~ubuntu-branches/ubuntu/quantal/libssh/quantal-updates : contents of libssh/crypt.c at revision 15

~ubuntu-branches/ubuntu/quantal/libssh/quantal-updates : (revision 15)

/*
 * crypt.c - blowfish-cbc code
 *
 * This file is part of the SSH Library
 *
 * Copyright (c) 2003 by Aris Adamantiadis
 *
 * The SSH Library is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation; either version 2.1 of the License, or (at your
 * option) any later version.
 *
 * The SSH Library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
 * License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with the SSH Library; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
 * MA 02111-1307, USA.
 */

#include "config.h"
#include <stdlib.h>
#include <stdio.h>
#include <string.h>

#ifndef _WIN32
#include <arpa/inet.h>
#endif

#ifdef OPENSSL_CRYPTO
#include <openssl/blowfish.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#endif

#include "libssh/priv.h"
#include "libssh/session.h"
#include "libssh/wrapper.h"
#include "libssh/crypto.h"
uint32_t packet_decrypt_len(ssh_session session, char *crypted){
  uint32_t decrypted;

  if (session->current_crypto) {
    if (packet_decrypt(session, crypted,
          session->current_crypto->in_cipher->blocksize) < 0) {
      return 0;
    }
  }

  memcpy(&decrypted,crypted,sizeof(decrypted));
  ssh_log(session, SSH_LOG_PACKET,
      "Packet size decrypted: %lu (0x%lx)",
      (long unsigned int) ntohl(decrypted),
      (long unsigned int) ntohl(decrypted));
  return ntohl(decrypted);
}

int packet_decrypt(ssh_session session, void *data,uint32_t len) {
  struct crypto_struct *crypto = session->current_crypto->in_cipher;
  char *out = NULL;
  if(len % session->current_crypto->in_cipher->blocksize != 0){
    ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len);
    return SSH_ERROR;
  }
  out = malloc(len);
  if (out == NULL) {
    return -1;
  }

  ssh_log(session,SSH_LOG_PACKET, "Decrypting %d bytes", len);

#ifdef HAVE_LIBGCRYPT
  if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey,
        session->current_crypto->decryptIV) < 0) {
    SAFE_FREE(out);
    return -1;
  }
  crypto->cbc_decrypt(crypto,data,out,len);
#elif defined HAVE_LIBCRYPTO
  if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey) < 0) {
    SAFE_FREE(out);
    return -1;
  }
  crypto->cbc_decrypt(crypto,data,out,len,session->current_crypto->decryptIV);
#endif

  memcpy(data,out,len);
  memset(out,0,len);

  SAFE_FREE(out);
  return 0;
}

unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
  struct crypto_struct *crypto = NULL;
  HMACCTX ctx = NULL;
  char *out = NULL;
  unsigned int finallen;
  uint32_t seq;

  if (!session->current_crypto) {
    return NULL; /* nothing to do here */
  }
  if(len % session->current_crypto->in_cipher->blocksize != 0){
      ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len);
      return NULL;
  }
  out = malloc(len);
  if (out == NULL) {
    return NULL;
  }

  seq = ntohl(session->send_seq);
  crypto = session->current_crypto->out_cipher;

  ssh_log(session, SSH_LOG_PACKET, 
      "Encrypting packet with seq num: %d, len: %d",
      session->send_seq,len);

#ifdef HAVE_LIBGCRYPT
  if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey,
      session->current_crypto->encryptIV) < 0) {
    SAFE_FREE(out);
    return NULL;
  }
#elif defined HAVE_LIBCRYPTO
  if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey) < 0) {
    SAFE_FREE(out);
    return NULL;
  }
#endif

  if (session->version == 2) {
    ctx = hmac_init(session->current_crypto->encryptMAC,20,HMAC_SHA1);
    if (ctx == NULL) {
      SAFE_FREE(out);
      return NULL;
    }
    hmac_update(ctx,(unsigned char *)&seq,sizeof(uint32_t));
    hmac_update(ctx,data,len);
    hmac_final(ctx,session->current_crypto->hmacbuf,&finallen);
#ifdef DEBUG_CRYPTO
    ssh_print_hexa("mac: ",data,len);
    if (finallen != 20) {
      printf("Final len is %d\n",finallen);
    }
    ssh_print_hexa("Packet hmac", session->current_crypto->hmacbuf, 20);
#endif
  }

