#define crWaitUntil(c) do { crReturn(0); } while (!(c))
extern struct ssh_cipher ssh_3des;
+extern struct ssh_cipher ssh_3des_ssh2;
extern struct ssh_cipher ssh_des;
extern struct ssh_cipher ssh_blowfish;
/* for ssh 2; we miss out single-DES because it isn't supported */
-struct ssh_cipher *ciphers[] = { &ssh_3des, &ssh_blowfish };
+struct ssh_cipher *ciphers[] = { &ssh_3des_ssh2, &ssh_blowfish };
extern struct ssh_kex ssh_diffiehellman;
struct ssh_kex *kex_algs[] = { &ssh_diffiehellman };
/*
* Check the MAC.
*/
- if (scmac && !scmac->verify(pktin.data, incoming_sequence++, len+4))
+ if (scmac && !scmac->verify(pktin.data, len+4, incoming_sequence))
fatalbox("Incorrect MAC received on packet");
+ incoming_sequence++; /* whether or not we MACed */
pktin.savedpos = 6;
pktin.type = pktin.data[5];
}
void ssh2_pkt_send(void) {
int cipherblk, maclen, padding, i;
- unsigned long outgoing_sequence = 0;
+ static unsigned long outgoing_sequence = 0;
/*
* Add padding. At least four bytes, and must also bring total
pktout.data[pktout.length + i] = random_byte();
PUT_32BIT(pktout.data, pktout.length + padding - 4);
if (csmac)
- csmac->generate(pktout.data, outgoing_sequence++,
- pktout.length + padding);
+ csmac->generate(pktout.data, pktout.length + padding,
+ outgoing_sequence);
+ outgoing_sequence++; /* whether or not we MACed */
if (cscipher)
cscipher->encrypt(pktout.data, pktout.length + padding);
maclen = csmac ? csmac->len : 0;
ssh2_mkkey(K, exchange_hash, 'E', keyspace); csmac->setcskey(keyspace);
ssh2_mkkey(K, exchange_hash, 'F', keyspace); scmac->setsckey(keyspace);
+ /*
+ * Now we're encrypting. Send a test packet (FIXME).
+ */
+ crWaitUntil(!ispkt);
+ ssh2_pkt_init(SSH2_MSG_IGNORE);
+ ssh2_pkt_addstring("oo-er");
+ ssh2_pkt_send();
+
crWaitUntil(0);
crFinish(1);
#include <assert.h>
+#include <stdarg.h> /* FIXME */
+#include <windows.h> /* FIXME */
+#include "putty.h" /* FIXME */
#include "ssh.h"
+
/* des.c - implementation of DES
*/
des_cbc_encrypt(dest, src, len, &scheds[2]);
}
+static void des_cbc3_encrypt(unsigned char *dest, const unsigned char *src,
+ unsigned int len, DESContext *scheds) {
+ word32 out[2], iv0, iv1;
+ unsigned int i;
+
+ assert((len & 7) == 0);
+
+ iv0 = scheds->eiv0;
+ iv1 = scheds->eiv1;
+ for (i = 0; i < len; i += 8) {
+ iv0 ^= GET_32BIT_MSB_FIRST(src); src += 4;
+ iv1 ^= GET_32BIT_MSB_FIRST(src); src += 4;
+ des_encipher(out, iv0, iv1, &scheds[0]);
+ des_decipher(out, out[0], out[1], &scheds[1]);
+ des_encipher(out, out[0], out[1], &scheds[2]);
+ iv0 = out[0];
+ iv1 = out[1];
+ PUT_32BIT_MSB_FIRST(dest, iv0); dest += 4;
+ PUT_32BIT_MSB_FIRST(dest, iv1); dest += 4;
+ }
+ scheds->eiv0 = iv0;
+ scheds->eiv1 = iv1;
+}
+
static void des_3cbc_decrypt(unsigned char *dest, const unsigned char *src,
unsigned int len, DESContext *scheds) {
des_cbc_decrypt(dest, src, len, &scheds[2]);
