void
camellia192_set_encrypt_key(struct camellia256_ctx *ctx,
const uint8_t *key)
{
uint64_t k0, k1, k2;
k0 = READ_UINT64(key);
k1 = READ_UINT64(key + 8);
k2 = READ_UINT64(key + 16);
_camellia256_set_encrypt_key (ctx, k0, k1, k2, ~k2);
}
int
sftp_get_uint64(struct sftp_input *i, off_t *value)
{
uint8_t buf[8];
if (!GET_DATA(i, buf))
return 0;
*value = READ_UINT64(buf);
return 1;
}
void
_nettle_sha512_compress(uint64_t *state, const uint8_t *input, const uint64_t *k)
{
uint64_t data[SHA512_DATA_LENGTH];
uint64_t A, B, C, D, E, F, G, H; /* Local vars */
unsigned i;
uint64_t *d;
for (i = 0; i < SHA512_DATA_LENGTH; i++, input += 8)
{
data[i] = READ_UINT64(input);
}
/* Set up first buffer and local data buffer */
A = state[0];
B = state[1];
C = state[2];
D = state[3];
E = state[4];
F = state[5];
G = state[6];
H = state[7];
/* Heavy mangling */
/* First 16 subrounds that act on the original data */
DEBUG(-1);
for (i = 0, d = data; i<16; i+=8, k += 8, d+= 8)
{
ROUND(A, B, C, D, E, F, G, H, k[0], d[0]); DEBUG(i);
ROUND(H, A, B, C, D, E, F, G, k[1], d[1]); DEBUG(i+1);
ROUND(G, H, A, B, C, D, E, F, k[2], d[2]);
ROUND(F, G, H, A, B, C, D, E, k[3], d[3]);
ROUND(E, F, G, H, A, B, C, D, k[4], d[4]);
ROUND(D, E, F, G, H, A, B, C, k[5], d[5]);
ROUND(C, D, E, F, G, H, A, B, k[6], d[6]); DEBUG(i+6);
ROUND(B, C, D, E, F, G, H, A, k[7], d[7]); DEBUG(i+7);
}
for (; i<80; i += 16, k+= 16)
{
ROUND(A, B, C, D, E, F, G, H, k[ 0], EXPAND(data, 0)); DEBUG(i);
ROUND(H, A, B, C, D, E, F, G, k[ 1], EXPAND(data, 1)); DEBUG(i+1);
ROUND(G, H, A, B, C, D, E, F, k[ 2], EXPAND(data, 2)); DEBUG(i+2);
ROUND(F, G, H, A, B, C, D, E, k[ 3], EXPAND(data, 3));
ROUND(E, F, G, H, A, B, C, D, k[ 4], EXPAND(data, 4));
ROUND(D, E, F, G, H, A, B, C, k[ 5], EXPAND(data, 5));
ROUND(C, D, E, F, G, H, A, B, k[ 6], EXPAND(data, 6));
ROUND(B, C, D, E, F, G, H, A, k[ 7], EXPAND(data, 7));
ROUND(A, B, C, D, E, F, G, H, k[ 8], EXPAND(data, 8));
ROUND(H, A, B, C, D, E, F, G, k[ 9], EXPAND(data, 9));
ROUND(G, H, A, B, C, D, E, F, k[10], EXPAND(data, 10));
ROUND(F, G, H, A, B, C, D, E, k[11], EXPAND(data, 11));
ROUND(E, F, G, H, A, B, C, D, k[12], EXPAND(data, 12));
ROUND(D, E, F, G, H, A, B, C, k[13], EXPAND(data, 13));
ROUND(C, D, E, F, G, H, A, B, k[14], EXPAND(data, 14)); DEBUG(i+14);
ROUND(B, C, D, E, F, G, H, A, k[15], EXPAND(data, 15)); DEBUG(i+15);
}
/* Update state */
state[0] += A;
state[1] += B;
state[2] += C;
state[3] += D;
state[4] += E;
state[5] += F;
state[6] += G;
state[7] += H;
#if SHA512_DEBUG
fprintf(stderr, "99: %8lx %8lx %8lx %8lx\n %8lx %8lx %8lx %8lx\n",
state[0], state[1], state[2], state[3],
state[4], state[5], state[6], state[7]);
#endif
}
// Process the received packet
BLOCK *UdpAccelProcessRecvPacket(UDP_ACCEL *a, UCHAR *buf, UINT size, IP *src_ip, UINT src_port)
{
UCHAR key[UDP_ACCELERATION_PACKET_KEY_SIZE];
UCHAR *iv;
CRYPT *c;
UINT64 my_tick, your_tick;
