deattack.c (69587) | deattack.c (76259) |
---|---|
1/* $OpenBSD: deattack.c,v 1.10 2000/10/31 13:18:53 markus Exp $ */ | 1/* $OpenBSD: deattack.c,v 1.13 2001/03/01 02:45:10 deraadt Exp $ */ |
2 3/* 4 * Cryptographic attack detector for ssh - source code 5 * 6 * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. 7 * 8 * All rights reserved. Redistribution and use in source and binary 9 * forms, with or without modification, are permitted provided that --- 6 unchanged lines hidden (view full) --- 16 * SOFTWARE. 17 * 18 * Ariel Futoransky <futo@core-sdi.com> 19 * <http://www.core-sdi.com> 20 */ 21 22#include "includes.h" 23#include "deattack.h" | 2 3/* 4 * Cryptographic attack detector for ssh - source code 5 * 6 * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. 7 * 8 * All rights reserved. Redistribution and use in source and binary 9 * forms, with or without modification, are permitted provided that --- 6 unchanged lines hidden (view full) --- 16 * SOFTWARE. 17 * 18 * Ariel Futoransky <futo@core-sdi.com> 19 * <http://www.core-sdi.com> 20 */ 21 22#include "includes.h" 23#include "deattack.h" |
24#include "ssh.h" | 24#include "log.h" |
25#include "crc32.h" 26#include "getput.h" 27#include "xmalloc.h" 28 29/* SSH Constants */ 30#define SSH_MAXBLOCKS (32 * 1024) 31#define SSH_BLOCKSIZE (8) 32 --- 6 unchanged lines hidden (view full) --- 39#define HASH_IV (0xfffe) 40 41#define HASH_MINBLOCKS (7*SSH_BLOCKSIZE) 42 43 44/* Hash function (Input keys are cipher results) */ 45#define HASH(x) GET_32BIT(x) 46 | 25#include "crc32.h" 26#include "getput.h" 27#include "xmalloc.h" 28 29/* SSH Constants */ 30#define SSH_MAXBLOCKS (32 * 1024) 31#define SSH_BLOCKSIZE (8) 32 --- 6 unchanged lines hidden (view full) --- 39#define HASH_IV (0xfffe) 40 41#define HASH_MINBLOCKS (7*SSH_BLOCKSIZE) 42 43 44/* Hash function (Input keys are cipher results) */ 45#define HASH(x) GET_32BIT(x) 46 |
47#define CMP(a,b) (memcmp(a, b, SSH_BLOCKSIZE)) | 47#define CMP(a, b) (memcmp(a, b, SSH_BLOCKSIZE)) |
48 49 50void 51crc_update(u_int32_t *a, u_int32_t b) 52{ 53 b ^= *a; | 48 49 50void 51crc_update(u_int32_t *a, u_int32_t b) 52{ 53 b ^= *a; |
54 *a = ssh_crc32((unsigned char *) &b, sizeof(b)); | 54 *a = ssh_crc32((u_char *) &b, sizeof(b)); |
55} 56 57/* detect if a block is used in a particular pattern */ 58int | 55} 56 57/* detect if a block is used in a particular pattern */ 58int |
59check_crc(unsigned char *S, unsigned char *buf, u_int32_t len, 60 unsigned char *IV) | 59check_crc(u_char *S, u_char *buf, u_int32_t len, 60 u_char *IV) |
61{ 62 u_int32_t crc; | 61{ 62 u_int32_t crc; |
63 unsigned char *c; | 63 u_char *c; |
64 65 crc = 0; 66 if (IV && !CMP(S, IV)) { 67 crc_update(&crc, 1); 68 crc_update(&crc, 0); 69 } 70 for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { 71 if (!CMP(S, c)) { --- 5 unchanged lines hidden (view full) --- 77 } 78 } 79 return (crc == 0); 80} 81 82 83/* Detect a crc32 compensation attack on a packet */ 84int | 64 65 crc = 0; 66 if (IV && !CMP(S, IV)) { 67 crc_update(&crc, 1); 68 crc_update(&crc, 0); 69 } 70 for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { 71 if (!CMP(S, c)) { --- 5 unchanged lines hidden (view full) --- 77 } 78 } 79 return (crc == 0); 80} 81 82 83/* Detect a crc32 compensation attack on a packet */ 84int |
85detect_attack(unsigned char *buf, u_int32_t len, unsigned char *IV) | 85detect_attack(u_char *buf, u_int32_t len, u_char *IV) |
86{ 87 static u_int16_t *h = (u_int16_t *) NULL; 88 static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; 89 register u_int32_t i, j; 90 u_int32_t l; | 86{ 87 static u_int16_t *h = (u_int16_t *) NULL; 88 static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; 89 register u_int32_t i, j; 90 u_int32_t l; |
91 register unsigned char *c; 92 unsigned char *d; | 91 register u_char *c; 92 u_char *d; |
93 94 if (len > (SSH_MAXBLOCKS * SSH_BLOCKSIZE) || 95 len % SSH_BLOCKSIZE != 0) { 96 fatal("detect_attack: bad length %d", len); 97 } 98 for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) 99 ; 100 --- 56 unchanged lines hidden --- | 93 94 if (len > (SSH_MAXBLOCKS * SSH_BLOCKSIZE) || 95 len % SSH_BLOCKSIZE != 0) { 96 fatal("detect_attack: bad length %d", len); 97 } 98 for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) 99 ; 100 --- 56 unchanged lines hidden --- |