Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/trunk/ttssh2/ttxssh/kex.c

Annotation of /trunk/ttssh2/ttxssh/kex.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 10955 - (hide annotations) (download) (as text)
Mon Oct 2 23:34:47 2023 UTC (6 months, 1 week ago) by nmaya
File MIME type: text/x-csrc
File size: 25672 byte(s) 
myproposal についてのコメントを修正

r10949, ticket: #36111 関連
1 maya 4304 /*
2 nmaya 9048 * (C) 2011- TeraTerm Project
3 doda 6841 * All rights reserved.
4     *
5     * Redistribution and use in source and binary forms, with or without
6     * modification, are permitted provided that the following conditions
7     * are met:
8     *
9     * 1. Redistributions of source code must retain the above copyright
10     * notice, this list of conditions and the following disclaimer.
11     * 2. Redistributions in binary form must reproduce the above copyright
12     * notice, this list of conditions and the following disclaimer in the
13     * documentation and/or other materials provided with the distribution.
14     * 3. The name of the author may not be used to endorse or promote products
15     * derived from this software without specific prior written permission.
16     *
17     * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
18     * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19     * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20     * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
21     * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22     * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23     * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24     * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25     * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26     * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28 maya 4304
29     #include "ttxssh.h"
30     #include "kex.h"
31    
32 nmaya 9255
33     char *myproposal[PROPOSAL_MAX] = {
34     KEX_DEFAULT_KEX,
35     KEX_DEFAULT_PK_ALG,
36     KEX_DEFAULT_ENCRYPT,
37     KEX_DEFAULT_ENCRYPT,
38     KEX_DEFAULT_MAC,
39     KEX_DEFAULT_MAC,
40     KEX_DEFAULT_COMP,
41     KEX_DEFAULT_COMP,
42     KEX_DEFAULT_LANG,
43     KEX_DEFAULT_LANG,
44     };
45    
46     struct ssh2_kex_algorithm_t {
47     kex_algorithm kextype;
48     char *name;
49     const EVP_MD *(*evp_md)(void);
50     };
51    
52     static const struct ssh2_kex_algorithm_t ssh2_kex_algorithms[] = {
53     {KEX_DH_GRP1_SHA1, "diffie-hellman-group1-sha1", EVP_sha1}, // RFC4253
54     {KEX_DH_GRP14_SHA1, "diffie-hellman-group14-sha1", EVP_sha1}, // RFC4253
55     {KEX_DH_GEX_SHA1, "diffie-hellman-group-exchange-sha1", EVP_sha1}, // RFC4419
56     {KEX_DH_GEX_SHA256, "diffie-hellman-group-exchange-sha256", EVP_sha256}, // RFC4419
57     {KEX_ECDH_SHA2_256, "ecdh-sha2-nistp256", EVP_sha256}, // RFC5656
58     {KEX_ECDH_SHA2_384, "ecdh-sha2-nistp384", EVP_sha384}, // RFC5656
59     {KEX_ECDH_SHA2_521, "ecdh-sha2-nistp521", EVP_sha512}, // RFC5656
60     {KEX_DH_GRP14_SHA256, "diffie-hellman-group14-sha256", EVP_sha256}, // RFC8268
61     {KEX_DH_GRP16_SHA512, "diffie-hellman-group16-sha512", EVP_sha512}, // RFC8268
62     {KEX_DH_GRP18_SHA512, "diffie-hellman-group18-sha512", EVP_sha512}, // RFC8268
63     {KEX_DH_NONE , NULL, NULL},
64     };
65    
66    
67     char* get_kex_algorithm_name(kex_algorithm kextype)
68     {
69     const struct ssh2_kex_algorithm_t *ptr = ssh2_kex_algorithms;
70    
71     while (ptr->name != NULL) {
72     if (kextype == ptr->kextype) {
73     return ptr->name;
74     }
75     ptr++;
76     }
77    
78     // not found.
