Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/crypt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 4601 - (hide annotations) (download) (as text)
Sun Aug 28 14:23:32 2011 UTC (12 years, 7 months ago) by maya
Original Path: trunk/ttssh2/ttxssh/crypt.c
File MIME type: text/x-csrc
File size: 61775 byte(s) 
Camellia を正式サポート
  "@openssh.org" 付きのほうはコメントアウトしたまま
1 maya 3227 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #define WINDOWS
30    
31     #include "ttxssh.h"
32     #include "util.h"
33    
34     #include <openssl/rand.h>
35     #include <openssl/bn.h>
36     #include <openssl/md5.h>
37     #include <openssl/err.h>
38     #include <openssl/des.h>
39     #include <openssl/hmac.h> // for SSH2(yutaka)
40     #include <openssl/dsa.h>
41     #include "cipher.h"
42     #include "ssh.h"
43    
44     #define do_crc(buf, len) (~(uint32)crc32(0xFFFFFFFF, (buf), (len)))
45     #define get_uint32(buf) get_uint32_MSBfirst((buf))
46    
47     #define DEATTACK_OK 0
48     #define DEATTACK_DETECTED 1
49    
50     /*
51     * $Id: crypt.c,v 1.28 2008-11-23 07:44:05 doda Exp $ Cryptographic attack
52     * detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina
53     * Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com>
54     */
55    
56     /* SSH Constants */
57     #define SSH_BLOCKSIZE 8
58    
59     /* Hashing constants */
60     #define HASH_MINSIZE 8*2048
61     #define HASH_ENTRYSIZE 4
62     #define HASH_FACTOR(x) ((x)*3/2)
63     #define HASH_UNUSEDCHAR 0xff
64     #define HASH_UNUSED 0xffffffff
65     #define HASH_IV 0xfffffffe
66    
67     #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
68    
69     /* Hash function (Input keys are cipher results) */
70     #define HASH(x) get_uint32(x)
71    
72     #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE)
73    
74    
75    
76     static void crc_update(uint32 FAR * a, uint32 b)
77     {
78     b ^= *a;
79     *a = do_crc((unsigned char FAR *) &b, sizeof(b));
80     }
81    
82     /* check_crc
83     detects if a block is used in a particular pattern
84     */
85    
86     static int check_crc(unsigned char FAR * S, unsigned char FAR * buf,
87     uint32 len, unsigned char FAR * IV)
88     {
89     uint32 crc;
90     unsigned char FAR *c;
91    
92     crc = 0;
93     if (IV && !CMP(S, IV)) {
94     crc_update(&crc, 1);
95     crc_update(&crc, 0);
96     }
97     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
98     if (!CMP(S, c)) {
99     crc_update(&crc, 1);
100     crc_update(&crc, 0);
101     } else {
102     crc_update(&crc, 0);
103     crc_update(&crc, 0);
104     }
105     }
106    
107     return crc == 0;
108     }
109    
110    
111     /*
112     detect_attack
113     Detects a crc32 compensation attack on a packet
114     */
115     static int detect_attack(CRYPTDetectAttack FAR * statics,
116     unsigned char FAR * buf, uint32 len,
117     unsigned char *FAR IV)
118     {
119     uint32 FAR *h = statics->h;
120     uint32 n = statics->n;
121     uint32 i, j;
122     uint32 l;
123     unsigned char FAR *c;
124     unsigned char FAR *d;
125    
126     for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) {
127     }
128    
129     if (h == NULL) {
130     n = l;
131     h = (uint32 FAR *) malloc(n * HASH_ENTRYSIZE);
132     } else {
133     if (l > n) {
134     n = l;
135     h = (uint32 FAR *) realloc(h, n * HASH_ENTRYSIZE);
136     }
137     }
138    
139     statics->h = h;
140     statics->n = n;
141    
142     if (len <= HASH_MINBLOCKS) {
143     for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
144     if (IV && (!CMP(c, IV))) {
145     if ((check_crc(c, buf, len, IV)))
146     return DEATTACK_DETECTED;
147     else
148     break;
149     }
150     for (d = buf; d < c; d += SSH_BLOCKSIZE) {
151     if (!CMP(c, d)) {
152     if ((check_crc(c, buf, len, IV)))
153     return DEATTACK_DETECTED;
154     else
155     break;
156     }
157     }
158     }
159     return (DEATTACK_OK);
160     }
161     memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
162    
163     if (IV) {
164     h[HASH(IV) & (n - 1)] = HASH_IV;
165     }
166    
167     for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
168     for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
169     i = (i + 1) & (n - 1)) {
170     if (h[i] == HASH_IV) {
171     if (!CMP(c, IV)) {
172     if (check_crc(c, buf, len, IV))
173     return DEATTACK_DETECTED;
174     else
175     break;
176     }
177     } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
178     if (check_crc(c, buf, len, IV))
179     return DEATTACK_DETECTED;
180     else
181     break;
182     }
183     }
184     h[i] = j;
185     }
186    
187     return DEATTACK_OK;
188     }
189    
190     BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf,
191     int bytes)
192     {
193     if (SSHv1(pvar)) {
194     switch (pvar->crypt_state.sender_cipher) {
195     case SSH_CIPHER_NONE:
196     return FALSE;
197     case SSH_CIPHER_IDEA:
198     return detect_attack(&pvar->crypt_state.detect_attack_statics,
199     buf, bytes,
200     pvar->crypt_state.dec.cIDEA.ivec) ==
201     DEATTACK_DETECTED;
202     default:
203     return detect_attack(&pvar->crypt_state.detect_attack_statics,
204     buf, bytes, NULL) == DEATTACK_DETECTED;
205     }
206     } else {
207     return FALSE;
208     }
209     }
210    
211     static void no_encrypt(PTInstVar pvar, unsigned char FAR * buf, int bytes)
212     {
213     }
214    
215    
216     // for SSH2(yutaka)
217     // ���O�������������������������������AAES192, AES256 ����
218     // cAES128_encrypt/cAES128_decrypt ���g�p������ (2007.10.16 maya)
219     static void cAES128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
220     int bytes)
221     {
222     unsigned char *newbuf = malloc(bytes);
223     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
224 doda 4212 char tmp[80];
225 maya 3227
226     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
227     if (bytes == 0)
228     goto error;
229    
230     if (newbuf == NULL)
231     return;
232    
233     if (bytes % block_size) {
234 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
235     "%s encrypt error(1): bytes %d (%d)");
236     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
237     "AES128/192/256", bytes, block_size);
238 maya 3227 notify_fatal_error(pvar, tmp);
239     goto error;
240     }
241    
242     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
243 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
244     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
245     "AES128/192/256");
246     notify_fatal_error(pvar, tmp);
247 maya 3227 goto error;
248    
249     } else {
250     //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
251     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, AES128_KEYLEN);
252     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
253     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, AES128_IVLEN);
254    
255     //debug_print(50, key, 24);
256     //debug_print(51, iv, 8);
257     //debug_print(52, buf, bytes);
258     //debug_print(53, newbuf, bytes);
259    
260     memcpy(buf, newbuf, bytes);
261     }
262    
263     error:
264     free(newbuf);
265     }
266    
267     static void cAES128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
268     int bytes)
269     {
270     unsigned char *newbuf = malloc(bytes);
271     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
272 doda 4212 char tmp[80];
273 maya 3227
274     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
275     if (bytes == 0)
276     goto error;
277    
278     if (newbuf == NULL)
279     return;
280    
281     if (bytes % block_size) {
282 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
283     "%s decrypt error(1): bytes %d (%d)");
284     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
285     "AES128/192/256", bytes, block_size);
286 maya 3227 notify_fatal_error(pvar, tmp);
287     goto error;
288     }
289    
290     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
291 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
292     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
293     "AES128/192/256");
294     notify_fatal_error(pvar, tmp);
295 maya 3227 goto error;
296    
297     } else {
298     //unsigned char key[AES128_KEYLEN], iv[AES128_IVLEN];
299     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, AES128_KEYLEN);
300     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
301     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, AES128_IVLEN);
302    
303     //debug_print(70, key, AES128_KEYLEN);
