Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 4307 - (hide annotations) (download) (as text)
Tue Feb 15 09:00:01 2011 UTC (13 years, 1 month ago) by maya
Original Path: trunk/ttssh2/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 56806 byte(s) 
鍵の種類を増やせるように整理した
  enum hostkey_type を ssh_keytype にリネームした
機能が重複している構造体・コードを削除した
  CRYPTKeyPair を削除、Key を使うようにした
  key_from_blob を使うようにした
1 maya 3227 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40     #include <openssl/dsa.h>
41     #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51     * $Id: crypt.c,v 1.28 2008-11-23 07:44:05 doda Exp $ Cryptographic attack
52     * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87     uint32 len, unsigned char FAR * IV)
88     {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116     unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118     {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191     int bytes)
192     {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199     buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202     default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204     buf, bytes, NULL) == DEATTACK_DETECTED;
205     }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217     // ���O�������������������������������AAES192, AES256 ����
218     // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219     static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220     int bytes)
221     {
222     unsigned char *newbuf = malloc(bytes);
223     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
224 doda 4212 char tmp[80];
225 maya 3227
226     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
227     if (bytes == 0)
228     goto error;
229    
230     if (newbuf == NULL)
231     return;
232    
233     if (bytes % block_size) {
234 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
235     "%s encrypt error(1): bytes %d (%d)");
236     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
237     "AES128/192/256", bytes, block_size);
238 maya 3227 notify_fatal_error(pvar, tmp);
239     goto error;
240     }
241    
242     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
243 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
244     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
245     "AES128/192/256");
246     notify_fatal_error(pvar, tmp);
247 maya 3227 goto error;
248    
249     } else {
250     //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
251     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
252     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
253     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
254    
255     //debug_print(50, key, 24);
256     //debug_print(51, iv, 8);
257     //debug_print(52, buf, bytes);
258     //debug_print(53, newbuf, bytes);
259    
260     memcpy(buf, newbuf, bytes);
261     }
262    
263     error:
264     free(newbuf);
265     }
266    
267     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
268     int bytes)
269     {
270     unsigned char *newbuf = malloc(bytes);
271     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
272 doda 4212 char tmp[80];
273 maya 3227
274     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
275     if (bytes == 0)
276     goto error;
277    
278     if (newbuf == NULL)
279     return;
280    
281     if (bytes % block_size) {
282 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
283     "%s decrypt error(1): bytes %d (%d)");
284     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
285     "AES128/192/256", bytes, block_size);
286 maya 3227 notify_fatal_error(pvar, tmp);
287     goto error;
288     }
289    
290     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
291 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
292     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
293     "AES128/192/256");
294     notify_fatal_error(pvar, tmp);
295 maya 3227 goto error;
296    
297     } else {
298     //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
299     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
300     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
301     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
302    
303     //debug_print(70, key, AES128_KEYLEN);
304     //debug_print(71, iv, AES128_IVLEN);
305     //debug_print(72, buf, bytes);
306     //debug_print(73, newbuf, bytes);
307    
308     memcpy(buf, newbuf, bytes);
309     }
310    
311     error:
312     free(newbuf);
313     }
314    
315    
316     // for SSH2(yutaka)
317 doda 3850 static void c3DES_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
318 doda 4212 int bytes)
319 maya 3227 {
320     unsigned char *newbuf = malloc(bytes);
321     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
322 doda 4212 char tmp[80];
323 maya 3227
324     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
325     if (bytes == 0)
326     goto error;
327    
328     if (newbuf == NULL)
329     return;
330    
331     if (bytes % block_size) {
332 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
333     "%s encrypt error(1): bytes %d (%d)");
334     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
335     "3DES-CBC", bytes, block_size);
336 maya 3227 notify_fatal_error(pvar, tmp);
337     goto error;
338     }
339    
340     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
341 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
342     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
343     "3DES-CBC");
344     notify_fatal_error(pvar, tmp);
345 maya 3227 goto error;
346    
347     } else {
348     //unsigned char key[24], iv[8];
349     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
350     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
351     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
352    
353     //debug_print(50, key, 24);
354     //debug_print(51, iv, 8);
355     //debug_print(52, buf, bytes);
356     //debug_print(53, newbuf, bytes);
357    
358     memcpy(buf, newbuf, bytes);
359     }
360    
361     error:
362     free(newbuf);
363     }
364    
365 doda 3850 static void c3DES_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
366 doda 4212 int bytes)
367 maya 3227 {
368     unsigned char *newbuf = malloc(bytes);
369     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
370 doda 4212 char tmp[80];
371 maya 3227
372     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
373     if (bytes == 0)
374     goto error;
375    
376     if (newbuf == NULL)
377     return;
378    
379     if (bytes % block_size) {
380 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
381     "%s decrypt error(1): bytes %d (%d)");
382     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
