ck_crp.c

KERMIT工具 这在办公室下载不了,很多人都没有载不到.

static int     EncryptType = ENCTYPE_ANY;

#define typemask(x)     ((x) > 0 ? 1 << ((x)-1) : 0)

static long i_support_encrypt =
        typemask(ENCTYPE_DES_CFB64) | typemask(ENCTYPE_DES_OFB64);
static long i_support_decrypt =
        typemask(ENCTYPE_DES_CFB64) | typemask(ENCTYPE_DES_OFB64);
static long i_wont_support_encrypt = 0;
static long i_wont_support_decrypt = 0;
#define I_SUPPORT_ENCRYPT       (i_support_encrypt & ~i_wont_support_encrypt)
#define I_SUPPORT_DECRYPT       (i_support_decrypt & ~i_wont_support_decrypt)

static long remote_supports_encrypt = 0;
static long remote_supports_decrypt = 0;

/* Make sure that this list is in order of algorithm strength     */
/* as it determines the search order for selecting specific       */
/* encryption choices.  All CFB modes must come before OFB modes. */
static Encryptions encryptions[] = {
#ifdef DES_ENCRYPTION
    { "DES3_CFB64",
          ENCTYPE_DES3_CFB64,
          des3_cfb64_encrypt,
          des3_cfb64_decrypt,
          des3_cfb64_init,
          des3_cfb64_start,
          des3_cfb64_is,
          des3_cfb64_reply,
          des3_cfb64_session,
          des3_cfb64_keyid,
          NULL },
#endif /* DES_ENCRYPTION */
#ifdef CAST_ENCRYPTION
#ifndef CAST_EXPORT_ENCRYPTION
    { "CAST128_CFB64",  ENCTYPE_CAST128_CFB64,
          cast_cfb64_encrypt,
          cast_cfb64_decrypt,
          cast_cfb64_init,
          cast_cfb64_start,
          cast_cfb64_is,
          cast_cfb64_reply,
          cast_cfb64_session,
          cast_cfb64_keyid,
          NULL },
#endif
#endif
#ifdef DES_ENCRYPTION
    { "DES_CFB64",
          ENCTYPE_DES_CFB64,
          cfb64_encrypt,
          cfb64_decrypt,
          cfb64_init,
          cfb64_start,
          cfb64_is,
          cfb64_reply,
          cfb64_session,
          cfb64_keyid,
          NULL },
#endif  /* DES_ENCRYPTION */
#if defined (CAST_EXPORT_ENCRYPTION) || defined(CAST_ENCRYPTION)
    { "CAST5_40_CFB64", ENCTYPE_CAST5_40_CFB64,
          castexp_cfb64_encrypt,
          castexp_cfb64_decrypt,
          castexp_cfb64_init,
          castexp_cfb64_start,
          castexp_cfb64_is,
          castexp_cfb64_reply,
          castexp_cfb64_session,
          castexp_cfb64_keyid,
          NULL },
#endif /* CAST_ENCRYPTION */
#ifdef DES_ENCRYPTION
    { "DES3_OFB64",
          ENCTYPE_DES3_OFB64,
          des3_ofb64_encrypt,
          des3_ofb64_decrypt,
          des3_ofb64_init,
          des3_ofb64_start,
          des3_ofb64_is,
          des3_ofb64_reply,
          des3_ofb64_session,
          des3_ofb64_keyid,
          NULL },
#endif /* DES_ENCRYPTION */
#ifdef CAST_ENCRYPTION
#ifndef CAST_EXPORT_ENCRYPTION
    { "CAST128_OFB64",  ENCTYPE_CAST128_OFB64,
          cast_ofb64_encrypt,
          cast_ofb64_decrypt,
          cast_ofb64_init,
          cast_ofb64_start,
          cast_ofb64_is,
          cast_ofb64_reply,
          cast_ofb64_session,
          cast_ofb64_keyid,
          NULL },
#endif
#endif
#ifdef DES_ENCRYPTION
    { "DES_OFB64",
          ENCTYPE_DES_OFB64,
          ofb64_encrypt,
          ofb64_decrypt,
          ofb64_init,
          ofb64_start,
          ofb64_is,
          ofb64_reply,
          ofb64_session,
          ofb64_keyid,
          NULL },
#endif  /* DES_ENCRYPTION */
#if defined (CAST_EXPORT_ENCRYPTION) || defined(CAST_ENCRYPTION)
    { "CAST5_40_OFB64", ENCTYPE_CAST5_40_OFB64,
          castexp_ofb64_encrypt,
          castexp_ofb64_decrypt,
          castexp_ofb64_init,
          castexp_ofb64_start,
          castexp_ofb64_is,
          castexp_ofb64_reply,
          castexp_ofb64_session,
          castexp_ofb64_keyid,
          NULL },
#endif /* CAST_ENCRYPTION */
    { 0,0,0,0,0,0,0,0,0,0,0  }
};