304     //debug_print(71, iv, AES128_IVLEN);
305     //debug_print(72, buf, bytes);
306     //debug_print(73, newbuf, bytes);
307    
308     memcpy(buf, newbuf, bytes);
309     }
310    
311     error:
312     free(newbuf);
313     }
314    
315    
316     // for SSH2(yutaka)
317 doda 3850 static void c3DES_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
318 doda 4212 int bytes)
319 maya 3227 {
320     unsigned char *newbuf = malloc(bytes);
321     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
322 doda 4212 char tmp[80];
323 maya 3227
324     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
325     if (bytes == 0)
326     goto error;
327    
328     if (newbuf == NULL)
329     return;
330    
331     if (bytes % block_size) {
332 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
333     "%s encrypt error(1): bytes %d (%d)");
334     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
335     "3DES-CBC", bytes, block_size);
336 maya 3227 notify_fatal_error(pvar, tmp);
337     goto error;
338     }
339    
340     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
341 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
342     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
343     "3DES-CBC");
344     notify_fatal_error(pvar, tmp);
345 maya 3227 goto error;
346    
347     } else {
348     //unsigned char key[24], iv[8];
349     //memcpy(key, pvar->ssh2_keys[MODE_OUT].enc.key, 24);
350     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
351     //memcpy(iv, pvar->ssh2_keys[MODE_OUT].enc.iv, 8);
352    
353     //debug_print(50, key, 24);
354     //debug_print(51, iv, 8);
355     //debug_print(52, buf, bytes);
356     //debug_print(53, newbuf, bytes);
357    
358     memcpy(buf, newbuf, bytes);
359     }
360    
361     error:
362     free(newbuf);
363     }
364    
365 doda 3850 static void c3DES_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
366 doda 4212 int bytes)
367 maya 3227 {
368     unsigned char *newbuf = malloc(bytes);
369     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
370 doda 4212 char tmp[80];
371 maya 3227
372     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
373     if (bytes == 0)
374     goto error;
375    
376     if (newbuf == NULL)
377     return;
378    
379     if (bytes % block_size) {
380 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
381     "%s decrypt error(1): bytes %d (%d)");
382     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
383     "3DES-CBC", bytes, block_size);
384 maya 3227 notify_fatal_error(pvar, tmp);
385     goto error;
386     }
387    
388     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
389 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
390     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
391     "3DES-CBC");
392     notify_fatal_error(pvar, tmp);
393 maya 3227 goto error;
394    
395     } else {
396     //unsigned char key[24], iv[8];
397     //memcpy(key, pvar->ssh2_keys[MODE_IN].enc.key, 24);
398     // IV��DES���������X�V�����������A���[�J�����R�s�[���������g���B
399     //memcpy(iv, pvar->ssh2_keys[MODE_IN].enc.iv, 8);
400    
401     //debug_print(70, key, 24);
402     //debug_print(71, iv, 8);
403     //debug_print(72, buf, bytes);
404     //debug_print(73, newbuf, bytes);
405    
406     memcpy(buf, newbuf, bytes);
407     }
408    
409     error:
410     free(newbuf);
411     }
412    
413    
414     static void cBlowfish_encrypt2(PTInstVar pvar, unsigned char FAR * buf,
415     int bytes)
416     {
417     unsigned char *newbuf = malloc(bytes);
418     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
419 doda 4212 char tmp[80];
420 maya 3227
421     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
422     if (bytes == 0)
423     goto error;
424    
425     if (newbuf == NULL)
426     return;
427    
428     if (bytes % block_size) {
429 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
430     "%s encrypt error(1): bytes %d (%d)");
431     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
432     "Blowfish", bytes, block_size);
433 maya 3227 notify_fatal_error(pvar, tmp);
434     goto error;
435     }
436    
437     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
438 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
439     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
440     "Blowfish");
441     notify_fatal_error(pvar, tmp);
442 maya 3227 goto error;
443    
444     } else {
445     memcpy(buf, newbuf, bytes);
446    
447     }
448    
449     error:
450     free(newbuf);
451     }
452    
453     static void cBlowfish_decrypt2(PTInstVar pvar, unsigned char FAR * buf,
454     int bytes)
455     {
456     unsigned char *newbuf = malloc(bytes);
457     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
458 doda 4212 char tmp[80];
459 maya 3227
460     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
461     if (bytes == 0)
462     goto error;
463    
464     if (newbuf == NULL)
465     return;
466    
467     if (bytes % block_size) {
468 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
469     "%s decrypt error(1): bytes %d (%d)");
470     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
471     "Blowfish", bytes, block_size);
472 maya 3227 notify_fatal_error(pvar, tmp);
473     goto error;
474     }
475    
476     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
477 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
478     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
479     "Blowfish");
480     notify_fatal_error(pvar, tmp);
481 maya 3227 goto error;
482    
483     } else {
484     memcpy(buf, newbuf, bytes);
485    
486     }
487    
488     error:
489     free(newbuf);
490     }
491    
492 doda 4212
493 maya 3227 static void cArcfour_encrypt(PTInstVar pvar, unsigned char FAR * buf,
494 doda 4212 int bytes)
495 maya 3227 {
496     unsigned char *newbuf = malloc(bytes);
497     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
498 doda 4212 char tmp[80];
499 maya 3227
500     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
501     if (bytes == 0)
502     goto error;
503    
504     if (newbuf == NULL)
505     return;
506    
507     if (bytes % block_size) {
508 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
509     "%s encrypt error(1): bytes %d (%d)");
510     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
511     "Arcfour", bytes, block_size);
512 maya 3227 notify_fatal_error(pvar, tmp);
513     goto error;
514     }
515    
516     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
517 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
518     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
519     "Arcfour");
520     notify_fatal_error(pvar, tmp);
521 maya 3227 goto error;
522    
523     } else {
524     memcpy(buf, newbuf, bytes);
525    
526     }
527    
528     error:
529     free(newbuf);
530     }
531    
532     static void cArcfour_decrypt(PTInstVar pvar, unsigned char FAR * buf,
533 doda 4212 int bytes)
534 maya 3227 {
535     unsigned char *newbuf = malloc(bytes);
536     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
537 doda 4212 char tmp[80];
538 maya 3227
539     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
540     if (bytes == 0)
541     goto error;
542    
543     if (newbuf == NULL)
544     return;
545    
546     if (bytes % block_size) {
547 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
548     "%s decrypt error(1): bytes %d (%d)");
549     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
550     "Arcfour", bytes, block_size);
551 maya 3227 notify_fatal_error(pvar, tmp);
552     goto error;
553     }
554    
555     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
556 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
557     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
558     "Arcfour");
559     notify_fatal_error(pvar, tmp);
560 maya 3227 goto error;
561    
562     } else {
563     memcpy(buf, newbuf, bytes);
564    
565     }
566    
567     error:
568     free(newbuf);
569     }
570    
571 doda 4212
572 maya 3227 static void cCast128_encrypt(PTInstVar pvar, unsigned char FAR * buf,
573     int bytes)
574     {
575     unsigned char *newbuf = malloc(bytes);
576     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
577 doda 4212 char tmp[80];
578 maya 3227
579     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
580     if (bytes == 0)
581     goto error;
582    
583     if (newbuf == NULL)
584     return;
585    
586     if (bytes % block_size) {
587 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
588     "%s encrypt error(1): bytes %d (%d)");
