const static struct ssh_signkey *hostkey_algs[] = { &ssh_rsa, &ssh_dss };
-static void nullmac_key(unsigned char *key)
+static void *nullmac_make_context(void)
+{
+ return NULL;
+}
+static void nullmac_free_context(void *handle)
+{
+}
+static void nullmac_key(void *handle, unsigned char *key)
{
}
-static void nullmac_generate(unsigned char *blk, int len,
+static void nullmac_generate(void *handle, unsigned char *blk, int len,
unsigned long seq)
{
}
-static int nullmac_verify(unsigned char *blk, int len, unsigned long seq)
+static int nullmac_verify(void *handle, unsigned char *blk, int len,
+ unsigned long seq)
{
return 1;
}
const static struct ssh_mac ssh_mac_none = {
- nullmac_key, nullmac_key, nullmac_generate, nullmac_verify, "none", 0
+ nullmac_make_context, nullmac_free_context, nullmac_key,
+ nullmac_generate, nullmac_verify, "none", 0
};
const static struct ssh_mac *macs[] = {
&ssh_sha1, &ssh_md5, &ssh_mac_none
int X11_fwd_enabled;
int remote_bugs;
const struct ssh_cipher *cipher;
+ void *v1_cipher_ctx;
+ void *crcda_ctx;
const struct ssh2_cipher *cscipher, *sccipher;
+ void *cs_cipher_ctx, *sc_cipher_ctx;
const struct ssh_mac *csmac, *scmac;
+ void *cs_mac_ctx, *sc_mac_ctx;
const struct ssh_compress *cscomp, *sccomp;
const struct ssh_kex *kex;
const struct ssh_signkey *hostkey;
st->to_read -= st->chunk;
}
- if (ssh->cipher && detect_attack(ssh->pktin.data, st->biglen, NULL)) {
+ if (ssh->cipher && detect_attack(ssh->crcda_ctx, ssh->pktin.data,
+ st->biglen, NULL)) {
bombout(("Network attack (CRC compensation) detected!"));
crReturn(0);
}
if (ssh->cipher)
- ssh->cipher->decrypt(ssh->pktin.data, st->biglen);
+ ssh->cipher->decrypt(ssh->v1_cipher_ctx, ssh->pktin.data, st->biglen);
st->realcrc = crc32(ssh->pktin.data, st->biglen - 4);
st->gotcrc = GET_32BIT(ssh->pktin.data + st->biglen - 4);
}
if (ssh->sccipher)
- ssh->sccipher->decrypt(ssh->pktin.data, st->cipherblk);
+ ssh->sccipher->decrypt(ssh->sc_cipher_ctx,
+ ssh->pktin.data, st->cipherblk);
/*
* Now get the length and padding figures.
}
/* Decrypt everything _except_ the MAC. */
if (ssh->sccipher)
- ssh->sccipher->decrypt(ssh->pktin.data + st->cipherblk,
+ ssh->sccipher->decrypt(ssh->sc_cipher_ctx,
+ ssh->pktin.data + st->cipherblk,
st->packetlen - st->cipherblk);
/*
* Check the MAC.
*/
if (ssh->scmac
- && !ssh->scmac->verify(ssh->pktin.data, st->len + 4,
+ && !ssh->scmac->verify(ssh->sc_mac_ctx, ssh->pktin.data, st->len + 4,
st->incoming_sequence)) {
bombout(("Incorrect MAC received on packet"));
crReturn(0);
PUT_32BIT(ssh->pktout.data, len);
if (ssh->cipher)
- ssh->cipher->encrypt(ssh->pktout.data + 4, biglen);
+ ssh->cipher->encrypt(ssh->v1_cipher_ctx, ssh->pktout.data + 4, biglen);
return biglen + 4;
}
ssh->pktout.data[ssh->pktout.length + i] = random_byte();
PUT_32BIT(ssh->pktout.data, ssh->pktout.length + padding - 4);
if (ssh->csmac)
- ssh->csmac->generate(ssh->pktout.data, ssh->pktout.length + padding,
+ ssh->csmac->generate(ssh->cs_mac_ctx, ssh->pktout.data,
+ ssh->pktout.length + padding,
ssh->v2_outgoing_sequence);
ssh->v2_outgoing_sequence++; /* whether or not we MACed */
if (ssh->cscipher)
- ssh->cscipher->encrypt(ssh->pktout.data, ssh->pktout.length + padding);
+ ssh->cscipher->encrypt(ssh->cs_cipher_ctx,
+ ssh->pktout.data, ssh->pktout.length + padding);
/* Ready-to-send packet starts at ssh->pktout.data. We return length. */
return ssh->pktout.length + padding + maclen;
ssh->cipher = (s->cipher_type == SSH_CIPHER_BLOWFISH ? &ssh_blowfish_ssh1 :
s->cipher_type == SSH_CIPHER_DES ? &ssh_des :
&ssh_3des);
- ssh->cipher->sesskey(ssh->session_key);
+ ssh->v1_cipher_ctx = ssh->cipher->make_context();
+ ssh->cipher->sesskey(ssh->v1_cipher_ctx, ssh->session_key);
+ {
+ char buf[256];
+ sprintf(buf, "Initialised %.200s encryption", ssh->cipher->text_name);
+ logevent(buf);
+ }
+
+ ssh->crcda_ctx = crcda_make_context();
+ logevent("Installing CRC compensation attack detector");
crWaitUntil(ispkt);
/*
* Create and initialise session keys.
