Esempio n. 1
0
static STRING *encrypt_session_key(SSH_SESSION *session, PUBLIC_KEY *srvkey,
    PUBLIC_KEY *hostkey, int slen, int hlen) {
  unsigned char buffer[32] = {0};
  int i;
  STRING *data1 = NULL;
  STRING *data2 = NULL;

  /* first, generate a session key */
  ssh_get_random(session->next_crypto->encryptkey, 32, 1);
  memcpy(buffer, session->next_crypto->encryptkey, 32);
  memcpy(session->next_crypto->decryptkey, session->next_crypto->encryptkey, 32);

#ifdef DEBUG_CRYPTO
  ssh_print_hexa("session key",buffer,32);
#endif

  /* xor session key with session_id */
  for (i = 0; i < 16; i++) {
    buffer[i] ^= session->next_crypto->session_id[i];
  }
  data1 = string_new(32);
  if (data1 == NULL) {
    return NULL;
  }
  string_fill(data1, buffer, 32);
  if (ABS(hlen - slen) < 128){
    ssh_log(session, SSH_LOG_FUNCTIONS,
        "Difference between server modulus and host modulus is only %d. "
        "It's illegal and may not work",
        ABS(hlen - slen));
  }

  if (modulus_smaller(srvkey, hostkey)) {
    data2 = ssh_encrypt_rsa1(session, data1, srvkey);
    string_free(data1);
    data1 = NULL;
    if (data2 == NULL) {
      return NULL;
    }
    data1 = ssh_encrypt_rsa1(session, data2, hostkey);
    string_free(data2);
    if (data1 == NULL) {
      return NULL;
    }
  } else {
    data2 = ssh_encrypt_rsa1(session, data1, hostkey);
    string_free(data1);
    data1 = NULL;
    if (data2 == NULL) {
      return NULL;
    }
    data1 = ssh_encrypt_rsa1(session, data2, srvkey);
    string_free(data2);
    if (data1 == NULL) {
      return NULL;
    }
  }

  return data1;
}
Esempio n. 2
0
STRING *encrypt_session_key(SSH_SESSION *session, PUBLIC_KEY *svrkey,
        PUBLIC_KEY *hostkey,int slen, int hlen ){
    unsigned char buffer[32];
    int i;
    STRING *data1,*data2;
    /* first, generate a session key */
    
    ssh_get_random(session->next_crypto->encryptkey,32,1);
    memcpy(buffer,session->next_crypto->encryptkey,32);
    memcpy(session->next_crypto->decryptkey,
            session->next_crypto->encryptkey,32);
#ifdef DEBUG_CRYPTO
    ssh_print_hexa("session key",buffer,32);
#endif
    /* xor session key with session_id */
    for (i=0;i<16;++i)
        buffer[i]^=session->next_crypto->session_id[i];
    data1=string_new(32);
    string_fill(data1,buffer,32);
    if(ABS(hlen-slen)<128){
        ssh_say(1,"Difference between server modulus and host modulus is only %d. It's illegal and may not work\n",
                ABS(hlen-slen));
    }
    if(modulus_smaller(svrkey,hostkey)){
        data2=ssh_encrypt_rsa1(session,data1,svrkey);
        free(data1);
        data1=ssh_encrypt_rsa1(session,data2,hostkey);
    } else {
        data2=ssh_encrypt_rsa1(session,data1,hostkey);
        free(data1);
        data1=ssh_encrypt_rsa1(session,data2,svrkey);
    }
    return data1;
}
Esempio n. 3
0
static ssh_string encrypt_session_key(ssh_session session, ssh_public_key srvkey,
    ssh_public_key hostkey, int slen, int hlen) {
  unsigned char buffer[32] = {0};
  int i;
  ssh_string data1 = NULL;
  ssh_string data2 = NULL;
  if(session->next_crypto->encryptkey != NULL)
      SAFE_FREE(session->next_crypto->encryptkey);
  if(session->next_crypto->decryptkey != NULL)
        SAFE_FREE(session->next_crypto->decryptkey);
  if(session->next_crypto->encryptIV != NULL)
          SAFE_FREE(session->next_crypto->encryptIV);
  if(session->next_crypto->decryptIV != NULL)
          SAFE_FREE(session->next_crypto->decryptIV);
  session->next_crypto->encryptkey = malloc(32);
  session->next_crypto->decryptkey = malloc(32);
  session->next_crypto->encryptIV = malloc(32);
  session->next_crypto->decryptIV = malloc(32);
  if(session->next_crypto->encryptkey == NULL ||
          session->next_crypto->decryptkey == NULL ||
          session->next_crypto->encryptIV == NULL ||
          session->next_crypto->decryptIV == NULL){
      ssh_set_error_oom(session);
      return NULL;
  }
  /* first, generate a session key */
  ssh_get_random(session->next_crypto->encryptkey, 32, 1);
  memcpy(buffer, session->next_crypto->encryptkey, 32);
  memcpy(session->next_crypto->decryptkey, session->next_crypto->encryptkey, 32);
  memset(session->next_crypto->encryptIV, 0, 32);
  memset(session->next_crypto->decryptIV, 0, 32);

#ifdef DEBUG_CRYPTO
  ssh_print_hexa("session key",buffer,32);
#endif

  /* xor session key with session_id */
  for (i = 0; i < 16; i++) {
    buffer[i] ^= session->next_crypto->session_id[i];
  }
  data1 = ssh_string_new(32);
  if (data1 == NULL) {
    return NULL;
  }
  ssh_string_fill(data1, buffer, 32);
  if (ABS(hlen - slen) < 128){
    SSH_LOG(SSH_LOG_FUNCTIONS,
        "Difference between server modulus and host modulus is only %d. "
        "It's illegal and may not work",
        ABS(hlen - slen));
  }

  if (modulus_smaller(srvkey, hostkey)) {
    data2 = ssh_encrypt_rsa1(session, data1, srvkey);
    ssh_string_free(data1);
    data1 = NULL;
    if (data2 == NULL) {
      return NULL;
    }
    data1 = ssh_encrypt_rsa1(session, data2, hostkey);
    ssh_string_free(data2);
    if (data1 == NULL) {
      return NULL;
    }
  } else {
    data2 = ssh_encrypt_rsa1(session, data1, hostkey);
    ssh_string_free(data1);
    data1 = NULL;
    if (data2 == NULL) {
      return NULL;
    }
    data1 = ssh_encrypt_rsa1(session, data2, srvkey);
    ssh_string_free(data2);
    if (data1 == NULL) {
      return NULL;
    }
  }

  return data1;
}