589     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
590     "CAST128", bytes, block_size);
591 maya 3227 notify_fatal_error(pvar, tmp);
592     goto error;
593     }
594    
595     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
596 doda 4212 UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
597     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
598     "CAST128");
599     notify_fatal_error(pvar, tmp);
600 maya 3227 goto error;
601    
602     } else {
603     memcpy(buf, newbuf, bytes);
604    
605     }
606    
607     error:
608     free(newbuf);
609     }
610    
611     static void cCast128_decrypt(PTInstVar pvar, unsigned char FAR * buf,
612     int bytes)
613     {
614     unsigned char *newbuf = malloc(bytes);
615     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
616 doda 4212 char tmp[80];
617 maya 3227
618     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
619     if (bytes == 0)
620     goto error;
621    
622     if (newbuf == NULL)
623     return;
624    
625     if (bytes % block_size) {
626 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
627     "%s decrypt error(1): bytes %d (%d)");
628     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
629     "CAST128", bytes, block_size);
630 maya 3227 notify_fatal_error(pvar, tmp);
631     goto error;
632     }
633    
634     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
635 doda 4212 UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
636     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
637     "CAST128");
638     notify_fatal_error(pvar, tmp);
639 maya 3227 goto error;
640    
641     } else {
642     memcpy(buf, newbuf, bytes);
643    
644     }
645    
646     error:
647     free(newbuf);
648     }
649    
650 doda 4433 static void cCamellia_encrypt(PTInstVar pvar, unsigned char FAR * buf,
651     int bytes)
652     {
653     unsigned char *newbuf = malloc(bytes);
654     int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
655     char tmp[80];
656 maya 3227
657 doda 4433 // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
658     if (bytes == 0)
659     goto error;
660    
661     if (newbuf == NULL)
662     return;
663    
664     if (bytes % block_size) {
665     UTIL_get_lang_msg("MSG_ENCRYPT_ERROR1", pvar,
666     "%s encrypt error(1): bytes %d (%d)");
667     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
668     "Camellia128/192/256", bytes, block_size);
669     notify_fatal_error(pvar, tmp);
670     goto error;
671     }
672    
673     if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) {
674     UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
675     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
676     "Camellia128/192/256");
677     notify_fatal_error(pvar, tmp);
678     goto error;
679    
680     } else {
681     memcpy(buf, newbuf, bytes);
682    
683     }
684    
685     error:
686     free(newbuf);
687     }
688    
689     static void cCamellia_decrypt(PTInstVar pvar, unsigned char FAR * buf,
690     int bytes)
691     {
692     unsigned char *newbuf = malloc(bytes);
693     int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
694     char tmp[80];
695    
696     // ���O�������������A�S�y�C���[�h�������������������������A0�o�C�g�������B(2004.11.7 yutaka)
697     if (bytes == 0)
698     goto error;
699    
700     if (newbuf == NULL)
701     return;
702    
703     if (bytes % block_size) {
704     UTIL_get_lang_msg("MSG_DECRYPT_ERROR1", pvar,
705     "%s decrypt error(1): bytes %d (%d)");
706     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
707     "Camellia128/192/256", bytes, block_size);
708     notify_fatal_error(pvar, tmp);
709     goto error;
710     }
711    
712     if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) {
713     UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
714     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
715     "Camellia128/192/256");
716     notify_fatal_error(pvar, tmp);
717     goto error;
718    
719     } else {
720     memcpy(buf, newbuf, bytes);
721    
722     }
723    
724     error:
725     free(newbuf);
726     }
727    
728 maya 3227 static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
729     int bytes)
730     {
731     Cipher3DESState FAR *encryptstate = &pvar->crypt_state.enc.c3DES;
732    
733     DES_ncbc_encrypt(buf, buf, bytes,
734     &encryptstate->k1, &encryptstate->ivec1, DES_ENCRYPT);
735     DES_ncbc_encrypt(buf, buf, bytes,
736     &encryptstate->k2, &encryptstate->ivec2, DES_DECRYPT);
737     DES_ncbc_encrypt(buf, buf, bytes,
738     &encryptstate->k3, &encryptstate->ivec3, DES_ENCRYPT);
739     }
740    
741     static void c3DES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
742     int bytes)
743     {
744     Cipher3DESState FAR *decryptstate = &pvar->crypt_state.dec.c3DES;
745    
746     DES_ncbc_encrypt(buf, buf, bytes,
747     &decryptstate->k3, &decryptstate->ivec3, DES_DECRYPT);
748     DES_ncbc_encrypt(buf, buf, bytes,
749     &decryptstate->k2, &decryptstate->ivec2, DES_ENCRYPT);
750     DES_ncbc_encrypt(buf, buf, bytes,
751     &decryptstate->k1, &decryptstate->ivec1, DES_DECRYPT);
752     }
753    
754     static void cDES_encrypt(PTInstVar pvar, unsigned char FAR * buf,
755     int bytes)
756     {
757     CipherDESState FAR *encryptstate = &pvar->crypt_state.enc.cDES;
758    
759     DES_ncbc_encrypt(buf, buf, bytes,
760     &encryptstate->k, &encryptstate->ivec, DES_ENCRYPT);
761     }
762    
763     static void cDES_decrypt(PTInstVar pvar, unsigned char FAR * buf,
764     int bytes)
765     {
766     CipherDESState FAR *decryptstate = &pvar->crypt_state.dec.cDES;
767    
768     DES_ncbc_encrypt(buf, buf, bytes,
769     &decryptstate->k, &decryptstate->ivec, DES_DECRYPT);
770     }
771    
772     static void cIDEA_encrypt(PTInstVar pvar, unsigned char FAR * buf,
773     int bytes)
774     {
775     CipherIDEAState FAR *encryptstate = &pvar->crypt_state.enc.cIDEA;
776     int num = 0;
777    
778     idea_cfb64_encrypt(buf, buf, bytes, &encryptstate->k,
779     encryptstate->ivec, &num, IDEA_ENCRYPT);
780     }
781    
782     static void cIDEA_decrypt(PTInstVar pvar, unsigned char FAR * buf,
783     int bytes)
784     {
785     CipherIDEAState FAR *decryptstate = &pvar->crypt_state.dec.cIDEA;
786     int num = 0;
787    
788     idea_cfb64_encrypt(buf, buf, bytes, &decryptstate->k,
789     decryptstate->ivec, &num, IDEA_DECRYPT);
790     }
791    
792     static void flip_endianness(unsigned char FAR * cbuf, int bytes)
793     {
794     uint32 FAR *buf = (uint32 FAR *) cbuf;
795     int count = bytes / 4;
796    
797     while (count > 0) {
798     uint32 w = *buf;
799    
800     *buf = ((w << 24) & 0xFF000000) | ((w << 8) & 0x00FF0000)
801     | ((w >> 8) & 0x0000FF00) | ((w >> 24) & 0x000000FF);
802     count--;
803     buf++;
804     }
805     }
806    
807     static void cBlowfish_encrypt(PTInstVar pvar, unsigned char FAR * buf,
808     int bytes)
809     {
810     CipherBlowfishState FAR *encryptstate =
811     &pvar->crypt_state.enc.cBlowfish;
812    
813     flip_endianness(buf, bytes);
814     BF_cbc_encrypt(buf, buf, bytes, &encryptstate->k, encryptstate->ivec,
815     BF_ENCRYPT);
816     flip_endianness(buf, bytes);
817     }
818    
819     static void cBlowfish_decrypt(PTInstVar pvar, unsigned char FAR * buf,
820     int bytes)
821     {
822     CipherBlowfishState FAR *decryptstate =
823     &pvar->crypt_state.dec.cBlowfish;
824    
825     flip_endianness(buf, bytes);
826     BF_cbc_encrypt(buf, buf, bytes, &decryptstate->k, decryptstate->ivec,
827     BF_DECRYPT);
828     flip_endianness(buf, bytes);
829     }
830    
831     static void cRC4_encrypt(PTInstVar pvar, unsigned char FAR * buf,
832     int bytes)
833     {
834     CipherRC4State FAR *encryptstate = &pvar->crypt_state.enc.cRC4;
835     int num = 0;
836    
837     RC4(&encryptstate->k, bytes, buf, buf);
838     }
839    
840     static void cRC4_decrypt(PTInstVar pvar, unsigned char FAR * buf,
841     int bytes)
842     {
843     CipherRC4State FAR *decryptstate = &pvar->crypt_state.dec.cRC4;
844     int num = 0;
845    
846     RC4(&decryptstate->k, bytes, buf, buf);
847     }
848    
849     void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf,
850     int bytes)
851     {
852     RAND_bytes(buf, bytes);
853     }
854    
855     void CRYPT_initialize_random_numbers(PTInstVar pvar)
856     {
857 maya 4550 // ����������������������
858     // http://www.mail-archive.com/openssl-users@openssl.org/msg60484.html
859     //RAND_screen();
860 maya 3227 }
861    
862     static BIGNUM FAR *get_bignum(unsigned char FAR * bytes)
863     {