383     "3DES-CBC", bytes, block_size);
384 maya 3227 notify_fatal_error(pvar, tmp);
385     goto error;
386     }
387    
388     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
389 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
390     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
391     "3DES-CBC");
392     notify_fatal_error(pvar, tmp);
393 maya 3227 goto error;
394    
395     } else {
396     //unsigned char key[24], iv[8];
397     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
398     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
399     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
400    
401     //debug_print(70, key, 24);
402     //debug_print(71, iv, 8);
403     //debug_print(72, buf, bytes);
404     //debug_print(73, newbuf, bytes);
405    
406     memcpy(buf, newbuf, bytes);
407     }
408    
409     error:
410     free(newbuf);
411     }
412    
413    
414     static void cBlowfish_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
415     int bytes)
416     {
417     unsigned char *newbuf = malloc(bytes);
418     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
419 doda 4212 char tmp[80];
420 maya 3227
421     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
422     if (bytes == 0)
423     goto error;
424    
425     if (newbuf == NULL)
426     return;
427    
428     if (bytes % block_size) {
429 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
430     "%s encrypt error(1): bytes %d (%d)");
431     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
432     "Blowfish", bytes, block_size);
433 maya 3227 notify_fatal_error(pvar, tmp);
434     goto error;
435     }
436    
437     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
438 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
439     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
440     "Blowfish");
441     notify_fatal_error(pvar, tmp);
442 maya 3227 goto error;
443    
444     } else {
445     memcpy(buf, newbuf, bytes);
446    
447     }
448    
449     error:
450     free(newbuf);
451     }
452    
453     static void cBlowfish_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
454     int bytes)
455     {
456     unsigned char *newbuf = malloc(bytes);
457     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
458 doda 4212 char tmp[80];
459 maya 3227
460     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
461     if (bytes == 0)
462     goto error;
463    
464     if (newbuf == NULL)
465     return;
466    
467     if (bytes % block_size) {
468 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
469     "%s decrypt error(1): bytes %d (%d)");
470     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
471     "Blowfish", bytes, block_size);
472 maya 3227 notify_fatal_error(pvar, tmp);
473     goto error;
474     }
475    
476     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
477 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
478     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
479     "Blowfish");
480     notify_fatal_error(pvar, tmp);
481 maya 3227 goto error;
482    
483     } else {
484     memcpy(buf, newbuf, bytes);
485    
486     }
487    
488     error:
489     free(newbuf);
490     }
491    
492 doda 4212
493 maya 3227 static void cArcfour_encrypt(PTInstVar pvar, unsigned char FAR * buf,
494 doda 4212 int bytes)
495 maya 3227 {
496     unsigned char *newbuf = malloc(bytes);
497     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
498 doda 4212 char tmp[80];
499 maya 3227
500     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
501     if (bytes == 0)
502     goto error;
503    
504     if (newbuf == NULL)
505     return;
506    
507     if (bytes % block_size) {
508 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
509     "%s encrypt error(1): bytes %d (%d)");
510     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
511     "Arcfour", bytes, block_size);
512 maya 3227 notify_fatal_error(pvar, tmp);
513     goto error;
514     }
515    
516     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
517 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
518     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
519     "Arcfour");
520     notify_fatal_error(pvar, tmp);
521 maya 3227 goto error;
522    
523     } else {
524     memcpy(buf, newbuf, bytes);
525    
526     }
527    
528     error:
529     free(newbuf);
530     }
531    
532     static void cArcfour_decrypt(PTInstVar pvar, unsigned char FAR * buf,
533 doda 4212 int bytes)
534 maya 3227 {
535     unsigned char *newbuf = malloc(bytes);
536     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
537 doda 4212 char tmp[80];
538 maya 3227
539     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
540     if (bytes == 0)
541     goto error;
542    
543     if (newbuf == NULL)
544     return;
545    
546     if (bytes % block_size) {
547 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
548     "%s decrypt error(1): bytes %d (%d)");
549     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
550     "Arcfour", bytes, block_size);
551 maya 3227 notify_fatal_error(pvar, tmp);
552     goto error;
553     }
554    
555     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
556 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
557     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
558     "Arcfour");
559     notify_fatal_error(pvar, tmp);
560 maya 3227 goto error;
561    
562     } else {
563     memcpy(buf, newbuf, bytes);
564    
565     }
566    
567     error:
568     free(newbuf);
569     }
570    
571 doda 4212
572 maya 3227 static void cCast128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
573     int bytes)
574     {
575     unsigned char *newbuf = malloc(bytes);
576     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
577 doda 4212 char tmp[80];
578 maya 3227
579     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
580     if (bytes == 0)
581     goto error;
582    
583     if (newbuf == NULL)
584     return;
585    
586     if (bytes % block_size) {
587 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
588     "%s encrypt error(1): bytes %d (%d)");
589     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
590     "CAST128", bytes, block_size);
591 maya 3227 notify_fatal_error(pvar, tmp);
592     goto error;
593     }
594    
595     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
596 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
597     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
598     "CAST128");
599     notify_fatal_error(pvar, tmp);
600 maya 3227 goto error;
601    
602     } else {
603     memcpy(buf, newbuf, bytes);
604    
605     }
606    
607     error:
608     free(newbuf);
609     }
610    
611     static void cCast128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
612     int bytes)
613     {
614     unsigned char *newbuf = malloc(bytes);
615     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
616 doda 4212 char tmp[80];
617 maya 3227
618     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
619     if (bytes == 0)
620     goto error;
621    
622     if (newbuf == NULL)
623     return;
624    
625     if (bytes % block_size) {
626 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
627     "%s decrypt error(1): bytes %d (%d)");
628     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
629     "CAST128", bytes, block_size);
630 maya 3227 notify_fatal_error(pvar, tmp);
631     goto error;
632     }
633    
634     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
635 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
636     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
637     "CAST128");
638     notify_fatal_error(pvar, tmp);
639 maya 3227 goto error;
640    
641     } else {
642     memcpy(buf, newbuf, bytes);
643    
644     }
645    
646     error:
647     free(newbuf);
648     }
649    
650    
651     static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
652     int bytes)
653     {
654     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
655    
656     DES_ncbc_encrypt(buf, buf, bytes,
657     &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
658     DES_ncbc_encrypt(buf, buf, bytes,
659     &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
660     DES_ncbc_encrypt(buf, buf, bytes,
661     &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
662     }
663    
664     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
665     int bytes)
666     {
667     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
668    
669     DES_ncbc_encrypt(buf, buf, bytes,
670     &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
671     DES_ncbc_encrypt(buf, buf, bytes,
672     &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
673     DES_ncbc_encrypt(buf, buf, bytes,
674     &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
675     }
676    
677     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
678     int bytes)
679     {
680     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
681    
682     DES_ncbc_encrypt(buf, buf, bytes,
683     &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
684     }
685    
686     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
687     int bytes)
688     {
689     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
690    
691     DES_ncbc_encrypt(buf, buf, bytes,
692     &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
693     }
694    
695     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
696     int bytes)
697     {
698     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
699     int num = 0;
700    
701     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
702     encryptstate->ivec, &num, IDEA_ENCRYPT);
703     }
704    
705     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
706     int bytes)
707     {
708     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
709     int num = 0;
710    
711     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
712     decryptstate->ivec, &num, IDEA_DECRYPT);
713     }
714    
715     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
716     {
717     uint32 FAR *buf = (uint32 FAR *) cbuf;
718     int count = bytes / 4;
719    
720     while (count > 0) {
721     uint32 w = *buf;
722    
723     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
724     | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
725     count--;
726     buf++;
727     }
728     }
729    
730     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
731     int bytes)
732     {
733     CipherBlowfishState FAR *encryptstate =
734     &pvar->crypt_state.enc.cBlowfish;
735    
736     flip_endianness(buf, bytes);
737     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
738     BF_ENCRYPT);
739     flip_endianness(buf, bytes);
740     }
741    
742     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
743     int bytes)
744     {
745     CipherBlowfishState FAR *decryptstate =
746     &pvar->crypt_state.dec.cBlowfish;
747    
748     flip_endianness(buf, bytes);
749     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
750     BF_DECRYPT);
751     flip_endianness(buf, bytes);
752     }
753    
754     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
755     int bytes)
756     {
757     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
758     int num = 0;
759    
760     RC4(&encryptstate->k, bytes, buf, buf);
761     }
762    
763     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
764     int bytes)
765     {
766     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
767     int num = 0;
768    
769     RC4(&decryptstate->k, bytes, buf, buf);
770     }
771    
772     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
773     int bytes)
774     {
775     RAND_bytes(buf, bytes);
776     }
777    
778     void CRYPT_initialize_random_numbers(PTInstVar pvar)
779     {
780     RAND_screen();
781     }
782    
783     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
784     {
785     int bits = get_ushort16_MSBfirst(bytes);
786    
787     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
788     }
789    
790     // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
791     RSA FAR *make_key(PTInstVar pvar,
792     int bits, unsigned char FAR * exp,
793     unsigned char FAR * mod)
794     {
795     RSA FAR *key = RSA_new();
796    
797     if (key != NULL) {
798     key->e = get_bignum(exp);
799     key->n = get_bignum(mod);
800     }
801    
802     if (key == NULL || key->e == NULL || key->n == NULL) {
803     UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
804     "Error setting up RSA keys");
805     notify_fatal_error(pvar, pvar->ts->UIMsg);
806    
807     if (key != NULL) {
808     if (key->e != NULL) {
809     BN_free(key->e);
810     }
811     if (key->n != NULL) {
812     BN_free(key->n);
813     }
814     RSA_free(key);
815     }
816    
817     return NULL;
818     } else {
819     return key;
820     }
821     }
822    
823     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
824     {
825     if (SSHv1(pvar)) {
826     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
827     } else {
828     memcpy(pvar->crypt_state.server_cookie, cookie,
829     SSH2_COOKIE_LENGTH);
830     }
831     }
832    
833     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
834     {
835     if (SSHv2(pvar)) {
836     memcpy(pvar->crypt_state.client_cookie, cookie,