int
get_crypt_table( struct keytab ** pTable, int * pN )
{
    int i=0,n=0;

    if ( *pTable )
    {
        for ( i=0 ; i < *pN ; i++ )
            free( (*pTable)[i].kwd ) ;
        free ( *pTable )  ;
    }
    *pTable = NULL;
    *pN = 0;

    /* How many encryption types do we have? */
    while ( encryptions[n].name )
        n++;

    if ( n )
    {
        *pTable = malloc( sizeof(struct keytab) * (n+2) ) ;
        if ( !(*pTable) )
            return(0);

#ifdef OS2
        (*pTable)[0].kwd =strdup("automatic");
#else /* OS2 */
        makestr(&tmpstring,"automatic");
        (*pTable)[0].kwd = tmpstring;
        tmpstring = NULL;
#endif /* OS2 */
        (*pTable)[0].kwval = ENCTYPE_ANY;
        (*pTable)[0].flgs = 0;
#ifdef OS2
        (*pTable)[1].kwd =strdup("none");
#else /* OS2 */
        makestr(&tmpstring,"none");
        (*pTable)[1].kwd = tmpstring;
        tmpstring = NULL;
#endif /* OS2 */
        (*pTable)[1].kwval = 999;
        (*pTable)[1].flgs = 0;
        (*pN) = 2;

        for ( i=0 ; i < n ; i++ ) {
            char * newstr = NULL, * p;
            int newval = encryptions[i].type;
            int j = 0, len = 0;

#ifdef OS2
            newstr = strdup(encryptions[i].name);
            strlwr(newstr);
#else /* OS2 */
            makestr(&tmpstring,encryptions[i].name);
            newstr = tmpstring;
            tmpstring = NULL;
            for (p = newstr; *p; p++) if (isupper(*p)) *p = tolower(*p);
#endif /* OS2 */

            for (j = 0; j < (*pN); j++) {
                int tempval = 0;
                char * tempstr = NULL;

                if ( strcmp( (*pTable)[j].kwd, newstr ) > 0 )
                {
                    tempval = (*pTable)[j].kwval;
                    tempstr = (*pTable)[j].kwd;
                    (*pTable)[j].kwd = newstr ;
                    (*pTable)[j].kwval = newval;
                    newval = tempval;
                    newstr = tempstr;
                    (*pTable)[j].flgs = 0;
                }
            }
            (*pTable)[*pN].kwd = newstr ;
            (*pTable)[*pN].kwval = newval;
            (*pTable)[*pN].flgs = 0 ;
            (*pN)++ ;
        }
    } else {
        *pTable = malloc( sizeof(struct keytab) * 2 ) ;
        if ( !(*pTable) )
            return(0);