864     int bits = get_ushort16_MSBfirst(bytes);
865    
866     return BN_bin2bn(bytes + 2, (bits + 7) / 8, NULL);
867     }
868    
869     // make_key()�� fingerprint �����������p���������Astatic�������B(2006.3.27 yutaka)
870     RSA FAR *make_key(PTInstVar pvar,
871     int bits, unsigned char FAR * exp,
872     unsigned char FAR * mod)
873     {
874     RSA FAR *key = RSA_new();
875    
876     if (key != NULL) {
877     key->e = get_bignum(exp);
878     key->n = get_bignum(mod);
879     }
880    
881     if (key == NULL || key->e == NULL || key->n == NULL) {
882     UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
883     "Error setting up RSA keys");
884     notify_fatal_error(pvar, pvar->ts->UIMsg);
885    
886     if (key != NULL) {
887     if (key->e != NULL) {
888     BN_free(key->e);
889     }
890     if (key->n != NULL) {
891     BN_free(key->n);
892     }
893     RSA_free(key);
894     }
895    
896     return NULL;
897     } else {
898     return key;
899     }
900     }
901    
902     void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie)
903     {
904     if (SSHv1(pvar)) {
905     memcpy(pvar->crypt_state.server_cookie, cookie, SSH_COOKIE_LENGTH);
906     } else {
907     memcpy(pvar->crypt_state.server_cookie, cookie,
908     SSH2_COOKIE_LENGTH);
909     }
910     }
911    
912     void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie)
913     {
914     if (SSHv2(pvar)) {
915     memcpy(pvar->crypt_state.client_cookie, cookie,
916     SSH2_COOKIE_LENGTH);
917     }
918     }
919    
920     BOOL CRYPT_set_server_RSA_key(PTInstVar pvar,
921     int bits, unsigned char FAR * exp,
922     unsigned char FAR * mod)
923     {
924     pvar->crypt_state.server_key.RSA_key = make_key(pvar, bits, exp, mod);
925    
926     return pvar->crypt_state.server_key.RSA_key != NULL;
927     }
928    
929     BOOL CRYPT_set_host_RSA_key(PTInstVar pvar,
930     int bits, unsigned char FAR * exp,
931     unsigned char FAR * mod)
932     {
933     pvar->crypt_state.host_key.RSA_key = make_key(pvar, bits, exp, mod);
934    
935     return pvar->crypt_state.host_key.RSA_key != NULL;
936     }
937    
938     BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers,
939     int receiver_ciphers)
940     {
941     int cipher_mask;
942    
943     if (SSHv1(pvar)) {
944     cipher_mask = (1 << SSH_CIPHER_DES)
945     | (1 << SSH_CIPHER_3DES)
946     | (1 << SSH_CIPHER_BLOWFISH);
947    
948     } else { // for SSH2(yutaka)
949     // SSH2���T�|�[�g�����f�[�^���M�p�A���S���Y���i���J�������p�������j
950 doda 4433 cipher_mask =((1 << SSH2_CIPHER_3DES_CBC)
951 maya 3227 | (1 << SSH2_CIPHER_AES128_CBC)
952     | (1 << SSH2_CIPHER_AES192_CBC)
953     | (1 << SSH2_CIPHER_AES256_CBC)
954     | (1 << SSH2_CIPHER_BLOWFISH_CBC)
955     | (1 << SSH2_CIPHER_AES128_CTR)
956     | (1 << SSH2_CIPHER_AES192_CTR)
957     | (1 << SSH2_CIPHER_AES256_CTR)
958     | (1 << SSH2_CIPHER_ARCFOUR)
959     | (1 << SSH2_CIPHER_ARCFOUR128)
960     | (1 << SSH2_CIPHER_ARCFOUR256)
961 doda 3850 | (1 << SSH2_CIPHER_CAST128_CBC)
962     | (1 << SSH2_CIPHER_3DES_CTR)
963     | (1 << SSH2_CIPHER_BLOWFISH_CTR)
964 doda 4433 | (1 << SSH2_CIPHER_CAST128_CTR)
965     | (1 << SSH2_CIPHER_CAMELLIA128_CBC)
966     | (1 << SSH2_CIPHER_CAMELLIA192_CBC)
967     | (1 << SSH2_CIPHER_CAMELLIA256_CBC)
968     | (1 << SSH2_CIPHER_CAMELLIA128_CTR)
969     | (1 << SSH2_CIPHER_CAMELLIA192_CTR)
970     | (1 << SSH2_CIPHER_CAMELLIA256_CTR)
971     );
972 maya 3227 }
973    
974     sender_ciphers &= cipher_mask;
975     receiver_ciphers &= cipher_mask;
976     pvar->crypt_state.supported_sender_ciphers = sender_ciphers;
977     pvar->crypt_state.supported_receiver_ciphers = receiver_ciphers;
978    
979     if (sender_ciphers == 0) {
980     UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
981     "The server does not support any of the TTSSH encryption algorithms.\n"
982     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
983     "The connection will be closed.");
984     notify_fatal_error(pvar, pvar->ts->UIMsg);
985     return FALSE;
986     } else if (receiver_ciphers == 0) {
987     UTIL_get_lang_msg("MSG_UNAVAILABLE_CIPHERS_ERROR", pvar,
988     "The server does not support any of the TTSSH encryption algorithms.\n"
989     "A secure connection cannot be made in the TTSSH-to-server direction.\n"
990     "The connection will be closed.");
991     notify_fatal_error(pvar, pvar->ts->UIMsg);
992     return FALSE;
993     } else {
994     return TRUE;
995     }
996     }
997    
998     int CRYPT_get_decryption_block_size(PTInstVar pvar)
999     {
1000     if (SSHv1(pvar)) {
1001     return 8;
1002     } else {
1003     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
1004     // cf. 3DES=8, AES128=16
1005     return (pvar->ssh2_keys[MODE_IN].enc.block_size);
1006     }
1007     }
1008    
1009     int CRYPT_get_encryption_block_size(PTInstVar pvar)
1010     {
1011     if (SSHv1(pvar)) {
1012     return 8;
1013     } else {
1014     // �p�P�b�g���M���������������A���S���Y�����u���b�N�T�C�Y (2004.11.7 yutaka)
1015     // cf. 3DES=8, AES128=16
1016     return (pvar->ssh2_keys[MODE_OUT].enc.block_size);
1017     }
1018     }
1019    
1020     int CRYPT_get_receiver_MAC_size(PTInstVar pvar)
1021     {
1022     struct Mac *mac;
1023    
1024     if (SSHv1(pvar)) {
1025     return 0;
1026    
1027     } else { // for SSH2(yutaka)
1028     mac = &pvar->ssh2_keys[MODE_IN].mac;
1029     if (mac == NULL || mac->enabled == 0)
1030     return 0;
1031    
1032     return (pvar->ssh2_keys[MODE_IN].mac.mac_len);
1033     }
1034    
1035     }
1036    
1037     // HMAC������
1038     // ���{������ SSH2 �������g�p�������B
1039     // (2004.12.17 yutaka)
1040     BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
1041     char FAR * data, int len, char FAR * MAC)
1042     {
1043     HMAC_CTX c;
1044     unsigned char m[EVP_MAX_MD_SIZE];
1045     unsigned char b[4];
1046     struct Mac *mac;
1047    
1048     mac = &pvar->ssh2_keys[MODE_IN].mac;
1049    
1050     // HMAC�������L���������������A����OK�����������B
1051     if (mac == NULL || mac->enabled == 0)
1052     return TRUE;
1053    
1054     if (mac->key == NULL)
1055     goto error;
1056    
1057     if ((u_int)mac->mac_len > sizeof(m))
1058     goto error;
1059    
1060     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
1061     set_uint32_MSBfirst(b, sequence_number);
1062     HMAC_Update(&c, b, sizeof(b));
1063     HMAC_Update(&c, data, len);
1064     HMAC_Final(&c, m, NULL);
1065     HMAC_cleanup(&c);
1066    
1067     if (memcmp(m, MAC, mac->mac_len)) {
1068     goto error;
1069     }
1070    
1071     return TRUE;
1072    
1073     error:
1074     return FALSE;
1075     }
1076    
1077     int CRYPT_get_sender_MAC_size(PTInstVar pvar)
1078     {
1079     struct Mac *mac;
1080    
1081     if (SSHv2(pvar)) { // for SSH2(yutaka)
1082     mac = &pvar->ssh2_keys[MODE_OUT].mac;
1083     if (mac == NULL || mac->enabled == 0)
1084     return 0;
1085    
1086     return (mac->mac_len);
1087     }
1088    
1089     return 0;
1090     }
1091    
1092     // for SSH2
1093     BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
1094     char FAR * data, int len, char FAR * MAC)
1095     {
1096     HMAC_CTX c;
1097     static u_char m[EVP_MAX_MD_SIZE];
1098     u_char b[4];
1099     struct Mac *mac;
1100    
1101     if (SSHv2(pvar)) { // for SSH2(yutaka)
1102     mac = &pvar->ssh2_keys[MODE_OUT].mac;
1103     if (mac == NULL || mac->enabled == 0)
1104     return FALSE;
1105    
1106     HMAC_Init(&c, mac->key, mac->key_len, mac->md);
1107     set_uint32_MSBfirst(b, sequence_number);
1108     HMAC_Update(&c, b, sizeof(b));
1109     HMAC_Update(&c, data, len);
1110     HMAC_Final(&c, m, NULL);
1111     HMAC_cleanup(&c);
1112    
1113     // 20�o�C�g�������R�s�[
1114     memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
1115     // memcpy(MAC, m, sizeof(m));
1116    
1117     return TRUE;
1118     }
1119    
1120     return TRUE;
1121    
1122     }
1123    
1124     static int choose_cipher(PTInstVar pvar, int supported)
1125     {
1126     int i;
1127    
1128     for (i = 0; pvar->session_settings.CipherOrder[i] != 0; i++) {
1129     int cipher = pvar->session_settings.CipherOrder[i] - '0';
1130    
1131     if (cipher == SSH_CIPHER_NONE) {
1132     break;
1133     } else if ((supported & (1 << cipher)) != 0) {
1134     return cipher;
1135     }
1136     }
1137    
1138     return SSH_CIPHER_NONE;
1139     }
1140    
1141     BOOL CRYPT_choose_ciphers(PTInstVar pvar)
1142     {
1143     if (SSHv1(pvar)) {
1144     pvar->crypt_state.sender_cipher = choose_cipher(pvar,
1145     pvar->crypt_state.