837     SSH2_COOKIE_LENGTH);
838     }
839     }
840    
841     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
842     int bits, unsigned char FAR * exp,
843     unsigned char FAR * mod)
844     {
845     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
846    
847     return pvar->crypt_state.server_key.RSA_key != NULL;
848     }
849    
850     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
851     int bits, unsigned char FAR * exp,
852     unsigned char FAR * mod)
853     {
854     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
855    
856     return pvar->crypt_state.host_key.RSA_key != NULL;
857     }
858    
859     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
860     int receiver_ciphers)
861     {
862     int cipher_mask;
863    
864     if (SSHv1(pvar)) {
865     cipher_mask = (1 << SSH_CIPHER_DES)
866     | (1 << SSH_CIPHER_3DES)
867     | (1 << SSH_CIPHER_BLOWFISH);
868    
869     } else { // for SSH2(yutaka)
870     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
871     cipher_mask = (1 << SSH2_CIPHER_3DES_CBC)
872     | (1 << SSH2_CIPHER_AES128_CBC)
873     | (1 << SSH2_CIPHER_AES192_CBC)
874     | (1 << SSH2_CIPHER_AES256_CBC)
875     | (1 << SSH2_CIPHER_BLOWFISH_CBC)
876     | (1 << SSH2_CIPHER_AES128_CTR)
877     | (1 << SSH2_CIPHER_AES192_CTR)
878     | (1 << SSH2_CIPHER_AES256_CTR)
879     | (1 << SSH2_CIPHER_ARCFOUR)
880     | (1 << SSH2_CIPHER_ARCFOUR128)
881     | (1 << SSH2_CIPHER_ARCFOUR256)
882 doda 3850 | (1 << SSH2_CIPHER_CAST128_CBC)
883     | (1 << SSH2_CIPHER_3DES_CTR)
884     | (1 << SSH2_CIPHER_BLOWFISH_CTR)
885     | (1 << SSH2_CIPHER_CAST128_CTR);
886 maya 3227 }
887    
888     sender_ciphers &= cipher_mask;
889     receiver_ciphers &= cipher_mask;
890     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
891     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
892    
893     if (sender_ciphers == 0) {
894     UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
895     "The server does not support any of the TTSSH encryption algorithms.\n"
896     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
897     "The connection will be closed.");
898     notify_fatal_error(pvar, pvar->ts->UIMsg);
899     return FALSE;
900     } else if (receiver_ciphers == 0) {
901     UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
902     "The server does not support any of the TTSSH encryption algorithms.\n"
903     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
904     "The connection will be closed.");
905     notify_fatal_error(pvar, pvar->ts->UIMsg);
906     return FALSE;
907     } else {
908     return TRUE;
909     }
910     }
911    
912     int CRYPT_get_decryption_block_size(PTInstVar pvar)
913     {
914     if (SSHv1(pvar)) {
915     return 8;
916     } else {
917     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
918     // cf. 3DES=8, AES128=16
919     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
920     }
921     }
922    
923     int CRYPT_get_encryption_block_size(PTInstVar pvar)
924     {
925     if (SSHv1(pvar)) {
926     return 8;
927     } else {
928     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
929     // cf. 3DES=8, AES128=16
930     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
931     }
932     }
933    
934     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
935     {
936     struct Mac *mac;
937    
938     if (SSHv1(pvar)) {
939     return 0;
940    
941     } else { // for SSH2(yutaka)
942     mac = &pvar->ssh2_keys[MODE_IN].mac;
943     if (mac == NULL || mac->enabled == 0)
944     return 0;
945    
946     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
947     }
948    
949     }
950    
951     // HMAC������
952     // ���{������ SSH2 �������g�p�������B
953     // (2004.12.17 yutaka)
954     BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
955     char FAR * data, int len, char FAR * MAC)
956     {
957     HMAC_CTX c;
958     unsigned char m[EVP_MAX_MD_SIZE];
959     unsigned char b[4];
960     struct Mac *mac;
961    
962     mac = &pvar->ssh2_keys[MODE_IN].mac;
963    
964     // HMAC�������L���������������A����OK�����������B
965     if (mac == NULL || mac->enabled == 0)
966     return TRUE;
967    
968     if (mac->key == NULL)
969     goto error;
970    
971     if ((u_int)mac->mac_len > sizeof(m))
972     goto error;
973    
974     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
975     set_uint32_MSBfirst(b, sequence_number);
976     HMAC_Update(&c, b, sizeof(b));
977     HMAC_Update(&c, data, len);
978     HMAC_Final(&c, m, NULL);
979     HMAC_cleanup(&c);
980    
981     if (memcmp(m, MAC, mac->mac_len)) {
982     goto error;
983     }
984    
985     return TRUE;
986    
987     error:
988     return FALSE;
989     }
990    
991     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
992     {
993     struct Mac *mac;
994    
995     if (SSHv2(pvar)) { // for SSH2(yutaka)
996     mac = &pvar->ssh2_keys[MODE_OUT].mac;
997     if (mac == NULL || mac->enabled == 0)
998     return 0;
999    
1000     return (mac->mac_len);
1001     }
1002    
1003     return 0;
1004     }
1005    
1006     // for SSH2
1007     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
1008     char FAR * data, int len, char FAR * MAC)
1009     {
1010     HMAC_CTX c;
1011     static u_char m[EVP_MAX_MD_SIZE];
1012     u_char b[4];
1013     struct Mac *mac;
1014    
1015     if (SSHv2(pvar)) { // for SSH2(yutaka)
1016     mac = &pvar->ssh2_keys[MODE_OUT].mac;
1017     if (mac == NULL || mac->enabled == 0)
1018     return FALSE;
1019    
1020     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
1021     set_uint32_MSBfirst(b, sequence_number);
1022     HMAC_Update(&c, b, sizeof(b));
1023     HMAC_Update(&c, data, len);
1024     HMAC_Final(&c, m, NULL);
1025     HMAC_cleanup(&c);
1026    
1027     // 20�o�C�g�������R�s�[
1028     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
1029     // memcpy(MAC, m, sizeof(m));
1030    
1031     return TRUE;
1032     }
1033    
1034     return TRUE;
1035    
1036     }
1037    
1038     static int choose_cipher(PTInstVar pvar, int supported)
1039     {
1040     int i;
1041    
1042     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
1043     int cipher = pvar->session_settings.CipherOrder[i] - '0';
1044    
1045     if (cipher == SSH_CIPHER_NONE) {
1046     break;
1047     } else if ((supported & (1 << cipher)) != 0) {
1048     return cipher;
1049     }
1050     }
1051    
1052     return SSH_CIPHER_NONE;
1053     }
1054    
1055     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
1056     {
1057     if (SSHv1(pvar)) {
1058     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
1059     pvar->crypt_state.
