466     }
1467     }
1468    
1469    
1470     if (receiver_flag) {
1471     switch (pvar->crypt_state.receiver_cipher) {
1472     // for SSH2(yutaka)
1473 maya 3045 case SSH2_CIPHER_3DES_CBC:
1474 yutakakn 2728 {
1475     struct Enc *enc;
1476    
1477     enc = &pvar->ssh2_keys[MODE_IN].enc;
1478 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1479 doda 3172 enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1480     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1481 maya 3003 CIPHER_DECRYPT,
1482 doda 3172 get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1483     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1484 maya 3043 pvar);
1485 yutakakn 2728
1486 doda 3172 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1487     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1488 yutakakn 2728
1489     pvar->crypt_state.decrypt = c3DES_CBC_decrypt;
1490     break;
1491     }
1492    
1493     // for SSH2(yutaka)
1494 maya 3157 case SSH2_CIPHER_AES128_CBC:
1495     case SSH2_CIPHER_AES192_CBC:
1496     case SSH2_CIPHER_AES256_CBC:
1497 maya 3159 case SSH2_CIPHER_AES128_CTR:
1498     case SSH2_CIPHER_AES192_CTR:
1499     case SSH2_CIPHER_AES256_CTR:
1500 yutakakn 2728 {
1501     struct Enc *enc;
1502    
1503     enc = &pvar->ssh2_keys[MODE_IN].enc;
1504 maya 3036 cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1505 doda 3172 enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1506     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1507 maya 3003 CIPHER_DECRYPT,
1508 doda 3172 get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1509     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1510 maya 3043 pvar);
1511 yutakakn 2728
1512 doda 3172 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1513     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1514 yutakakn 2728
1515     pvar->crypt_state.decrypt = cAES128_decrypt;
1516     break;
1517     }
1518    
1519 maya 3157 case SSH2_CIPHER_BLOWFISH_CBC:
1520 maya 3045 {
1521     struct Enc *enc;
1522    
1523     enc = &pvar->ssh2_keys[MODE_IN].enc;
1524     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1525 doda 3172 enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1526     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1527 maya 3045 CIPHER_DECRYPT,
1528 doda 3172 get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1529     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1530 maya 3045 pvar);
1531    
1532 doda 3172 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1533     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1534 maya 3045
1535     pvar->crypt_state.decrypt = cBlowfish_decrypt2;
1536     break;
1537     }
1538    
1539 doda 3168 case SSH2_CIPHER_ARCFOUR:
1540 doda 3169 case SSH2_CIPHER_ARCFOUR128:
1541     case SSH2_CIPHER_ARCFOUR256:
1542 doda 3168 {
1543     struct Enc *enc;
1544    
1545     enc = &pvar->ssh2_keys[MODE_IN].enc;
1546     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1547 doda 3172 enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1548     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1549 doda 3168 CIPHER_DECRYPT,
1550 doda 3172 get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1551     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1552 doda 3168 pvar);
1553    
1554 doda 3172 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1555     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1556 doda 3168
1557     pvar->crypt_state.decrypt = cArcfour_decrypt;
1558     break;
1559     }
1560    
1561 maya 3170 case SSH2_CIPHER_CAST128_CBC:
1562     {
1563     struct Enc *enc;
1564    
1565     enc = &pvar->ssh2_keys[MODE_IN].enc;
1566     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1567 doda 3172 enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1568     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1569 maya 3170 CIPHER_DECRYPT,
1570 doda 3172 get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1571     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1572 maya 3170 pvar);
1573    
1574 doda 3172 //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1575     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1576 maya 3170
1577     pvar->crypt_state.decrypt = cCast128_decrypt;
1578     break;
1579     }
1580    
1581 yutakakn 2728 case SSH_CIPHER_3DES:{
1582     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1583     pvar->crypt_state.decrypt = c3DES_decrypt;
1584     break;
1585     }
