| 48 |
#define DEATTACK_DETECTED 1 |
#define DEATTACK_DETECTED 1 |
| 49 |
|
|
| 50 |
/* |
/* |
| 51 |
* $Id: crypt.c,v 1.26 2008-11-22 06:46:43 doda Exp $ Cryptographic attack |
* $Id: crypt.c,v 1.27 2008-11-22 10:05:33 maya Exp $ Cryptographic attack |
| 52 |
* detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina |
* detector for ssh - source code (C)1998 CORE-SDI, Buenos Aires Argentina |
| 53 |
* Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com> |
* Ariel Futoransky(futo@core-sdi.com) <http://www.core-sdi.com> |
| 54 |
*/ |
*/ |
| 556 |
free(newbuf); |
free(newbuf); |
| 557 |
} |
} |
| 558 |
|
|
| 559 |
|
static void cCast128_encrypt(PTInstVar pvar, unsigned char FAR * buf, |
| 560 |
|
int bytes) |
| 561 |
|
{ |
| 562 |
|
unsigned char *newbuf = malloc(bytes); |
| 563 |
|
int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size; |
| 564 |
|
|
| 565 |
|
// 事前復号化により、全ペイロードが復号化されている場合は、0バイトになる。(2004.11.7 yutaka) |
| 566 |
|
if (bytes == 0) |
| 567 |
|
goto error; |
| 568 |
|
|
| 569 |
|
if (newbuf == NULL) |
| 570 |
|
return; |
| 571 |
|
|
| 572 |
|
if (bytes % block_size) { |
| 573 |
|
char tmp[80]; |
| 574 |
|
UTIL_get_lang_msg("MSG_CAST128_ENCRYPT_ERROR1", pvar, |
| 575 |
|
"CAST128 encrypt error(1): bytes %d (%d)"); |
| 576 |
|
_snprintf_s(tmp, sizeof(tmp), _TRUNCATE, |
| 577 |
|
pvar->ts->UIMsg, bytes, block_size); |
| 578 |
|
notify_fatal_error(pvar, tmp); |
| 579 |
|
goto error; |
| 580 |
|
} |
| 581 |
|
|
| 582 |
|
if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) { |
| 583 |
|
UTIL_get_lang_msg("MSG_CAST128_ENCRYPT_ERROR2", pvar, |
| 584 |
|
"CAST128 encrypt error(2)"); |
| 585 |
|
notify_fatal_error(pvar, pvar->ts->UIMsg); |
| 586 |
|
goto error; |
| 587 |
|
|
| 588 |
|
} else { |
| 589 |
|
memcpy(buf, newbuf, bytes); |
| 590 |
|
|
| 591 |
|
} |
| 592 |
|
|
| 593 |
|
error: |
| 594 |
|
free(newbuf); |
| 595 |
|
} |
| 596 |
|
|
| 597 |
|
static void cCast128_decrypt(PTInstVar pvar, unsigned char FAR * buf, |
| 598 |
|
int bytes) |
| 599 |
|
{ |
| 600 |
|
unsigned char *newbuf = malloc(bytes); |
| 601 |
|
int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size; |
| 602 |
|
|
| 603 |
|
// 事前復号化により、全ペイロードが復号化されている場合は、0バイトになる。(2004.11.7 yutaka) |
| 604 |
|
if (bytes == 0) |
| 605 |
|
goto error; |
| 606 |
|
|
| 607 |
|
if (newbuf == NULL) |
| 608 |
|
return; |
| 609 |
|
|
| 610 |
|
if (bytes % block_size) { |
| 611 |
|
char tmp[80]; |
| 612 |
|
UTIL_get_lang_msg("MSG_CAST128_DECRYPT_ERROR1", pvar, |
| 613 |
|
"CAST128 decrypt error(1): bytes %d (%d)"); |
| 614 |
|
_snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, bytes, block_size); |
| 615 |
|
notify_fatal_error(pvar, tmp); |
| 616 |
|
goto error; |
| 617 |
|
} |
| 618 |
|
|
| 619 |
|
if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) { |
| 620 |
|
UTIL_get_lang_msg("MSG_CAST128_DECRYPT_ERROR2", pvar, |
| 621 |
|
"CAST128 decrypt error(2)"); |
| 622 |
|
notify_fatal_error(pvar, pvar->ts->UIMsg); |
| 623 |
|
goto error; |
| 624 |
|
|
| 625 |
|
} else { |
| 626 |
|
memcpy(buf, newbuf, bytes); |
| 627 |
|
|
| 628 |
|
} |
| 629 |
|
|
| 630 |
|
error: |
| 631 |
|
free(newbuf); |
| 632 |
|
} |
| 633 |
|
|
| 634 |
|
|
| 635 |
|
|
| 636 |
static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf, |
