1
by Laurent Bigonville
Import upstream version 0.2 |
1 |
/*
|
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
2 |
* crypt.c - blowfish-cbc code
|
3 |
*
|
|
4 |
* This file is part of the SSH Library
|
|
5 |
*
|
|
6 |
* Copyright (c) 2003 by Aris Adamantiadis
|
|
7 |
*
|
|
8 |
* The SSH Library is free software; you can redistribute it and/or modify
|
|
9 |
* it under the terms of the GNU Lesser General Public License as published by
|
|
10 |
* the Free Software Foundation; either version 2.1 of the License, or (at your
|
|
11 |
* option) any later version.
|
|
12 |
*
|
|
13 |
* The SSH Library is distributed in the hope that it will be useful, but
|
|
14 |
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
15 |
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
|
|
16 |
* License for more details.
|
|
17 |
*
|
|
18 |
* You should have received a copy of the GNU Lesser General Public License
|
|
19 |
* along with the SSH Library; see the file COPYING. If not, write to
|
|
20 |
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
|
|
21 |
* MA 02111-1307, USA.
|
|
22 |
*/
|
|
1
by Laurent Bigonville
Import upstream version 0.2 |
23 |
|
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
24 |
#include "config.h" |
1
by Laurent Bigonville
Import upstream version 0.2 |
25 |
#include <stdlib.h> |
26 |
#include <stdio.h> |
|
27 |
#include <string.h> |
|
28 |
||
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
29 |
#ifndef _WIN32
|
30 |
#include <arpa/inet.h> |
|
31 |
#endif
|
|
32 |
||
1
by Laurent Bigonville
Import upstream version 0.2 |
33 |
#ifdef OPENSSL_CRYPTO
|
34 |
#include <openssl/blowfish.h> |
|
35 |
#include <openssl/evp.h> |
|
36 |
#include <openssl/hmac.h> |
|
37 |
#endif
|
|
38 |
||
39 |
#include "libssh/priv.h" |
|
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
40 |
#include "libssh/session.h" |
41 |
#include "libssh/wrapper.h" |
|
1
by Laurent Bigonville
Import upstream version 0.2 |
42 |
#include "libssh/crypto.h" |
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
43 |
uint32_t packet_decrypt_len(ssh_session session, char *crypted){ |
44 |
uint32_t decrypted; |
|
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
45 |
|
46 |
if (session->current_crypto) { |
|
47 |
if (packet_decrypt(session, crypted, |
|
48 |
session->current_crypto->in_cipher->blocksize) < 0) { |
|
49 |
return 0; |
|
50 |
}
|
|
51 |
}
|
|
52 |
||
53 |
memcpy(&decrypted,crypted,sizeof(decrypted)); |
|
54 |
ssh_log(session, SSH_LOG_PACKET, |
|
55 |
"Packet size decrypted: %lu (0x%lx)", |
|
56 |
(long unsigned int) ntohl(decrypted), |
|
57 |
(long unsigned int) ntohl(decrypted)); |
|
58 |
return ntohl(decrypted); |
|
59 |
}
|
|
60 |
||
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
61 |
int packet_decrypt(ssh_session session, void *data,uint32_t len) { |
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
62 |
struct crypto_struct *crypto = session->current_crypto->in_cipher; |
63 |
char *out = NULL; |
|
64 |
if(len % session->current_crypto->in_cipher->blocksize != 0){ |
|
65 |
ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len); |
|
66 |
return SSH_ERROR; |
|
67 |
}
|
|
68 |
out = malloc(len); |
|
69 |
if (out == NULL) { |
|
70 |
return -1; |
|
71 |
}
|
|
72 |
||
73 |
ssh_log(session,SSH_LOG_PACKET, "Decrypting %d bytes", len); |
|
74 |
||
75 |
#ifdef HAVE_LIBGCRYPT
|
|
76 |
if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey, |
|
77 |
session->current_crypto->decryptIV) < 0) { |
|
78 |
SAFE_FREE(out); |
|
79 |
return -1; |
|
80 |
}
|
|
81 |
crypto->cbc_decrypt(crypto,data,out,len); |
|
82 |
#elif defined HAVE_LIBCRYPTO
|
|
83 |
if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey) < 0) { |
|
84 |
SAFE_FREE(out); |
|
85 |
return -1; |
|
86 |
}
|
|
87 |
crypto->cbc_decrypt(crypto,data,out,len,session->current_crypto->decryptIV); |
|
88 |
#endif
|
|
89 |
||
90 |
memcpy(data,out,len); |
|
91 |
memset(out,0,len); |
|
92 |
||
93 |
SAFE_FREE(out); |
|
94 |
return 0; |
|
95 |
}
|
|
96 |
||
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
97 |
unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) { |
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
98 |
struct crypto_struct *crypto = NULL; |
99 |
HMACCTX ctx = NULL; |
|
100 |
char *out = NULL; |
|
101 |
unsigned int finallen; |
|
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
102 |
