2005-07-05 05:21:44 +04:00
|
|
|
/*
|
2009-03-30 00:19:18 +04:00
|
|
|
* crypt.c - blowfish-cbc code
|
|
|
|
|
*
|
|
|
|
|
* This file is part of the SSH Library
|
|
|
|
|
*
|
|
|
|
|
* Copyright (c) 2003 by Aris Adamantiadis
|
|
|
|
|
*
|
|
|
|
|
* The SSH Library is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU Lesser General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2.1 of the License, or (at your
|
|
|
|
|
* option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* The SSH Library is distributed in the hope that it will be useful, but
|
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
|
|
|
|
|
* License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public License
|
|
|
|
|
* along with the SSH Library; see the file COPYING. If not, write to
|
|
|
|
|
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
|
|
|
|
|
* MA 02111-1307, USA.
|
|
|
|
|
*/
|
2005-07-05 05:21:44 +04:00
|
|
|
|
2009-09-26 02:29:53 +04:00
|
|
|
#include "config.h"
|
2005-07-05 05:21:44 +04:00
|
|
|
#include <stdlib.h>
|
2005-10-05 02:11:19 +04:00
|
|
|
#include <stdio.h>
|
2005-07-05 05:21:44 +04:00
|
|
|
#include <string.h>
|
|
|
|
|
|
2009-06-09 16:03:00 +04:00
|
|
|
#ifndef _WIN32
|
|
|
|
|
#include <arpa/inet.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2005-10-05 02:11:19 +04:00
|
|
|
#ifdef OPENSSL_CRYPTO
|
2005-07-05 05:21:44 +04:00
|
|
|
#include <openssl/blowfish.h>
|
|
|
|
|
#include <openssl/evp.h>
|
|
|
|
|
#include <openssl/hmac.h>
|
2005-10-05 02:11:19 +04:00
|
|
|
#endif
|
2005-07-05 05:21:44 +04:00
|
|
|
|
|
|
|
|
#include "libssh/priv.h"
|
2009-09-24 01:51:04 +04:00
|
|
|
#include "libssh/session.h"
|
2009-09-26 02:29:53 +04:00
|
|
|
#include "libssh/wrapper.h"
|
2009-11-03 23:03:22 +03:00
|
|
|
#include "libssh/crypto.h"
|
2010-05-14 02:51:08 +04:00
|
|
|
#include "libssh/buffer.h"
|
|
|
|
|
|
2009-09-23 23:55:54 +04:00
|
|
|
uint32_t packet_decrypt_len(ssh_session session, char *crypted){
|
2009-07-26 01:19:41 +04:00
|
|
|
uint32_t decrypted;
|
2009-04-15 11:56:57 +04:00
|
|
|
|
|
|
|
|
if (session->current_crypto) {
|
|
|
|
|
if (packet_decrypt(session, crypted,
|
|
|
|
|
session->current_crypto->in_cipher->blocksize) < 0) {
|
|
|
|
|
return 0;
|
2009-04-01 14:23:52 +04:00
|
|
|
}
|
2009-04-15 11:56:57 +04:00
|
|
|
}
|
|
|
|
|
memcpy(&decrypted,crypted,sizeof(decrypted));
|
|
|
|
|
return ntohl(decrypted);
|
2005-07-05 05:21:44 +04:00
|
|
|
}
|
2009-04-15 11:56:57 +04:00
|
|
|
|
2009-09-23 23:55:54 +04:00
|
|
|
int packet_decrypt(ssh_session session, void *data,uint32_t len) {
|
2011-09-17 02:20:45 +04:00
|
|
|
struct ssh_cipher_struct *crypto = session->current_crypto->in_cipher;
|
2009-04-15 11:59:07 +04:00
|
|
|
char *out = NULL;
|
2009-09-14 00:07:01 +04:00
|
|
|
if(len % session->current_crypto->in_cipher->blocksize != 0){
|
|
|
|
|
ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len);
|
|
|
|
|
return SSH_ERROR;
|
|
|
|
|
}
|
2009-04-15 11:59:07 +04:00
|
|
|
out = malloc(len);
|
|
|
|
|
if (out == NULL) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2009-04-17 16:52:27 +04:00
|
|
|
if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey,
|
|
|
|
|
session->current_crypto->decryptIV) < 0) {
|
|
|
|
|
SAFE_FREE(out);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2009-04-15 11:59:07 +04:00
|
|
|
crypto->cbc_decrypt(crypto,data,out,len);
|
|
|
|
|
|
|
|
|
|
memcpy(data,out,len);
|
|
|
|
|
memset(out,0,len);
|
|
|
|
|
|
|
|
|
|
SAFE_FREE(out);
|
|
|
|
|
return 0;
|
2005-07-05 05:21:44 +04:00
|
|
|
}
|
2009-04-15 11:59:07 +04:00
|
|
|
|
2009-09-23 23:55:54 +04:00
|
|
|
unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
|
2011-09-17 02:20:45 +04:00
|
|
|
struct ssh_cipher_struct *crypto = NULL;
|
2009-04-15 12:04:33 +04:00
|
|
|
HMACCTX ctx = NULL;
|
|
|
|
|
char *out = NULL;
|
|
|
|
|
unsigned int finallen;
|
2009-07-26 01:19:41 +04:00
|
|
|
uint32_t seq;
|
2009-04-15 12:04:33 +04:00
|
|
|
|
|
|
|
|
if (!session->current_crypto) {
|
|
|
|
|
return NULL; /* nothing to do here */