static void c3DES_encrypt(PTInstVar pvar, unsigned char FAR * buf, |
| 863 |
| (1 << SSH2_CIPHER_AES256_CTR) |
| (1 << SSH2_CIPHER_AES256_CTR) |
| 864 |
| (1 << SSH2_CIPHER_ARCFOUR) |
| (1 << SSH2_CIPHER_ARCFOUR) |
| 865 |
| (1 << SSH2_CIPHER_ARCFOUR128) |
| (1 << SSH2_CIPHER_ARCFOUR128) |
| 866 |
| (1 << SSH2_CIPHER_ARCFOUR256); |
| (1 << SSH2_CIPHER_ARCFOUR256) |
| 867 |
|
| (1 << SSH2_CIPHER_CAST128_CBC); |
| 868 |
} |
} |
| 869 |
|
|
| 870 |
sender_ciphers &= cipher_mask; |
sender_ciphers &= cipher_mask; |
| 1415 |
break; |
break; |
| 1416 |
} |
} |
| 1417 |
|
|
| 1418 |
|
case SSH2_CIPHER_CAST128_CBC: |
| 1419 |
|
{ |
| 1420 |
|
struct Enc *enc; |
| 1421 |
|
|
| 1422 |
|
enc = &pvar->ssh2_keys[MODE_OUT].enc; |
| 1423 |
|
cipher_init_SSH2(&pvar->evpcip[MODE_OUT], |
| 1424 |
|
enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher), |
| 1425 |
|
enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher), |
| 1426 |
|
CIPHER_ENCRYPT, |
| 1427 |
|
get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher), |
| 1428 |
|
get_cipher_discard_len(pvar->crypt_state.sender_cipher), |
| 1429 |
|
pvar); |
| 1430 |
|
//debug_print(10, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher)); |
| 1431 |
|
//debug_print(11, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher)); |
| 1432 |
|
|
| 1433 |
|
pvar->crypt_state.encrypt = cCast128_encrypt; |
| 1434 |
|
break; |
| 1435 |
|
} |
| 1436 |
|
|
| 1437 |
case SSH_CIPHER_3DES:{ |
case SSH_CIPHER_3DES:{ |
| 1438 |
c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES); |
c3DES_init(encryption_key, &pvar->crypt_state.enc.c3DES); |
| 1439 |
pvar->crypt_state.encrypt = c3DES_encrypt; |
pvar->crypt_state.encrypt = c3DES_encrypt; |
| 1558 |
break; |
break; |
| 1559 |
} |
} |
| 1560 |
|
|
| 1561 |
|
case SSH2_CIPHER_CAST128_CBC: |
| 1562 |
|
{ |
| 1563 |
|
struct Enc *enc; |
| 1564 |
|
|
| 1565 |
|
enc = &pvar->ssh2_keys[MODE_IN].enc; |
| 1566 |
|
cipher_init_SSH2(&pvar->evpcip[MODE_IN], |
| 1567 |
|
enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher), |
| 1568 |
|
enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher), |
| 1569 |
|
CIPHER_DECRYPT, |
| 1570 |
|
get_cipher_EVP_CIPHER(pvar->crypt_state.sender_cipher), |
| 1571 |
|
get_cipher_discard_len(pvar->crypt_state.sender_cipher), |
| 1572 |
|
pvar); |
| 1573 |
|
|
| 1574 |
|
//debug_print(12, enc->key, get_cipher_key_len(pvar->crypt_state.sender_cipher)); |
| 1575 |
|
//debug_print(13, enc->iv, get_cipher_block_size(pvar->crypt_state.sender_cipher)); |
| 1576 |
|
|
| 1577 |
|
pvar->crypt_state.decrypt = cCast128_decrypt; |
| 1578 |
|
break; |
| 1579 |
|
} |
| 1580 |
|
|
| 1581 |
case SSH_CIPHER_3DES:{ |
case SSH_CIPHER_3DES:{ |
| 1582 |
c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES); |
c3DES_init(decryption_key, &pvar->crypt_state.dec.c3DES); |
| 1583 |
pvar->crypt_state.decrypt = c3DES_decrypt; |
pvar->crypt_state.decrypt = c3DES_decrypt; |
| 1675 |
return "Arcfour128"; |
return "Arcfour128"; |
| 1676 |
case SSH2_CIPHER_ARCFOUR256: |
case SSH2_CIPHER_ARCFOUR256: |
| 1677 |
return "Arcfour256"; |
return "Arcfour256"; |
| 1678 |
|
case SSH2_CIPHER_CAST128_CBC: |
| 1679 |
|
return "CAST-128-CBC"; |
| 1680 |
|
|
| 1681 |
default: |
default: |
| 1682 |
return "Unknown"; |
return "Unknown"; |
Tera Term
Parent Directory
Revision Log
Patch