Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3227 - (hide annotations) (download) (as text)
Tue Mar 24 15:10:33 2009 UTC (15 years ago) by maya
Original Path: trunk/ttssh2/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 56086 byte(s) 
CVS から SVN へ移行: 改行コードを LF から CR+LF へ変換
1 maya 3227 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40     #include <openssl/dsa.h>
41     #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51     * $Id: crypt.c,v 1.28 2008-11-23 07:44:05 doda Exp $ Cryptographic attack
52     * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87     uint32 len, unsigned char FAR * IV)
88     {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116     unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118     {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191     int bytes)
192     {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199     buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202     default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204     buf, bytes, NULL) == DEATTACK_DETECTED;
205     }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217     // ���O�������������������������������AAES192, AES256 ����
218     // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219     static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220     int bytes)
221     {
222     unsigned char *newbuf = malloc(bytes);
223     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
224    
225     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
226     if (bytes == 0)
227     goto error;
228    
229     if (newbuf == NULL)
230     return;
231    
232     if (bytes % block_size) {
233     char tmp[80];
234     UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR1", pvar,
235     "AES128/192/256 encrypt error(1): bytes %d (%d)");
236     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
237     pvar->ts->UIMsg, bytes, block_size);
238     notify_fatal_error(pvar, tmp);
239     goto error;
240     }
241    
242     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
243     UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR2", pvar,
244     "AES128/192/256 encrypt error(2)");
245     notify_fatal_error(pvar, pvar->ts->UIMsg);
246     goto error;
247    
248     } else {
249     //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
250     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
251     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
252     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
253    
254     //debug_print(50, key, 24);
255     //debug_print(51, iv, 8);
256     //debug_print(52, buf, bytes);
257     //debug_print(53, newbuf, bytes);
258    
259     memcpy(buf, newbuf, bytes);
260     }
261    
262     error:
263     free(newbuf);
264     }
265    
266     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
267     int bytes)
268     {
269     unsigned char *newbuf = malloc(bytes);
270     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
271    
272     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
273     if (bytes == 0)
274     goto error;
275    
276     if (newbuf == NULL)
277     return;
278    
279     if (bytes % block_size) {
280     char tmp[80];
281     UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR1", pvar,
282     "AES128/192/256 decrypt error(1): bytes %d (%d)");
283     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
284     notify_fatal_error(pvar, tmp);
285     goto error;
286     }
287    
288     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
289     UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR2", pvar,
290     "AES128/192/256 decrypt error(2)");
291     notify_fatal_error(pvar, pvar->ts->UIMsg);
292     goto error;
293    
294     } else {
295     //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
296     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
297     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
298     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
299    
300     //debug_print(70, key, AES128_KEYLEN);
301     //debug_print(71, iv, AES128_IVLEN);
302     //debug_print(72, buf, bytes);
303     //debug_print(73, newbuf, bytes);
304    
305     memcpy(buf, newbuf, bytes);
306     }
307    
308     error:
309     free(newbuf);
310     }
311    
312    
313    
314     // for SSH2(yutaka)
315     static void c3DES_CBC_encrypt(PTInstVar pvar, unsigned char FAR * buf,
316     int bytes)
317     {
318     unsigned char *newbuf = malloc(bytes);
319     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
320    
321     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
322     if (bytes == 0)
323     goto error;
324    
325     if (newbuf == NULL)
326     return;
327    
328     if (bytes % block_size) {
329     char tmp[80];
330     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR1", pvar,
331     "3DES-CBC encrypt error(1): bytes %d (%d)");
332     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
333     pvar->ts->UIMsg, bytes, block_size);
334     notify_fatal_error(pvar, tmp);
335     goto error;
336     }
337    
338     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
339     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR2", pvar,
340     "3DES-CBC encrypt error(2)");
341     notify_fatal_error(pvar, pvar->ts->UIMsg);
342     goto error;
343    
344     } else {
345     //unsigned char key[24], iv[8];
346     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
347     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
348     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
349    
350     //debug_print(50, key, 24);
351     //debug_print(51, iv, 8);
352     //debug_print(52, buf, bytes);
353     //debug_print(53, newbuf, bytes);
354    
355     memcpy(buf, newbuf, bytes);
356     }
357    
358     error:
359     free(newbuf);
360     }
361    
362     static void c3DES_CBC_decrypt(PTInstVar pvar, unsigned char FAR * buf,
363     int bytes)
364     {
365     unsigned char *newbuf = malloc(bytes);
366     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
367    
368     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
369     if (bytes == 0)
370     goto error;
371    
372     if (newbuf == NULL)
373     return;
374    
375     if (bytes % block_size) {
376     char tmp[80];
377     UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR1", pvar,
378     "3DES-CBC decrypt error(1): bytes %d (%d)");
379     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
