sshdes.c

大名鼎鼎的远程登录软件putty的Symbian版源码

			     unsigned int len, DESContext * scheds)
{
    des_cbc_encrypt(dest, src, len, &scheds[0]);
    des_cbc_decrypt(dest, src, len, &scheds[1]);
    des_cbc_encrypt(dest, src, len, &scheds[2]);
}

static void des_cbc3_encrypt(unsigned char *dest, const unsigned char *src,
			     unsigned int len, DESContext * scheds)
{
    word32 out[2], iv0, iv1;
    unsigned int i;

    assert((len & 7) == 0);

    iv0 = scheds->iv0;
    iv1 = scheds->iv1;
    for (i = 0; i < len; i += 8) {
	iv0 ^= GET_32BIT_MSB_FIRST(src);
	src += 4;
	iv1 ^= GET_32BIT_MSB_FIRST(src);
	src += 4;
	des_encipher(out, iv0, iv1, &scheds[0]);
	des_decipher(out, out[0], out[1], &scheds[1]);
	des_encipher(out, out[0], out[1], &scheds[2]);
	iv0 = out[0];
	iv1 = out[1];
	PUT_32BIT_MSB_FIRST(dest, iv0);
	dest += 4;
	PUT_32BIT_MSB_FIRST(dest, iv1);
	dest += 4;
    }
    scheds->iv0 = iv0;
    scheds->iv1 = iv1;
}

static void des_3cbc_decrypt(unsigned char *dest, const unsigned char *src,
			     unsigned int len, DESContext * scheds)
{
    des_cbc_decrypt(dest, src, len, &scheds[2]);
    des_cbc_encrypt(dest, src, len, &scheds[1]);
    des_cbc_decrypt(dest, src, len, &scheds[0]);
}

static void des_cbc3_decrypt(unsigned char *dest, const unsigned char *src,
			     unsigned int len, DESContext * scheds)
{
    word32 out[2], iv0, iv1, xL, xR;
    unsigned int i;

    assert((len & 7) == 0);

    iv0 = scheds->iv0;
    iv1 = scheds->iv1;
    for (i = 0; i < len; i += 8) {
	xL = GET_32BIT_MSB_FIRST(src);
	src += 4;
	xR = GET_32BIT_MSB_FIRST(src);
	src += 4;
	des_decipher(out, xL, xR, &scheds[2]);
	des_encipher(out, out[0], out[1], &scheds[1]);
	des_decipher(out, out[0], out[1], &scheds[0]);
	iv0 ^= out[0];
	iv1 ^= out[1];
	PUT_32BIT_MSB_FIRST(dest, iv0);
	dest += 4;
	PUT_32BIT_MSB_FIRST(dest, iv1);
	dest += 4;
	iv0 = xL;
	iv1 = xR;
    }
    scheds->iv0 = iv0;
    scheds->iv1 = iv1;
}

static void *des3_make_context(void)
{
    return snewn(3, DESContext);
}

static void *des3_ssh1_make_context(void)
{
    /* Need 3 keys for each direction, in SSH1 */
    return snewn(6, DESContext);
}

static void *des_make_context(void)
{
    return snew(DESContext);
}

static void *des_ssh1_make_context(void)
{
    /* Need one key for each direction, in SSH1 */
    return snewn(2, DESContext);
}

static void des3_free_context(void *handle)   /* used for both 3DES and DES */
{
    sfree(handle);
}

static void des3_key(void *handle, unsigned char *key)
{
    DESContext *keys = (DESContext *) handle;
    des_key_setup(GET_32BIT_MSB_FIRST(key),
		  GET_32BIT_MSB_FIRST(key + 4), &keys[0]);
    des_key_setup(GET_32BIT_MSB_FIRST(key + 8),
		  GET_32BIT_MSB_FIRST(key + 12), &keys[1]);
    des_key_setup(GET_32BIT_MSB_FIRST(key + 16),
		  GET_32BIT_MSB_FIRST(key + 20), &keys[2]);
}

static void des3_iv(void *handle, unsigned char *key)
{
    DESContext *keys = (DESContext *) handle;
    keys[0].iv0 = GET_32BIT_MSB_FIRST(key);
    keys[0].iv1 = GET_32BIT_MSB_FIRST(key + 4);
}