#ifdef HAVE_LIBGCRYPT
  crypto->cbc_encrypt(crypto, data, out, len);
#elif defined HAVE_LIBCRYPTO
  crypto->cbc_encrypt(crypto, data, out, len,
      session->current_crypto->encryptIV);
#endif

  memcpy(data, out, len);
  memset(out, 0, len);
  SAFE_FREE(out);

  if (session->version == 2) {
    return session->current_crypto->hmacbuf;
  }

  return NULL;
}

/**
 * @internal
 *
 * @brief Verify the hmac of a packet
 *
 * @param  session      The session to use.
 * @param  buffer       The buffer to verify the hmac from.
 * @param  mac          The mac to compare with the hmac.
 *
 * @return              0 if hmac and mac are equal, < 0 if not or an error
 *                      occured.
 */
int packet_hmac_verify(ssh_session session, ssh_buffer buffer,
    unsigned char *mac) {
  unsigned char hmacbuf[EVP_MAX_MD_SIZE] = {0};
  HMACCTX ctx;
  unsigned int len;
  uint32_t seq;

  ctx = hmac_init(session->current_crypto->decryptMAC, 20, HMAC_SHA1);
  if (ctx == NULL) {
    return -1;
  }

  seq = htonl(session->recv_seq);

  hmac_update(ctx, (unsigned char *) &seq, sizeof(uint32_t));
  hmac_update(ctx, buffer_get(buffer), buffer_get_len(buffer));
  hmac_final(ctx, hmacbuf, &len);

#ifdef DEBUG_CRYPTO
  ssh_print_hexa("received mac",mac,len);
  ssh_print_hexa("Computed mac",hmacbuf,len);
  ssh_print_hexa("seq",(unsigned char *)&seq,sizeof(uint32_t));
#endif
  if (memcmp(mac, hmacbuf, len) == 0) {
    return 0;
  }

