Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3850 - (hide annotations) (download) (as text)
Mon Apr 12 08:29:53 2010 UTC (14 years ago) by doda
Original Path: trunk/ttssh2/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 56578 byte(s) 
3DES-CTR, BLOWFISH-CTR, CAST128-CTR 共通鍵暗号方式をサポート。
1 maya 3227 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40     #include <openssl/dsa.h>
41     #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51     * $Id: crypt.c,v 1.28 2008-11-23 07:44:05 doda Exp $ Cryptographic attack
52     * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87     uint32 len, unsigned char FAR * IV)
88     {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116     unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118     {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191     int bytes)
192     {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199     buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202     default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204     buf, bytes, NULL) == DEATTACK_DETECTED;
205     }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217     // ���O�������������������������������AAES192, AES256 ����
218     // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219     static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220     int bytes)
221     {
222     unsigned char *newbuf = malloc(bytes);
223     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
224    
225     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
226     if (bytes == 0)
227     goto error;
228    
229     if (newbuf == NULL)
230     return;
231    
232     if (bytes % block_size) {
233     char tmp[80];
234     UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR1", pvar,
235     "AES128/192/256 encrypt error(1): bytes %d (%d)");
236     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
237     pvar->ts->UIMsg, bytes, block_size);
238     notify_fatal_error(pvar, tmp);
239     goto error;
240     }
241    
242     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
243     UTIL_get_lang_msg("MSG_AES128_ENCRYPT_ERROR2", pvar,
244     "AES128/192/256 encrypt error(2)");
245     notify_fatal_error(pvar, pvar->ts->UIMsg);
246     goto error;
247    
248     } else {
249     //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
250     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
251     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
252     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
253    
254     //debug_print(50, key, 24);
255     //debug_print(51, iv, 8);
256     //debug_print(52, buf, bytes);
257     //debug_print(53, newbuf, bytes);
258    
259     memcpy(buf, newbuf, bytes);
260     }
261    
262     error:
263     free(newbuf);
264     }
265    
266     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
267     int bytes)
268     {
269     unsigned char *newbuf = malloc(bytes);
270     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
271    
272     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
273     if (bytes == 0)
274     goto error;
275    
276     if (newbuf == NULL)
277     return;
278    
279     if (bytes % block_size) {
280     char tmp[80];
281     UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR1", pvar,
282     "AES128/192/256 decrypt error(1): bytes %d (%d)");
283     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
284     notify_fatal_error(pvar, tmp);
285     goto error;
286     }
287    
288     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
289     UTIL_get_lang_msg("MSG_AES128_DECRYPT_ERROR2", pvar,
290     "AES128/192/256 decrypt error(2)");
291     notify_fatal_error(pvar, pvar->ts->UIMsg);
292     goto error;
293    
294     } else {
295     //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
296     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
297     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
298     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
299    
300     //debug_print(70, key, AES128_KEYLEN);
301     //debug_print(71, iv, AES128_IVLEN);
302     //debug_print(72, buf, bytes);
303     //debug_print(73, newbuf, bytes);
304    
305     memcpy(buf, newbuf, bytes);
306     }
307    
308     error:
309     free(newbuf);
310     }
311    
312    
313    
314     // for SSH2(yutaka)
315 doda 3850 static void c3DES_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
316 maya 3227 int bytes)
317     {
318     unsigned char *newbuf = malloc(bytes);
319     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
320    
321     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
322     if (bytes == 0)
323     goto error;
324    
325     if (newbuf == NULL)
326     return;
327    
328     if (bytes % block_size) {
329     char tmp[80];
330     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR1", pvar,
331     "3DES-CBC encrypt error(1): bytes %d (%d)");
332     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
333     pvar->ts->UIMsg, bytes, block_size);
334     notify_fatal_error(pvar, tmp);
335     goto error;
336     }
337    
338     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
339     UTIL_get_lang_msg("MSG_3DESCBC_ENCRYPT_ERROR2", pvar,
340     "3DES-CBC encrypt error(2)");
341     notify_fatal_error(pvar, pvar->ts->UIMsg);
342     goto error;
343    
344     } else {
345     //unsigned char key[24], iv[8];
346     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
347     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
348     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
349    
350     //debug_print(50, key, 24);
351     //debug_print(51, iv, 8);
352     //debug_print(52, buf, bytes);
353     //debug_print(53, newbuf, bytes);
354    
355     memcpy(buf, newbuf, bytes);
356     }
357    
358     error:
359     free(newbuf);
360     }
361    
362 doda 3850 static void c3DES_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
363 maya 3227 int bytes)
364     {
365     unsigned char *newbuf = malloc(bytes);
366     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
367    
368     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
369     if (bytes == 0)
370     goto error;
371    
372     if (newbuf == NULL)
373     return;
374    
375     if (bytes % block_size) {
376     char tmp[80];
377     UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR1", pvar,
378     "3DES-CBC decrypt error(1): bytes %d (%d)");
379     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
380     notify_fatal_error(pvar, tmp);