79     return "unknown";
80     }
81    
82     const EVP_MD* get_kex_algorithm_EVP_MD(kex_algorithm kextype)
83     {
84     const struct ssh2_kex_algorithm_t *ptr = ssh2_kex_algorithms;
85    
86     while (ptr->name != NULL) {
87     if (kextype == ptr->kextype) {
88     return ptr->evp_md();
89     }
90     ptr++;
91     }
92    
93     // not found.
94     return EVP_md_null();
95     }
96    
97     void normalize_kex_order(char *buf)
98     {
99     static char default_strings[] = {
100     KEX_ECDH_SHA2_256,
101     KEX_ECDH_SHA2_384,
102     KEX_ECDH_SHA2_521,
103     KEX_DH_GRP18_SHA512,
104     KEX_DH_GRP16_SHA512,
105     KEX_DH_GRP14_SHA256,
106     KEX_DH_GEX_SHA256,
107 nmaya 10860 KEX_DH_GRP14_SHA1,
108     KEX_DH_NONE,
109 nmaya 9255 KEX_DH_GEX_SHA1,
110     KEX_DH_GRP1_SHA1,
111     };
112    
113     normalize_generic_order(buf, default_strings, NUM_ELEM(default_strings));
114     }
115    
116     kex_algorithm choose_SSH2_kex_algorithm(char *server_proposal, char *my_proposal)
117     {
118     kex_algorithm type = KEX_DH_UNKNOWN;
119     char str_kextype[40];
120     const struct ssh2_kex_algorithm_t *ptr = ssh2_kex_algorithms;
121    
122     choose_SSH2_proposal(server_proposal, my_proposal, str_kextype, sizeof(str_kextype));
123    
124     while (ptr->name != NULL) {
125     if (strcmp(ptr->name, str_kextype) == 0) {
126     type = ptr->kextype;
127     break;
128     }
129     ptr++;
130     }
131    
132     return (type);
133     }
134    
135     // KEX�A���S���Y���D���������������Amyproposal[]�������������B
136     // (2011.2.28 yutaka)
137     void SSH2_update_kex_myproposal(PTInstVar pvar)
138     {
139     static char buf[512]; // TODO: malloc()��������
140     int index;
141 doda 10066 int i;
142 nmaya 9255
143 nmaya 10949 // ���M�������������������������L�[������
144 nmaya 9255 if (pvar->socket != INVALID_SOCKET) {
145 nmaya 10949 if (pvar->kex_status & KEX_FLAG_REKEYING) {
146 nmaya 10955 // �L�[�����������������A�������� pvar->settings �����g������������ myproposal �������������B
147     // pvar->settings �� �������� myproposal �����������������l�����������������������������B
148 nmaya 10949 // ���x�g������������������������ myproposal �����������������������B
149     int pos = strlen(myproposal[PROPOSAL_KEX_ALGS]) - strlen(",ext-info-c");
150     if (strcmp(myproposal[PROPOSAL_KEX_ALGS] + pos, ",ext-info-c") == 0) {
151     myproposal[PROPOSAL_KEX_ALGS][pos] = '\0';
152     }
153     }
154 nmaya 9255 return;
155     }
156    
157     buf[0] = '\0';
158     for (i = 0 ; pvar->settings.KexOrder[i] != 0 ; i++) {
159     index = pvar->settings.KexOrder[i] - '0';
160     if (index == KEX_DH_NONE) // disabled line
161     break;
162     strncat_s(buf, sizeof(buf), get_kex_algorithm_name(index), _TRUNCATE);
163     strncat_s(buf, sizeof(buf), ",", _TRUNCATE);
164     }
165 nmaya 10949
166     // RFC 8308 Extension Negotiation
167 doda 10066 strncat_s(buf, sizeof(buf), "ext-info-c", _TRUNCATE);
168 nmaya 10949
169 nmaya 9255 myproposal[PROPOSAL_KEX_ALGS] = buf;
170     }
171    
172    
173 maya 4304 static DH *dh_new_group_asc(const char *gen, const char *modulus)
174     {
175     DH *dh = NULL;
176 yutakapon 8316 BIGNUM *p = NULL, *g = NULL;
177 maya 4304
178     if ((dh = DH_new()) == NULL) {
179     printf("dh_new_group_asc: DH_new");
180     goto error;
181     }
182    
183     // P��G�����J�����������f�����g��������
184 yutakapon 8316 if (BN_hex2bn(&p, modulus) == 0) {
185 maya 4304 printf("BN_hex2bn p");
186     goto error;
187     }
188    
189 yutakapon 8316 if (BN_hex2bn(&g, gen) == 0) {
190 maya 4304 printf("BN_hex2bn g");