des_cbc_decrypt(dest, src, len, &scheds[0]);
}
+static void des_cbc3_decrypt(unsigned char *dest, const unsigned char *src,
+ unsigned int len, DESContext *scheds) {
+ word32 out[2], iv0, iv1, xL, xR;
+ unsigned int i;
+
+ assert((len & 7) == 0);
+
+ iv0 = scheds->div0;
+ iv1 = scheds->div1;
+ for (i = 0; i < len; i += 8) {
+ xL = GET_32BIT_MSB_FIRST(src); src += 4;
+ xR = GET_32BIT_MSB_FIRST(src); src += 4;
+ des_decipher(out, xL, xR, &scheds[2]);
+ des_encipher(out, out[0], out[1], &scheds[1]);
+ des_decipher(out, out[0], out[1], &scheds[0]);
+ iv0 ^= out[0];
+ iv1 ^= out[1];
+ PUT_32BIT_MSB_FIRST(dest, iv0); dest += 4;
+ PUT_32BIT_MSB_FIRST(dest, iv1); dest += 4;
+ iv0 = xL;
+ iv1 = xR;
+ }
+ scheds->div0 = iv0;
+ scheds->div1 = iv1;
+}
+
static DESContext cskeys[3], sckeys[3];
static void des3_cskey(unsigned char *key) {
des_3cbc_decrypt(blk, blk, len, sckeys);
}
-struct ssh_cipher ssh_3des = {
- des3_sesskey,
+static void des3_ssh2_encrypt_blk(unsigned char *blk, int len) {
+ des_cbc3_encrypt(blk, blk, len, cskeys);
+}
+
+static void des3_ssh2_decrypt_blk(unsigned char *blk, int len) {
+ des_cbc3_decrypt(blk, blk, len, sckeys);
+}
+
+struct ssh_cipher ssh_3des_ssh2 = {
+ NULL,
des3_csiv, des3_cskey,
des3_sciv, des3_sckey,
+ des3_ssh2_encrypt_blk,
+ des3_ssh2_decrypt_blk,
+ "3des-cbc",
+ 8
+};
+
+struct ssh_cipher ssh_3des = {
+ des3_sesskey,
+ NULL, NULL, NULL, NULL,
des3_encrypt_blk,
des3_decrypt_blk,
"3des-cbc",
+#include <stdarg.h> /* FIXME */
+#include <windows.h> /* FIXME */
+#include "putty.h" /* FIXME */
+
/*
* SHA1 hash algorithm. Used in SSH2 as a MAC, and the transform is
* also used as a `stirring' function for the PuTTY random number
unsigned char *key, int len) {
unsigned char foo[64];
int i;
+ {int j;
+ debug(("Key supplied is:\r\n"));
+ for (j=0; j<len; j++) debug((" %02X", key[j]));
+ debug(("\r\n"));
+ }
memset(foo, 0x36, 64);
for (i = 0; i < len && i < 64; i++)
}
static void sha1_generate(unsigned char *blk, int len, unsigned long seq) {
+ {int i;
+ debug(("Gen HMAC on block len=%d seq=%d:\r\n", len, seq));
+ for (i=0; i<len; i++) debug((" %02X", blk[i]));
+ debug(("\r\n"));
+ }
sha1_do_hmac(&sha1_cs_mac_s1, &sha1_cs_mac_s2, blk, len, seq, blk+len);
+ {int i;
+ debug(("We compute HMAC as:\r\n"));
+ for (i=0; i<20; i++) debug((" %02X", blk[len+i]));
+ debug(("\r\n"));
+ }
}
static int sha1_verify(unsigned char *blk, int len, unsigned long seq) {
unsigned char correct[20];
+ {int i;
+ debug(("HMAC on block len=%d seq=%d:\r\n", len, seq));
+ for (i=0; i<len; i++) debug((" %02X", blk[i]));
+ debug(("\r\n"));
+ }
sha1_do_hmac(&sha1_sc_mac_s1, &sha1_sc_mac_s2, blk, len, seq, correct);
+ {int i;
+ debug(("We compute HMAC as:\r\n"));
+ for (i=0; i<20; i++) debug((" %02X", correct[i]));
+ debug(("\r\n"));
+ }
return !memcmp(correct, blk+len, 20);
}