1146     supported_sender_ciphers);
1147     pvar->crypt_state.receiver_cipher =
1148     choose_cipher(pvar, pvar->crypt_state.supported_receiver_ciphers);
1149    
1150     } else { // SSH2(yutaka)
1151     pvar->crypt_state.sender_cipher = pvar->ctos_cipher;
1152     pvar->crypt_state.receiver_cipher =pvar->stoc_cipher;
1153    
1154     }
1155    
1156     if (pvar->crypt_state.sender_cipher == SSH_CIPHER_NONE
1157     || pvar->crypt_state.receiver_cipher == SSH_CIPHER_NONE) {
1158     UTIL_get_lang_msg("MSG_CHIPHER_NONE_ERROR", pvar,
1159     "All the encryption algorithms that this program and the server both understand have been disabled.\n"
1160     "To communicate with this server, you will have to enable some more ciphers\n"
1161     "in the TTSSH Setup dialog box when you run Tera Term again.\n"
1162     "This connection will now close.");
1163     notify_fatal_error(pvar, pvar->ts->UIMsg);
1164     return FALSE;
1165     } else {
1166     return TRUE;
1167     }
1168     }
1169    
1170     int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
1171     {
1172     int server_key_bits =
1173     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1174     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1175     int server_key_bytes = (server_key_bits + 7) / 8;
1176     int host_key_bytes = (host_key_bits + 7) / 8;
1177    
1178     if (server_key_bits < host_key_bits) {
1179     return host_key_bytes;
1180     } else {
1181     return server_key_bytes;
1182     }
1183     }
1184    
1185     int CRYPT_choose_session_key(PTInstVar pvar,
1186     unsigned char FAR * encrypted_key_buf)
1187     {
1188     int server_key_bits =
1189     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1190     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1191     int server_key_bytes = (server_key_bits + 7) / 8;
1192     int host_key_bytes = (host_key_bits + 7) / 8;
1193     int encrypted_key_bytes;
1194     int bit_delta;
1195    
1196     if (server_key_bits < host_key_bits) {
1197     encrypted_key_bytes = host_key_bytes;
1198     bit_delta = host_key_bits - server_key_bits;
1199     } else {
1200     encrypted_key_bytes = server_key_bytes;
1201     bit_delta = server_key_bits - host_key_bits;
1202     }
1203    
1204     if (bit_delta < 128 || server_key_bits < 512 || host_key_bits < 512) {
1205     UTIL_get_lang_msg("MSG_RASKEY_TOOWEAK_ERROR", pvar,
1206     "Server RSA keys are too weak. A secure connection cannot be established.");
1207     notify_fatal_error(pvar, pvar->ts->UIMsg);
1208     return 0;
1209     } else {
1210     /* following Goldberg's code, I'm using MD5(servkey->n || hostkey->n || cookie)
1211     for the session ID, rather than the one specified in the RFC */
1212     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1213     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1214     char session_id[16];
1215     int i;
1216    
1217     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1218     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1219     session_buf + host_key_bytes);
1220     memcpy(session_buf + server_key_bytes + host_key_bytes,
1221     pvar->crypt_state.server_cookie, 8);
1222     MD5(session_buf, session_buf_len, session_id);
1223    
1224     free(session_buf);
1225    
1226     RAND_bytes(pvar->crypt_state.sender_cipher_key,
1227     SSH_SESSION_KEY_LENGTH);
1228     memcpy(pvar->crypt_state.receiver_cipher_key,
1229     pvar->crypt_state.sender_cipher_key,
1230     SSH_SESSION_KEY_LENGTH);
1231    
1232     memcpy(encrypted_key_buf + encrypted_key_bytes -
1233     SSH_SESSION_KEY_LENGTH, pvar->crypt_state.sender_cipher_key,
1234     SSH_SESSION_KEY_LENGTH);
1235     for (i = 0; i < sizeof(session_id); i++) {
1236     encrypted_key_buf[encrypted_key_bytes -
1237     SSH_SESSION_KEY_LENGTH + i]
1238     ^= session_id[i];
1239     }
1240    
1241     if (host_key_bits > server_key_bits) {
1242     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1243     encrypted_key_buf +
1244     encrypted_key_bytes -
1245     SSH_SESSION_KEY_LENGTH,
1246     encrypted_key_buf +
1247     encrypted_key_bytes - server_key_bytes,
1248     pvar->crypt_state.server_key.RSA_key,
1249     RSA_PKCS1_PADDING) < 0)
1250     return 0;
1251    
1252     if (RSA_public_encrypt(server_key_bytes,
1253     encrypted_key_buf +
1254     encrypted_key_bytes - server_key_bytes,
1255     encrypted_key_buf,
1256     pvar->crypt_state.host_key.RSA_key,
1257     RSA_PKCS1_PADDING) < 0)
1258     return 0;
1259     } else {
1260     if (RSA_public_encrypt(SSH_SESSION_KEY_LENGTH,
1261     encrypted_key_buf +
1262     encrypted_key_bytes -
1263     SSH_SESSION_KEY_LENGTH,
1264     encrypted_key_buf +
1265     encrypted_key_bytes - host_key_bytes,
1266     pvar->crypt_state.host_key.RSA_key,
1267     RSA_PKCS1_PADDING) < 0)
1268     return 0;
1269    
1270     if (RSA_public_encrypt(host_key_bytes,
1271     encrypted_key_buf +
1272     encrypted_key_bytes - host_key_bytes,
1273     encrypted_key_buf,
1274     pvar->crypt_state.server_key.RSA_key,
1275     RSA_PKCS1_PADDING) < 0)
1276     return 0;
1277     }
1278     }
1279    
1280     return 1;
1281     }
1282    
1283     int CRYPT_generate_RSA_challenge_response(PTInstVar pvar,
1284     unsigned char FAR * challenge,
1285     int challenge_len,
1286     unsigned char FAR * response)
1287     {
1288     int server_key_bits =
1289     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
1290     int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
1291     int server_key_bytes = (server_key_bits + 7) / 8;
1292     int host_key_bytes = (host_key_bits + 7) / 8;
1293     int session_buf_len = server_key_bytes + host_key_bytes + 8;
1294     char FAR *session_buf = (char FAR *) malloc(session_buf_len);
1295     char decrypted_challenge[48];
1296     int decrypted_challenge_len;
1297    
1298     decrypted_challenge_len =
1299     RSA_private_decrypt(challenge_len, challenge, challenge,
1300 maya 4307 AUTH_get_cur_cred(pvar)->key_pair->rsa,
1301 maya 3227 RSA_PKCS1_PADDING);
1302     if (decrypted_challenge_len < 0) {
1303     free(session_buf);
1304     return 0;
1305     }
1306     if (decrypted_challenge_len >= SSH_RSA_CHALLENGE_LENGTH) {
1307     memcpy(decrypted_challenge,
1308     challenge + decrypted_challenge_len -
1309     SSH_RSA_CHALLENGE_LENGTH, SSH_RSA_CHALLENGE_LENGTH);
1310     } else {
1311     memset(decrypted_challenge, 0,
1312     SSH_RSA_CHALLENGE_LENGTH - decrypted_challenge_len);
1313     memcpy(decrypted_challenge + SSH_RSA_CHALLENGE_LENGTH -
1314     decrypted_challenge_len, challenge,
1315     decrypted_challenge_len);
1316     }
1317    
1318     BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
1319     BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
1320     session_buf + host_key_bytes);
1321     memcpy(session_buf + server_key_bytes + host_key_bytes,
1322     pvar->crypt_state.server_cookie, 8);
1323     MD5(session_buf, session_buf_len, decrypted_challenge + 32);
1324    
1325     free(session_buf);
1326    
1327     MD5(decrypted_challenge, 48, response);
1328    
1329     return 1;
1330     }
1331    
1332     static void c3DES_init(char FAR * session_key, Cipher3DESState FAR * state)
1333     {
1334     DES_set_key((const_DES_cblock FAR *) session_key, &state->k1);
1335     DES_set_key((const_DES_cblock FAR *) (session_key + 8), &state->k2);
1336     DES_set_key((const_DES_cblock FAR *) (session_key + 16), &state->k3);
1337     memset(state->ivec1, 0, 8);
1338     memset(state->ivec2, 0, 8);
1339     memset(state->ivec3, 0, 8);
1340     }
1341    
1342     static void cDES_init(char FAR * session_key, CipherDESState FAR * state)
1343     {
1344     DES_set_key((const_des_cblock FAR *) session_key, &state->k);
1345     memset(state->ivec, 0, 8);
1346     }
1347    