191     goto error;
192     }
193    
194 yutakapon 8316 // BN_hex2bn()�����������|�C���^��DH�\�������Z�b�g�����B
195     DH_set0_pqg(dh, p, NULL, g);
196    
197 maya 4304 return (dh);
198    
199     error:
200 yutakapon 8316 BN_free(g);
201     BN_free(p);
202 maya 4304 DH_free(dh);
203     return (NULL);
204     }
205    
206    
207     DH *dh_new_group1(void)
208     {
209     static char *gen = "2", *group1 =
210     "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
211     "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
212     "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
213     "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
214     "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381"
215     "FFFFFFFF" "FFFFFFFF";
216    
217     return (dh_new_group_asc(gen, group1));
218     }
219    
220    
221     DH *dh_new_group14(void)
222     {
223     static char *gen = "2", *group14 =
224     "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
225     "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
226     "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
227     "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
228     "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
229     "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
230     "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
231     "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
232     "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
233     "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
234     "15728E5A" "8AACAA68" "FFFFFFFF" "FFFFFFFF";
235    
236     return (dh_new_group_asc(gen, group14));
237     }
238    
239 doda 6310 // ���g�p
240 doda 6263 DH *dh_new_group15(void)
241     {
242     static char *gen = "2", *group15 =
243     "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
244     "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
245     "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
246     "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
247     "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
248     "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
249     "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
250     "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
251     "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
252     "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
253     "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64"
254     "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7"
255     "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B"
256     "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
257     "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31"
258     "43DB5BFC" "E0FD108E" "4B82D120" "A93AD2CA" "FFFFFFFF" "FFFFFFFF";
259     return (dh_new_group_asc(gen, group15));
260     }
261 maya 4304
262 doda 6263 DH *dh_new_group16(void)
263     {
264     static char *gen = "2", *group16 =
265     "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
266     "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
267     "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
268     "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
269     "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
270     "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
271     "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
272     "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
273     "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
274     "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