380     notify_fatal_error(pvar, tmp);
381     goto error;
382     }
383    
384     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
385     UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR2", pvar,
386     "3DES-CBC decrypt error(2)");
387     notify_fatal_error(pvar, pvar->ts->UIMsg);
388     goto error;
389    
390     } else {
391     //unsigned char key[24], iv[8];
392     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
393     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
394     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
395    
396     //debug_print(70, key, 24);
397     //debug_print(71, iv, 8);
398     //debug_print(72, buf, bytes);
399     //debug_print(73, newbuf, bytes);
400    
401     memcpy(buf, newbuf, bytes);
402     }
403    
404     error:
405     free(newbuf);
406     }
407    
408    
409     static void cBlowfish_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
410     int bytes)
411     {
412     unsigned char *newbuf = malloc(bytes);
413     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
414    
415     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
416     if (bytes == 0)
417     goto error;
418    
419     if (newbuf == NULL)
420     return;
421    
422     if (bytes % block_size) {
423     char tmp[80];
424     UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR1", pvar,
425     "Blowfish encrypt error(1): bytes %d (%d)");
426     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
427     pvar->ts->UIMsg, bytes, block_size);
428     notify_fatal_error(pvar, tmp);
429     goto error;
430     }
431    
432     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
433     UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR2", pvar,
434     "Blowfish encrypt error(2)");
435     notify_fatal_error(pvar, pvar->ts->UIMsg);
436     goto error;
437    
438     } else {
439     memcpy(buf, newbuf, bytes);
440    
441     }
442    
443     error:
444     free(newbuf);
445     }
446    
447     static void cBlowfish_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
448     int bytes)
449     {
450     unsigned char *newbuf = malloc(bytes);
451     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
452    
453     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
454     if (bytes == 0)
455     goto error;
456    
457     if (newbuf == NULL)
458     return;
459    
460     if (bytes % block_size) {
461     char tmp[80];
462     UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR1", pvar,
463     "Blowfish decrypt error(1): bytes %d (%d)");
464     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
465     notify_fatal_error(pvar, tmp);
466     goto error;
467     }
468    
469     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
470     UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR2", pvar,
471     "Blowfish decrypt error(2)");
472     notify_fatal_error(pvar, pvar->ts->UIMsg);
473     goto error;
474    
475     } else {
476     memcpy(buf, newbuf, bytes);
477    
478     }
479    
480     error:
481     free(newbuf);
482     }
483    
484     static void cArcfour_encrypt(PTInstVar pvar, unsigned char FAR * buf,
485     int bytes)
486     {
487     unsigned char *newbuf = malloc(bytes);
488     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
489    
490     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
491     if (bytes == 0)
492     goto error;
493    
494     if (newbuf == NULL)
495     return;
496    
497     if (bytes % block_size) {
498     char tmp[80];
499     UTIL_get_lang_msg("MSG_ARCFOUR_ENCRYPT_ERROR1", pvar,
500     "Arcfour encrypt error(1): bytes %d (%d)");
501     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
502     pvar->ts->UIMsg, bytes, block_size);
503     notify_fatal_error(pvar, tmp);
504     goto error;
505     }
506    
507     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
508     UTIL_get_lang_msg("MSG_ARCFOUR_ENCRYPT_ERROR2", pvar,
509     "Arcfour encrypt error(2)");
510     notify_fatal_error(pvar, pvar->ts->UIMsg);
511     goto error;
512    
513     } else {
514     memcpy(buf, newbuf, bytes);
515    
516     }
517    
518     error:
519     free(newbuf);
520     }
521    
522     static void cArcfour_decrypt(PTInstVar pvar, unsigned char FAR * buf,
523     int bytes)
524     {
525     unsigned char *newbuf = malloc(bytes);
526     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
527    
528     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
529     if (bytes == 0)
530     goto error;
531    
532     if (newbuf == NULL)
533     return;
534    
535     if (bytes % block_size) {
536     char tmp[80];
537     UTIL_get_lang_msg("MSG_ARCFOUR_DECRYPT_ERROR1", pvar,
538     "Arcfour decrypt error(1): bytes %d (%d)");
539     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
540     notify_fatal_error(pvar, tmp);
541     goto error;
542     }
543    
544     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
545     UTIL_get_lang_msg("MSG_ARCFOUR_DECRYPT_ERROR2", pvar,
546     "Arcfour decrypt error(2)");
547     notify_fatal_error(pvar, pvar->ts->UIMsg);
548     goto error;
549    
550     } else {
551     memcpy(buf, newbuf, bytes);
552    
553     }
554    
555     error:
556     free(newbuf);
557     }
558    
559     static void cCast128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
560     int bytes)
561     {
562     unsigned char *newbuf = malloc(bytes);
563     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
564    
565     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
566     if (bytes == 0)
567     goto error;
568    
569     if (newbuf == NULL)
570     return;
571    
572     if (bytes % block_size) {
573     char tmp[80];
574     UTIL_get_lang_msg("MSG_CAST128_ENCRYPT_ERROR1", pvar,
575     "CAST128 encrypt error(1): bytes %d (%d)");
576     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
577     pvar->ts->UIMsg, bytes, block_size);
578     notify_fatal_error(pvar, tmp);
579     goto error;
580     }
581    
582     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
583     UTIL_get_lang_msg("MSG_CAST128_ENCRYPT_ERROR2", pvar,
584     "CAST128 encrypt error(2)");
585     notify_fatal_error(pvar, pvar->ts->UIMsg);
586     goto error;
587    
588     } else {
589     memcpy(buf, newbuf, bytes);
590    
591     }
592    
593     error:
594     free(newbuf);
595     }
596    
597     static void cCast128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
598     int bytes)
599     {
600     unsigned char *newbuf = malloc(bytes);