UINT inner_size;
UCHAR *inner_data = NULL;
UINT pad_size;
UCHAR *verify;
bool compress_flag;
BLOCK *b = NULL;
UINT cookie;
// Validate arguments
if (a == NULL || buf == NULL || size == 0 || src_ip == NULL)
{
return NULL;
}
if (a->PlainTextMode == false)
{
// IV
if (size < UDP_ACCELERATION_PACKET_IV_SIZE)
{
return NULL;
}
iv = buf;
buf += UDP_ACCELERATION_PACKET_IV_SIZE;
size -= UDP_ACCELERATION_PACKET_IV_SIZE;
// Calculate the key
UdpAccelCalcKey(key, a->YourKey, iv);
if (false)
{
char tmp1[256];
char tmp2[256];
char tmp3[256];
BinToStr(tmp1, sizeof(tmp1), a->YourKey, sizeof(a->YourKey));
BinToStr(tmp2, sizeof(tmp2), iv, UDP_ACCELERATION_PACKET_IV_SIZE);
BinToStr(tmp3, sizeof(tmp3), key, sizeof(key));
Debug("Your Key: %s\n"
"IV : %s\n"
"Comm Key: %s\n",
tmp1, tmp2, tmp3);
}
// Decryption
c = NewCrypt(key, UDP_ACCELERATION_PACKET_KEY_SIZE);
Encrypt(c, buf, buf, size);
FreeCrypt(c);
}
// Cookie
if (size < sizeof(UINT))
{
return NULL;
}
cookie = READ_UINT(buf);
buf += sizeof(UINT);
size -= sizeof(UINT);
if (cookie != a->MyCookie)
{
return NULL;
}
// My Tick
if (size < sizeof(UINT64))
{
return NULL;
}
my_tick = READ_UINT64(buf);
buf += sizeof(UINT64);
size -= sizeof(UINT64);
// Your Tick
if (size < sizeof(UINT64))
{
return NULL;
}
your_tick = READ_UINT64(buf);
buf += sizeof(UINT64);
size -= sizeof(UINT64);
// inner_size
if (size < sizeof(USHORT))
{
return NULL;
}
inner_size = READ_USHORT(buf);
buf += sizeof(USHORT);
size -= sizeof(USHORT);
// compress_flag
if (size < sizeof(UCHAR))
{
return NULL;
}
compress_flag = *((UCHAR *)buf);
buf += sizeof(UCHAR);
size -= sizeof(UCHAR);
if (size < inner_size)
{
return NULL;
}
// inner_data
if (inner_size >= 1)
{
inner_data = buf;
buf += inner_size;
size -= inner_size;
}
if (a->PlainTextMode == false)
{
// padding
if (size < UDP_ACCELERATION_PACKET_IV_SIZE)
{
return false;
}
pad_size = size - UDP_ACCELERATION_PACKET_IV_SIZE;
buf += pad_size;
size -= pad_size;
// verify
if (size != UDP_ACCELERATION_PACKET_IV_SIZE)
{
return NULL;
}
verify = buf;
if (IsZero(verify, UDP_ACCELERATION_PACKET_IV_SIZE) == false)
{
return NULL;
}
}
if (my_tick < a->LastRecvYourTick)
{
if ((a->LastRecvYourTick - my_tick) >= ((UINT64)UDP_ACCELERATION_WINDOW_SIZE_MSEC))
{
return NULL;
}
}
a->LastRecvMyTick = MAX(a->LastRecvMyTick, your_tick);
a->LastRecvYourTick = MAX(a->LastRecvYourTick, my_tick);
if (inner_size >= 1)
{
b = NewBlock(Clone(inner_data, inner_size), inner_size, compress_flag ? -1 : 0);
}
if (a->LastSetSrcIpAndPortTick < a->LastRecvYourTick)
{
a->LastSetSrcIpAndPortTick = a->LastRecvYourTick;
Copy(&a->YourIp, src_ip, sizeof(IP));
a->YourPort = src_port;
}
if (a->LastRecvMyTick != 0)
{
if ((a->LastRecvMyTick + (UINT64)(UDP_ACCELERATION_WINDOW_SIZE_MSEC)) >= a->Now)
{
a->LastRecvTick = a->Now;
a->IsReachedOnce = true;
if (a->FirstStableReceiveTick == 0)
{
a->FirstStableReceiveTick = a->Now;
}
}
}
return b;
}