1348     static void cIDEA_init(char FAR * session_key, CipherIDEAState FAR * state)
1349     {
1350     idea_set_encrypt_key(session_key, &state->k);
1351     memset(state->ivec, 0, 8);
1352     }
1353    
1354     static void cBlowfish_init(char FAR * session_key,
1355     CipherBlowfishState FAR * state)
1356     {
1357     BF_set_key(&state->k, 32, session_key);
1358     memset(state->ivec, 0, 8);
1359     }
1360    
1361    
1362     //
1363     // SSH2�p�A���S���Y����������
1364     //
1365     // for SSH2(yutaka)
1366     //
1367     void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
1368     const u_char *key, u_int keylen,
1369     const u_char *iv, u_int ivlen,
1370     int encrypt,
1371     const EVP_CIPHER *type,
1372     int discard_len,
1373     PTInstVar pvar)
1374     {
1375     int klen;
1376     char tmp[80];
1377     unsigned char *junk = NULL, *discard = NULL;
1378    
1379     EVP_CIPHER_CTX_init(evp);
1380     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) {
1381     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1382     "Cipher initialize error(%d)");
1383     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
1384     notify_fatal_error(pvar, tmp);
1385     return;
1386     }
1387    
1388     klen = EVP_CIPHER_CTX_key_length(evp);
1389     if (klen > 0 && keylen != klen) {
1390     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
1391     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1392     "Cipher initialize error(%d)");
1393     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
1394     notify_fatal_error(pvar, tmp);
1395     return;
1396     }
1397     }
1398     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
1399     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1400     "Cipher initialize error(%d)");
1401     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
1402     notify_fatal_error(pvar, tmp);
1403     return;
1404     }
1405    
1406     if (discard_len > 0) {
1407     junk = malloc(discard_len);
1408     discard = malloc(discard_len);
1409     if (junk == NULL || discard == NULL ||
1410     EVP_Cipher(evp, discard, junk, discard_len) == 0) {
1411     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar,
1412     "Cipher initialize error(%d)");
1413     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE,
1414     pvar->ts->UIMsg, 3);
1415     notify_fatal_error(pvar, tmp);
1416     }
1417     else {
1418     memset(discard, 0, discard_len);
1419     }
1420     free(junk);
1421     free(discard);
1422     }
1423     }
1424    
1425    
1426     BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag)
1427     {
1428     char FAR *encryption_key = pvar->crypt_state.sender_cipher_key;
1429     char FAR *decryption_key = pvar->crypt_state.receiver_cipher_key;
1430     BOOL isOK = TRUE;
1431    
1432     if (sender_flag) {
1433     switch (pvar->crypt_state.sender_cipher) {
1434     // for SSH2(yutaka)
1435     case SSH2_CIPHER_3DES_CBC:
1436 doda 3850 case SSH2_CIPHER_3DES_CTR:
1437 maya 3227 {
1438     struct Enc *enc;
1439    
1440     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1441     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1442     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1443     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1444     CIPHER_ENCRYPT,
1445     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1446     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1447     pvar);
1448    
1449     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1450     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1451    
1452 doda 3850 pvar->crypt_state.encrypt = c3DES_encrypt2;
1453 maya 3227 break;
1454     }
1455    
1456     // for SSH2(yutaka)
1457     case SSH2_CIPHER_AES128_CBC:
1458     case SSH2_CIPHER_AES192_CBC:
1459     case SSH2_CIPHER_AES256_CBC:
1460     case SSH2_CIPHER_AES128_CTR:
1461     case SSH2_CIPHER_AES192_CTR:
1462     case SSH2_CIPHER_AES256_CTR:
1463     {
1464     struct Enc *enc;
1465    
1466     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1467     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1468     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1469     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1470     CIPHER_ENCRYPT,
1471     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1472     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1473     pvar);
1474    
1475     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1476     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1477    
1478     pvar->crypt_state.encrypt = cAES128_encrypt;
1479     break;
1480     }
1481    
1482     case SSH2_CIPHER_BLOWFISH_CBC:
1483 doda 3850 case SSH2_CIPHER_BLOWFISH_CTR:
1484 maya 3227 {
1485     struct Enc *enc;
1486    
1487     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1488     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1489     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1490     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1491     CIPHER_ENCRYPT,
1492     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1493     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1494     pvar);
1495    
1496     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1497     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1498    
1499     pvar->crypt_state.encrypt = cBlowfish_encrypt2;
1500     break;
1501     }
1502    
1503     case SSH2_CIPHER_ARCFOUR:
1504     case SSH2_CIPHER_ARCFOUR128:
1505     case SSH2_CIPHER_ARCFOUR256:
1506     {
1507     struct Enc *enc;
1508    
1509     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1510     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1511     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1512     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1513     CIPHER_ENCRYPT,
1514     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1515     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1516     pvar);
1517     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1518     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1519    
1520     pvar->crypt_state.encrypt = cArcfour_encrypt;
1521     break;
1522     }
1523    
1524     case SSH2_CIPHER_CAST128_CBC:
1525 doda 3850 case SSH2_CIPHER_CAST128_CTR:
1526 maya 3227 {
1527     struct Enc *enc;
1528    
1529     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1530     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1531     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1532     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1533     CIPHER_ENCRYPT,
1534     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1535     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1536     pvar);
1537     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1538     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1539    
1540     pvar->crypt_state.encrypt = cCast128_encrypt;
1541     break;
1542     }
1543    
1544 doda 4433 case SSH2_CIPHER_CAMELLIA128_CBC:
1545     case SSH2_CIPHER_CAMELLIA192_CBC:
1546     case SSH2_CIPHER_CAMELLIA256_CBC:
1547     case SSH2_CIPHER_CAMELLIA128_CTR:
1548     case SSH2_CIPHER_CAMELLIA192_CTR:
1549     case SSH2_CIPHER_CAMELLIA256_CTR:
1550     {
1551     struct Enc *enc;
1552    
1553     enc = &pvar->ssh2_keys[MODE_OUT].enc;
1554     cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
1555     enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher),
1556     enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher),
1557     CIPHER_ENCRYPT,
1558     get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher),
1559     get_cipher_discard_len(pvar->crypt_state.sender_cipher),
1560     pvar);
1561    
1562     //debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher));