381     goto error;
382     }
383    
384     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
385     UTIL_get_lang_msg("MSG_3DESCBC_DECRYPT_ERROR2", pvar,
386     "3DES-CBC decrypt error(2)");
387     notify_fatal_error(pvar, pvar->ts->UIMsg);
388     goto error;
389    
390     } else {
391     //unsigned char key[24], iv[8];
392     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
393     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
394     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
395    
396     //debug_print(70, key, 24);
397     //debug_print(71, iv, 8);
398     //debug_print(72, buf, bytes);
399     //debug_print(73, newbuf, bytes);
400    
401     memcpy(buf, newbuf, bytes);
402     }
403    
404     error:
405     free(newbuf);
406     }
407    
408    
409     static void cBlowfish_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
410     int bytes)
411     {
412     unsigned char *newbuf = malloc(bytes);
413     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
414    
415     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
416     if (bytes == 0)
417     goto error;
418    
419     if (newbuf == NULL)
420     return;
421    
422     if (bytes % block_size) {
423     char tmp[80];
424     UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR1", pvar,
425     "Blowfish encrypt error(1): bytes %d (%d)");
426     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
427     pvar->ts->UIMsg, bytes, block_size);
428     notify_fatal_error(pvar, tmp);
429     goto error;
430     }
431    
432     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
433     UTIL_get_lang_msg("MSG_BLOWFISH_ENCRYPT_ERROR2", pvar,
434     "Blowfish encrypt error(2)");
435     notify_fatal_error(pvar, pvar->ts->UIMsg);
436     goto error;
437    
438     } else {
439     memcpy(buf, newbuf, bytes);
440    
441     }
442    
443     error:
444     free(newbuf);
445     }
446    
447     static void cBlowfish_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
448     int bytes)
449     {
450     unsigned char *newbuf = malloc(bytes);
451     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
452    
453     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
454     if (bytes == 0)
455     goto error;
456    
457     if (newbuf == NULL)
458     return;
459    
460     if (bytes % block_size) {
461     char tmp[80];
462     UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR1", pvar,
463     "Blowfish decrypt error(1): bytes %d (%d)");
464     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
465     notify_fatal_error(pvar, tmp);
466     goto error;
467     }
468    
469     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
470     UTIL_get_lang_msg("MSG_BLOWFISH_DECRYPT_ERROR2", pvar,
471     "Blowfish decrypt error(2)");
472     notify_fatal_error(pvar, pvar->ts->UIMsg);
473     goto error;
474    
475     } else {
476     memcpy(buf, newbuf, bytes);
477    
478     }
479    
480     error:
481     free(newbuf);
482     }
483    
484     static void cArcfour_encrypt(PTInstVar pvar, unsigned char FAR * buf,
485     int bytes)
486     {
487     unsigned char *newbuf = malloc(bytes);
488     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
489    
490     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
491     if (bytes == 0)
492     goto error;
493    
494     if (newbuf == NULL)
495     return;
496    
497     if (bytes % block_size) {
498     char tmp[80];
499     UTIL_get_lang_msg("MSG_ARCFOUR_ENCRYPT_ERROR1", pvar,
500     "Arcfour encrypt error(1): bytes %d (%d)");
501     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
502     pvar->ts->UIMsg, bytes, block_size);
503     notify_fatal_error(pvar, tmp);
504     goto error;
505     }
506    
507     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
508     UTIL_get_lang_msg("MSG_ARCFOUR_ENCRYPT_ERROR2", pvar,
509     "Arcfour encrypt error(2)");
510     notify_fatal_error(pvar, pvar->ts->UIMsg);
511     goto error;
512    
513     } else {
514     memcpy(buf, newbuf, bytes);
515    
516     }
517    
518     error:
519     free(newbuf);
520     }
521    
522     static void cArcfour_decrypt(PTInstVar pvar, unsigned char FAR * buf,
523     int bytes)
524     {
525     unsigned char *newbuf = malloc(bytes);
526     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
527    
528     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
529     if (bytes == 0)
530     goto error;
531    
532     if (newbuf == NULL)
533     return;
534    
535     if (bytes % block_size) {
536     char tmp[80];
537     UTIL_get_lang_msg("MSG_ARCFOUR_DECRYPT_ERROR1", pvar,
538     "Arcfour decrypt error(1): bytes %d (%d)");
539     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
540     notify_fatal_error(pvar, tmp);
541     goto error;
542     }
543    
544     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
545     UTIL_get_lang_msg("MSG_ARCFOUR_DECRYPT_ERROR2", pvar,
546     "Arcfour decrypt error(2)");
547     notify_fatal_error(pvar, pvar->ts->UIMsg);
548     goto error;
549    
550     } else {
551     memcpy(buf, newbuf, bytes);
552    
553     }
554    
555     error:
556     free(newbuf);
557     }
558    
559     static void cCast128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
560     int bytes)
561     {
562     unsigned char *newbuf = malloc(bytes);
563     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
564    
565     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
566     if (bytes == 0)
567     goto error;
568    
569     if (newbuf == NULL)
570     return;
571    
572     if (bytes % block_size) {
573     char tmp[80];
574     UTIL_get_lang_msg("MSG_CAST128_ENCRYPT_ERROR1", pvar,
575     "CAST128 encrypt error(1): bytes %d (%d)");
576     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
577     pvar->ts->UIMsg, bytes, block_size);
578     notify_fatal_error(pvar, tmp);
579     goto error;
580     }
581    
582     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
583     UTIL_get_lang_msg("MSG_CAST128_ENCRYPT_ERROR2", pvar,
584     "CAST128 encrypt error(2)");
585     notify_fatal_error(pvar, pvar->ts->UIMsg);
586     goto error;
587    
588     } else {
589     memcpy(buf, newbuf, bytes);
590    
591     }
592    
593     error:
594     free(newbuf);
595     }
596    
597     static void cCast128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
598     int bytes)
599     {
600     unsigned char *newbuf = malloc(bytes);
601     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
602    