1586     case SSH_CIPHER_IDEA:{
1587     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1588     pvar->crypt_state.decrypt = cIDEA_decrypt;
1589     break;
1590     }
1591     case SSH_CIPHER_DES:{
1592     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1593     pvar->crypt_state.decrypt = cDES_decrypt;
1594     break;
1595     }
1596     case SSH_CIPHER_RC4:{
1597     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1598     pvar->crypt_state.decrypt = cRC4_decrypt;
1599     break;
1600     }
1601     case SSH_CIPHER_BLOWFISH:{
1602     cBlowfish_init(decryption_key,
1603 maya 3003 &pvar->crypt_state.dec.cBlowfish);
1604 yutakakn 2728 pvar->crypt_state.decrypt = cBlowfish_decrypt;
1605     break;
1606     }
1607     default:
1608     isOK = FALSE;
1609     }
1610     }
1611    
1612    
1613     if (!isOK) {
1614 maya 2994 UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1615 maya 3003 "No cipher selected!");
1616 maya 2937 notify_fatal_error(pvar, pvar->ts->UIMsg);
1617 yutakakn 2728 return FALSE;
1618     } else {
1619     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1620     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1621     return TRUE;
1622     }
1623     }
1624    
1625     void CRYPT_init(PTInstVar pvar)
1626     {
1627     pvar->crypt_state.encrypt = no_encrypt;
1628     pvar->crypt_state.decrypt = no_encrypt;
1629     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1630     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1631     pvar->crypt_state.server_key.RSA_key = NULL;
1632     pvar->crypt_state.host_key.RSA_key = NULL;
1633    
1634     pvar->crypt_state.detect_attack_statics.h = NULL;
1635     pvar->crypt_state.detect_attack_statics.n =
1636     HASH_MINSIZE / HASH_ENTRYSIZE;
1637     }
1638    
1639     static char FAR *get_cipher_name(int cipher)
1640     {
1641     switch (cipher) {
1642     case SSH_CIPHER_NONE:
1643     return "None";
1644     case SSH_CIPHER_3DES:
1645     return "3DES (168 key bits)";
1646     case SSH_CIPHER_DES:
1647     return "DES (56 key bits)";
1648     case SSH_CIPHER_IDEA:
1649     return "IDEA (128 key bits)";
1650     case SSH_CIPHER_RC4:
1651     return "RC4 (128 key bits)";
1652     case SSH_CIPHER_BLOWFISH:
1653     return "Blowfish (256 key bits)";
1654    
1655     // SSH2
1656 maya 3045 case SSH2_CIPHER_3DES_CBC:
1657 yutakakn 2728 return "3DES-CBC";
1658 maya 3157 case SSH2_CIPHER_AES128_CBC:
1659     return "AES128-CBC";
1660     case SSH2_CIPHER_AES192_CBC:
1661     return "AES192-CBC";
1662     case SSH2_CIPHER_AES256_CBC:
1663     return "AES256-CBC";
1664     case SSH2_CIPHER_BLOWFISH_CBC:
1665     return "Blowfish-CBC";
1666 maya 3159 case SSH2_CIPHER_AES128_CTR:
1667     return "AES128-CTR";
1668     case SSH2_CIPHER_AES192_CTR:
1669     return "AES192-CTR";
1670     case SSH2_CIPHER_AES256_CTR:
1671     return "AES256-CTR";
1672 doda 3168 case SSH2_CIPHER_ARCFOUR:
1673 doda 3169 return "Arcfour";
1674     case SSH2_CIPHER_ARCFOUR128:
1675     return "Arcfour128";
1676     case SSH2_CIPHER_ARCFOUR256:
1677     return "Arcfour256";
1678 maya 3170 case SSH2_CIPHER_CAST128_CBC:
1679     return "CAST-128-CBC";
1680 yutakakn 2728
1681     default:
1682     return "Unknown";
1683     }
1684     }
1685    
1686     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1687     {
1688 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1689 maya 3003 "%s to server, %s from server");
1690 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1691 maya 3003 get_cipher_name(pvar->crypt_state.sender_cipher),
1692     get_cipher_name(pvar->crypt_state.receiver_cipher));
1693 yutakakn 2728 }
1694    
1695     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1696     {
1697     if (SSHv1(pvar)) {
1698     if (pvar->crypt_state.server_key.RSA_key == NULL
1699 maya 3003 || pvar->crypt_state.host_key.RSA_key == NULL) {
1700 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1701 maya 2992 strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1702 yutakakn 2728 } else {
1703 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1704 maya 3003 "%d-bit server key, %d-bit host key");
1705 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1706 maya 3003 BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1707     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1708 yutakakn 2728 }
1709     } else { // SSH2
1710 maya 2994 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1711 maya 3003 "%d-bit server key, %d-bit host key");