275     "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64"
276     "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7"
277     "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B"
278     "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
279     "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31"
280     "43DB5BFC" "E0FD108E" "4B82D120" "A9210801" "1A723C12" "A787E6D7"
281     "88719A10" "BDBA5B26" "99C32718" "6AF4E23C" "1A946834" "B6150BDA"
282     "2583E9CA" "2AD44CE8" "DBBBC2DB" "04DE8EF9" "2E8EFC14" "1FBECAA6"
283     "287C5947" "4E6BC05D" "99B2964F" "A090C3A2" "233BA186" "515BE7ED"
284     "1F612970" "CEE2D7AF" "B81BDD76" "2170481C" "D0069127" "D5B05AA9"
285     "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199"
286     "FFFFFFFF" "FFFFFFFF";
287     return (dh_new_group_asc(gen, group16));
288     }
289    
290 doda 6310 // ���g�p
291     DH *dh_new_group17(void)
292     {
293     static char *gen = "2", *group17 =
294     "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" "29024E08"
295     "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" "EF9519B3" "CD3A431B"
296     "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" "E485B576" "625E7EC6" "F44C42E9"
297     "A637ED6B" "0BFF5CB6" "F406B7ED" "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6"
298     "49286651" "ECE45B3D" "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8"
299     "FD24CF5F" "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
300     "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B" "E39E772C"
301     "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9" "DE2BCBF6" "95581718"
302     "3995497C" "EA956AE5" "15D22618" "98FA0510" "15728E5A" "8AAAC42D" "AD33170D"
303     "04507A33" "A85521AB" "DF1CBA64" "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D"
304     "B3970F85" "A6E1E4C7" "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226"
305     "1AD2EE6B" "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
306     "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31" "43DB5BFC"
307     "E0FD108E" "4B82D120" "A9210801" "1A723C12" "A787E6D7" "88719A10" "BDBA5B26"
308     "99C32718" "6AF4E23C" "1A946834" "B6150BDA" "2583E9CA" "2AD44CE8" "DBBBC2DB"
309     "04DE8EF9" "2E8EFC14" "1FBECAA6" "287C5947" "4E6BC05D" "99B2964F" "A090C3A2"
310     "233BA186" "515BE7ED" "1F612970" "CEE2D7AF" "B81BDD76" "2170481C" "D0069127"
311     "D5B05AA9" "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34028492"
312     "36C3FAB4" "D27C7026" "C1D4DCB2" "602646DE" "C9751E76" "3DBA37BD" "F8FF9406"
313     "AD9E530E" "E5DB382F" "413001AE" "B06A53ED" "9027D831" "179727B0" "865A8918"
314     "DA3EDBEB" "CF9B14ED" "44CE6CBA" "CED4BB1B" "DB7F1447" "E6CC254B" "33205151"
315     "2BD7AF42" "6FB8F401" "378CD2BF" "5983CA01" "C64B92EC" "F032EA15" "D1721D03"
316     "F482D7CE" "6E74FEF6" "D55E702F" "46980C82" "B5A84031" "900B1C9E" "59E7C97F"
317     "BEC7E8F3" "23A97A7E" "36CC88BE" "0F1D45B7" "FF585AC5" "4BD407B2" "2B4154AA"
318     "CC8F6D7E" "BF48E1D8" "14CC5ED2" "0F8037E0" "A79715EE" "F29BE328" "06A1D58B"
319     "B7C5DA76" "F550AA3D" "8A1FBFF0" "EB19CCB1" "A313D55C" "DA56C9EC" "2EF29632"
320     "387FE8D7" "6E3C0468" "043E8F66" "3F4860EE" "12BF2D5B" "0B7474D6" "E694F91E"
321     "6DCC4024" "FFFFFFFF" "FFFFFFFF";
322     return (dh_new_group_asc(gen, group17));
323     }
324 doda 6263
325 doda 6310 DH *dh_new_group18(void)
326     {
327     static char *gen = "2", *group18 =
328     "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
329     "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
330     "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