603     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
604     if (bytes == 0)
605     goto error;
606    
607     if (newbuf == NULL)
608     return;
609    
610     if (bytes % block_size) {
611     char tmp[80];
612     UTIL_get_lang_msg("MSG_CAST128_DECRYPT_ERROR1", pvar,
613     "CAST128 decrypt error(1): bytes %d (%d)");
614     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size);
615     notify_fatal_error(pvar, tmp);
616     goto error;
617     }
618    
619     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
620     UTIL_get_lang_msg("MSG_CAST128_DECRYPT_ERROR2", pvar,
621     "CAST128 decrypt error(2)");
622     notify_fatal_error(pvar, pvar->ts->UIMsg);
623     goto error;
624    
625     } else {
626     memcpy(buf, newbuf, bytes);
627    
628     }
629    
630     error:
631     free(newbuf);
632     }
633    
634    
635    
636     static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
637     int bytes)
638     {
639     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
640    
641     DES_ncbc_encrypt(buf, buf, bytes,
642     &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
643     DES_ncbc_encrypt(buf, buf, bytes,
644     &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
645     DES_ncbc_encrypt(buf, buf, bytes,
646     &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
647     }
648    
649     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
650     int bytes)
651     {
652     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
653    
654     DES_ncbc_encrypt(buf, buf, bytes,
655     &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
656     DES_ncbc_encrypt(buf, buf, bytes,
657     &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
658     DES_ncbc_encrypt(buf, buf, bytes,
659     &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
660     }
661    
662     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
663     int bytes)
664     {
665     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
666    
667     DES_ncbc_encrypt(buf, buf, bytes,
668     &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
669     }
670    
671     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
672     int bytes)
673     {
674     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
675    
676     DES_ncbc_encrypt(buf, buf, bytes,
677     &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
678     }
679    
680     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
681     int bytes)
682     {
683     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
684     int num = 0;
685    
686     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
687     encryptstate->ivec, &num, IDEA_ENCRYPT);
688     }
689    
690     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
691     int bytes)
692     {
693     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
694     int num = 0;
695    
696     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
697     decryptstate->ivec, &num, IDEA_DECRYPT);
698     }
699    
700     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
701     {
702     uint32 FAR *buf = (uint32 FAR *) cbuf;
703     int count = bytes / 4;
704    
705     while (count > 0) {
706     uint32 w = *buf;
707    
708     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
709     | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
710     count--;
711     buf++;
712     }
713     }
714    
715     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
716     int bytes)
717     {
718     CipherBlowfishState FAR *encryptstate =
719     &pvar->crypt_state.enc.cBlowfish;
720    
721     flip_endianness(buf, bytes);
722     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
723     BF_ENCRYPT);
724     flip_endianness(buf, bytes);
725     }
726    
727     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
728     int bytes)
729     {
730     CipherBlowfishState FAR *decryptstate =
731     &pvar->crypt_state.dec.cBlowfish;
732    
733     flip_endianness(buf, bytes);
734     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
735     BF_DECRYPT);
736     flip_endianness(buf, bytes);
737     }
738    
739     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
740     int bytes)
741     {
742     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
743     int num = 0;
744    
745     RC4(&encryptstate->k, bytes, buf, buf);
746     }
747    
748     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
749     int bytes)
750     {
751     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
752     int num = 0;
753    
754     RC4(&decryptstate->k, bytes, buf, buf);
755     }
756    
757     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
758     int bytes)
759     {
760     RAND_bytes(buf, bytes);
761     }
762    
763     void CRYPT_initialize_random_numbers(PTInstVar pvar)
764     {
765     RAND_screen();
766     }
767    
768     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
769     {
770     int bits = get_ushort16_MSBfirst(bytes);
771    
772     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
773     }
774    
775     // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
776     RSA FAR *make_key(PTInstVar pvar,
777     int bits, unsigned char FAR * exp,
778     unsigned char FAR * mod)
779     {
780     RSA FAR *key = RSA_new();
781    
782     if (key != NULL) {
783     key->e = get_bignum(exp);
784     key->n = get_bignum(mod);
785     }
786    
787     if (key == NULL || key->e == NULL || key->n == NULL) {
788     UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
789     "Error setting up RSA keys");
790     notify_fatal_error(pvar, pvar->ts->UIMsg);
791    
792     if (key != NULL) {
793     if (key->e != NULL) {
794     BN_free(key->e);
795     }
796     if (key->n != NULL) {
797     BN_free(key->n);
798     }
799     RSA_free(key);
800     }
801    
802     return NULL;
803     } else {
804     return key;
805     }
806     }
807    
808     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
809     {
810     if (SSHv1(pvar)) {
811     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
812     } else {
813     memcpy(pvar->crypt_state.server_cookie, cookie,
814     SSH2_COOKIE_LENGTH);
815     }
816     }
817    
818     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
819     {
820     if (SSHv2(pvar)) {
821     memcpy(pvar->crypt_state.client_cookie, cookie,
822     SSH2_COOKIE_LENGTH);
823     }
824     }
825    
826     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
827     int bits, unsigned char FAR * exp,