1563     //debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher));
1564    
1565     pvar->crypt_state.encrypt = cCamellia_encrypt;
1566     break;
1567     }
1568    
1569 maya 3227 case SSH_CIPHER_3DES:{
1570     c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES);
1571     pvar->crypt_state.encrypt = c3DES_encrypt;
1572     break;
1573     }
1574     case SSH_CIPHER_IDEA:{
1575     cIDEA_init(encryption_key, &pvar->crypt_state.enc.cIDEA);
1576     pvar->crypt_state.encrypt = cIDEA_encrypt;
1577     break;
1578     }
1579     case SSH_CIPHER_DES:{
1580     cDES_init(encryption_key, &pvar->crypt_state.enc.cDES);
1581     pvar->crypt_state.encrypt = cDES_encrypt;
1582     break;
1583     }
1584     case SSH_CIPHER_RC4:{
1585     RC4_set_key(&pvar->crypt_state.enc.cRC4.k, 16,
1586     encryption_key + 16);
1587     pvar->crypt_state.encrypt = cRC4_encrypt;
1588     break;
1589     }
1590     case SSH_CIPHER_BLOWFISH:{
1591     cBlowfish_init(encryption_key,
1592     &pvar->crypt_state.enc.cBlowfish);
1593     pvar->crypt_state.encrypt = cBlowfish_encrypt;
1594     break;
1595     }
1596     default:
1597     isOK = FALSE;
1598     }
1599     }
1600    
1601    
1602     if (receiver_flag) {
1603     switch (pvar->crypt_state.receiver_cipher) {
1604     // for SSH2(yutaka)
1605     case SSH2_CIPHER_3DES_CBC:
1606 doda 3850 case SSH2_CIPHER_3DES_CTR:
1607 maya 3227 {
1608     struct Enc *enc;
1609    
1610     enc = &pvar->ssh2_keys[MODE_IN].enc;
1611     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1612     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1613     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1614     CIPHER_DECRYPT,
1615     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1616     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1617     pvar);
1618    
1619     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1620     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1621    
1622 doda 3850 pvar->crypt_state.decrypt = c3DES_decrypt2;
1623 maya 3227 break;
1624     }
1625    
1626     // for SSH2(yutaka)
1627     case SSH2_CIPHER_AES128_CBC:
1628     case SSH2_CIPHER_AES192_CBC:
1629     case SSH2_CIPHER_AES256_CBC:
1630     case SSH2_CIPHER_AES128_CTR:
1631     case SSH2_CIPHER_AES192_CTR:
1632     case SSH2_CIPHER_AES256_CTR:
1633     {
1634     struct Enc *enc;
1635    
1636     enc = &pvar->ssh2_keys[MODE_IN].enc;
1637     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1638     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1639     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1640     CIPHER_DECRYPT,
1641     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1642     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1643     pvar);
1644    
1645     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1646     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1647    
1648     pvar->crypt_state.decrypt = cAES128_decrypt;
1649     break;
1650     }
1651    
1652     case SSH2_CIPHER_BLOWFISH_CBC:
1653 doda 3850 case SSH2_CIPHER_BLOWFISH_CTR:
1654 maya 3227 {
1655     struct Enc *enc;
1656    
1657     enc = &pvar->ssh2_keys[MODE_IN].enc;
1658     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1659     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1660     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1661     CIPHER_DECRYPT,
1662     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1663     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1664     pvar);
1665    
1666     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1667     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1668    
1669     pvar->crypt_state.decrypt = cBlowfish_decrypt2;
1670     break;
1671     }
1672    
1673     case SSH2_CIPHER_ARCFOUR:
1674     case SSH2_CIPHER_ARCFOUR128:
1675     case SSH2_CIPHER_ARCFOUR256:
1676     {
1677     struct Enc *enc;
1678    
1679     enc = &pvar->ssh2_keys[MODE_IN].enc;
1680     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1681     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1682     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1683     CIPHER_DECRYPT,
1684     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1685     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1686     pvar);
1687    
1688     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1689     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1690    
1691     pvar->crypt_state.decrypt = cArcfour_decrypt;
1692     break;
1693     }
1694    
1695     case SSH2_CIPHER_CAST128_CBC:
1696 doda 3850 case SSH2_CIPHER_CAST128_CTR:
1697 maya 3227 {
1698     struct Enc *enc;
1699    
1700     enc = &pvar->ssh2_keys[MODE_IN].enc;
1701     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1702     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1703     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1704     CIPHER_DECRYPT,
1705     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1706     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1707     pvar);
1708    
1709     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1710     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1711    
1712     pvar->crypt_state.decrypt = cCast128_decrypt;
1713     break;
1714     }
1715    
1716 doda 4433 case SSH2_CIPHER_CAMELLIA128_CBC:
1717     case SSH2_CIPHER_CAMELLIA192_CBC:
1718     case SSH2_CIPHER_CAMELLIA256_CBC:
1719     case SSH2_CIPHER_CAMELLIA128_CTR:
1720     case SSH2_CIPHER_CAMELLIA192_CTR:
1721     case SSH2_CIPHER_CAMELLIA256_CTR:
1722     {
1723     struct Enc *enc;
1724    
1725     enc = &pvar->ssh2_keys[MODE_IN].enc;
1726     cipher_init_SSH2(&pvar->evpcip[MODE_IN],
1727     enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher),
1728     enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher),
1729     CIPHER_DECRYPT,
1730     get_cipher_EVP_CIPHER(pvar->crypt_state.receiver_cipher),
1731     get_cipher_discard_len(pvar->crypt_state.receiver_cipher),
1732     pvar);
1733    
1734     //debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.receiver_cipher));
1735     //debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.receiver_cipher));
1736    
1737     pvar->crypt_state.decrypt = cCamellia_decrypt;
1738     break;
1739     }
1740    
1741 maya 3227 case SSH_CIPHER_3DES:{
1742     c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES);
1743     pvar->crypt_state.decrypt = c3DES_decrypt;
1744     break;
1745     }
1746     case SSH_CIPHER_IDEA:{
1747     cIDEA_init(decryption_key, &pvar->crypt_state.dec.cIDEA);
1748     pvar->crypt_state.decrypt = cIDEA_decrypt;
1749     break;
1750     }
1751     case SSH_CIPHER_DES:{
1752     cDES_init(decryption_key, &pvar->crypt_state.dec.cDES);
1753     pvar->crypt_state.decrypt = cDES_decrypt;
1754     break;
1755     }
1756     case SSH_CIPHER_RC4:{
1757     RC4_set_key(&pvar->crypt_state.dec.cRC4.k, 16, decryption_key);
1758     pvar->crypt_state.decrypt = cRC4_decrypt;
1759     break;
1760     }
1761     case SSH_CIPHER_BLOWFISH:{
1762     cBlowfish_init(decryption_key,
1763     &pvar->crypt_state.dec.cBlowfish);
1764     pvar->crypt_state.decrypt = cBlowfish_decrypt;
1765     break;
1766     }
1767     default:
1768     isOK = FALSE;
1769     }
1770     }
1771    
1772    
1773     if (!isOK) {
1774     UTIL_get_lang_msg("MSG_CHPHER_NOTSELECTED_ERROR", pvar,
1775     "No cipher selected!");
1776     notify_fatal_error(pvar, pvar->ts->UIMsg);
1777     return FALSE;
1778     } else {
1779     memset(encryption_key, 0, CRYPT_KEY_LENGTH);
1780     memset(decryption_key, 0, CRYPT_KEY_LENGTH);
1781     return TRUE;
1782     }
1783     }
1784    
1785     void CRYPT_init(PTInstVar pvar)
1786     {
1787     pvar->crypt_state.encrypt = no_encrypt;