#ifdef OS2
        (*pTable)[0].kwd =strdup("automatic");
#else /* OS2 */
        makestr(&tmpstring,"automatic");
        (*pTable)[0].kwd = tmpstring;
        tmpstring = NULL;
#endif /* OS2 */
        (*pTable)[0].kwval = ENCTYPE_ANY;
        (*pTable)[0].flgs = 0;
#ifdef OS2
        (*pTable)[1].kwd =strdup("none");
#else /* OS2 */
        makestr(&tmpstring,"none");
        (*pTable)[1].kwd = tmpstring;
        tmpstring = NULL;
#endif /* OS2 */
        (*pTable)[1].kwval = 999;
        (*pTable)[1].flgs = 0;
        (*pN) = 2;
    }
    return(*pN);
}

static unsigned char str_send[64] = { IAC, SB, TELOPT_ENCRYPTION,
                                      ENCRYPT_SUPPORT };
static unsigned char str_suplen = 0;
static unsigned char str_start[72] = { IAC, SB, TELOPT_ENCRYPTION };
static unsigned char str_end[] = { IAC, SB, TELOPT_ENCRYPTION, 0, IAC, SE };

_PROTOTYP(int  encrypt_request_end, (VOID));
_PROTOTYP(int  encrypt_request_start, (VOID));
_PROTOTYP(int  encrypt_enc_keyid, (unsigned char *, int));
_PROTOTYP(int  encrypt_dec_keyid, (unsigned char *, int));
_PROTOTYP(int  encrypt_support, (unsigned char *, int));
_PROTOTYP(int  encrypt_start, (unsigned char *, int));
_PROTOTYP(int  encrypt_end, (VOID));

_PROTOTYP(int encrypt_ks_stream,(struct kstream_data_block *, /* output */
                                   struct kstream_data_block *)); /* input */

_PROTOTYP(int decrypt_ks_stream,(struct kstream_data_block *, /* output */
                                   struct kstream_data_block *)); /* input */

int
#ifdef CK_ANSIC
encrypt_ks_stream(struct kstream_data_block *i,
                  struct kstream_data_block *o)
#else
encrypt_ks_stream(i,o)
    struct kstream_data_block *i; struct kstream_data_block *o;
#endif
{
    /*
    * this is really quite bogus, since it does an in-place encryption...
    */
    if (encrypt_output) {
        encrypt_output(i->ptr, i->length);
        return 1;
    }
    return 0;
}


int
#ifdef CK_ANSIC
decrypt_ks_stream(struct kstream_data_block *i,
                  struct kstream_data_block *o)
#else
decrypt_ks_stream(i,o)
    struct kstream_data_block *i; struct kstream_data_block *o;
#endif
{
    unsigned int len;
  /*
   * this is really quite bogus, since it does an in-place decryption...
   */
    if (decrypt_input) {
        for (len = 0 ; len < i->length ; len++)
            ((unsigned char *)i->ptr)[len]
                = decrypt_input(((unsigned char *)i->ptr)[len]);
        return 1;
    }
    return 0;
}

int
#ifdef CK_ANSIC
decrypt_ks_hack(unsigned char *buf, int cnt)
#else
decrypt_ks_hack(buf,cnt) unsigned char *buf; int cnt;
#endif
{
    int len;
  /*
   * this is really quite bogus, since it does an in-place decryption...
   */
    for (len = 0 ; len < cnt ; len++)
        buf[len] = decrypt_input(buf[len]);

#ifdef DEBUG
    hexdump("decrypt ks hack", buf, cnt);
#endif
    return 1;
}


/*
 * parsedat[0] == the suboption we might be negotiating,
 */
int
#ifdef CK_ANSIC
encrypt_parse(unsigned char *parsedat, int end_sub)
#else
encrypt_parse(parsedat,end_sub) unsigned char *parsedat; int end_sub;
#endif
{
    int rc = 0;

    switch(parsedat[1]) {
    case ENCRYPT_START:
        rc = encrypt_start(parsedat + 2, end_sub - 2);
        break;
    case ENCRYPT_END:
        rc = encrypt_end();
        break;
    case ENCRYPT_SUPPORT:
        rc = encrypt_support(parsedat + 2, end_sub - 2);
        break;
    case ENCRYPT_REQSTART:
        rc = encrypt_request_start();
        break;
    case ENCRYPT_REQEND:
        /*
        * We can always send an REQEND so that we cannot
        * get stuck encrypting.  We should only get this
        * if we have been able to get in the correct mode
        * anyhow.
        */
        rc = encrypt_request_end();
        break;
    case ENCRYPT_IS:
        rc = encrypt_is(parsedat + 2, end_sub - 2);
        break;
    case ENCRYPT_REPLY:
        rc = encrypt_reply(parsedat + 2, end_sub - 2);
        break;
    case ENCRYPT_ENC_KEYID:
        rc = encrypt_enc_keyid(parsedat + 2, end_sub - 2);
        break;
    case ENCRYPT_DEC_KEYID:
        rc = encrypt_dec_keyid(parsedat + 2, end_sub - 2);
        break;
    default:
        rc = -1;
        break;
    }
    return(rc);
}