828     unsigned char FAR * mod)
829     {
830     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
831    
832     return pvar->crypt_state.server_key.RSA_key != NULL;
833     }
834    
835     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
836     int bits, unsigned char FAR * exp,
837     unsigned char FAR * mod)
838     {
839     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
840    
841     return pvar->crypt_state.host_key.RSA_key != NULL;
842     }
843    
844     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
845     int receiver_ciphers)
846     {
847     int cipher_mask;
848    
849     if (SSHv1(pvar)) {
850     cipher_mask = (1 << SSH_CIPHER_DES)
851     | (1 << SSH_CIPHER_3DES)
852     | (1 << SSH_CIPHER_BLOWFISH);
853    
854     } else { // for SSH2(yutaka)
855     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
856     cipher_mask = (1 << SSH2_CIPHER_3DES_CBC)
857     | (1 << SSH2_CIPHER_AES128_CBC)
858     | (1 << SSH2_CIPHER_AES192_CBC)
859     | (1 << SSH2_CIPHER_AES256_CBC)
860     | (1 << SSH2_CIPHER_BLOWFISH_CBC)
861     | (1 << SSH2_CIPHER_AES128_CTR)
862     | (1 << SSH2_CIPHER_AES192_CTR)
863     | (1 << SSH2_CIPHER_AES256_CTR)
864     | (1 << SSH2_CIPHER_ARCFOUR)
865     | (1 << SSH2_CIPHER_ARCFOUR128)
866     | (1 << SSH2_CIPHER_ARCFOUR256)
867 doda 3850 | (1 << SSH2_CIPHER_CAST128_CBC)
868     | (1 << SSH2_CIPHER_3DES_CTR)
869     | (1 << SSH2_CIPHER_BLOWFISH_CTR)
870     | (1 << SSH2_CIPHER_CAST128_CTR);
871 maya 3227 }
872    
873     sender_ciphers &= cipher_mask;
874     receiver_ciphers &= cipher_mask;
875     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
876     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
877    
878     if (sender_ciphers == 0) {
879     UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
880     "The server does not support any of the TTSSH encryption algorithms.\n"
881     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
882     "The connection will be closed.");
883     notify_fatal_error(pvar, pvar->ts->UIMsg);
884     return FALSE;
885     } else if (receiver_ciphers == 0) {
886     UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
887     "The server does not support any of the TTSSH encryption algorithms.\n"
888     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
889     "The connection will be closed.");
890     notify_fatal_error(pvar, pvar->ts->UIMsg);
891     return FALSE;
892     } else {
893     return TRUE;
894     }
895     }
896    
897     int CRYPT_get_decryption_block_size(PTInstVar pvar)
898     {
899     if (SSHv1(pvar)) {
900     return 8;
901     } else {
902     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
903     // cf. 3DES=8, AES128=16
904     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
905     }
906     }
907    
908     int CRYPT_get_encryption_block_size(PTInstVar pvar)
909     {
910     if (SSHv1(pvar)) {
911     return 8;
912     } else {
913     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
914     // cf. 3DES=8, AES128=16
915     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
916     }
917     }
918    
919     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
920     {
921     struct Mac *mac;
922    
923     if (SSHv1(pvar)) {
924     return 0;
925    
926     } else { // for SSH2(yutaka)
927     mac = &pvar->ssh2_keys[MODE_IN].mac;
928     if (mac == NULL || mac->enabled == 0)
929     return 0;
930    
931     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
932     }
933    
934     }
935    
936     // HMAC������
937     // ���{������ SSH2 �������g�p�������B
938     // (2004.12.17 yutaka)
939     BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
940     char FAR * data, int len, char FAR * MAC)
941     {
942     HMAC_CTX c;
943     unsigned char m[EVP_MAX_MD_SIZE];
944     unsigned char b[4];
945     struct Mac *mac;
946    
947     mac = &pvar->ssh2_keys[MODE_IN].mac;
948    
949     // HMAC�������L���������������A����OK�����������B
950     if (mac == NULL || mac->enabled == 0)
951     return TRUE;
952    
953     if (mac->key == NULL)
954     goto error;
955    
956     if ((u_int)mac->mac_len > sizeof(m))
957     goto error;
958    
959     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
960     set_uint32_MSBfirst(b, sequence_number);
961     HMAC_Update(&c, b, sizeof(b));
962     HMAC_Update(&c, data, len);
963     HMAC_Final(&c, m, NULL);
964     HMAC_cleanup(&c);
965    
966     if (memcmp(m, MAC, mac->mac_len)) {
967     goto error;
968     }
969    
970     return TRUE;
971    
972     error:
973     return FALSE;
974     }
975    
976     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
977     {
978     struct Mac *mac;
979    
980     if (SSHv2(pvar)) { // for SSH2(yutaka)
981     mac = &pvar->ssh2_keys[MODE_OUT].mac;
982     if (mac == NULL || mac->enabled == 0)
983     return 0;
984    
985     return (mac->mac_len);
986     }
987    
988     return 0;
989     }
990    
991     // for SSH2
992     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
993     char FAR * data, int len, char FAR * MAC)
994     {
995     HMAC_CTX c;
996     static u_char m[EVP_MAX_MD_SIZE];
997     u_char b[4];
998     struct Mac *mac;
999    
1000     if (SSHv2(pvar)) { // for SSH2(yutaka)
1001     mac = &pvar->ssh2_keys[MODE_OUT].mac;
1002     if (mac == NULL || mac->enabled == 0)
1003     return FALSE;
1004    
1005     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
1006     set_uint32_MSBfirst(b, sequence_number);
1007     HMAC_Update(&c, b, sizeof(b));
1008     HMAC_Update(&c, data, len);
1009     HMAC_Final(&c, m, NULL);
1010     HMAC_cleanup(&c);
1011    
1012     // 20�o�C�g�������R�s�[
1013     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
1014     // memcpy(MAC, m, sizeof(m));
1015    
1016     return TRUE;
1017     }
1018    
1019     return TRUE;
1020    
1021     }
1022    
1023     static int choose_cipher(PTInstVar pvar, int supported)
1024     {
1025     int i;
1026    
1027     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
1028     int cipher = pvar->session_settings.CipherOrder[i] - '0';
1029    
1030     if (cipher == SSH_CIPHER_NONE) {
1031     break;
1032     } else if ((supported & (1 << cipher)) != 0) {
1033     return cipher;
1034     }
1035     }
1036    
1037     return SSH_CIPHER_NONE;
1038     }
1039    
1040     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
1041     {
1042     if (SSHv1(pvar)) {
1043     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
1044     pvar->crypt_state.