1788     pvar->crypt_state.decrypt = no_encrypt;
1789     pvar->crypt_state.sender_cipher = SSH_CIPHER_NONE;
1790     pvar->crypt_state.receiver_cipher = SSH_CIPHER_NONE;
1791     pvar->crypt_state.server_key.RSA_key = NULL;
1792     pvar->crypt_state.host_key.RSA_key = NULL;
1793    
1794     pvar->crypt_state.detect_attack_statics.h = NULL;
1795     pvar->crypt_state.detect_attack_statics.n =
1796     HASH_MINSIZE / HASH_ENTRYSIZE;
1797     }
1798    
1799     static char FAR *get_cipher_name(int cipher)
1800     {
1801     switch (cipher) {
1802     case SSH_CIPHER_NONE:
1803     return "None";
1804     case SSH_CIPHER_3DES:
1805     return "3DES (168 key bits)";
1806     case SSH_CIPHER_DES:
1807     return "DES (56 key bits)";
1808     case SSH_CIPHER_IDEA:
1809     return "IDEA (128 key bits)";
1810     case SSH_CIPHER_RC4:
1811     return "RC4 (128 key bits)";
1812     case SSH_CIPHER_BLOWFISH:
1813     return "Blowfish (256 key bits)";
1814    
1815     // SSH2
1816     case SSH2_CIPHER_3DES_CBC:
1817     return "3DES-CBC";
1818     case SSH2_CIPHER_AES128_CBC:
1819     return "AES128-CBC";
1820     case SSH2_CIPHER_AES192_CBC:
1821     return "AES192-CBC";
1822     case SSH2_CIPHER_AES256_CBC:
1823     return "AES256-CBC";
1824     case SSH2_CIPHER_BLOWFISH_CBC:
1825     return "Blowfish-CBC";
1826     case SSH2_CIPHER_AES128_CTR:
1827     return "AES128-CTR";
1828     case SSH2_CIPHER_AES192_CTR:
1829     return "AES192-CTR";
1830     case SSH2_CIPHER_AES256_CTR:
1831     return "AES256-CTR";
1832     case SSH2_CIPHER_ARCFOUR:
1833     return "Arcfour";
1834     case SSH2_CIPHER_ARCFOUR128:
1835     return "Arcfour128";
1836     case SSH2_CIPHER_ARCFOUR256:
1837     return "Arcfour256";
1838     case SSH2_CIPHER_CAST128_CBC:
1839     return "CAST-128-CBC";
1840 doda 3850 case SSH2_CIPHER_3DES_CTR:
1841     return "3DES-CTR";
1842     case SSH2_CIPHER_BLOWFISH_CTR:
1843     return "Blowfish-CTR";
1844     case SSH2_CIPHER_CAST128_CTR:
1845     return "CAST-128-CTR";
1846 doda 4433 case SSH2_CIPHER_CAMELLIA128_CBC:
1847     return "Camellia128-CBC";
1848     case SSH2_CIPHER_CAMELLIA192_CBC:
1849     return "Camellia192-CBC";
1850     case SSH2_CIPHER_CAMELLIA256_CBC:
1851     return "Camellia256-CBC";
1852     case SSH2_CIPHER_CAMELLIA128_CTR:
1853     return "Camellia128-CTR";
1854     case SSH2_CIPHER_CAMELLIA192_CTR:
1855     return "Camellia192-CTR";
1856     case SSH2_CIPHER_CAMELLIA256_CTR:
1857     return "Camellia256-CTR";
1858 maya 3227
1859     default:
1860     return "Unknown";
1861     }
1862     }
1863    
1864     void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len)
1865     {
1866     UTIL_get_lang_msg("DLG_ABOUT_CIPHER_INFO", pvar,
1867     "%s to server, %s from server");
1868     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1869     get_cipher_name(pvar->crypt_state.sender_cipher),
1870     get_cipher_name(pvar->crypt_state.receiver_cipher));
1871     }
1872    
1873     void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
1874     {
1875     if (SSHv1(pvar)) {
1876     if (pvar->crypt_state.server_key.RSA_key == NULL
1877     || pvar->crypt_state.host_key.RSA_key == NULL) {
1878     UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
1879     strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
1880     } else {
1881     UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
1882     "%d-bit server key, %d-bit host key");
1883     _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1884     BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
1885     BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
1886     }
1887     } else { // SSH2
1888 maya 4313 UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO2", pvar,
1889     "%d-bit client key, %d-bit server key");
1890 maya 3227 _snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
1891 maya 4313 pvar->client_key_bits,
1892     pvar->server_key_bits);
1893 maya 3227 }
1894     }
1895    
1896 maya 4307 static void destroy_public_key(CRYPTPublicKey * key)
1897 maya 3227 {
1898     if (key->RSA_key != NULL) {
1899     RSA_free(key->RSA_key);
1900     key->RSA_key = NULL;
1901     }
1902     }
1903    
1904 maya 4307 void CRYPT_free_public_key(CRYPTPublicKey * key)
1905 maya 3227 {
1906     destroy_public_key(key);
1907     free(key);
1908     }
1909    
1910     void CRYPT_end(PTInstVar pvar)
1911     {
1912     destroy_public_key(&pvar->crypt_state.host_key);
1913     destroy_public_key(&pvar->crypt_state.server_key);
1914    
1915     if (pvar->crypt_state.detect_attack_statics.h != NULL) {
1916     memset(pvar->crypt_state.detect_attack_statics.h, 0,
1917     pvar->crypt_state.detect_attack_statics.n * HASH_ENTRYSIZE);
1918     free(pvar->crypt_state.detect_attack_statics.h);
1919     }
1920    
1921     memset(pvar->crypt_state.sender_cipher_key, 0,
1922     sizeof(pvar->crypt_state.sender_cipher_key));
1923     memset(pvar->crypt_state.receiver_cipher_key, 0,
1924     sizeof(pvar->crypt_state.receiver_cipher_key));
1925     memset(pvar->crypt_state.server_cookie, 0,
1926     sizeof(pvar->crypt_state.server_cookie));
1927     memset(pvar->crypt_state.client_cookie, 0,
1928     sizeof(pvar->crypt_state.client_cookie));
1929     memset(&pvar->crypt_state.enc, 0, sizeof(pvar->crypt_state.enc));
1930     memset(&pvar->crypt_state.dec, 0, sizeof(pvar->crypt_state.dec));
1931     }
1932    
1933     int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase,
1934     char FAR * buf, int bytes)
1935     {
1936     unsigned char passphrase_key[16];
1937    
1938     MD5(passphrase, strlen(passphrase), passphrase_key);
1939    
1940     switch (cipher) {
1941     case SSH_CIPHER_3DES:{
1942     Cipher3DESState state;
1943    
1944     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1945     &state.k1);
1946     DES_set_key((const_DES_cblock FAR *) (passphrase_key + 8),
1947     &state.k2);
1948     DES_set_key((const_DES_cblock FAR *) passphrase_key,
1949     &state.k3);
1950     memset(state.ivec1, 0, 8);
1951     memset(state.ivec2, 0, 8);
1952     memset(state.ivec3, 0, 8);
1953     DES_ncbc_encrypt(buf, buf, bytes,
1954     &state.k3, &state.ivec3, DES_DECRYPT);
1955     DES_ncbc_encrypt(buf, buf, bytes,
1956     &state.k2, &state.ivec2, DES_ENCRYPT);
1957     DES_ncbc_encrypt(buf, buf, bytes,
1958     &state.k1, &state.ivec1, DES_DECRYPT);
1959     break;
1960     }
1961    
1962     case SSH_CIPHER_IDEA:{
1963     CipherIDEAState state;
1964     int num = 0;
1965    
1966     cIDEA_init(passphrase_key, &state);
1967     idea_cfb64_encrypt(buf, buf, bytes, &state.k, state.ivec,
1968     &num, IDEA_DECRYPT);
1969     break;
1970     }
1971    
1972     case SSH_CIPHER_DES:{
1973     CipherDESState state;
1974    
1975     cDES_init(passphrase_key, &state);
1976     DES_ncbc_encrypt(buf, buf, bytes,
1977     &state.k, &state.ivec, DES_DECRYPT);
1978     break;
1979     }
1980    
1981     case SSH_CIPHER_RC4:{
1982     CipherRC4State state;
1983     int num = 0;
1984    
1985     RC4_set_key(&state.k, 16, passphrase_key);
1986     RC4(&state.k, bytes, buf, buf);
1987     break;
1988     }
1989    
1990     case SSH_CIPHER_BLOWFISH:{
1991     CipherBlowfishState state;
1992    
1993     BF_set_key(&state.k, 16, passphrase_key);
1994     memset(state.ivec, 0, 8);
1995     flip_endianness(buf, bytes);
1996     BF_cbc_encrypt(buf, buf, bytes, &state.k, state.ivec,
1997     BF_DECRYPT);
1998     flip_endianness(buf, bytes);
1999     break;
2000     }
2001    
2002     case SSH_CIPHER_NONE:
2003     break;
2004    
2005     default:
2006     memset(passphrase_key, 0, sizeof(passphrase_key));
2007     return 0;
2008     }
2009    
2010     memset(passphrase_key, 0, sizeof(passphrase_key));
2011     return 1;
2012     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help