1060     supported_sender_ciphers);
1061     pvar->crypt_state.receiver_cipher =
1062     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
1063    
1064     } else { // SSH2(yutaka)
1065     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
1066     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
1067    
1068     }
1069    
1070     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
1071     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
1072     UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
1073     "All the encryption algorithms that this program and the server both understand have been disabled.\n"
1074     "To communicate with this server, you will have to enable some more ciphers\n"
1075     "in the TTSSH Setup dialog box when you run Tera Term again.\n"
1076     "This connection will now close.");
1077     notify_fatal_error(pvar, pvar->ts->UIMsg);
1078     return FALSE;
1079     } else {
1080     return TRUE;
1081     }
1082     }
1083    
1084     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
1085     {
1086     int server_key_bits =
1087     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1088     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1089     int server_key_bytes = (server_key_bits + 7) / 8;
1090     int host_key_bytes = (host_key_bits + 7) / 8;
1091    
1092     if (server_key_bits < host_key_bits) {
1093     return host_key_bytes;
1094     } else {
1095     return server_key_bytes;
1096     }
1097     }
1098    
1099     int CRYPT_choose_session_key(PTInstVar pvar,
1100     unsigned char FAR * encrypted_key_buf)
1101     {
1102     int server_key_bits =
1103     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1104     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1105     int server_key_bytes = (server_key_bits + 7) / 8;
1106     int host_key_bytes = (host_key_bits + 7) / 8;
1107     int encrypted_key_bytes;
1108     int bit_delta;
1109    
1110     if (server_key_bits < host_key_bits) {
1111     encrypted_key_bytes = host_key_bytes;
1112     bit_delta = host_key_bits - server_key_bits;
1113     } else {
1114     encrypted_key_bytes = server_key_bytes;
1115     bit_delta = server_key_bits - host_key_bits;
1116     }
1117    
1118     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
1119     UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
1120     "Server RSA keys are too weak. A secure connection cannot be established.");
1121     notify_fatal_error(pvar, pvar->ts->UIMsg);
1122     return 0;
1123     } else {
1124     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
1125     for the session ID, rather than the one specified in the RFC */
1126     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1127     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1128     char session_id[16];
1129     int i;
1130    
1131     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1132     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1133     session_buf + host_key_bytes);
1134     memcpy(session_buf + server_key_bytes + host_key_bytes,
1135     pvar->crypt_state.server_cookie, 8);
1136     MD5(session_buf, session_buf_len, session_id);
1137    
1138     free(session_buf);
1139    
1140     RAND_bytes(pvar->crypt_state.sender_cipher_key,
1141     SSH_SESSION_KEY_LENGTH);
1142     memcpy(pvar->crypt_state.receiver_cipher_key,
1143     pvar->crypt_state.sender_cipher_key,
1144     SSH_SESSION_KEY_LENGTH);
1145    
1146     memcpy(encrypted_key_buf + encrypted_key_bytes -
1147     SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
1148     SSH_SESSION_KEY_LENGTH);
1149     for (i = 0; i < sizeof(session_id); i++) {
1150     encrypted_key_buf[encrypted_key_bytes -
1151     SSH_SESSION_KEY_LENGTH + i]
1152     ^= session_id[i];
1153     }
1154    
1155     if (host_key_bits > server_key_bits) {
1156     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1157     encrypted_key_buf +
1158     encrypted_key_bytes -
1159     SSH_SESSION_KEY_LENGTH,
1160     encrypted_key_buf +
1161     encrypted_key_bytes - server_key_bytes,
1162     pvar->crypt_state.server_key.RSA_key,
1163     RSA_PKCS1_PADDING) < 0)
1164     return 0;
1165    
1166     if (RSA_public_encrypt(server_key_bytes,
1167     encrypted_key_buf +
1168     encrypted_key_bytes - server_key_bytes,
1169     encrypted_key_buf,
1170     pvar->crypt_state.host_key.RSA_key,
1171     RSA_PKCS1_PADDING) < 0)
1172     return 0;
1173     } else {
1174     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1175     encrypted_key_buf +
1176     encrypted_key_bytes -
1177     SSH_SESSION_KEY_LENGTH,
1178     encrypted_key_buf +
1179     encrypted_key_bytes - host_key_bytes,
1180     pvar->crypt_state.host_key.RSA_key,
1181     RSA_PKCS1_PADDING) < 0)
1182     return 0;
1183    
1184     if (RSA_public_encrypt(host_key_bytes,
1185     encrypted_key_buf +
1186     encrypted_key_bytes - host_key_bytes,
1187     encrypted_key_buf,
1188     pvar->crypt_state.server_key.RSA_key,
1189     RSA_PKCS1_PADDING) < 0)
1190     return 0;
1191     }
1192     }
1193    
1194     return 1;
1195     }
1196    
1197     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
1198     unsigned char FAR * challenge,
1199     int challenge_len,
1200     unsigned char FAR * response)
1201     {
1202     int server_key_bits =
1203     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1204     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1205     int server_key_bytes = (server_key_bits + 7) / 8;
1206     int host_key_bytes = (host_key_bits + 7) / 8;
1207     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1208     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1209     char decrypted_challenge[48];
1210     int decrypted_challenge_len;
1211    
1212     decrypted_challenge_len =
1213     RSA_private_decrypt(challenge_len, challenge, challenge,
1214 maya 4307 AUTH_get_cur_cred(pvar)->key_pair->rsa,
1215 maya 3227 RSA_PKCS1_PADDING);
1216     if (decrypted_challenge_len < 0) {
1217     free(session_buf);
1218     return 0;
1219     }
1220     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
1221     memcpy(decrypted_challenge,
1222     challenge + decrypted_challenge_len -
1223     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
1224     } else {
1225     memset(decrypted_challenge, 0,
1226     SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
1227     memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
1228     decrypted_challenge_len, challenge,
1229     decrypted_challenge_len);
1230     }
1231    
1232     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1233     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1234     session_buf + host_key_bytes);
1235     memcpy(session_buf + server_key_bytes + host_key_bytes,
1236     pvar->crypt_state.server_cookie, 8);
1237     MD5(session_buf, session_buf_len, decrypted_challenge + 32);
1238    
1239     free(session_buf);
1240    
1241     MD5(decrypted_challenge, 48, response);
1242    
1243     return 1;
1244     }
1245    
1246     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1247     {
