1 |
/* |
2 |
Copyright (c) 1998-2001, Robert O'Callahan |
3 |
All rights reserved. |
4 |
|
5 |
Redistribution and use in source and binary forms, with or without modification, |
6 |
are permitted provided that the following conditions are met: |
7 |
|
8 |
Redistributions of source code must retain the above copyright notice, this list of |
9 |
conditions and the following disclaimer. |
10 |
|
11 |
Redistributions in binary form must reproduce the above copyright notice, this list |
12 |
of conditions and the following disclaimer in the documentation and/or other materials |
13 |
provided with the distribution. |
14 |
|
15 |
The name of Robert O'Callahan may not be used to endorse or promote products derived from |
16 |
this software without specific prior written permission. |
17 |
|
18 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND |
19 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
20 |
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL |
21 |
THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, |
22 |
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
23 |
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
24 |
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, |
25 |
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
26 |
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
27 |
*/ |
28 |
|
29 |
/* |
30 |
This code is copyright (C) 1998-1999 Robert O'Callahan. |
31 |
See LICENSE.TXT for the license. |
32 |
*/ |
33 |
|
34 |
#ifndef __CRYPT_H |
35 |
#define __CRYPT_H |
36 |
|
37 |
#include <openssl/rsa.h> |
38 |
#include <openssl/des.h> |
39 |
#include <openssl/idea.h> |
40 |
#include <openssl/rc4.h> |
41 |
#include <openssl/blowfish.h> |
42 |
|
43 |
#define SSH_SESSION_KEY_LENGTH 32 |
44 |
#define SSH_RSA_CHALLENGE_LENGTH 32 |
45 |
#define SSH_COOKIE_LENGTH 8 |
46 |
#define SSH2_COOKIE_LENGTH 16 |
47 |
|
48 |
#define CRYPT_KEY_LENGTH 32 |
49 |
#define COOKIE_LENGTH 16 |
50 |
|
51 |
typedef struct { |
52 |
DES_key_schedule k1; |
53 |
DES_key_schedule k2; |
54 |
DES_key_schedule k3; |
55 |
DES_cblock ivec1; |
56 |
DES_cblock ivec2; |
57 |
DES_cblock ivec3; |
58 |
} Cipher3DESState; |
59 |
|
60 |
typedef struct { |
61 |
IDEA_KEY_SCHEDULE k; |
62 |
unsigned char ivec[8]; |
63 |
} CipherIDEAState; |
64 |
|
65 |
typedef struct { |
66 |
DES_key_schedule k; |
67 |
DES_cblock ivec; |
68 |
} CipherDESState; |
69 |
|
70 |
typedef struct { |
71 |
RC4_KEY k; |
72 |
} CipherRC4State; |
73 |
|
74 |
typedef struct { |
75 |
BF_KEY k; |
76 |
unsigned char ivec[8]; |
77 |
} CipherBlowfishState; |
78 |
|
79 |
typedef struct { |
80 |
uint32 FAR * h; |
81 |
uint32 n; |
82 |
} CRYPTDetectAttack; |
83 |
|
84 |
typedef struct { |
85 |
RSA FAR * RSA_key; |
86 |
} CRYPTPublicKey; |
87 |
|
88 |
typedef struct _CRYPTKeyPair { |
89 |
RSA FAR * RSA_key; |
90 |
DSA *DSA_key; |
91 |
} CRYPTKeyPair; |
92 |
|
93 |
typedef union { |
94 |
Cipher3DESState c3DES; |
95 |
CipherIDEAState cIDEA; |
96 |
CipherDESState cDES; |
97 |
CipherRC4State cRC4; |
98 |
CipherBlowfishState cBlowfish; |
99 |
} CRYPTCipherState; |
100 |
|
101 |
typedef void (* CRYPTCryptFun)(PTInstVar pvar, unsigned char FAR * buf, int bytes); |
102 |
|
103 |
typedef struct { |
104 |
CRYPTDetectAttack detect_attack_statics; |
105 |
|
106 |
CRYPTPublicKey server_key; |
107 |
CRYPTPublicKey host_key; |
108 |
|
109 |
char server_cookie[COOKIE_LENGTH]; |
110 |
char client_cookie[COOKIE_LENGTH]; |