331     "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
332     "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
333     "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
334     "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
335     "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
336     "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
337     "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
338     "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64"
339     "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7"
340     "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B"
341     "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
342     "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31"
343     "43DB5BFC" "E0FD108E" "4B82D120" "A9210801" "1A723C12" "A787E6D7"
344     "88719A10" "BDBA5B26" "99C32718" "6AF4E23C" "1A946834" "B6150BDA"
345     "2583E9CA" "2AD44CE8" "DBBBC2DB" "04DE8EF9" "2E8EFC14" "1FBECAA6"
346     "287C5947" "4E6BC05D" "99B2964F" "A090C3A2" "233BA186" "515BE7ED"
347     "1F612970" "CEE2D7AF" "B81BDD76" "2170481C" "D0069127" "D5B05AA9"
348     "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34028492"
349     "36C3FAB4" "D27C7026" "C1D4DCB2" "602646DE" "C9751E76" "3DBA37BD"
350     "F8FF9406" "AD9E530E" "E5DB382F" "413001AE" "B06A53ED" "9027D831"
351     "179727B0" "865A8918" "DA3EDBEB" "CF9B14ED" "44CE6CBA" "CED4BB1B"
352     "DB7F1447" "E6CC254B" "33205151" "2BD7AF42" "6FB8F401" "378CD2BF"
353     "5983CA01" "C64B92EC" "F032EA15" "D1721D03" "F482D7CE" "6E74FEF6"
354     "D55E702F" "46980C82" "B5A84031" "900B1C9E" "59E7C97F" "BEC7E8F3"
355     "23A97A7E" "36CC88BE" "0F1D45B7" "FF585AC5" "4BD407B2" "2B4154AA"
356     "CC8F6D7E" "BF48E1D8" "14CC5ED2" "0F8037E0" "A79715EE" "F29BE328"
357     "06A1D58B" "B7C5DA76" "F550AA3D" "8A1FBFF0" "EB19CCB1" "A313D55C"
358     "DA56C9EC" "2EF29632" "387FE8D7" "6E3C0468" "043E8F66" "3F4860EE"
359     "12BF2D5B" "0B7474D6" "E694F91E" "6DBE1159" "74A3926F" "12FEE5E4"
360     "38777CB6" "A932DF8C" "D8BEC4D0" "73B931BA" "3BC832B6" "8D9DD300"
361     "741FA7BF" "8AFC47ED" "2576F693" "6BA42466" "3AAB639C" "5AE4F568"
362     "3423B474" "2BF1C978" "238F16CB" "E39D652D" "E3FDB8BE" "FC848AD9"
363     "22222E04" "A4037C07" "13EB57A8" "1A23F0C7" "3473FC64" "6CEA306B"
364     "4BCBC886" "2F8385DD" "FA9D4B7F" "A2C087E8" "79683303" "ED5BDD3A"
365     "062B3CF5" "B3A278A6" "6D2A13F8" "3F44F82D" "DF310EE0" "74AB6A36"
366     "4597E899" "A0255DC1" "64F31CC5" "0846851D" "F9AB4819" "5DED7EA1"
367     "B1D510BD" "7EE74D73" "FAF36BC3" "1ECFA268" "359046F4" "EB879F92"
368     "4009438B" "481C6CD7" "889A002E" "D5EE382B" "C9190DA6" "FC026E47"
369     "9558E447" "5677E9AA" "9E3050E2" "765694DF" "C81F56E8" "80B96E71"
370     "60C980DD" "98EDD3DF" "FFFFFFFF" "FFFFFFFF";
371     return (dh_new_group_asc(gen, group18));
372     }
373    
374    
375 maya 4304 // DH������������
376     void dh_gen_key(PTInstVar pvar, DH *dh, int we_need /* bytes */ )
377     {
378     int i;
379 yutakapon 8316 BIGNUM *pub_key;
380     BIGNUM *priv_key;
381 maya 4304
382 yutakapon 8316 priv_key = NULL;
383 maya 4304
384     // ����������������(X)������
385     for (i = 0 ; i < 10 ; i++) { // retry counter
386 yutakapon 8316 if (priv_key != NULL) {
387     BN_clear_free(priv_key);
388 maya 4304 }
389 yutakapon 8316 priv_key = BN_new();
390     DH_set0_key(dh, NULL, priv_key);
391     if (priv_key == NULL)
392 maya 4304 goto error;
393 yutakapon 8316 if (BN_rand(priv_key, 2*(we_need*8), 0, 0) == 0)
394 maya 4304 goto error;
395     if (DH_generate_key(dh) == 0)
396     goto error;