601     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
602    
603     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
604     if (bytes == 0)
605     goto error;
606    
607     if (newbuf == NULL)
608     return;
609    
610     if (bytes % block_size) {
611     char tmp[80];
612     UTIL_get_lang_msg("MSG_CAST128_DECRYPT_ERROR1", pvar,
613     "CAST128 decrypt error(1): bytes %d (%d)");
614     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
615     notify_fatal_error(pvar, tmp);
616     goto error;
617     }
618    
619     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
620     UTIL_get_lang_msg("MSG_CAST128_DECRYPT_ERROR2", pvar,
621     "CAST128 decrypt error(2)");
622     notify_fatal_error(pvar, pvar->ts->UIMsg);
623     goto error;
624    
625     } else {
626     memcpy(buf, newbuf, bytes);
627    
628     }
629    
630     error:
631     free(newbuf);
632     }
633    
634    
635    
636     static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
637     int bytes)
638     {
639     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
640    
641     DES_ncbc_encrypt(buf, buf, bytes,
642     &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
643     DES_ncbc_encrypt(buf, buf, bytes,
644     &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
645     DES_ncbc_encrypt(buf, buf, bytes,
646     &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
647     }
648    
649     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
650     int bytes)
651     {
652     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
653    
654     DES_ncbc_encrypt(buf, buf, bytes,
655     &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
656     DES_ncbc_encrypt(buf, buf, bytes,
657     &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
658     DES_ncbc_encrypt(buf, buf, bytes,
659     &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
660     }
661    
662     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
663     int bytes)
664     {
665     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
666    
667     DES_ncbc_encrypt(buf, buf, bytes,
668     &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
669     }
670    
671     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
672     int bytes)
673     {
674     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
675    
676     DES_ncbc_encrypt(buf, buf, bytes,
677     &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
678     }
679    
680     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
681     int bytes)
682     {
683     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
684     int num = 0;
685    
686     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
687     encryptstate->ivec, &num, IDEA_ENCRYPT);
688     }
689    
690     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
691     int bytes)
692     {
693     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
694     int num = 0;
695    
696     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
697     decryptstate->ivec, &num, IDEA_DECRYPT);
698     }
699    
700     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
701     {
702     uint32 FAR *buf = (uint32 FAR *) cbuf;
703     int count = bytes / 4;
704    
705     while (count > 0) {
706     uint32 w = *buf;
707    
708     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
709     | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
710     count--;
711     buf++;
712     }
713     }
714    
715     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
716     int bytes)
717     {
718     CipherBlowfishState FAR *encryptstate =
719     &pvar->crypt_state.enc.cBlowfish;
720    
721     flip_endianness(buf, bytes);
722     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
723     BF_ENCRYPT);
724     flip_endianness(buf, bytes);
725     }
726    
727     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
728     int bytes)
729     {
730     CipherBlowfishState FAR *decryptstate =
731     &pvar->crypt_state.dec.cBlowfish;
732    
733     flip_endianness(buf, bytes);
734     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
735     BF_DECRYPT);
736     flip_endianness(buf, bytes);
737     }
738    
739     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
740     int bytes)
741     {
742     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
743     int num = 0;
744    
745     RC4(&encryptstate->k, bytes, buf, buf);
746     }
747    
748     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
749     int bytes)
750     {
751     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
752     int num = 0;
753    
754     RC4(&decryptstate->k, bytes, buf, buf);
755     }
756    
757     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
758     int bytes)
759     {
760     RAND_bytes(buf, bytes);
761     }
762    
763     void CRYPT_initialize_random_numbers(PTInstVar pvar)
764     {
765     RAND_screen();
766     }
767    
768     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
769     {
770     int bits = get_ushort16_MSBfirst(bytes);
771    
772     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
773     }
774    
775     // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
776     RSA FAR *make_key(PTInstVar pvar,
777     int bits, unsigned char FAR * exp,
778     unsigned char FAR * mod)
779     {
780     RSA FAR *key = RSA_new();
781    
782     if (key != NULL) {
783     key->e = get_bignum(exp);
784     key->n = get_bignum(mod);
785     }
786    
787     if (key == NULL || key->e == NULL || key->n == NULL) {
788     UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
789     "Error setting up RSA keys");
790     notify_fatal_error(pvar, pvar->ts->UIMsg);
791    
792     if (key != NULL) {
793     if (key->e != NULL) {
794     BN_free(key->e);
795     }
796     if (key->n != NULL) {
797     BN_free(key->n);
798     }
799     RSA_free(key);
800     }
801    
802     return NULL;
803     } else {
804     return key;
805     }
806     }
807    
808     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
809     {
810     if (SSHv1(pvar)) {
811     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
812     } else {
813     memcpy(pvar->crypt_state.server_cookie, cookie,
814     SSH2_COOKIE_LENGTH);
815     }
816     }
817    
818     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
819     {
820     if (SSHv2(pvar)) {
821     memcpy(pvar->crypt_state.client_cookie, cookie,
822     SSH2_COOKIE_LENGTH);
823     }