1712 maya 2992 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1713 maya 3003 pvar->server_key_bits,
1714     pvar->client_key_bits);
1715 yutakakn 2728 }
1716     }
1717    
1718     static void destroy_public_key(CRYPTPublicKey FAR * key)
1719     {
1720     if (key->RSA_key != NULL) {
1721     RSA_free(key->RSA_key);
1722     key->RSA_key = NULL;
1723     }
1724     }
1725    
1726     void CRYPT_free_public_key(CRYPTPublicKey FAR * key)
1727     {
1728     destroy_public_key(key);
1729     free(key);
1730     }
1731    
1732     void CRYPT_end(PTInstVar pvar)
1733     {
1734     destroy_public_key(&pvar->crypt_state.host_key);
1735     destroy_public_key(&pvar->crypt_state.server_key);
1736    
1737     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1738     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1739 maya 3003 pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1740 yutakakn 2728 free(pvar->crypt_state.detect_attack_statics.h);
1741     }
1742    
1743     memset(pvar->crypt_state.sender_cipher_key, 0,
1744 maya 3003 sizeof(pvar->crypt_state.sender_cipher_key));
1745 yutakakn 2728 memset(pvar->crypt_state.receiver_cipher_key, 0,
1746 maya 3003 sizeof(pvar->crypt_state.receiver_cipher_key));
1747 yutakakn 2728 memset(pvar->crypt_state.server_cookie, 0,
1748 maya 3003 sizeof(pvar->crypt_state.server_cookie));
1749 yutakakn 2728 memset(pvar->crypt_state.client_cookie, 0,
1750 maya 3003 sizeof(pvar->crypt_state.client_cookie));
1751 yutakakn 2728 memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1752     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1753     }
1754    
1755     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1756 maya 3003 char FAR * buf, int bytes)
1757 yutakakn 2728 {
1758     unsigned char passphrase_key[16];
1759    
1760     MD5(passphrase, strlen(passphrase), passphrase_key);
1761    
1762     switch (cipher) {
1763     case SSH_CIPHER_3DES:{
1764     Cipher3DESState state;
1765    
1766     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1767 maya 3003 &state.k1);
1768 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1769 maya 3003 &state.k2);
1770 yutakakn 2728 DES_set_key((const_DES_cblock FAR *) passphrase_key,
1771 maya 3003 &state.k3);
1772 yutakakn 2728 memset(state.ivec1, 0, 8);
1773     memset(state.ivec2, 0, 8);
1774     memset(state.ivec3, 0, 8);
1775     DES_ncbc_encrypt(buf, buf, bytes,
1776 maya 3003 &state.k3, &state.ivec3, DES_DECRYPT);
1777 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1778 maya 3003 &state.k2, &state.ivec2, DES_ENCRYPT);
1779 yutakakn 2728 DES_ncbc_encrypt(buf, buf, bytes,
1780 maya 3003 &state.k1, &state.ivec1, DES_DECRYPT);
1781 yutakakn 2728 break;
1782     }
1783    
1784     case SSH_CIPHER_IDEA:{
1785     CipherIDEAState state;
1786     int num = 0;
1787    
1788     cIDEA_init(passphrase_key, &state);
1789     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1790 maya 3003 &num, IDEA_DECRYPT);
1791 yutakakn 2728 break;
1792     }
1793    
1794     case SSH_CIPHER_DES:{
1795     CipherDESState state;
1796    
1797     cDES_init(passphrase_key, &state);
1798     DES_ncbc_encrypt(buf, buf, bytes,
1799 maya 3003 &state.k, &state.ivec, DES_DECRYPT);
1800 yutakakn 2728 break;
1801     }
1802    
1803     case SSH_CIPHER_RC4:{
1804     CipherRC4State state;
1805     int num = 0;
1806    
1807     RC4_set_key(&state.k, 16, passphrase_key);
1808     RC4(&state.k, bytes, buf, buf);
1809     break;
1810     }
1811    
1812     case SSH_CIPHER_BLOWFISH:{
1813     CipherBlowfishState state;
1814    
1815     BF_set_key(&state.k, 16, passphrase_key);
1816     memset(state.ivec, 0, 8);
1817     flip_endianness(buf, bytes);
1818     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1819     BF_DECRYPT);
1820     flip_endianness(buf, bytes);
1821     break;
1822     }
1823    
1824     case SSH_CIPHER_NONE:
1825     break;
1826    
1827     default:
1828     memset(passphrase_key, 0, sizeof(passphrase_key));
1829     return 0;
1830     }
1831    
1832     memset(passphrase_key, 0, sizeof(passphrase_key));
1833     return 1;
1834     }
1835    
1836     void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair)
1837     {
1838 yutakakn 2762 if (key_pair->RSA_key != NULL)
1839     RSA_free(key_pair->RSA_key);
1840    
1841     if (key_pair->DSA_key != NULL)
1842     DSA_free(key_pair->DSA_key);
1843    
1844 yutakakn 2728 free(key_pair);
1845     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help