nasl_crypto2.c
来自「大国补丁后的nessus2.2.8的源代码」· C语言 代码 · 共 957 行 · 第 1/2 页
C
957 行
/* Nessus Attack Scripting Language * * Copyright (C) 2002 - 2004 Tenable Network Security * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, * as published by the Free Software Foundation * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * * */ /* * This file contains all the call to OpenSSL functions needed by SSH protocol */#include <includes.h>#include "nasl_tree.h"#include "nasl_global_ctxt.h"#include "nasl_func.h"#include "nasl_var.h"#include "nasl_lex_ctxt.h"#include "exec.h" #include "strutils.h"#include "nasl_packet_forgery.h"#include "nasl_debug.h"#include "nasl_misc_funcs.h"#include "nasl_crypto2.h"#ifndef MAP_FAILED#define MAP_FAILED (void*)(-1)#endif#ifdef HAVE_SSL#include <openssl/bn.h>#include <openssl/dh.h>#include <openssl/evp.h>#include <openssl/blowfish.h>#define INTBLOB_LEN 20#define SIGBLOB_LEN (2*INTBLOB_LEN)tree_cell * nasl_bn_cmp(lex_ctxt* lexic){ char *s1 = NULL,*s2 = NULL; tree_cell *retc = NULL; BIGNUM *key1 = NULL, *key2 = NULL; int vn; long sz1, sz2; retc = emalloc(sizeof(tree_cell)); retc->ref_count = 1; retc->type = CONST_INT; retc->x.i_val = 1; vn = array_max_index(&lexic->ctx_vars); /* key1 */ s1 = get_str_local_var_by_name(lexic, "key1"); sz1 = get_var_size_by_name(lexic, "key1"); /* key2 */ s2 = get_str_local_var_by_name(lexic, "key2"); sz2 = get_var_size_by_name(lexic, "key2"); if ( s1 == NULL || s2 == NULL ) goto fail; key1 = BN_new(); key2 = BN_new(); if (BN_bin2bn((const unsigned char*)s1, sz1, key1) == 0) goto fail; if (BN_bin2bn((const unsigned char*)s2, sz2, key2) == 0) goto fail; retc->x.i_val = BN_cmp(key1,key2); fail: BN_free(key1); BN_free(key2); return retc;}tree_cell * nasl_bn_random(lex_ctxt* lexic){ char *s1 = NULL; tree_cell *retc = NULL; BIGNUM *key = NULL; long need, needlen, s1len; int len; retc = alloc_tree_cell(0, NULL); retc->type = CONST_DATA; /* p bignum */ need = get_int_local_var_by_name(lexic, "need", 0); needlen = get_var_size_by_name(lexic, "need"); key = BN_new(); if (!key) goto fail; if (!BN_rand(key, need, 0, 0)) goto fail; s1len = BN_num_bytes(key); s1 = emalloc(s1len); if (s1 == NULL) goto fail; BN_bn2bin(key, (unsigned char*)s1); if (s1[0] & 0x80) len = 1; else len = 0; retc->x.str_val = emalloc (s1len+len); retc->x.str_val[0] = '\0'; memcpy(retc->x.str_val+len, s1, s1len); retc->size = s1len + len; goto ret; fail: retc->size = 0; retc->x.str_val = emalloc(0);ret: BN_free(key); return retc; }tree_cell * nasl_pem_to(lex_ctxt* lexic, int type){ char *s1 = NULL, *priv = NULL, *passphrase = NULL; tree_cell *retc = NULL; RSA * rsa = NULL; DSA * dsa = NULL; BIGNUM * key = NULL; BIO * bio = NULL; long privlen, plen, s1len; int len; if ( check_authenticated(lexic) < 0 ) return FAKE_CELL; retc = alloc_tree_cell(0, NULL); retc->type = CONST_DATA; /* priv bignum */ priv = get_str_local_var_by_name(lexic, "priv"); privlen = get_var_size_by_name(lexic, "priv"); if ( priv == NULL ) goto fail; /* priv bignum */ passphrase = get_str_local_var_by_name(lexic, "passphrase"); plen = get_var_size_by_name(lexic, "passphrase"); bio = BIO_new_mem_buf(priv, privlen); if (!bio) goto fail; if (!type) { rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, passphrase); if (!rsa) goto fail; key = rsa->d; } else { dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, passphrase); if (!dsa) goto fail; key = dsa->priv_key; } s1len = BN_num_bytes(key); s1 = emalloc(s1len); if (s1 == NULL) goto fail; BN_bn2bin(key, (unsigned char*)s1); if (s1[0] & 0x80) len = 1; else len = 0; retc->x.str_val = emalloc (s1len+len); retc->x.str_val[0] = '\0'; memcpy(retc->x.str_val+len, s1, s1len); retc->size = s1len + len; goto ret; fail: retc->size = 0; retc->x.str_val = emalloc(0);ret: BIO_free(bio); RSA_free(rsa); DSA_free(dsa); return retc; }tree_cell * nasl_pem_to_rsa(lex_ctxt* lexic){ return nasl_pem_to(lexic, 0);}tree_cell * nasl_pem_to_dsa(lex_ctxt* lexic){ return nasl_pem_to(lexic, 1);}tree_cell * nasl_dh_generate_key(lex_ctxt* lexic){ char *s1 = NULL,*s2 = NULL,*s3 = NULL,*pub = NULL; tree_cell *retc = NULL; DH *dh = NULL; long sz1, sz2, sz3, pubsize; int len; retc = alloc_tree_cell(0, NULL); retc->type = CONST_DATA; /* p bignum */ s1 = get_str_local_var_by_name(lexic, "p"); sz1 = get_var_size_by_name(lexic, "p"); /* g bignum */ s2 = get_str_local_var_by_name(lexic, "g"); sz2 = get_var_size_by_name(lexic, "g"); /* priv key bignum */ s3 = get_str_local_var_by_name(lexic, "priv"); sz3 = get_var_size_by_name(lexic, "priv"); if ( s1 == NULL || s2 == NULL || s3 == NULL ) goto fail; if ((dh = DH_new()) == NULL) goto fail; dh->p = BN_new(); dh->g = BN_new(); dh->priv_key = BN_new(); if (BN_bin2bn((const unsigned char*)s1, sz1, dh->p) == 0) goto fail; if (BN_bin2bn((const unsigned char*)s2, sz2, dh->g) == 0) goto fail; if (BN_bin2bn((const unsigned char*)s3, sz3, dh->priv_key) == 0) goto fail; if (dh->p == NULL) goto fail; if (DH_generate_key(dh) == 0) goto fail; pubsize = BN_num_bytes(dh->pub_key); pub = emalloc(pubsize); if (pub == NULL) goto fail; BN_bn2bin(dh->pub_key, (unsigned char*)pub); if (pub[0] & 0x80) len = 1; else len = 0; retc->x.str_val = emalloc (pubsize+len); retc->x.str_val[0] = '\0'; memcpy(retc->x.str_val+len, pub, pubsize); retc->size = pubsize + len; goto ret;fail: retc->x.str_val = emalloc(0); retc->size = 0;ret: DH_free(dh); free(pub); return retc;}tree_cell * nasl_dh_compute_key(lex_ctxt* lexic){ char *s1 = NULL,*s2 = NULL,*s3 = NULL,*s4 = NULL,*s5 = NULL; char *kbuf; tree_cell *retc = NULL; BIGNUM *dh_server_pub = NULL; DH *dh = NULL; int kout,klen,len; long sz1, sz2, sz3, sz4, sz5; retc = alloc_tree_cell(0, NULL); retc->type = CONST_DATA; /* p bignum */ s1 = get_str_local_var_by_name(lexic, "p"); sz1 = get_var_size_by_name(lexic, "p"); /* g bignum */ s2 = get_str_local_var_by_name(lexic, "g"); sz2 = get_var_size_by_name(lexic, "g"); /* dh_server_pub bignum */ s3 = get_str_local_var_by_name(lexic, "dh_server_pub"); sz3 = get_var_size_by_name(lexic, "dh_server_pub"); /* public key bignum */ s4 = get_str_local_var_by_name(lexic, "pub_key"); sz4 = get_var_size_by_name(lexic, "pub_key"); /* private key bignum */ s5 = get_str_local_var_by_name(lexic, "priv_key"); sz5 = get_var_size_by_name(lexic, "priv_key"); if ( s1 == NULL || s2 == NULL || s3 == NULL || s4 == NULL || s5 == NULL ) goto fail; if ((dh = DH_new()) == NULL) goto fail; dh->p = BN_new(); dh->g = BN_new(); dh->pub_key = BN_new(); dh->priv_key = BN_new(); dh_server_pub = BN_new(); if (BN_bin2bn((const unsigned char*)s1, sz1, dh->p) == 0) goto fail; if (BN_bin2bn((const unsigned char*)s2, sz2, dh->g) == 0) goto fail; if (BN_bin2bn((const unsigned char*)s3, sz3, dh_server_pub) == 0) goto fail; if (BN_bin2bn((const unsigned char*)s4, sz4, dh->pub_key) == 0) goto fail; if (BN_bin2bn((const unsigned char*)s5, sz5, dh->priv_key) == 0) goto fail; klen = DH_size(dh); kbuf = emalloc(klen); kout = DH_compute_key((unsigned char*)kbuf, dh_server_pub, dh); if (kbuf[0] & 0x80) len = 1; else len = 0; retc->x.str_val = emalloc (kout+len); retc->x.str_val[0] = '\0'; memcpy(retc->x.str_val+len, kbuf, kout); retc->size = kout + len; goto ret;fail: retc->size = 0; retc->x.str_val = emalloc(0);ret: DH_free(dh); BN_free(dh_server_pub); return retc;}tree_cell * nasl_rsa_public_decrypt(lex_ctxt* lexic){ char *s1 = NULL,*s2 = NULL,*s3 = NULL, *decrypted = NULL; tree_cell *retc = NULL; RSA *rsa = NULL; int len; long sz1, sz2, sz3; retc = alloc_tree_cell(0, NULL); retc->type = CONST_DATA; /* sig bignum */ s1 = get_str_local_var_by_name(lexic, "sig"); sz1 = get_var_size_by_name(lexic, "sig"); /* e bignum */ s2 = get_str_local_var_by_name(lexic, "e"); sz2 = get_var_size_by_name(lexic, "e"); /* n bignum */ s3 = get_str_local_var_by_name(lexic, "n"); sz3 = get_var_size_by_name(lexic, "n"); if ( s1 == NULL || s2 == NULL || s3 == NULL ) goto fail; if ((rsa = RSA_new()) == NULL) goto fail; rsa->e = BN_new(); rsa->n = BN_new(); if (BN_bin2bn((const unsigned char*)s3, sz3, rsa->n) == 0) goto fail; if (BN_bin2bn((const unsigned char*)s2, sz2, rsa->e) == 0) goto fail; decrypted = emalloc(sz1); if (!decrypted) goto fail; if ((len = RSA_public_decrypt(sz1, (unsigned char*)s1, (unsigned char*)decrypted, rsa, RSA_PKCS1_PADDING)) < 0) goto fail; retc->size = len; retc->x.str_val = decrypted; goto ret;fail: retc->size = 0; retc->x.str_val = emalloc(0);ret: RSA_free(rsa); return retc;}tree_cell * nasl_rsa_sign(lex_ctxt* lexic){ char *s1 = NULL,*s2 = NULL,*s3 = NULL, *s4 = NULL, *sig = NULL, *signature = NULL; tree_cell *retc = NULL; RSA *rsa = NULL; int ok; long sz1, sz2, sz3, sz4, slen; unsigned int len; if ( check_authenticated(lexic) < 0 ) return FAKE_CELL; retc = alloc_tree_cell(0, NULL); retc->type = CONST_DATA; /* sig bignum */ s1 = get_str_local_var_by_name(lexic, "data"); sz1 = get_var_size_by_name(lexic, "data"); /* e bignum */ s2 = get_str_local_var_by_name(lexic, "e"); sz2 = get_var_size_by_name(lexic, "e"); /* n bignum */ s3 = get_str_local_var_by_name(lexic, "n"); sz3 = get_var_size_by_name(lexic, "n"); /* d bignum */ s4 = get_str_local_var_by_name(lexic, "d"); sz4 = get_var_size_by_name(lexic, "d"); if ( s1 == NULL || s2 == NULL || s3 == NULL || s4 == NULL ) goto fail;⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?