824     }
825    
826     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
827     int bits, unsigned char FAR * exp,
828     unsigned char FAR * mod)
829     {
830     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
831    
832     return pvar->crypt_state.server_key.RSA_key != NULL;
833     }
834    
835     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
836     int bits, unsigned char FAR * exp,
837     unsigned char FAR * mod)
838     {
839     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
840    
841     return pvar->crypt_state.host_key.RSA_key != NULL;
842     }
843    
844     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
845     int receiver_ciphers)
846     {
847     int cipher_mask;
848    
849     if (SSHv1(pvar)) {
850     cipher_mask = (1 << SSH_CIPHER_DES)
851     | (1 << SSH_CIPHER_3DES)
852     | (1 << SSH_CIPHER_BLOWFISH);
853    
854     } else { // for SSH2(yutaka)
855     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
856     cipher_mask = (1 << SSH2_CIPHER_3DES_CBC)
857     | (1 << SSH2_CIPHER_AES128_CBC)
858     | (1 << SSH2_CIPHER_AES192_CBC)
859     | (1 << SSH2_CIPHER_AES256_CBC)
860     | (1 << SSH2_CIPHER_BLOWFISH_CBC)
861     | (1 << SSH2_CIPHER_AES128_CTR)
862     | (1 << SSH2_CIPHER_AES192_CTR)
863     | (1 << SSH2_CIPHER_AES256_CTR)
864     | (1 << SSH2_CIPHER_ARCFOUR)
865     | (1 << SSH2_CIPHER_ARCFOUR128)
866     | (1 << SSH2_CIPHER_ARCFOUR256)
867     | (1 << SSH2_CIPHER_CAST128_CBC);
868     }
869    
870     sender_ciphers &= cipher_mask;
871     receiver_ciphers &= cipher_mask;
872     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
873     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
874    
875     if (sender_ciphers == 0) {
876     UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
877     "The server does not support any of the TTSSH encryption algorithms.\n"
878     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
879     "The connection will be closed.");
880     notify_fatal_error(pvar, pvar->ts->UIMsg);
881     return FALSE;
882     } else if (receiver_ciphers == 0) {
883     UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
884     "The server does not support any of the TTSSH encryption algorithms.\n"
885     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
886     "The connection will be closed.");
887     notify_fatal_error(pvar, pvar->ts->UIMsg);
888     return FALSE;
889     } else {
890     return TRUE;
891     }
892     }
893    
894     int CRYPT_get_decryption_block_size(PTInstVar pvar)
895     {
896     if (SSHv1(pvar)) {
897     return 8;
898     } else {
899     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
900     // cf. 3DES=8, AES128=16
901     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
902     }
903     }
904    
905     int CRYPT_get_encryption_block_size(PTInstVar pvar)
906     {
907     if (SSHv1(pvar)) {
908     return 8;
909     } else {
910     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
911     // cf. 3DES=8, AES128=16
912     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
913     }
914     }
915    
916     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
917     {
918     struct Mac *mac;
919    
920     if (SSHv1(pvar)) {
921     return 0;
922    
923     } else { // for SSH2(yutaka)
924     mac = &pvar->ssh2_keys[MODE_IN].mac;
925     if (mac == NULL || mac->enabled == 0)
926     return 0;
927    
928     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
929     }
930    
931     }
932    
933     // HMAC������
934     // ���{������ SSH2 �������g�p�������B
935     // (2004.12.17 yutaka)
936     BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
937     char FAR * data, int len, char FAR * MAC)
938     {
939     HMAC_CTX c;
940     unsigned char m[EVP_MAX_MD_SIZE];
941     unsigned char b[4];
942     struct Mac *mac;
943    
944     mac = &pvar->ssh2_keys[MODE_IN].mac;
945    
946     // HMAC�������L���������������A����OK�����������B
947     if (mac == NULL || mac->enabled == 0)
948     return TRUE;
949    
950     if (mac->key == NULL)
951     goto error;
952    
953     if ((u_int)mac->mac_len > sizeof(m))
954     goto error;
955    
956     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
957     set_uint32_MSBfirst(b, sequence_number);
958     HMAC_Update(&c, b, sizeof(b));
959     HMAC_Update(&c, data, len);
960     HMAC_Final(&c, m, NULL);
961     HMAC_cleanup(&c);
962    
963     if (memcmp(m, MAC, mac->mac_len)) {
964     goto error;
965     }
966    
967     return TRUE;
968    
969     error:
970     return FALSE;
971     }
972    
973     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
974     {
975     struct Mac *mac;
976    
977     if (SSHv2(pvar)) { // for SSH2(yutaka)
978     mac = &pvar->ssh2_keys[MODE_OUT].mac;
979     if (mac == NULL || mac->enabled == 0)
980     return 0;
981    
982     return (mac->mac_len);
983     }
984    
985     return 0;
986     }
987    
988     // for SSH2
989     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
990     char FAR * data, int len, char FAR * MAC)
991     {
992     HMAC_CTX c;
993     static u_char m[EVP_MAX_MD_SIZE];
994     u_char b[4];
995     struct Mac *mac;
996    
997     if (SSHv2(pvar)) { // for SSH2(yutaka)
998     mac = &pvar->ssh2_keys[MODE_OUT].mac;
999     if (mac == NULL || mac->enabled == 0)
1000     return FALSE;
1001    
1002     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
1003     set_uint32_MSBfirst(b, sequence_number);
1004     HMAC_Update(&c, b, sizeof(b));
1005     HMAC_Update(&c, data, len);
1006     HMAC_Final(&c, m, NULL);
1007     HMAC_cleanup(&c);
1008    
1009     // 20�o�C�g�������R�s�[
1010     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
1011     // memcpy(MAC, m, sizeof(m));
1012    
1013     return TRUE;
1014     }
1015    
1016     return TRUE;
1017    
1018     }
1019    
1020     static int choose_cipher(PTInstVar pvar, int supported)
1021     {
1022     int i;
1023    
1024     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
1025     int cipher = pvar->session_settings.CipherOrder[i] - '0';
1026    
1027     if (cipher == SSH_CIPHER_NONE) {
1028     break;
1029     } else if ((supported & (1 << cipher)) != 0) {
1030     return cipher;
1031     }
1032     }
1033    
1034     return SSH_CIPHER_NONE;
1035     }
1036    
1037     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
1038     {
1039     if (SSHv1(pvar)) {
1040     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
1041     pvar->crypt_state.