1248     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1249     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1250     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1251     memset(state->ivec1, 0, 8);
1252     memset(state->ivec2, 0, 8);
1253     memset(state->ivec3, 0, 8);
1254     }
1255    
1256     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1257     {
1258     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1259     memset(state->ivec, 0, 8);
1260     }
1261    
1262     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1263     {
1264     idea_set_encrypt_key(session_key, &state->k);
1265     memset(state->ivec, 0, 8);
1266     }
1267    
1268     static void cBlowfish_init(char FAR * session_key,
1269     CipherBlowfishState FAR * state)
1270     {
1271     BF_set_key(&state->k, 32, session_key);
1272     memset(state->ivec, 0, 8);
1273     }
1274    
1275    
1276     //
1277     // SSH2�p�A���S���Y����������
1278     //
1279     // for SSH2(yutaka)
1280     //
1281     void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1282     const u_char *key, u_int keylen,
1283     const u_char *iv, u_int ivlen,
1284     int encrypt,
1285     const EVP_CIPHER *type,
1286     int discard_len,
1287     PTInstVar pvar)
1288     {
1289     int klen;
1290     char tmp[80];
1291     unsigned char *junk = NULL, *discard = NULL;
1292    
1293     EVP_CIPHER_CTX_init(evp);
1294     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1295     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1296     "Cipher initialize error(%d)");
1297     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1298     notify_fatal_error(pvar, tmp);
1299     return;
1300     }
1301    
1302     klen = EVP_CIPHER_CTX_key_length(evp);
1303     if (klen > 0 && keylen != klen) {
1304     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1305     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1306     "Cipher initialize error(%d)");
1307     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1308     notify_fatal_error(pvar, tmp);
1309     return;
1310     }
1311     }
1312     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1313     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1314     "Cipher initialize error(%d)");
1315     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1316     notify_fatal_error(pvar, tmp);
1317     return;
1318     }
1319    
1320     if (discard_len > 0) {
1321     junk = malloc(discard_len);
1322     discard = malloc(discard_len);
1323     if (junk == NULL || discard == NULL ||
1324     EVP_Cipher(evp, discard, junk, discard_len) == 0) {
1325     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1326     "Cipher initialize error(%d)");
1327     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
1328     pvar->ts->UIMsg, 3);
1329     notify_fatal_error(pvar, tmp);
1330     }
1331     else {
1332     memset(discard, 0, discard_len);
1333     }
1334     free(junk);
1335     free(discard);
1336     }
1337     }
1338    
1339    
1340     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1341     {
1342     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1343     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1344     BOOL isOK = TRUE;
1345    
1346     if (sender_flag) {
1347     switch (pvar->crypt_state.sender_cipher) {
1348     // for SSH2(yutaka)
1349     case SSH2_CIPHER_3DES_CBC:
1350 doda 3850 case SSH2_CIPHER_3DES_CTR:
1351 maya 3227 {
1352     struct Enc *enc;
1353    
1354     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1355     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1356     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1357     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1358     CIPHER_ENCRYPT,
1359     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1360     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1361     pvar);
1362    
1363     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1364     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1365    
1366 doda 3850 pvar->crypt_state.encrypt = c3DES_encrypt2;
1367 maya 3227 break;
1368     }
1369    
1370     // for SSH2(yutaka)
1371     case SSH2_CIPHER_AES128_CBC:
1372     case SSH2_CIPHER_AES192_CBC:
1373     case SSH2_CIPHER_AES256_CBC:
1374     case SSH2_CIPHER_AES128_CTR:
1375     case SSH2_CIPHER_AES192_CTR:
1376     case SSH2_CIPHER_AES256_CTR:
1377     {
1378     struct Enc *enc;
1379    
1380     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1381     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1382     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1383     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1384     CIPHER_ENCRYPT,
1385     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1386     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1387     pvar);
1388    
1389     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1390     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1391    
1392     pvar->crypt_state.encrypt = cAES128_encrypt;
1393     break;
1394     }
1395    
1396     case SSH2_CIPHER_BLOWFISH_CBC:
1397 doda 3850 case SSH2_CIPHER_BLOWFISH_CTR:
1398 maya 3227 {
1399     struct Enc *enc;
1400    
1401     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1402     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1403     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1404     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1405     CIPHER_ENCRYPT,
1406     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1407     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1408     pvar);
1409    
1410     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1411     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1412    
1413     pvar->crypt_state.encrypt = cBlowfish_encrypt2;
1414     break;
1415     }
1416    
1417     case SSH2_CIPHER_ARCFOUR:
1418     case SSH2_CIPHER_ARCFOUR128:
1419     case SSH2_CIPHER_ARCFOUR256:
1420     {
1421     struct Enc *enc;
1422    
1423     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1424     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1425     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1426     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1427     CIPHER_ENCRYPT,
1428     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1429     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1430     pvar);
1431     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1432     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1433    
1434     pvar->crypt_state.encrypt = cArcfour_encrypt;
1435     break;
1436     }
1437    
1438     case SSH2_CIPHER_CAST128_CBC:
1439 doda 3850 case SSH2_CIPHER_CAST128_CTR:
1440 maya 3227 {
1441     struct Enc *enc;
1442    
1443     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1444     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1445     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1446     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1447     CIPHER_ENCRYPT,