397 yutakapon 8316 DH_get0_key(dh, &pub_key, NULL);
398     if (dh_pub_is_valid(dh, pub_key))
399 maya 4304 break;
400     }
401     if (i >= 10) {
402     goto error;
403     }
404     return;
405    
406     error:;
407 maya 5678 notify_fatal_error(pvar, "error occurred @ dh_gen_key()", TRUE);
408 maya 4304
409     }
410    
411    
412     int dh_estimate(int bits)
413     {
414 doda 5886 if (bits <= 112)
415     return 2048;
416 maya 4304 if (bits <= 128)
417 doda 5886 return 3072;
418 maya 4304 if (bits <= 192)
419 doda 5886 return 7680;
420     return 8192;
421 maya 4304 }
422    
423    
424 doda 6263 // shared secret ���v�Z���� (DH �����O���[�v�p)
425     unsigned char *kex_dh_hash(const EVP_MD *evp_md,
426     char *client_version_string,
427 maya 4304 char *server_version_string,
428     char *ckexinit, int ckexinitlen,
429     char *skexinit, int skexinitlen,
430     u_char *serverhostkeyblob, int sbloblen,
431     BIGNUM *client_dh_pub,
432     BIGNUM *server_dh_pub,
433 maya 4305 BIGNUM *shared_secret,
434     unsigned int *hashlen)
435 maya 4304 {
436     buffer_t *b;
437     static unsigned char digest[EVP_MAX_MD_SIZE];
438 yutakapon 8316 EVP_MD_CTX *md = NULL;
439 maya 4304
440 yutakapon 8316 md = EVP_MD_CTX_new();
441     if (md == NULL)
442     goto error;
443    
444 maya 4304 b = buffer_init();
445     buffer_put_string(b, client_version_string, strlen(client_version_string));
446     buffer_put_string(b, server_version_string, strlen(server_version_string));
447    
448     /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
449     buffer_put_int(b, ckexinitlen+1);
450     buffer_put_char(b, SSH2_MSG_KEXINIT);
451     buffer_append(b, ckexinit, ckexinitlen);
452     buffer_put_int(b, skexinitlen+1);
453     buffer_put_char(b, SSH2_MSG_KEXINIT);
454     buffer_append(b, skexinit, skexinitlen);
455    
456     buffer_put_string(b, serverhostkeyblob, sbloblen);
457     buffer_put_bignum2(b, client_dh_pub);
458     buffer_put_bignum2(b, server_dh_pub);
459     buffer_put_bignum2(b, shared_secret);
460    
461     // yutaka
462     //debug_print(38, buffer_ptr(b), buffer_len(b));
463    
464 yutakapon 8316 EVP_DigestInit(md, evp_md);
465     EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
466     EVP_DigestFinal(md, digest, NULL);
467 maya 4304
468     buffer_free(b);
469    
470     //write_buffer_file(digest, EVP_MD_size(evp_md));
471    
472 maya 4305 *hashlen = EVP_MD_size(evp_md);
473    
474 yutakapon 8316 error:
475     if (md)
476     EVP_MD_CTX_free(md);
477    
478 maya 4304 return digest;
479     }
480    
481    
482 doda 6263 // shared secret ���v�Z���� (DH GEX�p)
483 maya 4305 unsigned char *kex_dh_gex_hash(const EVP_MD *evp_md,
484     char *client_version_string,
485 maya 4304 char *server_version_string,
486     char *ckexinit, int ckexinitlen,
487     char *skexinit, int skexinitlen,
488     u_char *serverhostkeyblob, int sbloblen,
489     int kexgex_min,
490     int kexgex_bits,
491     int kexgex_max,
492     BIGNUM *kexgex_p,
493     BIGNUM *kexgex_g,
494     BIGNUM *client_dh_pub,
495     BIGNUM *server_dh_pub,
496 maya 4305 BIGNUM *shared_secret,
497     unsigned int *hashlen)
498 maya 4304 {
499     buffer_t *b;
500     static unsigned char digest[EVP_MAX_MD_SIZE];
501 yutakapon 8316 EVP_MD_CTX *md = NULL;
502 maya 4304
503 yutakapon 8316 md = EVP_MD_CTX_new();
504     if (md == NULL)
505     goto error;
506    
507 maya 4304 b = buffer_init();
508     buffer_put_string(b, client_version_string, strlen(client_version_string));
509     buffer_put_string(b, server_version_string, strlen(server_version_string));
510    