|
|
|
|
|
}
|
2009-09-14 00:07:01 +04:00
|
|
|
if(len % session->current_crypto->in_cipher->blocksize != 0){
|
|
|
|
|
ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on at least one blocksize (received %d)",len);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2009-04-15 12:04:33 +04:00
|
|
|
out = malloc(len);
|
|
|
|
|
if (out == NULL) {
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
seq = ntohl(session->send_seq);
|
|
|
|
|
crypto = session->current_crypto->out_cipher;
|
|
|
|
|
|
2009-04-17 16:52:27 +04:00
|
|
|
if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey,
|
|
|
|
|
session->current_crypto->encryptIV) < 0) {
|
|
|
|
|
SAFE_FREE(out);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2009-04-15 12:04:33 +04:00
|
|
|
|
|
|
|
|
if (session->version == 2) {
|
2011-06-13 15:46:34 +04:00
|
|
|
ctx = hmac_init(session->current_crypto->encryptMAC,20,SSH_HMAC_SHA1);
|
2009-04-15 12:04:33 +04:00
|
|
|
if (ctx == NULL) {
|
|
|
|
|
SAFE_FREE(out);
|
2009-04-02 01:30:53 +04:00
|
|
|
return NULL;
|
|
|
|
|
}
|
2009-07-26 01:19:41 +04:00
|
|
|
hmac_update(ctx,(unsigned char *)&seq,sizeof(uint32_t));
|
2009-04-15 12:04:33 +04:00
|
|
|
hmac_update(ctx,data,len);
|
|
|
|
|
hmac_final(ctx,session->current_crypto->hmacbuf,&finallen);
|
2005-07-05 05:21:44 +04:00
|
|
|
#ifdef DEBUG_CRYPTO
|
2009-04-15 12:04:33 +04:00
|
|
|
ssh_print_hexa("mac: ",data,len);
|
|
|
|
|
if (finallen != 20) {
|
|
|
|
|
printf("Final len is %d\n",finallen);
|
2005-07-05 05:21:44 +04:00
|
|
|
}
|
2009-04-15 12:04:33 +04:00
|
|
|
ssh_print_hexa("Packet hmac", session->current_crypto->hmacbuf, 20);
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
crypto->cbc_encrypt(crypto, data, out, len);
|
|
|
|
|
|
|
|
|
|
memcpy(data, out, len);
|
|
|
|
|
memset(out, 0, len);
|
|
|
|
|
SAFE_FREE(out);
|
|
|
|
|
|
|
|
|
|
if (session->version == 2) {
|
|
|
|
|
return session->current_crypto->hmacbuf;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NULL;
|
2005-07-05 05:21:44 +04:00
|
|
|
}
|
|
|
|
|
|
2009-04-15 12:11:33 +04:00
|
|
|
/**
|
|
|
|
|
* @internal
|
|
|
|
|
*
|
|
|
|
|
* @brief Verify the hmac of a packet
|
|
|
|
|
*
|
|
|
|
|
* @param session The session to use.
|
|
|
|
|
* @param buffer The buffer to verify the hmac from.
|
|
|
|
|
* @param mac The mac to compare with the hmac.
|
|
|
|
|
*
|
|
|
|
|
* @return 0 if hmac and mac are equal, < 0 if not or an error
|
2010-01-06 23:12:00 +03:00
|
|
|
* occurred.
|
2009-04-15 12:11:33 +04:00
|
|
|
*/
|
2009-09-23 23:55:54 +04:00
|
|
|
int packet_hmac_verify(ssh_session session, ssh_buffer buffer,
|
2009-04-15 12:11:33 +04:00
|
|
|
unsigned char *mac) {
|
|
|
|
|
unsigned char hmacbuf[EVP_MAX_MD_SIZE] = {0};
|
|
|
|
|
HMACCTX ctx;
|
|
|
|
|
unsigned int len;
|
2009-07-26 01:19:41 +04:00
|
|
|
uint32_t seq;
|
2009-04-15 12:11:33 +04:00
|
|
|
|
2011-06-13 15:46:34 +04:00
|
|
|
ctx = hmac_init(session->current_crypto->decryptMAC, 20, SSH_HMAC_SHA1);
|
2009-04-15 12:11:33 +04:00
|
|
|
if (ctx == NULL) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
seq = htonl(session->recv_seq);
|
|
|
|
|
|
2009-07-26 01:19:41 +04:00
|
|
|
hmac_update(ctx, (unsigned char *) &seq, sizeof(uint32_t));
|
2010-10-03 14:07:00 +04:00
|
|
|
hmac_update(ctx, buffer_get_rest(buffer), buffer_get_rest_len(buffer));
|
2009-04-15 12:11:33 +04:00
|
|
|
hmac_final(ctx, hmacbuf, &len);
|
|
|
|
|
|
2005-07-05 05:21:44 +04:00
|
|
|
#ifdef DEBUG_CRYPTO
|
2009-04-15 12:11:33 +04:00
|
|
|
ssh_print_hexa("received mac",mac,len);
|
|
|
|
|
ssh_print_hexa("Computed mac",hmacbuf,len);
|
2009-07-28 01:14:04 +04:00
|
|
|
ssh_print_hexa("seq",(unsigned char *)&seq,sizeof(uint32_t));
|
2005-07-05 05:21:44 +04:00
|
|
|
#endif
|
2009-04-15 12:11:33 +04:00
|
|
|
if (memcmp(mac, hmacbuf, len) == 0) {
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-04-15 12:13:10 +04:00
|
|
|
return -1;
|
2005-07-05 05:21:44 +04:00
|
|
|
}
|
2009-04-15 12:11:33 +04:00
|
|
|
|
2009-05-12 21:49:23 +04:00
|
|
|
/* vim: set ts=2 sw=2 et cindent: */
|