uint32_t seq; |
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
103 |
|
104 |
if (!session->current_crypto) { |
|
105 |
return NULL; /* nothing to do here */ |
|
106 |
}
|
|
107 |
if(len % session->current_crypto->in_cipher->blocksize != 0){ |
|
108 |
ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len); |
|
109 |
return NULL; |
|
110 |
}
|
|
111 |
out = malloc(len); |
|
112 |
if (out == NULL) { |
|
113 |
return NULL; |
|
114 |
}
|
|
115 |
||
116 |
seq = ntohl(session->send_seq); |
|
117 |
crypto = session->current_crypto->out_cipher; |
|
118 |
||
119 |
ssh_log(session, SSH_LOG_PACKET, |
|
120 |
"Encrypting packet with seq num: %d, len: %d", |
|
121 |
session->send_seq,len); |
|
122 |
||
123 |
#ifdef HAVE_LIBGCRYPT
|
|
124 |
if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey, |
|
125 |
session->current_crypto->encryptIV) < 0) { |
|
126 |
SAFE_FREE(out); |
|
127 |
return NULL; |
|
128 |
}
|
|
129 |
#elif defined HAVE_LIBCRYPTO
|
|
130 |
if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey) < 0) { |
|
131 |
SAFE_FREE(out); |
|
132 |
return NULL; |
|
133 |
}
|
|
134 |
#endif
|
|
135 |
||
136 |
if (session->version == 2) { |
|
137 |
ctx = hmac_init(session->current_crypto->encryptMAC,20,HMAC_SHA1); |
|
138 |
if (ctx == NULL) { |
|
139 |
SAFE_FREE(out); |
|
140 |
return NULL; |
|
141 |
}
|
|
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
142 |
hmac_update(ctx,(unsigned char *)&seq,sizeof(uint32_t)); |
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
143 |
hmac_update(ctx,data,len); |
144 |
hmac_final(ctx,session->current_crypto->hmacbuf,&finallen); |
|
145 |
#ifdef DEBUG_CRYPTO
|
|
146 |
ssh_print_hexa("mac: ",data,len); |
|
147 |
if (finallen != 20) { |
|
148 |
printf("Final len is %d\n",finallen); |
|
149 |
}
|
|
150 |
ssh_print_hexa("Packet hmac", session->current_crypto->hmacbuf, 20); |
|
151 |
#endif
|
|
152 |
}
|
|
153 |
||
154 |
#ifdef HAVE_LIBGCRYPT
|
|
155 |
crypto->cbc_encrypt(crypto, data, out, len); |
|
156 |
#elif defined HAVE_LIBCRYPTO
|
|
157 |
crypto->cbc_encrypt(crypto, data, out, len, |
|
158 |
session->current_crypto->encryptIV); |
|
159 |
#endif
|
|
160 |
||
161 |
memcpy(data, out, len); |
|
162 |
memset(out, 0, len); |
|
163 |
SAFE_FREE(out); |
|
164 |
||
165 |
if (session->version == 2) { |
|
166 |
return session->current_crypto->hmacbuf; |
|
167 |
}
|
|
168 |
||
169 |
return NULL; |
|
170 |
}
|
|
171 |
||
172 |
/**
|
|
173 |
* @internal
|
|
174 |
*
|
|
175 |
* @brief Verify the hmac of a packet
|
|
176 |
*
|
|
177 |
* @param session The session to use.
|
|
178 |
* @param buffer The buffer to verify the hmac from.
|
|
179 |
* @param mac The mac to compare with the hmac.
|
|
180 |
*
|
|
181 |
* @return 0 if hmac and mac are equal, < 0 if not or an error
|
|
182 |
* occured.
|
|
183 |
*/
|
|
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
184 |
int packet_hmac_verify(ssh_session session, ssh_buffer buffer, |
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
185 |
unsigned char *mac) { |
186 |
unsigned char hmacbuf[EVP_MAX_MD_SIZE] = {0}; |
|
187 |
HMACCTX ctx; |
|
188 |
unsigned int len; |
|
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
189 |
uint32_t seq; |
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
190 |
|
191 |
ctx = hmac_init(session->current_crypto->decryptMAC, 20, HMAC_SHA1); |
|
192 |
if (ctx == NULL) { |
|
193 |
return -1; |
|
194 |
}
|
|
195 |
||
196 |
seq = htonl(session->recv_seq); |
|
197 |
||
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
198 |
hmac_update(ctx, (unsigned char *) &seq, sizeof(uint32_t)); |
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
199 |
hmac_update(ctx, buffer_get(buffer), buffer_get_len(buffer)); |
200 |
hmac_final(ctx, hmacbuf, &len); |
|
201 |
||
202 |
#ifdef DEBUG_CRYPTO
|
|
203 |
ssh_print_hexa("received mac",mac,len); |
|
204 |
ssh_print_hexa("Computed mac",hmacbuf,len); |
|
1.1.3
by Jonathan Thomas
Import upstream version 0.3.92 |
205 |
ssh_print_hexa("seq",(unsigned char *)&seq,sizeof(uint32_t)); |
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
206 |
#endif
|
207 |
if (memcmp(mac, hmacbuf, len) == 0) { |
|
1
by Laurent Bigonville
Import upstream version 0.2 |
208 |
return 0; |
1.1.2
by Jonathan Riddell
Import upstream version 0.3.4 |
209 |
}
|
210 |
||
211 |
return -1; |
|
212 |
}
|
|
213 |
||
214 |
/* vim: set ts=2 sw=2 et cindent: */
|