  return -1;
}

/* vim: set ts=2 sw=2 et cindent: */

1 by Laurent Bigonville Import upstream version 0.2	1	/*
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	2	* crypt.c - blowfish-cbc code
	3	*
	4	* This file is part of the SSH Library
	5	*
	6	* Copyright (c) 2003 by Aris Adamantiadis
	7	*
	8	* The SSH Library is free software; you can redistribute it and/or modify
	9	* it under the terms of the GNU Lesser General Public License as published by
	10	* the Free Software Foundation; either version 2.1 of the License, or (at your
	11	* option) any later version.
	12	*
	13	* The SSH Library is distributed in the hope that it will be useful, but
	14	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	15	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
	16	* License for more details.
	17	*
	18	* You should have received a copy of the GNU Lesser General Public License
	19	* along with the SSH Library; see the file COPYING. If not, write to
	20	* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
	21	* MA 02111-1307, USA.
	22	*/
1 by Laurent Bigonville Import upstream version 0.2	23
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	24	#include "config.h"
1 by Laurent Bigonville Import upstream version 0.2	25	#include <stdlib.h>
	26	#include <stdio.h>
	27	#include <string.h>
	28
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	29	#ifndef _WIN32
	30	#include <arpa/inet.h>
	31	#endif
	32
1 by Laurent Bigonville Import upstream version 0.2	33	#ifdef OPENSSL_CRYPTO
	34	#include <openssl/blowfish.h>
	35	#include <openssl/evp.h>
	36	#include <openssl/hmac.h>
	37	#endif
	38
	39	#include "libssh/priv.h"
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	40	#include "libssh/session.h"
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	41	#include "libssh/wrapper.h"
1 by Laurent Bigonville Import upstream version 0.2	42	#include "libssh/crypto.h"
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	43	uint32_t packet_decrypt_len(ssh_session session, char *crypted){
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	44	uint32_t decrypted;
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	45
	46	if (session->current_crypto) {
	47	if (packet_decrypt(session, crypted,
	48	session->current_crypto->in_cipher->blocksize) < 0) {
	49	return 0;
	50	}
	51	}
	52
	53	memcpy(&decrypted,crypted,sizeof(decrypted));
	54	ssh_log(session, SSH_LOG_PACKET,
	55	"Packet size decrypted: %lu (0x%lx)",
	56	(long unsigned int) ntohl(decrypted),
	57	(long unsigned int) ntohl(decrypted));
	58	return ntohl(decrypted);
	59	}
	60
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	61	int packet_decrypt(ssh_session session, void *data,uint32_t len) {
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	62	struct crypto_struct *crypto = session->current_crypto->in_cipher;
	63	char *out = NULL;
	64	if(len % session->current_crypto->in_cipher->blocksize != 0){
	65	ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len);
	66	return SSH_ERROR;
	67	}
	68	out = malloc(len);
	69	if (out == NULL) {
	70	return -1;
	71	}
	72
	73	ssh_log(session,SSH_LOG_PACKET, "Decrypting %d bytes", len);
	74
	75	#ifdef HAVE_LIBGCRYPT
	76	if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey,
	77	session->current_crypto->decryptIV) < 0) {
	78	SAFE_FREE(out);
	79	return -1;
	80	}
	81	crypto->cbc_decrypt(crypto,data,out,len);
	82	#elif defined HAVE_LIBCRYPTO
	83	if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey) < 0) {
	84	SAFE_FREE(out);
	85	return -1;
	86	}
	87	crypto->cbc_decrypt(crypto,data,out,len,session->current_crypto->decryptIV);
	88	#endif
	89
	90	memcpy(data,out,len);
	91	memset(out,0,len);
	92
	93	SAFE_FREE(out);
	94	return 0;
	95	}
	96
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	97	unsigned char packet_encrypt(ssh_session session, void data, uint32_t len) {
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	98	struct crypto_struct *crypto = NULL;
	99	HMACCTX ctx = NULL;
	100	char *out = NULL;
	101	unsigned int finallen;
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	102	uint32_t seq;
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	103
	104	if (!session->current_crypto) {
	105	return NULL; /* nothing to do here */
	106	}
	107	if(len % session->current_crypto->in_cipher->blocksize != 0){
	108	ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len);
	109	return NULL;
	110	}
	111	out = malloc(len);
	112	if (out == NULL) {
	113	return NULL;
	114	}
	115
	116	seq = ntohl(session->send_seq);
	117	crypto = session->current_crypto->out_cipher;
	118
	119	ssh_log(session, SSH_LOG_PACKET,
	120	"Encrypting packet with seq num: %d, len: %d",
	121	session->send_seq,len);
	122
	123	#ifdef HAVE_LIBGCRYPT
	124	if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey,
	125	session->current_crypto->encryptIV) < 0) {
	126	SAFE_FREE(out);
	127	return NULL;
	128	}
	129	#elif defined HAVE_LIBCRYPTO
	130	if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey) < 0) {
	131	SAFE_FREE(out);
	132	return NULL;
	133	}
	134	#endif
	135
	136	if (session->version == 2) {
	137	ctx = hmac_init(session->current_crypto->encryptMAC,20,HMAC_SHA1);
	138	if (ctx == NULL) {
	139	SAFE_FREE(out);
	140	return NULL;
	141	}
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	142	hmac_update(ctx,(unsigned char *)&seq,sizeof(uint32_t));
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	143	hmac_update(ctx,data,len);
	144	hmac_final(ctx,session->current_crypto->hmacbuf,&finallen);
	145	#ifdef DEBUG_CRYPTO
	146	ssh_print_hexa("mac: ",data,len);
	147	if (finallen != 20) {
	148	printf("Final len is %d\n",finallen);
	149	}
	150	ssh_print_hexa("Packet hmac", session->current_crypto->hmacbuf, 20);
	151	#endif
	152	}
	153
	154	#ifdef HAVE_LIBGCRYPT
	155	crypto->cbc_encrypt(crypto, data, out, len);
	156	#elif defined HAVE_LIBCRYPTO
	157	crypto->cbc_encrypt(crypto, data, out, len,
	158	session->current_crypto->encryptIV);
	159	#endif
	160
	161	memcpy(data, out, len);
	162	memset(out, 0, len);
	163	SAFE_FREE(out);
	164
	165	if (session->version == 2) {
	166	return session->current_crypto->hmacbuf;
	167	}
	168
	169	return NULL;
	170	}
	171
	172	/**
	173	* @internal
	174	*
	175	* @brief Verify the hmac of a packet
	176	*
	177	* @param session The session to use.
	178	* @param buffer The buffer to verify the hmac from.
	179	* @param mac The mac to compare with the hmac.
	180	*
	181	* @return 0 if hmac and mac are equal, < 0 if not or an error
	182	* occured.
	183	*/
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	184	int packet_hmac_verify(ssh_session session, ssh_buffer buffer,
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	185	unsigned char *mac) {
	186	unsigned char hmacbuf[EVP_MAX_MD_SIZE] = {0};
	187	HMACCTX ctx;
	188	unsigned int len;
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	189	uint32_t seq;
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	190
	191	ctx = hmac_init(session->current_crypto->decryptMAC, 20, HMAC_SHA1);
	192	if (ctx == NULL) {
	193	return -1;
	194	}
	195
	196	seq = htonl(session->recv_seq);
	197
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	198	hmac_update(ctx, (unsigned char *) &seq, sizeof(uint32_t));
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	199	hmac_update(ctx, buffer_get(buffer), buffer_get_len(buffer));
	200	hmac_final(ctx, hmacbuf, &len);
	201
	202	#ifdef DEBUG_CRYPTO
	203	ssh_print_hexa("received mac",mac,len);
	204	ssh_print_hexa("Computed mac",hmacbuf,len);
1.1.3 by Jonathan Thomas Import upstream version 0.3.92	205	ssh_print_hexa("seq",(unsigned char *)&seq,sizeof(uint32_t));
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	206	#endif
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	207	if (memcmp(mac, hmacbuf, len) == 0) {
1 by Laurent Bigonville Import upstream version 0.2	208	return 0;
1.1.2 by Jonathan Riddell Import upstream version 0.3.4	209	}
	210
	211	return -1;
	212	}
	213
	214	/* vim: set ts=2 sw=2 et cindent: */