*/
+ if (ssh->cs_cipher_ctx)
+ ssh->cscipher->free_context(ssh->cs_cipher_ctx);
ssh->cscipher = s->cscipher_tobe;
+ ssh->cs_cipher_ctx = ssh->cscipher->make_context();
+
+ if (ssh->sc_cipher_ctx)
+ ssh->sccipher->free_context(ssh->sc_cipher_ctx);
ssh->sccipher = s->sccipher_tobe;
+ ssh->sc_cipher_ctx = ssh->sccipher->make_context();
+
+ if (ssh->cs_mac_ctx)
+ ssh->csmac->free_context(ssh->cs_mac_ctx);
ssh->csmac = s->csmac_tobe;
+ ssh->cs_mac_ctx = ssh->csmac->make_context();
+
+ if (ssh->sc_mac_ctx)
+ ssh->scmac->free_context(ssh->sc_mac_ctx);
ssh->scmac = s->scmac_tobe;
+ ssh->sc_mac_ctx = ssh->scmac->make_context();
+
ssh->cscomp = s->cscomp_tobe;
ssh->sccomp = s->sccomp_tobe;
ssh->cscomp->compress_init();
memcpy(ssh->v2_session_id, s->exchange_hash,
sizeof(s->exchange_hash));
ssh2_mkkey(ssh,s->K,s->exchange_hash,ssh->v2_session_id,'C',keyspace);
- ssh->cscipher->setcskey(keyspace);
+ ssh->cscipher->setkey(ssh->cs_cipher_ctx, keyspace);
ssh2_mkkey(ssh,s->K,s->exchange_hash,ssh->v2_session_id,'D',keyspace);
- ssh->sccipher->setsckey(keyspace);
+ ssh->sccipher->setkey(ssh->sc_cipher_ctx, keyspace);
ssh2_mkkey(ssh,s->K,s->exchange_hash,ssh->v2_session_id,'A',keyspace);
- ssh->cscipher->setcsiv(keyspace);
+ ssh->cscipher->setiv(ssh->cs_cipher_ctx, keyspace);
ssh2_mkkey(ssh,s->K,s->exchange_hash,ssh->v2_session_id,'B',keyspace);
- ssh->sccipher->setsciv(keyspace);
+ ssh->sccipher->setiv(ssh->sc_cipher_ctx, keyspace);
ssh2_mkkey(ssh,s->K,s->exchange_hash,ssh->v2_session_id,'E',keyspace);
- ssh->csmac->setcskey(keyspace);
+ ssh->csmac->setkey(ssh->cs_mac_ctx, keyspace);
ssh2_mkkey(ssh,s->K,s->exchange_hash,ssh->v2_session_id,'F',keyspace);
- ssh->scmac->setsckey(keyspace);
+ ssh->scmac->setkey(ssh->sc_mac_ctx, keyspace);
+ }
+ {
+ char buf[256];
+ sprintf(buf, "Initialised %.200s client->server encryption",
+ ssh->cscipher->text_name);
+ logevent(buf);
+ sprintf(buf, "Initialised %.200s server->client encryption",
+ ssh->sccipher->text_name);
+ logevent(buf);
}
+
/*
* If this is the first key exchange phase, we must pass the
* SSH2_MSG_NEWKEYS packet to the next layer, not because it
ssh = smalloc(sizeof(*ssh));
ssh->s = NULL;
ssh->cipher = NULL;
+ ssh->v1_cipher_ctx = NULL;
+ ssh->crcda_ctx = NULL;
ssh->cscipher = NULL;
+ ssh->cs_cipher_ctx = NULL;
ssh->sccipher = NULL;
+ ssh->sc_cipher_ctx = NULL;
ssh->csmac = NULL;
+ ssh->sc_mac_ctx = NULL;
ssh->scmac = NULL;
+ ssh->sc_mac_ctx = NULL;
ssh->cscomp = NULL;
ssh->sccomp = NULL;
ssh->kex = NULL;