1042     supported_sender_ciphers);
1043     pvar->crypt_state.receiver_cipher =
1044     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
1045    
1046     } else { // SSH2(yutaka)
1047     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
1048     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
1049    
1050     }
1051    
1052     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
1053     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
1054     UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
1055     "All the encryption algorithms that this program and the server both understand have been disabled.\n"
1056     "To communicate with this server, you will have to enable some more ciphers\n"
1057     "in the TTSSH Setup dialog box when you run Tera Term again.\n"
1058     "This connection will now close.");
1059     notify_fatal_error(pvar, pvar->ts->UIMsg);
1060     return FALSE;
1061     } else {
1062     return TRUE;
1063     }
1064     }
1065    
1066     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
1067     {
1068     int server_key_bits =
1069     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1070     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1071     int server_key_bytes = (server_key_bits + 7) / 8;
1072     int host_key_bytes = (host_key_bits + 7) / 8;
1073    
1074     if (server_key_bits < host_key_bits) {
1075     return host_key_bytes;
1076     } else {
1077     return server_key_bytes;
1078     }
1079     }
1080    
1081     int CRYPT_choose_session_key(PTInstVar pvar,
1082     unsigned char FAR * encrypted_key_buf)
1083     {
1084     int server_key_bits =
1085     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1086     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1087     int server_key_bytes = (server_key_bits + 7) / 8;
1088     int host_key_bytes = (host_key_bits + 7) / 8;
1089     int encrypted_key_bytes;
1090     int bit_delta;
1091    
1092     if (server_key_bits < host_key_bits) {
1093     encrypted_key_bytes = host_key_bytes;
1094     bit_delta = host_key_bits - server_key_bits;
1095     } else {
1096     encrypted_key_bytes = server_key_bytes;
1097     bit_delta = server_key_bits - host_key_bits;
1098     }
1099    
1100     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
1101     UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
1102     "Server RSA keys are too weak. A secure connection cannot be established.");
1103     notify_fatal_error(pvar, pvar->ts->UIMsg);
1104     return 0;
1105     } else {
1106     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
1107     for the session ID, rather than the one specified in the RFC */
1108     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1109     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1110     char session_id[16];
1111     int i;
1112    
1113     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1114     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1115     session_buf + host_key_bytes);
1116     memcpy(session_buf + server_key_bytes + host_key_bytes,
1117     pvar->crypt_state.server_cookie, 8);
1118     MD5(session_buf, session_buf_len, session_id);
1119    
1120     free(session_buf);
1121    
1122     RAND_bytes(pvar->crypt_state.sender_cipher_key,
1123     SSH_SESSION_KEY_LENGTH);
1124     memcpy(pvar->crypt_state.receiver_cipher_key,
1125     pvar->crypt_state.sender_cipher_key,
1126     SSH_SESSION_KEY_LENGTH);
1127    
1128     memcpy(encrypted_key_buf + encrypted_key_bytes -
1129     SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
1130     SSH_SESSION_KEY_LENGTH);
1131     for (i = 0; i < sizeof(session_id); i++) {
1132     encrypted_key_buf[encrypted_key_bytes -
1133     SSH_SESSION_KEY_LENGTH + i]
1134     ^= session_id[i];
1135     }
1136    
1137     if (host_key_bits > server_key_bits) {
1138     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1139     encrypted_key_buf +
1140     encrypted_key_bytes -
1141     SSH_SESSION_KEY_LENGTH,
1142     encrypted_key_buf +
1143     encrypted_key_bytes - server_key_bytes,
1144     pvar->crypt_state.server_key.RSA_key,
1145     RSA_PKCS1_PADDING) < 0)
1146     return 0;
1147    
1148     if (RSA_public_encrypt(server_key_bytes,
1149     encrypted_key_buf +
1150     encrypted_key_bytes - server_key_bytes,
1151     encrypted_key_buf,
1152     pvar->crypt_state.host_key.RSA_key,
1153     RSA_PKCS1_PADDING) < 0)
1154     return 0;
1155     } else {
1156     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1157     encrypted_key_buf +
1158     encrypted_key_bytes -
1159     SSH_SESSION_KEY_LENGTH,
1160     encrypted_key_buf +
1161     encrypted_key_bytes - host_key_bytes,
1162     pvar->crypt_state.host_key.RSA_key,
1163     RSA_PKCS1_PADDING) < 0)
1164     return 0;
1165    
1166     if (RSA_public_encrypt(host_key_bytes,
1167     encrypted_key_buf +
1168     encrypted_key_bytes - host_key_bytes,
1169     encrypted_key_buf,
1170     pvar->crypt_state.server_key.RSA_key,
1171     RSA_PKCS1_PADDING) < 0)
1172     return 0;
1173     }
1174     }
1175    
1176     return 1;
1177     }
1178    
1179     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
1180     unsigned char FAR * challenge,
1181     int challenge_len,
1182     unsigned char FAR * response)
1183     {
1184     int server_key_bits =
1185     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1186     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1187     int server_key_bytes = (server_key_bits + 7) / 8;
1188     int host_key_bytes = (host_key_bits + 7) / 8;
1189     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1190     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1191     char decrypted_challenge[48];
1192     int decrypted_challenge_len;
1193    
1194     decrypted_challenge_len =
1195     RSA_private_decrypt(challenge_len, challenge, challenge,
1196     AUTH_get_cur_cred(pvar)->key_pair->RSA_key,
1197     RSA_PKCS1_PADDING);
1198     if (decrypted_challenge_len < 0) {
1199     free(session_buf);
1200     return 0;
1201     }
1202     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
1203     memcpy(decrypted_challenge,
1204     challenge + decrypted_challenge_len -
1205     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
1206     } else {
1207     memset(decrypted_challenge, 0,
1208     SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
1209     memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
1210     decrypted_challenge_len, challenge,
1211     decrypted_challenge_len);
1212     }
1213    
1214     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1215     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1216     session_buf + host_key_bytes);
1217     memcpy(session_buf + server_key_bytes + host_key_bytes,
1218     pvar->crypt_state.server_cookie, 8);
1219     MD5(session_buf, session_buf_len, decrypted_challenge + 32);
1220    
1221     free(session_buf);
1222    
1223     MD5(decrypted_challenge, 48, response);
1224    
1225     return 1;
1226     }