1448     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1449     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1450     pvar);
1451     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1452     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1453    
1454     pvar->crypt_state.encrypt = cCast128_encrypt;
1455     break;
1456     }
1457    
1458     case SSH_CIPHER_3DES:{
1459     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1460     pvar->crypt_state.encrypt = c3DES_encrypt;
1461     break;
1462     }
1463     case SSH_CIPHER_IDEA:{
1464     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1465     pvar->crypt_state.encrypt = cIDEA_encrypt;
1466     break;
1467     }
1468     case SSH_CIPHER_DES:{
1469     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1470     pvar->crypt_state.encrypt = cDES_encrypt;
1471     break;
1472     }
1473     case SSH_CIPHER_RC4:{
1474     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1475     encryption_key + 16);
1476     pvar->crypt_state.encrypt = cRC4_encrypt;
1477     break;
1478     }
1479     case SSH_CIPHER_BLOWFISH:{
1480     cBlowfish_init(encryption_key,
1481     &pvar->crypt_state.enc.cBlowfish);
1482     pvar->crypt_state.encrypt = cBlowfish_encrypt;
1483     break;
1484     }
1485     default:
1486     isOK = FALSE;
1487     }
1488     }
1489    
1490    
1491     if (receiver_flag) {
1492     switch (pvar->crypt_state.receiver_cipher) {
1493     // for SSH2(yutaka)
1494     case SSH2_CIPHER_3DES_CBC:
1495 doda 3850 case SSH2_CIPHER_3DES_CTR:
1496 maya 3227 {
1497     struct Enc *enc;
1498    
1499     enc = &pvar->ssh2_keys[MODE_IN].enc;
1500     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1501     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1502     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1503     CIPHER_DECRYPT,
1504     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1505     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1506     pvar);
1507    
1508     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1509     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1510    
1511 doda 3850 pvar->crypt_state.decrypt = c3DES_decrypt2;
1512 maya 3227 break;
1513     }
1514    
1515     // for SSH2(yutaka)
1516     case SSH2_CIPHER_AES128_CBC:
1517     case SSH2_CIPHER_AES192_CBC:
1518     case SSH2_CIPHER_AES256_CBC:
1519     case SSH2_CIPHER_AES128_CTR:
1520     case SSH2_CIPHER_AES192_CTR:
1521     case SSH2_CIPHER_AES256_CTR:
1522     {
1523     struct Enc *enc;
1524    
1525     enc = &pvar->ssh2_keys[MODE_IN].enc;
1526     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1527     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1528     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1529     CIPHER_DECRYPT,
1530     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1531     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1532     pvar);
1533    
1534     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1535     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1536    
1537     pvar->crypt_state.decrypt = cAES128_decrypt;
1538     break;
1539     }
1540    
1541     case SSH2_CIPHER_BLOWFISH_CBC:
1542 doda 3850 case SSH2_CIPHER_BLOWFISH_CTR:
1543 maya 3227 {
1544     struct Enc *enc;
1545    
1546     enc = &pvar->ssh2_keys[MODE_IN].enc;
1547     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1548     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1549     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1550     CIPHER_DECRYPT,
1551     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1552     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1553     pvar);
1554    
1555     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1556     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1557    
1558     pvar->crypt_state.decrypt = cBlowfish_decrypt2;
1559     break;
1560     }
1561    
1562     case SSH2_CIPHER_ARCFOUR:
1563     case SSH2_CIPHER_ARCFOUR128:
1564     case SSH2_CIPHER_ARCFOUR256:
1565     {
1566     struct Enc *enc;
1567    
1568     enc = &pvar->ssh2_keys[MODE_IN].enc;
1569     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1570     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1571     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1572     CIPHER_DECRYPT,
1573     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1574     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1575     pvar);
1576    
1577     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1578     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1579    
1580     pvar->crypt_state.decrypt = cArcfour_decrypt;
1581     break;
1582     }
1583    
1584     case SSH2_CIPHER_CAST128_CBC:
1585 doda 3850 case SSH2_CIPHER_CAST128_CTR:
1586 maya 3227 {
1587     struct Enc *enc;
1588    
1589     enc = &pvar->ssh2_keys[MODE_IN].enc;
1590     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1591     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1592     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1593     CIPHER_DECRYPT,
1594     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1595     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1596     pvar);
1597    
1598     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1599     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1600    
1601     pvar->crypt_state.decrypt = cCast128_decrypt;
1602     break;
1603     }
1604    
1605     case SSH_CIPHER_3DES:{
1606     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1607     pvar->crypt_state.decrypt = c3DES_decrypt;
1608     break;
1609     }
1610     case SSH_CIPHER_IDEA:{
1611     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1612     pvar->crypt_state.decrypt = cIDEA_decrypt;
1613     break;
1614     }
1615     case SSH_CIPHER_DES:{
1616     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1617     pvar->crypt_state.decrypt = cDES_decrypt;
1618     break;
1619     }
1620     case SSH_CIPHER_RC4:{
1621     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1622     pvar->crypt_state.decrypt = cRC4_decrypt;
1623     break;
1624     }
1625     case SSH_CIPHER_BLOWFISH:{
1626     cBlowfish_init(decryption_key,
1627     &pvar->crypt_state.dec.cBlowfish);
1628     pvar->crypt_state.decrypt = cBlowfish_decrypt;
1629     break;
1630     }
1631     default:
1632     isOK = FALSE;
1633     }
1634     }
1635    
1636    
1637     if (!isOK) {
1638     UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1639     "No cipher selected!");
1640     notify_fatal_error(pvar, pvar->ts->UIMsg);
1641     return FALSE;
1642     } else {
1643     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1644     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1645     return TRUE;
1646     }
1647     }
1648    
1649     void CRYPT_init(PTInstVar pvar)
1650     {
1651     pvar->crypt_state.encrypt = no_encrypt;
1652     pvar->crypt_state.decrypt = no_encrypt;