static void des_key(void *handle, unsigned char *key)
{
    DESContext *keys = (DESContext *) handle;
    des_key_setup(GET_32BIT_MSB_FIRST(key),
		  GET_32BIT_MSB_FIRST(key + 4), &keys[0]);
}

static void des3_sesskey(void *handle, unsigned char *key)
{
    DESContext *keys = (DESContext *) handle;
    des3_key(keys, key);
    des3_key(keys+3, key);
}

static void des3_encrypt_blk(void *handle, unsigned char *blk, int len)
{
    DESContext *keys = (DESContext *) handle;
    des_3cbc_encrypt(blk, blk, len, keys);
}

static void des3_decrypt_blk(void *handle, unsigned char *blk, int len)
{
    DESContext *keys = (DESContext *) handle;
    des_3cbc_decrypt(blk, blk, len, keys+3);
}

static void des3_ssh2_encrypt_blk(void *handle, unsigned char *blk, int len)
{
    DESContext *keys = (DESContext *) handle;
    des_cbc3_encrypt(blk, blk, len, keys);
}

static void des3_ssh2_decrypt_blk(void *handle, unsigned char *blk, int len)
{
    DESContext *keys = (DESContext *) handle;
    des_cbc3_decrypt(blk, blk, len, keys);
}

static void des_ssh2_encrypt_blk(void *handle, unsigned char *blk, int len)
{
    DESContext *keys = (DESContext *) handle;
    des_cbc_encrypt(blk, blk, len, keys);
}

static void des_ssh2_decrypt_blk(void *handle, unsigned char *blk, int len)
{
    DESContext *keys = (DESContext *) handle;
    des_cbc_decrypt(blk, blk, len, keys);
}

void des3_decrypt_pubkey(unsigned char *key, unsigned char *blk, int len)
{
    DESContext ourkeys[3];
    des_key_setup(GET_32BIT_MSB_FIRST(key),
		  GET_32BIT_MSB_FIRST(key + 4), &ourkeys[0]);
    des_key_setup(GET_32BIT_MSB_FIRST(key + 8),
		  GET_32BIT_MSB_FIRST(key + 12), &ourkeys[1]);
    des_key_setup(GET_32BIT_MSB_FIRST(key),
		  GET_32BIT_MSB_FIRST(key + 4), &ourkeys[2]);
    des_3cbc_decrypt(blk, blk, len, ourkeys);
    memset(ourkeys, 0, sizeof(ourkeys));
}

void des3_encrypt_pubkey(unsigned char *key, unsigned char *blk, int len)
{
    DESContext ourkeys[3];
    des_key_setup(GET_32BIT_MSB_FIRST(key),
		  GET_32BIT_MSB_FIRST(key + 4), &ourkeys[0]);
    des_key_setup(GET_32BIT_MSB_FIRST(key + 8),
		  GET_32BIT_MSB_FIRST(key + 12), &ourkeys[1]);
    des_key_setup(GET_32BIT_MSB_FIRST(key),
		  GET_32BIT_MSB_FIRST(key + 4), &ourkeys[2]);
    des_3cbc_encrypt(blk, blk, len, ourkeys);
    memset(ourkeys, 0, sizeof(ourkeys));
}

void des3_decrypt_pubkey_ossh(unsigned char *key, unsigned char *iv,
			      unsigned char *blk, int len)
{
    DESContext ourkeys[3];
    des_key_setup(GET_32BIT_MSB_FIRST(key),
		  GET_32BIT_MSB_FIRST(key + 4), &ourkeys[0]);
    des_key_setup(GET_32BIT_MSB_FIRST(key + 8),
		  GET_32BIT_MSB_FIRST(key + 12), &ourkeys[1]);
    des_key_setup(GET_32BIT_MSB_FIRST(key + 16),
		  GET_32BIT_MSB_FIRST(key + 20), &ourkeys[2]);
    ourkeys[0].iv0 = GET_32BIT_MSB_FIRST(iv);
    ourkeys[0].iv1 = GET_32BIT_MSB_FIRST(iv+4);
    des_cbc3_decrypt(blk, blk, len, ourkeys);
    memset(ourkeys, 0, sizeof(ourkeys));
}