1045     supported_sender_ciphers);
1046     pvar->crypt_state.receiver_cipher =
1047     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
1048    
1049     } else { // SSH2(yutaka)
1050     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
1051     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
1052    
1053     }
1054    
1055     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
1056     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
1057     UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
1058     "All the encryption algorithms that this program and the server both understand have been disabled.\n"
1059     "To communicate with this server, you will have to enable some more ciphers\n"
1060     "in the TTSSH Setup dialog box when you run Tera Term again.\n"
1061     "This connection will now close.");
1062     notify_fatal_error(pvar, pvar->ts->UIMsg);
1063     return FALSE;
1064     } else {
1065     return TRUE;
1066     }
1067     }
1068    
1069     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
1070     {
1071     int server_key_bits =
1072     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1073     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1074     int server_key_bytes = (server_key_bits + 7) / 8;
1075     int host_key_bytes = (host_key_bits + 7) / 8;
1076    
1077     if (server_key_bits < host_key_bits) {
1078     return host_key_bytes;
1079     } else {
1080     return server_key_bytes;
1081     }
1082     }
1083    
1084     int CRYPT_choose_session_key(PTInstVar pvar,
1085     unsigned char FAR * encrypted_key_buf)
1086     {
1087     int server_key_bits =
1088     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1089     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1090     int server_key_bytes = (server_key_bits + 7) / 8;
1091     int host_key_bytes = (host_key_bits + 7) / 8;
1092     int encrypted_key_bytes;
1093     int bit_delta;
1094    
1095     if (server_key_bits < host_key_bits) {
1096     encrypted_key_bytes = host_key_bytes;
1097     bit_delta = host_key_bits - server_key_bits;
1098     } else {
1099     encrypted_key_bytes = server_key_bytes;
1100     bit_delta = server_key_bits - host_key_bits;
1101     }
1102    
1103     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
1104     UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
1105     "Server RSA keys are too weak. A secure connection cannot be established.");
1106     notify_fatal_error(pvar, pvar->ts->UIMsg);
1107     return 0;
1108     } else {
1109     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
1110     for the session ID, rather than the one specified in the RFC */
1111     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1112     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1113     char session_id[16];
1114     int i;
1115    
1116     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1117     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1118     session_buf + host_key_bytes);
1119     memcpy(session_buf + server_key_bytes + host_key_bytes,
1120     pvar->crypt_state.server_cookie, 8);
1121     MD5(session_buf, session_buf_len, session_id);
1122    
1123     free(session_buf);
1124    
1125     RAND_bytes(pvar->crypt_state.sender_cipher_key,
1126     SSH_SESSION_KEY_LENGTH);
1127     memcpy(pvar->crypt_state.receiver_cipher_key,
1128     pvar->crypt_state.sender_cipher_key,
1129     SSH_SESSION_KEY_LENGTH);
1130    
1131     memcpy(encrypted_key_buf + encrypted_key_bytes -
1132     SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
1133     SSH_SESSION_KEY_LENGTH);
1134     for (i = 0; i < sizeof(session_id); i++) {
1135     encrypted_key_buf[encrypted_key_bytes -
1136     SSH_SESSION_KEY_LENGTH + i]
1137     ^= session_id[i];
1138     }
1139    
1140     if (host_key_bits > server_key_bits) {
1141     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1142     encrypted_key_buf +
1143     encrypted_key_bytes -
1144     SSH_SESSION_KEY_LENGTH,
1145     encrypted_key_buf +
1146     encrypted_key_bytes - server_key_bytes,
1147     pvar->crypt_state.server_key.RSA_key,
1148     RSA_PKCS1_PADDING) < 0)
1149     return 0;
1150    
1151     if (RSA_public_encrypt(server_key_bytes,
1152     encrypted_key_buf +
1153     encrypted_key_bytes - server_key_bytes,
1154     encrypted_key_buf,
1155     pvar->crypt_state.host_key.RSA_key,
1156     RSA_PKCS1_PADDING) < 0)
1157     return 0;
1158     } else {
1159     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1160     encrypted_key_buf +
1161     encrypted_key_bytes -
1162     SSH_SESSION_KEY_LENGTH,
1163     encrypted_key_buf +
1164     encrypted_key_bytes - host_key_bytes,
1165     pvar->crypt_state.host_key.RSA_key,
1166     RSA_PKCS1_PADDING) < 0)
1167     return 0;
1168    
1169     if (RSA_public_encrypt(host_key_bytes,
1170     encrypted_key_buf +
1171     encrypted_key_bytes - host_key_bytes,
1172     encrypted_key_buf,
1173     pvar->crypt_state.server_key.RSA_key,
1174     RSA_PKCS1_PADDING) < 0)
1175     return 0;
1176     }
1177     }
1178    
1179     return 1;
1180     }
1181    
1182     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
1183     unsigned char FAR * challenge,
1184     int challenge_len,
1185     unsigned char FAR * response)
1186     {
1187     int server_key_bits =
1188     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1189     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1190     int server_key_bytes = (server_key_bits + 7) / 8;
1191     int host_key_bytes = (host_key_bits + 7) / 8;
1192     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1193     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1194     char decrypted_challenge[48];
1195     int decrypted_challenge_len;
1196    
1197     decrypted_challenge_len =
1198     RSA_private_decrypt(challenge_len, challenge, challenge,
1199     AUTH_get_cur_cred(pvar)->key_pair->RSA_key,
1200     RSA_PKCS1_PADDING);
1201     if (decrypted_challenge_len < 0) {
1202     free(session_buf);
1203     return 0;
1204     }
1205     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
1206     memcpy(decrypted_challenge,
1207     challenge + decrypted_challenge_len -
1208     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
1209     } else {
1210     memset(decrypted_challenge, 0,
1211     SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
1212     memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
1213     decrypted_challenge_len, challenge,
1214     decrypted_challenge_len);
1215     }
1216    
1217     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1218     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1219     session_buf + host_key_bytes);
1220     memcpy(session_buf + server_key_bytes + host_key_bytes,
1221     pvar->crypt_state.server_cookie, 8);
1222     MD5(session_buf, session_buf_len, decrypted_challenge + 32);
1223    
1224     free(session_buf);
1225    
1226     MD5(decrypted_challenge, 48, response);
1227    
1228     return 1;
1229     }
1230    
1231     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1232     {