511     /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
512     buffer_put_int(b, ckexinitlen+1);
513     buffer_put_char(b, SSH2_MSG_KEXINIT);
514     buffer_append(b, ckexinit, ckexinitlen);
515     buffer_put_int(b, skexinitlen+1);
516     buffer_put_char(b, SSH2_MSG_KEXINIT);
517     buffer_append(b, skexinit, skexinitlen);
518    
519     buffer_put_string(b, serverhostkeyblob, sbloblen);
520    
521     // DH group size���r�b�g�������Z����
522     buffer_put_int(b, kexgex_min);
523     buffer_put_int(b, kexgex_bits);
524     buffer_put_int(b, kexgex_max);
525    
526     // DH�����f���������������Z����
527     buffer_put_bignum2(b, kexgex_p);
528     buffer_put_bignum2(b, kexgex_g);
529    
530     buffer_put_bignum2(b, client_dh_pub);
531     buffer_put_bignum2(b, server_dh_pub);
532     buffer_put_bignum2(b, shared_secret);
533    
534     // yutaka
535     //debug_print(38, buffer_ptr(b), buffer_len(b));
536    
537 yutakapon 8316 EVP_DigestInit(md, evp_md);
538     EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
539     EVP_DigestFinal(md, digest, NULL);
540 maya 4304
541     buffer_free(b);
542    
543     //write_buffer_file(digest, EVP_MD_size(evp_md));
544    
545 maya 4305 *hashlen = EVP_MD_size(evp_md);
546    
547 yutakapon 8316 error:
548     if (md)
549     EVP_MD_CTX_free(md);
550    
551 maya 4304 return digest;
552     }
553    
554    
555 maya 4314 unsigned char *kex_ecdh_hash(const EVP_MD *evp_md,
556     const EC_GROUP *ec_group,
557     char *client_version_string,
558     char *server_version_string,
559     char *ckexinit, int ckexinitlen,
560     char *skexinit, int skexinitlen,
561     u_char *serverhostkeyblob, int sbloblen,
562     const EC_POINT *client_dh_pub,
563     const EC_POINT *server_dh_pub,
564     BIGNUM *shared_secret,
565     unsigned int *hashlen)
566     {
567     buffer_t *b;
568     static unsigned char digest[EVP_MAX_MD_SIZE];
569 yutakapon 8316 EVP_MD_CTX *md = NULL;
570 maya 4314
571 yutakapon 8316 md = EVP_MD_CTX_new();
572     if (md == NULL)
573     goto error;
574    
575 maya 4314 b = buffer_init();
576     buffer_put_string(b, client_version_string, strlen(client_version_string));
577     buffer_put_string(b, server_version_string, strlen(server_version_string));
578    
579     /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
580     buffer_put_int(b, ckexinitlen+1);
581     buffer_put_char(b, SSH2_MSG_KEXINIT);
582     buffer_append(b, ckexinit, ckexinitlen);
583     buffer_put_int(b, skexinitlen+1);
584     buffer_put_char(b, SSH2_MSG_KEXINIT);
585     buffer_append(b, skexinit, skexinitlen);
586    
587     buffer_put_string(b, serverhostkeyblob, sbloblen);
588    
589     buffer_put_ecpoint(b, ec_group, client_dh_pub);
590     buffer_put_ecpoint(b, ec_group, server_dh_pub);
591     buffer_put_bignum2(b, shared_secret);
592    
593     // yutaka
594     //debug_print(38, buffer_ptr(b), buffer_len(b));
595    
596 yutakapon 8316 EVP_DigestInit(md, evp_md);
597     EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
598     EVP_DigestFinal(md, digest, NULL);
599 maya 4314
600     buffer_free(b);
601    
602     //write_buffer_file(digest, EVP_MD_size(evp_md));
603    
604     *hashlen = EVP_MD_size(evp_md);
605    
606 yutakapon 8316 error:
607     if (md)
608     EVP_MD_CTX_free(md);
609    
610 maya 4314 return digest;
611     }
612    
613    
614 maya 4304 int dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
615     {
616     int i;
617     int n = BN_num_bits(dh_pub);
618     int bits_set = 0;
619 yutakapon 8316 const BIGNUM *p;
620 maya 4304
621 yutakapon 8316 // OpenSSL 1.1.0���ABIGNUM�\������neg�����o�[�������A�N�Z�X�������������������A