void des3_encrypt_pubkey_ossh(unsigned char *key, unsigned char *iv,
			      unsigned char *blk, int len)
{
    DESContext ourkeys[3];
    des_key_setup(GET_32BIT_MSB_FIRST(key),
		  GET_32BIT_MSB_FIRST(key + 4), &ourkeys[0]);
    des_key_setup(GET_32BIT_MSB_FIRST(key + 8),
		  GET_32BIT_MSB_FIRST(key + 12), &ourkeys[1]);
    des_key_setup(GET_32BIT_MSB_FIRST(key + 16),
		  GET_32BIT_MSB_FIRST(key + 20), &ourkeys[2]);
    ourkeys[0].iv0 = GET_32BIT_MSB_FIRST(iv);
    ourkeys[0].iv1 = GET_32BIT_MSB_FIRST(iv+4);
    des_cbc3_encrypt(blk, blk, len, ourkeys);
    memset(ourkeys, 0, sizeof(ourkeys));
}

static void des_keysetup_xdmauth(unsigned char *keydata, DESContext *dc)
{
    unsigned char key[8];
    int i, nbits, j;
    unsigned int bits;

    bits = 0;
    nbits = 0;
    j = 0;
    for (i = 0; i < 8; i++) {
	if (nbits < 7) {
	    bits = (bits << 8) | keydata[j];
	    nbits += 8;
	    j++;
	}
	key[i] = (bits >> (nbits - 7)) << 1;
	bits &= ~(0x7F << (nbits - 7));
	nbits -= 7;
    }

    des_key_setup(GET_32BIT_MSB_FIRST(key), GET_32BIT_MSB_FIRST(key + 4), dc);
}

void des_encrypt_xdmauth(unsigned char *keydata, unsigned char *blk, int len)
{
    DESContext dc;
    des_keysetup_xdmauth(keydata, &dc);
    des_cbc_encrypt(blk, blk, 24, &dc);
}

void des_decrypt_xdmauth(unsigned char *keydata, unsigned char *blk, int len)
{
    DESContext dc;
    des_keysetup_xdmauth(keydata, &dc);
    des_cbc_decrypt(blk, blk, 24, &dc);
}

static const struct ssh2_cipher ssh_3des_ssh2 = {
    des3_make_context, des3_free_context, des3_iv, des3_key,
    des3_ssh2_encrypt_blk, des3_ssh2_decrypt_blk,
    "3des-cbc",
    8, 168, "triple-DES"
};

/*
 * Single DES in ssh2. "des-cbc" is marked as HISTORIC in
 * draft-ietf-secsh-assignednumbers-04.txt, referring to
 * FIPS-46-3.  ("Single DES (i.e., DES) will be permitted 
 * for legacy systems only.") , but ssh.com support it and 
 * apparently aren't the only people to do so, so we sigh 
 * and implement it anyway.
 */
static const struct ssh2_cipher ssh_des_ssh2 = {
    des_make_context, des3_free_context, des3_iv, des_key,
    des_ssh2_encrypt_blk, des_ssh2_decrypt_blk,
    "des-cbc",
    8, 56, "single-DES"
};

static const struct ssh2_cipher *const des3_list[] = {
    &ssh_3des_ssh2
};

const struct ssh2_ciphers ssh2_3des = {
    sizeof(des3_list) / sizeof(*des3_list),
    des3_list
};

static const struct ssh2_cipher *const des_list[] = {
    &ssh_des_ssh2
};

const struct ssh2_ciphers ssh2_des = {
    sizeof(des3_list) / sizeof(*des_list),
    des_list
};

const struct ssh_cipher ssh_3des = {
    des3_ssh1_make_context, des3_free_context, des3_sesskey,
    des3_encrypt_blk, des3_decrypt_blk,
    8, "triple-DES"
};

static void des_sesskey(void *handle, unsigned char *key)
{
    DESContext *keys = (DESContext *) handle;
    des_key(keys, key);
    des_key(keys+1, key);
}

static void des_encrypt_blk(void *handle, unsigned char *blk, int len)
{
    DESContext *keys = (DESContext *) handle;
    des_cbc_encrypt(blk, blk, len, keys);
}

static void des_decrypt_blk(void *handle, unsigned char *blk, int len)
{
    DESContext *keys = (DESContext *) handle;
    des_cbc_decrypt(blk, blk, len, keys+1);
}

const struct ssh_cipher ssh_des = {
    des_ssh1_make_context, des3_free_context, des_sesskey,
    des_encrypt_blk, des_decrypt_blk,
    8, "single-DES"
};