1233     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1234     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1235     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1236     memset(state->ivec1, 0, 8);
1237     memset(state->ivec2, 0, 8);
1238     memset(state->ivec3, 0, 8);
1239     }
1240    
1241     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1242     {
1243     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1244     memset(state->ivec, 0, 8);
1245     }
1246    
1247     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1248     {
1249     idea_set_encrypt_key(session_key, &state->k);
1250     memset(state->ivec, 0, 8);
1251     }
1252    
1253     static void cBlowfish_init(char FAR * session_key,
1254     CipherBlowfishState FAR * state)
1255     {
1256     BF_set_key(&state->k, 32, session_key);
1257     memset(state->ivec, 0, 8);
1258     }
1259    
1260    
1261     //
1262     // SSH2�p�A���S���Y����������
1263     //
1264     // for SSH2(yutaka)
1265     //
1266     void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1267     const u_char *key, u_int keylen,
1268     const u_char *iv, u_int ivlen,
1269     int encrypt,
1270     const EVP_CIPHER *type,
1271     int discard_len,
1272     PTInstVar pvar)
1273     {
1274     int klen;
1275     char tmp[80];
1276     unsigned char *junk = NULL, *discard = NULL;
1277    
1278     EVP_CIPHER_CTX_init(evp);
1279     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1280     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1281     "Cipher initialize error(%d)");
1282     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1283     notify_fatal_error(pvar, tmp);
1284     return;
1285     }
1286    
1287     klen = EVP_CIPHER_CTX_key_length(evp);
1288     if (klen > 0 && keylen != klen) {
1289     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1290     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1291     "Cipher initialize error(%d)");
1292     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1293     notify_fatal_error(pvar, tmp);
1294     return;
1295     }
1296     }
1297     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1298     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1299     "Cipher initialize error(%d)");
1300     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1301     notify_fatal_error(pvar, tmp);
1302     return;
1303     }
1304    
1305     if (discard_len > 0) {
1306     junk = malloc(discard_len);
1307     discard = malloc(discard_len);
1308     if (junk == NULL || discard == NULL ||
1309     EVP_Cipher(evp, discard, junk, discard_len) == 0) {
1310     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1311     "Cipher initialize error(%d)");
1312     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
1313     pvar->ts->UIMsg, 3);
1314     notify_fatal_error(pvar, tmp);
1315     }
1316     else {
1317     memset(discard, 0, discard_len);
1318     }
1319     free(junk);
1320     free(discard);
1321     }
1322     }
1323    
1324    
1325     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1326     {
1327     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1328     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1329     BOOL isOK = TRUE;
1330    
1331     if (sender_flag) {
1332     switch (pvar->crypt_state.sender_cipher) {
1333     // for SSH2(yutaka)
1334     case SSH2_CIPHER_3DES_CBC:
1335 doda 3850 case SSH2_CIPHER_3DES_CTR:
1336 maya 3227 {
1337     struct Enc *enc;
1338    
1339     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1340     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1341     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1342     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1343     CIPHER_ENCRYPT,
1344     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1345     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1346     pvar);
1347    
1348     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1349     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1350    
1351 doda 3850 pvar->crypt_state.encrypt = c3DES_encrypt2;
1352 maya 3227 break;
1353     }
1354    
1355     // for SSH2(yutaka)
1356     case SSH2_CIPHER_AES128_CBC:
1357     case SSH2_CIPHER_AES192_CBC:
1358     case SSH2_CIPHER_AES256_CBC:
1359     case SSH2_CIPHER_AES128_CTR:
1360     case SSH2_CIPHER_AES192_CTR:
1361     case SSH2_CIPHER_AES256_CTR:
1362     {
1363     struct Enc *enc;
1364    
1365     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1366     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1367     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1368     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1369     CIPHER_ENCRYPT,
1370     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1371     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1372     pvar);
1373    
1374     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1375     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1376    
1377     pvar->crypt_state.encrypt = cAES128_encrypt;
1378     break;
1379     }
1380    
1381     case SSH2_CIPHER_BLOWFISH_CBC:
1382 doda 3850 case SSH2_CIPHER_BLOWFISH_CTR:
1383 maya 3227 {
1384     struct Enc *enc;
1385    
1386     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1387     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1388     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1389     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1390     CIPHER_ENCRYPT,
1391     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1392     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1393     pvar);
1394    
1395     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1396     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1397    
1398     pvar->crypt_state.encrypt = cBlowfish_encrypt2;
1399     break;
1400     }
1401    
1402     case SSH2_CIPHER_ARCFOUR:
1403     case SSH2_CIPHER_ARCFOUR128:
1404     case SSH2_CIPHER_ARCFOUR256:
1405     {
1406     struct Enc *enc;
1407    
1408     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1409     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1410     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1411     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1412     CIPHER_ENCRYPT,
1413     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1414     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1415     pvar);
1416     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1417     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1418    
1419     pvar->crypt_state.encrypt = cArcfour_encrypt;
1420     break;
1421     }
1422    
1423     case SSH2_CIPHER_CAST128_CBC:
1424 doda 3850 case SSH2_CIPHER_CAST128_CTR:
1425 maya 3227 {
1426     struct Enc *enc;
1427    
1428     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1429     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1430     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1431     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1432     CIPHER_ENCRYPT,
1433     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1434     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1435     pvar);