/* XXX */
Encryptions *
#ifdef CK_ANSIC
findencryption(int type)
#else
findencryption(type) int type;
#endif
{
    Encryptions *ep = encryptions;

    if (!(I_SUPPORT_ENCRYPT & remote_supports_decrypt & typemask(type)))
        return(0);
    while (ep->type && ep->type != type)
        ++ep;
    return(ep->type ? ep : 0);
}

Encryptions *
#ifdef CK_ANSIC
finddecryption(int type)
#else
finddecryption(type) int type;
#endif
{
    Encryptions *ep = encryptions;

    if (!(I_SUPPORT_DECRYPT & remote_supports_encrypt & typemask(type)))
        return(0);
    while (ep->type && ep->type != type)
        ++ep;
    return(ep->type ? ep : 0);
}

#define MAXKEYLEN 64

static struct key_info {
    unsigned char keyid[MAXKEYLEN];
    int keylen;
    int dir;
    int *modep;
    Encryptions *(*getcrypt)();
} ki[2] = {
    { { 0 }, 0, DIR_ENCRYPT, &encrypt_mode, findencryption },
    { { 0 }, 0, DIR_DECRYPT, &decrypt_mode, finddecryption },
};

VOID
#ifdef CK_ANSIC
encrypt_init(kstream iks, int type)
#else
encrypt_init(iks, type) kstream iks; int type;
#endif
{
    Encryptions *ep = encryptions;

    i_support_encrypt = i_support_decrypt = 0;
    remote_supports_encrypt = remote_supports_decrypt = 0;
    i_wont_support_encrypt = i_wont_support_decrypt = 0;
    encrypt_mode = 0;
    decrypt_mode = 0;
    encrypt_output = NULL;
    decrypt_input = NULL;
    ki[0].keylen = 0;
    memset(ki[0].keyid,0,MAXKEYLEN);
    ki[1].keylen = 0;
    memset(ki[1].keyid,0,MAXKEYLEN);
    havesessionkey = 0;
    autoencrypt = 1;
    autodecrypt = 1;

    EncryptKSGlobalHack = iks;
    EncryptType = type;

    str_send[0] = IAC;
    str_send[1] = SB;
    str_send[2] = TELOPT_ENCRYPTION;
    str_send[3] = ENCRYPT_SUPPORT;
    str_suplen = 4;

    while (ep->type) {
        if ( EncryptType == ENCTYPE_ANY ||
             EncryptType == ep->type ) {
#ifdef DEBUG
            if (encrypt_debug_mode) {
                sprintf(dbgbuf, ">>>I will support %s\n",
                         ENCTYPE_NAME(ep->type));       /* safe */
                debug(F110,"encrypt_init",dbgbuf,0);
            }
#endif
            i_support_encrypt |= typemask(ep->type);
            i_support_decrypt |= typemask(ep->type);
            if ((i_wont_support_decrypt & typemask(ep->type)) == 0)
                if ((str_send[str_suplen++] = ep->type) == IAC)
                    str_send[str_suplen++] = IAC;
        }
        if (ep->init)
            (*ep->init)(0);
        ++ep;
    }
    str_send[str_suplen++] = IAC;
    str_send[str_suplen++] = SE;
}

VOID
#ifdef CK_ANSIC
encrypt_send_support(VOID)
#else
encrypt_send_support()
#endif
{
    Encryptions *ep = encryptions;

#ifdef CK_SSL
    if (TELOPT_SB(TELOPT_START_TLS).start_tls.me_follows)
        return;
#endif /* CK_SSL */

    str_send[0] = IAC;
    str_send[1] = SB;