1653     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1654     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1655     pvar->crypt_state.server_key.RSA_key = NULL;
1656     pvar->crypt_state.host_key.RSA_key = NULL;
1657    
1658     pvar->crypt_state.detect_attack_statics.h = NULL;
1659     pvar->crypt_state.detect_attack_statics.n =
1660     HASH_MINSIZE / HASH_ENTRYSIZE;
1661     }
1662    
1663     static char FAR *get_cipher_name(int cipher)
1664     {
1665     switch (cipher) {
1666     case SSH_CIPHER_NONE:
1667     return "None";
1668     case SSH_CIPHER_3DES:
1669     return "3DES (168 key bits)";
1670     case SSH_CIPHER_DES:
1671     return "DES (56 key bits)";
1672     case SSH_CIPHER_IDEA:
1673     return "IDEA (128 key bits)";
1674     case SSH_CIPHER_RC4:
1675     return "RC4 (128 key bits)";
1676     case SSH_CIPHER_BLOWFISH:
1677     return "Blowfish (256 key bits)";
1678    
1679     // SSH2
1680     case SSH2_CIPHER_3DES_CBC:
1681     return "3DES-CBC";
1682     case SSH2_CIPHER_AES128_CBC:
1683     return "AES128-CBC";
1684     case SSH2_CIPHER_AES192_CBC:
1685     return "AES192-CBC";
1686     case SSH2_CIPHER_AES256_CBC:
1687     return "AES256-CBC";
1688     case SSH2_CIPHER_BLOWFISH_CBC:
1689     return "Blowfish-CBC";
1690     case SSH2_CIPHER_AES128_CTR:
1691     return "AES128-CTR";
1692     case SSH2_CIPHER_AES192_CTR:
1693     return "AES192-CTR";
1694     case SSH2_CIPHER_AES256_CTR:
1695     return "AES256-CTR";
1696     case SSH2_CIPHER_ARCFOUR:
1697     return "Arcfour";
1698     case SSH2_CIPHER_ARCFOUR128:
1699     return "Arcfour128";
1700     case SSH2_CIPHER_ARCFOUR256:
1701     return "Arcfour256";
1702     case SSH2_CIPHER_CAST128_CBC:
1703     return "CAST-128-CBC";
1704 doda 3850 case SSH2_CIPHER_3DES_CTR:
1705     return "3DES-CTR";
1706     case SSH2_CIPHER_BLOWFISH_CTR:
1707     return "Blowfish-CTR";
1708     case SSH2_CIPHER_CAST128_CTR:
1709     return "CAST-128-CTR";
1710 maya 3227
1711     default:
1712     return "Unknown";
1713     }
1714     }
1715    
1716     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1717     {
1718     UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1719     "%s to server, %s from server");
1720     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1721     get_cipher_name(pvar->crypt_state.sender_cipher),
1722     get_cipher_name(pvar->crypt_state.receiver_cipher));
1723     }
1724    
1725     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1726     {
1727     if (SSHv1(pvar)) {
1728     if (pvar->crypt_state.server_key.RSA_key == NULL
1729     || pvar->crypt_state.host_key.RSA_key == NULL) {
1730     UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1731     strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1732     } else {
1733     UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1734     "%d-bit server key, %d-bit host key");
1735     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1736     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1737     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1738     }
1739     } else { // SSH2
1740     UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1741     "%d-bit server key, %d-bit host key");
1742     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1743     pvar->server_key_bits,
1744     pvar->client_key_bits);
1745     }
1746     }
1747    
1748 maya 4307 static void destroy_public_key(CRYPTPublicKey * key)
1749 maya 3227 {
1750     if (key->RSA_key != NULL) {
1751     RSA_free(key->RSA_key);
1752     key->RSA_key = NULL;
1753     }
1754     }
1755    
1756 maya 4307 void CRYPT_free_public_key(CRYPTPublicKey * key)
1757 maya 3227 {
1758     destroy_public_key(key);
1759     free(key);
1760     }
1761    
1762     void CRYPT_end(PTInstVar pvar)
1763     {
1764     destroy_public_key(&pvar->crypt_state.host_key);
1765     destroy_public_key(&pvar->crypt_state.server_key);
1766    
1767     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1768     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1769     pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1770     free(pvar->crypt_state.detect_attack_statics.h);
1771     }
1772    
1773     memset(pvar->crypt_state.sender_cipher_key, 0,
1774     sizeof(pvar->crypt_state.sender_cipher_key));
1775     memset(pvar->crypt_state.receiver_cipher_key, 0,
1776     sizeof(pvar->crypt_state.receiver_cipher_key));
1777     memset(pvar->crypt_state.server_cookie, 0,
1778     sizeof(pvar->crypt_state.server_cookie));
1779     memset(pvar->crypt_state.client_cookie, 0,
1780     sizeof(pvar->crypt_state.client_cookie));
1781     memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1782     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1783     }
1784    
1785     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1786     char FAR * buf, int bytes)
1787     {
1788     unsigned char passphrase_key[16];
1789    
1790     MD5(passphrase, strlen(passphrase), passphrase_key);
1791    
1792     switch (cipher) {
1793     case SSH_CIPHER_3DES:{
1794     Cipher3DESState state;
1795    
1796     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1797     &state.k1);
1798     DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1799     &state.k2);
1800     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1801     &state.k3);
1802     memset(state.ivec1, 0, 8);
1803     memset(state.ivec2, 0, 8);
1804     memset(state.ivec3, 0, 8);
1805     DES_ncbc_encrypt(buf, buf, bytes,
1806     &state.k3, &state.ivec3, DES_DECRYPT);
1807     DES_ncbc_encrypt(buf, buf, bytes,
1808     &state.k2, &state.ivec2, DES_ENCRYPT);
1809     DES_ncbc_encrypt(buf, buf, bytes,
1810     &state.k1, &state.ivec1, DES_DECRYPT);
1811     break;
1812     }
1813    
1814     case SSH_CIPHER_IDEA:{
1815     CipherIDEAState state;
1816     int num = 0;
1817    
1818     cIDEA_init(passphrase_key, &state);
1819     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1820     &num, IDEA_DECRYPT);
1821     break;
1822     }
1823    
1824     case SSH_CIPHER_DES:{
1825     CipherDESState state;
1826    
1827     cDES_init(passphrase_key, &state);
1828     DES_ncbc_encrypt(buf, buf, bytes,
1829     &state.k, &state.ivec, DES_DECRYPT);
1830     break;
1831     }
1832    
1833     case SSH_CIPHER_RC4:{
1834     CipherRC4State state;
1835     int num = 0;
1836    
1837     RC4_set_key(&state.k, 16, passphrase_key);
1838     RC4(&state.k, bytes, buf, buf);
1839     break;
1840     }
1841    
1842     case SSH_CIPHER_BLOWFISH:{
1843     CipherBlowfishState state;
1844    
1845     BF_set_key(&state.k, 16, passphrase_key);
1846     memset(state.ivec, 0, 8);
1847     flip_endianness(buf, bytes);
1848     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1849     BF_DECRYPT);
1850     flip_endianness(buf, bytes);
1851     break;
1852     }
1853    
1854     case SSH_CIPHER_NONE:
1855     break;
1856    
1857     default:
1858     memset(passphrase_key, 0, sizeof(passphrase_key));
1859     return 0;
1860     }
1861    
1862     memset(passphrase_key, 0, sizeof(passphrase_key));
1863     return 1;
1864     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help