1436     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1437     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1438    
1439     pvar->crypt_state.encrypt = cCast128_encrypt;
1440     break;
1441     }
1442    
1443     case SSH_CIPHER_3DES:{
1444     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1445     pvar->crypt_state.encrypt = c3DES_encrypt;
1446     break;
1447     }
1448     case SSH_CIPHER_IDEA:{
1449     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1450     pvar->crypt_state.encrypt = cIDEA_encrypt;
1451     break;
1452     }
1453     case SSH_CIPHER_DES:{
1454     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1455     pvar->crypt_state.encrypt = cDES_encrypt;
1456     break;
1457     }
1458     case SSH_CIPHER_RC4:{
1459     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1460     encryption_key + 16);
1461     pvar->crypt_state.encrypt = cRC4_encrypt;
1462     break;
1463     }
1464     case SSH_CIPHER_BLOWFISH:{
1465     cBlowfish_init(encryption_key,
1466     &pvar->crypt_state.enc.cBlowfish);
1467     pvar->crypt_state.encrypt = cBlowfish_encrypt;
1468     break;
1469     }
1470     default:
1471     isOK = FALSE;
1472     }
1473     }
1474    
1475    
1476     if (receiver_flag) {
1477     switch (pvar->crypt_state.receiver_cipher) {
1478     // for SSH2(yutaka)
1479     case SSH2_CIPHER_3DES_CBC:
1480 doda 3850 case SSH2_CIPHER_3DES_CTR:
1481 maya 3227 {
1482     struct Enc *enc;
1483    
1484     enc = &pvar->ssh2_keys[MODE_IN].enc;
1485     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1486     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1487     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1488     CIPHER_DECRYPT,
1489     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1490     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1491     pvar);
1492    
1493     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1494     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1495    
1496 doda 3850 pvar->crypt_state.decrypt = c3DES_decrypt2;
1497 maya 3227 break;
1498     }
1499    
1500     // for SSH2(yutaka)
1501     case SSH2_CIPHER_AES128_CBC:
1502     case SSH2_CIPHER_AES192_CBC:
1503     case SSH2_CIPHER_AES256_CBC:
1504     case SSH2_CIPHER_AES128_CTR:
1505     case SSH2_CIPHER_AES192_CTR:
1506     case SSH2_CIPHER_AES256_CTR:
1507     {
1508     struct Enc *enc;
1509    
1510     enc = &pvar->ssh2_keys[MODE_IN].enc;
1511     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1512     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1513     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1514     CIPHER_DECRYPT,
1515     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1516     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1517     pvar);
1518    
1519     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1520     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1521    
1522     pvar->crypt_state.decrypt = cAES128_decrypt;
1523     break;
1524     }
1525    
1526     case SSH2_CIPHER_BLOWFISH_CBC:
1527 doda 3850 case SSH2_CIPHER_BLOWFISH_CTR:
1528 maya 3227 {
1529     struct Enc *enc;
1530    
1531     enc = &pvar->ssh2_keys[MODE_IN].enc;
1532     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1533     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1534     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1535     CIPHER_DECRYPT,
1536     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1537     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1538     pvar);
1539    
1540     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1541     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1542    
1543     pvar->crypt_state.decrypt = cBlowfish_decrypt2;
1544     break;
1545     }
1546    
1547     case SSH2_CIPHER_ARCFOUR:
1548     case SSH2_CIPHER_ARCFOUR128:
1549     case SSH2_CIPHER_ARCFOUR256:
1550     {
1551     struct Enc *enc;
1552    
1553     enc = &pvar->ssh2_keys[MODE_IN].enc;
1554     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1555     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1556     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1557     CIPHER_DECRYPT,
1558     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1559     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1560     pvar);
1561    
1562     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1563     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1564    
1565     pvar->crypt_state.decrypt = cArcfour_decrypt;
1566     break;
1567     }
1568    
1569     case SSH2_CIPHER_CAST128_CBC:
1570 doda 3850 case SSH2_CIPHER_CAST128_CTR:
1571 maya 3227 {
1572     struct Enc *enc;
1573    
1574     enc = &pvar->ssh2_keys[MODE_IN].enc;
1575     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1576     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1577     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1578     CIPHER_DECRYPT,
1579     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1580     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1581     pvar);
1582    
1583     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1584     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1585    
1586     pvar->crypt_state.decrypt = cCast128_decrypt;
1587     break;
1588     }
1589    
1590     case SSH_CIPHER_3DES:{
1591     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1592     pvar->crypt_state.decrypt = c3DES_decrypt;
1593     break;
1594     }
1595     case SSH_CIPHER_IDEA:{
1596     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1597     pvar->crypt_state.decrypt = cIDEA_decrypt;
1598     break;
1599     }
1600     case SSH_CIPHER_DES:{
1601     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1602     pvar->crypt_state.decrypt = cDES_decrypt;
1603     break;
1604     }
1605     case SSH_CIPHER_RC4:{
1606     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1607     pvar->crypt_state.decrypt = cRC4_decrypt;
1608     break;
1609     }
1610     case SSH_CIPHER_BLOWFISH:{
1611     cBlowfish_init(decryption_key,
1612     &pvar->crypt_state.dec.cBlowfish);
1613     pvar->crypt_state.decrypt = cBlowfish_decrypt;
1614     break;
1615     }
1616     default:
1617     isOK = FALSE;
1618     }
1619     }
1620    
1621    
1622     if (!isOK) {
1623     UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1624     "No cipher selected!");
1625     notify_fatal_error(pvar, pvar->ts->UIMsg);
1626     return FALSE;
1627     } else {
1628     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1629     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1630     return TRUE;
1631     }
1632     }
1633    
1634     void CRYPT_init(PTInstVar pvar)
1635     {
1636     pvar->crypt_state.encrypt = no_encrypt;
1637     pvar->crypt_state.decrypt = no_encrypt;
1638     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1639     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1640     pvar->crypt_state.server_key.RSA_key = NULL;
1641     pvar->crypt_state.host_key.RSA_key = NULL;
1642    
1643     pvar->crypt_state.detect_attack_statics.h = NULL;