111 |
|
112 |
int supported_sender_ciphers; |
113 |
int supported_receiver_ciphers; |
114 |
int sender_cipher; |
115 |
int receiver_cipher; |
116 |
char sender_cipher_key[CRYPT_KEY_LENGTH]; |
117 |
char receiver_cipher_key[CRYPT_KEY_LENGTH]; |
118 |
CRYPTCryptFun encrypt; |
119 |
CRYPTCryptFun decrypt; |
120 |
CRYPTCipherState enc; |
121 |
CRYPTCipherState dec; |
122 |
} CRYPTState; |
123 |
|
124 |
void CRYPT_init(PTInstVar pvar); |
125 |
/* this function is called during 'slack time' while we wait for a response |
126 |
from the server. Therefore we have some time available to do some |
127 |
moderately expensive computations. */ |
128 |
void CRYPT_initialize_random_numbers(PTInstVar pvar); |
129 |
void CRYPT_set_random_data(PTInstVar pvar, unsigned char FAR * buf, int bytes); |
130 |
void CRYPT_end(PTInstVar pvar); |
131 |
|
132 |
void CRYPT_get_cipher_info(PTInstVar pvar, char FAR * dest, int len); |
133 |
void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len); |
134 |
|
135 |
void CRYPT_set_server_cookie(PTInstVar pvar, unsigned char FAR * cookie); |
136 |
void CRYPT_set_client_cookie(PTInstVar pvar, unsigned char FAR * cookie); |
137 |
#define CRYPT_get_server_cookie(pvar) ((pvar)->crypt_state.server_cookie) |
138 |
|
139 |
void CRYPT_free_key_pair(CRYPTKeyPair FAR * key_pair); |
140 |
void CRYPT_free_public_key(CRYPTPublicKey FAR * key); |
141 |
|
142 |
BOOL CRYPT_set_server_RSA_key(PTInstVar pvar, |
143 |
int bits, unsigned char FAR * exp, unsigned char FAR * mod); |
144 |
BOOL CRYPT_set_host_RSA_key(PTInstVar pvar, |
145 |
int bits, unsigned char FAR * exp, unsigned char FAR * mod); |
146 |
int CRYPT_get_encrypted_session_key_len(PTInstVar pvar); |
147 |
int CRYPT_choose_session_key(PTInstVar pvar, unsigned char FAR * encrypted_key_buf); |
148 |
BOOL CRYPT_start_encryption(PTInstVar pvar, int sender_flag, int receiver_flag); |
149 |
int CRYPT_generate_RSA_challenge_response(PTInstVar pvar, unsigned char FAR * challenge, |
150 |
int challenge_len, unsigned char FAR * response); |
151 |
|
152 |
int CRYPT_get_receiver_MAC_size(PTInstVar pvar); |
153 |
BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number, |
154 |
char FAR * data, int len, char FAR * MAC); |
155 |
int CRYPT_get_sender_MAC_size(PTInstVar pvar); |
156 |
|
157 |
BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number, |
158 |
char FAR * data, int len, char FAR * MAC); |
159 |
|
160 |
BOOL CRYPT_set_supported_ciphers(PTInstVar pvar, int sender_ciphers, int receiver_ciphers); |
161 |
BOOL CRYPT_choose_ciphers(PTInstVar pvar); |
162 |
#define CRYPT_get_sender_cipher(pvar) ((pvar)->crypt_state.sender_cipher) |
163 |
#define CRYPT_get_receiver_cipher(pvar) ((pvar)->crypt_state.receiver_cipher) |
164 |
int CRYPT_get_decryption_block_size(PTInstVar pvar); |
165 |
int CRYPT_get_encryption_block_size(PTInstVar pvar); |
166 |
#define CRYPT_encrypt(pvar, buf, bytes) \ |
167 |
((pvar)->crypt_state.encrypt((pvar), (buf), (bytes))) |
168 |
#define CRYPT_decrypt(pvar, buf, bytes) \ |
169 |
((pvar)->crypt_state.decrypt((pvar), (buf), (bytes))) |
170 |
|
171 |
BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char FAR * buf, int bytes); |
172 |
int CRYPT_passphrase_decrypt(int cipher, char FAR * passphrase, char FAR * buf, int len); |
173 |
RSA FAR *make_key(PTInstVar pvar, |
174 |
int bits, unsigned char FAR * exp, |
175 |
unsigned char FAR * mod); |
176 |
|
177 |
#endif |