1227    
1228     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1229     {
1230     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1231     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1232     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1233     memset(state->ivec1, 0, 8);
1234     memset(state->ivec2, 0, 8);
1235     memset(state->ivec3, 0, 8);
1236     }
1237    
1238     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1239     {
1240     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1241     memset(state->ivec, 0, 8);
1242     }
1243    
1244     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1245     {
1246     idea_set_encrypt_key(session_key, &state->k);
1247     memset(state->ivec, 0, 8);
1248     }
1249    
1250     static void cBlowfish_init(char FAR * session_key,
1251     CipherBlowfishState FAR * state)
1252     {
1253     BF_set_key(&state->k, 32, session_key);
1254     memset(state->ivec, 0, 8);
1255     }
1256    
1257    
1258     //
1259     // SSH2�p�A���S���Y����������
1260     //
1261     // for SSH2(yutaka)
1262     //
1263     void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1264     const u_char *key, u_int keylen,
1265     const u_char *iv, u_int ivlen,
1266     int encrypt,
1267     const EVP_CIPHER *type,
1268     int discard_len,
1269     PTInstVar pvar)
1270     {
1271     int klen;
1272     char tmp[80];
1273     unsigned char *junk = NULL, *discard = NULL;
1274    
1275     EVP_CIPHER_CTX_init(evp);
1276     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1277     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1278     "Cipher initialize error(%d)");
1279     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1280     notify_fatal_error(pvar, tmp);
1281     return;
1282     }
1283    
1284     klen = EVP_CIPHER_CTX_key_length(evp);
1285     if (klen > 0 && keylen != klen) {
1286     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1287     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1288     "Cipher initialize error(%d)");
1289     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1290     notify_fatal_error(pvar, tmp);
1291     return;
1292     }
1293     }
1294     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1295     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1296     "Cipher initialize error(%d)");
1297     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1298     notify_fatal_error(pvar, tmp);
1299     return;
1300     }
1301    
1302     if (discard_len > 0) {
1303     junk = malloc(discard_len);
1304     discard = malloc(discard_len);
1305     if (junk == NULL || discard == NULL ||
1306     EVP_Cipher(evp, discard, junk, discard_len) == 0) {
1307     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1308     "Cipher initialize error(%d)");
1309     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
1310     pvar->ts->UIMsg, 3);
1311     notify_fatal_error(pvar, tmp);
1312     }
1313     else {
1314     memset(discard, 0, discard_len);
1315     }
1316     free(junk);
1317     free(discard);
1318     }
1319     }
1320    
1321    
1322     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1323     {
1324     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1325     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1326     BOOL isOK = TRUE;
1327    
1328     if (sender_flag) {
1329     switch (pvar->crypt_state.sender_cipher) {
1330     // for SSH2(yutaka)
1331     case SSH2_CIPHER_3DES_CBC:
1332     {
1333     struct Enc *enc;
1334    
1335     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1336     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1337     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1338     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1339     CIPHER_ENCRYPT,
1340     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1341     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1342     pvar);
1343    
1344     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1345     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1346    
1347     pvar->crypt_state.encrypt = c3DES_CBC_encrypt;
1348     break;
1349     }
1350    
1351     // for SSH2(yutaka)
1352     case SSH2_CIPHER_AES128_CBC:
1353     case SSH2_CIPHER_AES192_CBC:
1354     case SSH2_CIPHER_AES256_CBC:
1355     case SSH2_CIPHER_AES128_CTR:
1356     case SSH2_CIPHER_AES192_CTR:
1357     case SSH2_CIPHER_AES256_CTR:
1358     {
1359     struct Enc *enc;
1360    
1361     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1362     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1363     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1364     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1365     CIPHER_ENCRYPT,
1366     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1367     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1368     pvar);
1369    
1370     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1371     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1372    
1373     pvar->crypt_state.encrypt = cAES128_encrypt;
1374     break;
1375     }
1376    
1377     case SSH2_CIPHER_BLOWFISH_CBC:
1378     {
1379     struct Enc *enc;
1380    
1381     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1382     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1383     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1384     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1385     CIPHER_ENCRYPT,
1386     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1387     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1388     pvar);
1389    
1390     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1391     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1392    
1393     pvar->crypt_state.encrypt = cBlowfish_encrypt2;
1394     break;
1395     }
1396    
1397     case SSH2_CIPHER_ARCFOUR:
1398     case SSH2_CIPHER_ARCFOUR128:
1399     case SSH2_CIPHER_ARCFOUR256:
1400     {
1401     struct Enc *enc;
1402    
1403     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1404     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1405     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1406     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1407     CIPHER_ENCRYPT,
1408     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1409     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1410     pvar);
1411     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1412     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1413    
1414     pvar->crypt_state.encrypt = cArcfour_encrypt;
1415     break;
1416     }
1417    
1418     case SSH2_CIPHER_CAST128_CBC:
1419     {
1420     struct Enc *enc;
1421    
1422     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1423     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1424     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1425     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1426     CIPHER_ENCRYPT,