1644     pvar->crypt_state.detect_attack_statics.n =
1645     HASH_MINSIZE / HASH_ENTRYSIZE;
1646     }
1647    
1648     static char FAR *get_cipher_name(int cipher)
1649     {
1650     switch (cipher) {
1651     case SSH_CIPHER_NONE:
1652     return "None";
1653     case SSH_CIPHER_3DES:
1654     return "3DES (168 key bits)";
1655     case SSH_CIPHER_DES:
1656     return "DES (56 key bits)";
1657     case SSH_CIPHER_IDEA:
1658     return "IDEA (128 key bits)";
1659     case SSH_CIPHER_RC4:
1660     return "RC4 (128 key bits)";
1661     case SSH_CIPHER_BLOWFISH:
1662     return "Blowfish (256 key bits)";
1663    
1664     // SSH2
1665     case SSH2_CIPHER_3DES_CBC:
1666     return "3DES-CBC";
1667     case SSH2_CIPHER_AES128_CBC:
1668     return "AES128-CBC";
1669     case SSH2_CIPHER_AES192_CBC:
1670     return "AES192-CBC";
1671     case SSH2_CIPHER_AES256_CBC:
1672     return "AES256-CBC";
1673     case SSH2_CIPHER_BLOWFISH_CBC:
1674     return "Blowfish-CBC";
1675     case SSH2_CIPHER_AES128_CTR:
1676     return "AES128-CTR";
1677     case SSH2_CIPHER_AES192_CTR:
1678     return "AES192-CTR";
1679     case SSH2_CIPHER_AES256_CTR:
1680     return "AES256-CTR";
1681     case SSH2_CIPHER_ARCFOUR:
1682     return "Arcfour";
1683     case SSH2_CIPHER_ARCFOUR128:
1684     return "Arcfour128";
1685     case SSH2_CIPHER_ARCFOUR256:
1686     return "Arcfour256";
1687     case SSH2_CIPHER_CAST128_CBC:
1688     return "CAST-128-CBC";
1689 doda 3850 case SSH2_CIPHER_3DES_CTR:
1690     return "3DES-CTR";
1691     case SSH2_CIPHER_BLOWFISH_CTR:
1692     return "Blowfish-CTR";
1693     case SSH2_CIPHER_CAST128_CTR:
1694     return "CAST-128-CTR";
1695 maya 3227
1696     default:
1697     return "Unknown";
1698     }
1699     }
1700    
1701     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1702     {
1703     UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1704     "%s to server, %s from server");
1705     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1706     get_cipher_name(pvar->crypt_state.sender_cipher),
1707     get_cipher_name(pvar->crypt_state.receiver_cipher));
1708     }
1709    
1710     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1711     {
1712     if (SSHv1(pvar)) {
1713     if (pvar->crypt_state.server_key.RSA_key == NULL
1714     || pvar->crypt_state.host_key.RSA_key == NULL) {
1715     UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1716     strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1717     } else {
1718     UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1719     "%d-bit server key, %d-bit host key");
1720     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1721     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1722     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1723     }
1724     } else { // SSH2
1725     UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1726     "%d-bit server key, %d-bit host key");
1727     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1728     pvar->server_key_bits,
1729     pvar->client_key_bits);
1730     }
1731     }
1732    
1733     static void destroy_public_key(CRYPTPublicKey FAR * key)
1734     {
1735     if (key->RSA_key != NULL) {
1736     RSA_free(key->RSA_key);
1737     key->RSA_key = NULL;
1738     }
1739     }
1740    
1741     void CRYPT_free_public_key(CRYPTPublicKey FAR * key)
1742     {
1743     destroy_public_key(key);
1744     free(key);
1745     }
1746    
1747     void CRYPT_end(PTInstVar pvar)
1748     {
1749     destroy_public_key(&pvar->crypt_state.host_key);
1750     destroy_public_key(&pvar->crypt_state.server_key);
1751    
1752     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1753     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1754     pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1755     free(pvar->crypt_state.detect_attack_statics.h);
1756     }
1757    
1758     memset(pvar->crypt_state.sender_cipher_key, 0,
1759     sizeof(pvar->crypt_state.sender_cipher_key));
1760     memset(pvar->crypt_state.receiver_cipher_key, 0,
1761     sizeof(pvar->crypt_state.receiver_cipher_key));
1762     memset(pvar->crypt_state.server_cookie, 0,
1763     sizeof(pvar->crypt_state.server_cookie));
1764     memset(pvar->crypt_state.client_cookie, 0,
1765     sizeof(pvar->crypt_state.client_cookie));
1766     memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1767     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1768     }
1769    
1770     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1771     char FAR * buf, int bytes)
1772     {
1773     unsigned char passphrase_key[16];
1774    
1775     MD5(passphrase, strlen(passphrase), passphrase_key);
1776    
1777     switch (cipher) {
1778     case SSH_CIPHER_3DES:{
1779     Cipher3DESState state;
1780    
1781     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1782     &state.k1);
1783     DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1784     &state.k2);
1785     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1786     &state.k3);
1787     memset(state.ivec1, 0, 8);
1788     memset(state.ivec2, 0, 8);
1789     memset(state.ivec3, 0, 8);
1790     DES_ncbc_encrypt(buf, buf, bytes,
1791     &state.k3, &state.ivec3, DES_DECRYPT);
1792     DES_ncbc_encrypt(buf, buf, bytes,
1793     &state.k2, &state.ivec2, DES_ENCRYPT);
1794     DES_ncbc_encrypt(buf, buf, bytes,
1795     &state.k1, &state.ivec1, DES_DECRYPT);
1796     break;
1797     }
1798    
1799     case SSH_CIPHER_IDEA:{
1800     CipherIDEAState state;
1801     int num = 0;
1802    
1803     cIDEA_init(passphrase_key, &state);
1804     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1805     &num, IDEA_DECRYPT);
1806     break;
1807     }
1808    
1809     case SSH_CIPHER_DES:{
1810     CipherDESState state;
1811    
1812     cDES_init(passphrase_key, &state);
1813     DES_ncbc_encrypt(buf, buf, bytes,
1814     &state.k, &state.ivec, DES_DECRYPT);
1815     break;
1816     }
1817    
1818     case SSH_CIPHER_RC4:{
1819     CipherRC4State state;
1820     int num = 0;
1821    
1822     RC4_set_key(&state.k, 16, passphrase_key);
1823     RC4(&state.k, bytes, buf, buf);
1824     break;
1825     }
1826    
1827     case SSH_CIPHER_BLOWFISH:{
1828     CipherBlowfishState state;
1829    
1830     BF_set_key(&state.k, 16, passphrase_key);
1831     memset(state.ivec, 0, 8);
1832     flip_endianness(buf, bytes);
1833     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1834     BF_DECRYPT);
1835     flip_endianness(buf, bytes);
1836     break;
1837     }
1838    
1839     case SSH_CIPHER_NONE:
1840     break;
1841    
1842     default:
1843     memset(passphrase_key, 0, sizeof(passphrase_key));
1844     return 0;
1845     }
1846    
1847     memset(passphrase_key, 0, sizeof(passphrase_key));
1848     return 1;
1849     }
1850    
1851     void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair)
1852     {
1853     if (key_pair->RSA_key != NULL)
1854     RSA_free(key_pair->RSA_key);
1855    
1856     if (key_pair->DSA_key != NULL)
1857     DSA_free(key_pair->DSA_key);
1858    
1859     free(key_pair);
1860     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help