622     // BN_is_negative�������u�������BOpenSSL 1.0.2�����}�N�����`���������������A
623     // OpenSSL 1.0.2�����A�����������������B
624     if (BN_is_negative(dh_pub)) {
625 maya 4304 //logit("invalid public DH value: negativ");
626     return 0;
627     }
628     for (i = 0; i <= n; i++)
629     if (BN_is_bit_set(dh_pub, i))
630     bits_set++;
631     //debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
632    
633     /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
634 yutakapon 8316 DH_get0_pqg(dh, &p, NULL, NULL);
635     if (bits_set > 1 && (BN_cmp(dh_pub, p) == -1))
636 maya 4304 return 1;
637     //logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
638     return 0;
639     }
640    
641    
642     static u_char *derive_key(int id, int need, u_char *hash, BIGNUM *shared_secret,
643     char *session_id, int session_id_len,
644 maya 4305 const EVP_MD *evp_md)
645 maya 4304 {
646     buffer_t *b;
647 yutakapon 8316 EVP_MD_CTX *md = NULL;
648 maya 4304 char c = id;
649     int have;
650     int mdsz = EVP_MD_size(evp_md);
651     u_char *digest = malloc(roundup(need, mdsz));
652    
653 yutakapon 8316 md = EVP_MD_CTX_new();
654     if (md == NULL)
655     goto skip;
656    
657 maya 4304 if (digest == NULL)
658     goto skip;
659    
660     b = buffer_init();
661     if (b == NULL)
662     goto skip;
663    
664     buffer_put_bignum2(b, shared_secret);
665    
666     /* K1 = HASH(K || H || "A" || session_id) */
667 yutakapon 8316 EVP_DigestInit(md, evp_md);
668     EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
669     EVP_DigestUpdate(md, hash, mdsz);
670     EVP_DigestUpdate(md, &c, 1);
671     EVP_DigestUpdate(md, session_id, session_id_len);
672     EVP_DigestFinal(md, digest, NULL);
673 maya 4304
674     /*
675     * expand key:
676     * Kn = HASH(K || H || K1 || K2 || ... || Kn-1)
677     * Key = K1 || K2 || ... || Kn
678     */
679     for (have = mdsz; need > have; have += mdsz) {
680 yutakapon 8316 EVP_DigestInit(md, evp_md);
681     EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
682     EVP_DigestUpdate(md, hash, mdsz);
683     EVP_DigestUpdate(md, digest, have);
684     EVP_DigestFinal(md, digest + have, NULL);
685 maya 4304 }
686     buffer_free(b);
687    
688     skip:;
689 yutakapon 8316 if (md)
690     EVP_MD_CTX_free(md);
691    
692 maya 4304 return digest;
693     }
694    
695 doda 10071 /*
696     * �����������������e���������� newkeys ���Z�b�g���������B
697     */
698     void kex_derive_keys(PTInstVar pvar, SSHKeys *newkeys, int need, u_char *hash, BIGNUM *shared_secret,
699 maya 4304 char *session_id, int session_id_len)
700     {
701     #define NKEYS 6
702     u_char *keys[NKEYS];
703     int i, mode, ctos;
704    
705     for (i = 0; i < NKEYS; i++) {
706 maya 4305 keys[i] = derive_key('A'+i, need, hash, shared_secret, session_id, session_id_len,
707 maya 4378 get_kex_algorithm_EVP_MD(pvar->kex_type));
708 maya 4304 //debug_print(i, keys[i], need);
709     }
710    
711     for (mode = 0; mode < MODE_MAX; mode++) {
712     if (mode == MODE_OUT)
713     ctos = 1;
714     else
715     ctos = 0;
716    
717     // setting
718 doda 10071 newkeys[mode].enc.iv = keys[ctos ? 0 : 1];
719     newkeys[mode].enc.key = keys[ctos ? 2 : 3];
720     newkeys[mode].mac.key = keys[ctos ? 4 : 5];
721 maya 4304
722 doda 10071 //debug_print(20 + mode*3, newkeys[mode]->enc.iv, 8);
723     //debug_print(21 + mode*3, newkeys[mode]->enc.key, 24);
724     //debug_print(22 + mode*3, newkeys[mode]->mac.key, 24);
725 maya 4304 }
726     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help