1427     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1428     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1429     pvar);
1430     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1431     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1432    
1433     pvar->crypt_state.encrypt = cCast128_encrypt;
1434     break;
1435     }
1436    
1437     case SSH_CIPHER_3DES:{
1438     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1439     pvar->crypt_state.encrypt = c3DES_encrypt;
1440     break;
1441     }
1442     case SSH_CIPHER_IDEA:{
1443     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1444     pvar->crypt_state.encrypt = cIDEA_encrypt;
1445     break;
1446     }
1447     case SSH_CIPHER_DES:{
1448     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1449     pvar->crypt_state.encrypt = cDES_encrypt;
1450     break;
1451     }
1452     case SSH_CIPHER_RC4:{
1453     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1454     encryption_key + 16);
1455     pvar->crypt_state.encrypt = cRC4_encrypt;
1456     break;
1457     }
1458     case SSH_CIPHER_BLOWFISH:{
1459     cBlowfish_init(encryption_key,
1460     &pvar->crypt_state.enc.cBlowfish);
1461     pvar->crypt_state.encrypt = cBlowfish_encrypt;
1462     break;
1463     }
1464     default:
1465     isOK = FALSE;
1466     }
1467     }
1468    
1469    
1470     if (receiver_flag) {
1471     switch (pvar->crypt_state.receiver_cipher) {
1472     // for SSH2(yutaka)
1473     case SSH2_CIPHER_3DES_CBC:
1474     {
1475     struct Enc *enc;
1476    
1477     enc = &pvar->ssh2_keys[MODE_IN].enc;
1478     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1479     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1480     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1481     CIPHER_DECRYPT,
1482     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1483     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1484     pvar);
1485    
1486     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1487     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1488    
1489     pvar->crypt_state.decrypt = c3DES_CBC_decrypt;
1490     break;
1491     }
1492    
1493     // for SSH2(yutaka)
1494     case SSH2_CIPHER_AES128_CBC:
1495     case SSH2_CIPHER_AES192_CBC:
1496     case SSH2_CIPHER_AES256_CBC:
1497     case SSH2_CIPHER_AES128_CTR:
1498     case SSH2_CIPHER_AES192_CTR:
1499     case SSH2_CIPHER_AES256_CTR:
1500     {
1501     struct Enc *enc;
1502    
1503     enc = &pvar->ssh2_keys[MODE_IN].enc;
1504     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1505     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1506     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1507     CIPHER_DECRYPT,
1508     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1509     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1510     pvar);
1511    
1512     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1513     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1514    
1515     pvar->crypt_state.decrypt = cAES128_decrypt;
1516     break;
1517     }
1518    
1519     case SSH2_CIPHER_BLOWFISH_CBC:
1520     {
1521     struct Enc *enc;
1522    
1523     enc = &pvar->ssh2_keys[MODE_IN].enc;
1524     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1525     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1526     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1527     CIPHER_DECRYPT,
1528     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1529     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1530     pvar);
1531    
1532     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1533     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1534    
1535     pvar->crypt_state.decrypt = cBlowfish_decrypt2;
1536     break;
1537     }
1538    
1539     case SSH2_CIPHER_ARCFOUR:
1540     case SSH2_CIPHER_ARCFOUR128:
1541     case SSH2_CIPHER_ARCFOUR256:
1542     {
1543     struct Enc *enc;
1544    
1545     enc = &pvar->ssh2_keys[MODE_IN].enc;
1546     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1547     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1548     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1549     CIPHER_DECRYPT,
1550     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1551     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1552     pvar);
1553    
1554     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1555     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1556    
1557     pvar->crypt_state.decrypt = cArcfour_decrypt;
1558     break;
1559     }
1560    
1561     case SSH2_CIPHER_CAST128_CBC:
1562     {
1563     struct Enc *enc;
1564    
1565     enc = &pvar->ssh2_keys[MODE_IN].enc;
1566     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1567     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1568     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1569     CIPHER_DECRYPT,
1570     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1571     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1572     pvar);
1573    
1574     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1575     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1576    
1577     pvar->crypt_state.decrypt = cCast128_decrypt;
1578     break;
1579     }
1580    
1581     case SSH_CIPHER_3DES:{
1582     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1583     pvar->crypt_state.decrypt = c3DES_decrypt;
1584     break;
1585     }
1586     case SSH_CIPHER_IDEA:{
1587     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1588     pvar->crypt_state.decrypt = cIDEA_decrypt;
1589     break;
1590     }
1591     case SSH_CIPHER_DES:{
1592     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1593     pvar->crypt_state.decrypt = cDES_decrypt;
1594     break;
1595     }
1596     case SSH_CIPHER_RC4:{
1597     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1598     pvar->crypt_state.decrypt = cRC4_decrypt;
1599     break;
1600     }
1601     case SSH_CIPHER_BLOWFISH:{
1602     cBlowfish_init(decryption_key,
1603     &pvar->crypt_state.dec.cBlowfish);
1604     pvar->crypt_state.decrypt = cBlowfish_decrypt;
1605     break;
1606     }
1607     default:
1608     isOK = FALSE;
1609     }
1610     }
1611    
1612    
1613     if (!isOK) {
1614     UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1615     "No cipher selected!");
1616     notify_fatal_error(pvar, pvar->ts->UIMsg);
1617     return FALSE;
1618     } else {
1619     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1620     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1621     return TRUE;
1622     }
1623     }
1624    
1625     void CRYPT_init(PTInstVar pvar)
1626     {
1627     pvar->crypt_state.encrypt = no_encrypt;
1628     pvar->crypt_state.decrypt = no_encrypt;
1629     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1630     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1631     pvar->crypt_state.server_key.RSA_key = NULL;
1632     pvar->crypt_state.host_key.RSA_key = NULL;
1633    
1634     pvar->crypt_state.detect_attack_statics.h = NULL;
1635     pvar->crypt_state.detect_attack_statics.n =
1636     HASH_MINSIZE / HASH_ENTRYSIZE;
1637     }
1638    
1639     static char FAR *get_cipher_name(int cipher)
1640     {
1641     switch (cipher) {
1642     case SSH_CIPHER_NONE:
1643     return "None";
1644     case SSH_CIPHER_3DES:
1645     return "3DES (168 key bits)";
1646     case SSH_CIPHER_DES:
1647     return "DES (56 key bits)";
1648     case SSH_CIPHER_IDEA:
1649     return "IDEA (128 key bits)";
1650     case SSH_CIPHER_RC4:
1651     return "RC4 (128 key bits)";
1652     case SSH_CIPHER_BLOWFISH:
1653     return "Blowfish (256 key bits)";
1654    
1655     // SSH2
1656     case SSH2_CIPHER_3DES_CBC:
1657     return "3DES-CBC";
1658     case SSH2_CIPHER_AES128_CBC:
1659     return "AES128-CBC";
1660     case SSH2_CIPHER_AES192_CBC:
1661     return "AES192-CBC";
1662     case SSH2_CIPHER_AES256_CBC:
1663     return "AES256-CBC";
1664     case SSH2_CIPHER_BLOWFISH_CBC:
1665     return "Blowfish-CBC";
1666     case SSH2_CIPHER_AES128_CTR:
1667     return "AES128-CTR";
1668     case SSH2_CIPHER_AES192_CTR:
1669     return "AES192-CTR";
1670     case SSH2_CIPHER_AES256_CTR:
1671     return "AES256-CTR";
1672     case SSH2_CIPHER_ARCFOUR:
1673     return "Arcfour";
1674     case SSH2_CIPHER_ARCFOUR128:
1675     return "Arcfour128";
1676     case SSH2_CIPHER_ARCFOUR256:
1677     return "Arcfour256";
1678     case SSH2_CIPHER_CAST128_CBC:
1679     return "CAST-128-CBC";
1680    
1681     default:
1682     return "Unknown";
1683     }
1684     }
1685    
1686     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1687     {
1688     UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1689     "%s to server, %s from server");
1690     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1691     get_cipher_name(pvar->crypt_state.sender_cipher),
1692     get_cipher_name(pvar->crypt_state.receiver_cipher));
1693     }
1694    
1695     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1696     {
1697     if (SSHv1(pvar)) {
1698     if (pvar->crypt_state.server_key.RSA_key == NULL
1699     || pvar->crypt_state.host_key.RSA_key == NULL) {
1700     UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1701     strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1702     } else {
1703     UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1704     "%d-bit server key, %d-bit host key");
1705     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1706     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1707     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1708     }
1709     } else { // SSH2
1710     UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1711     "%d-bit server key, %d-bit host key");
1712     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1713     pvar->server_key_bits,
1714     pvar->client_key_bits);
1715     }
1716     }
1717    
1718     static void destroy_public_key(CRYPTPublicKey FAR * key)
1719     {
1720     if (key->RSA_key != NULL) {
1721     RSA_free(key->RSA_key);
1722     key->RSA_key = NULL;
1723     }
1724     }
1725    
1726     void CRYPT_free_public_key(CRYPTPublicKey FAR * key)
1727     {
1728     destroy_public_key(key);
1729     free(key);
1730     }
1731    
1732     void CRYPT_end(PTInstVar pvar)
1733     {
1734     destroy_public_key(&pvar->crypt_state.host_key);
1735     destroy_public_key(&pvar->crypt_state.server_key);
1736    
1737     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1738     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1739     pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1740     free(pvar->crypt_state.detect_attack_statics.h);
1741     }
1742    
1743     memset(pvar->crypt_state.sender_cipher_key, 0,
1744     sizeof(pvar->crypt_state.sender_cipher_key));
1745     memset(pvar->crypt_state.receiver_cipher_key, 0,
1746     sizeof(pvar->crypt_state.receiver_cipher_key));
1747     memset(pvar->crypt_state.server_cookie, 0,
1748     sizeof(pvar->crypt_state.server_cookie));
1749     memset(pvar->crypt_state.client_cookie, 0,
1750     sizeof(pvar->crypt_state.client_cookie));
1751     memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1752     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1753     }
1754    
1755     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1756     char FAR * buf, int bytes)
1757     {
1758     unsigned char passphrase_key[16];
1759    
1760     MD5(passphrase, strlen(passphrase), passphrase_key);
1761    
1762     switch (cipher) {
1763     case SSH_CIPHER_3DES:{
1764     Cipher3DESState state;
1765    
1766     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1767     &state.k1);
1768     DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1769     &state.k2);
1770     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1771     &state.k3);
1772     memset(state.ivec1, 0, 8);
1773     memset(state.ivec2, 0, 8);
1774     memset(state.ivec3, 0, 8);
1775     DES_ncbc_encrypt(buf, buf, bytes,
1776     &state.k3, &state.ivec3, DES_DECRYPT);
1777     DES_ncbc_encrypt(buf, buf, bytes,
1778     &state.k2, &state.ivec2, DES_ENCRYPT);
1779     DES_ncbc_encrypt(buf, buf, bytes,
1780     &state.k1, &state.ivec1, DES_DECRYPT);
1781     break;
1782     }
1783    
1784     case SSH_CIPHER_IDEA:{
1785     CipherIDEAState state;
1786     int num = 0;
1787    
1788     cIDEA_init(passphrase_key, &state);
1789     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1790     &num, IDEA_DECRYPT);
1791     break;
1792     }
1793    
1794     case SSH_CIPHER_DES:{
1795     CipherDESState state;
1796    
1797     cDES_init(passphrase_key, &state);
1798     DES_ncbc_encrypt(buf, buf, bytes,
1799     &state.k, &state.ivec, DES_DECRYPT);
1800     break;
1801     }
1802    
1803     case SSH_CIPHER_RC4:{
1804     CipherRC4State state;
1805     int num = 0;
1806    
1807     RC4_set_key(&state.k, 16, passphrase_key);
1808     RC4(&state.k, bytes, buf, buf);
1809     break;
1810     }
1811    
1812     case SSH_CIPHER_BLOWFISH:{
1813     CipherBlowfishState state;
1814    
1815     BF_set_key(&state.k, 16, passphrase_key);
1816     memset(state.ivec, 0, 8);
1817     flip_endianness(buf, bytes);
1818     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1819     BF_DECRYPT);
1820     flip_endianness(buf, bytes);
1821     break;
1822     }
1823    
1824     case SSH_CIPHER_NONE:
1825     break;
1826    
1827     default:
1828     memset(passphrase_key, 0, sizeof(passphrase_key));
1829     return 0;
1830     }
1831    
1832     memset(passphrase_key, 0, sizeof(passphrase_key));
1833     return 1;
1834     }
1835    
1836     void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair)
1837     {
1838     if (key_pair->RSA_key != NULL)
1839     RSA_free(key_pair->RSA_key);
1840    
1841     if (key_pair->DSA_key != NULL)
1842     DSA_free(key_pair->DSA_key);
1843    
1844     free(key_pair);
1845     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help