crypt.h
00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017 #ifndef CRYPT_H
00018 #define CRYPT_H
00019
00020 #include <botan/dl_group.h>
00021 #include <botan/dh.h>
00022 #include <botan/pubkey.h>
00023 #include <botan/lookup.h>
00024 #include <botan/dsa.h>
00025 #include <botan/rsa.h>
00026 #include <botan/look_pk.h>
00027 #include <botan/pubkey.h>
00028
00029
00030
00031
00032
00033
00034
00035
00036 #include <botan/cbc.h>
00037 #include <botan/hmac.h>
00038
00039 #include "ne7ssh_types.h"
00040 #include "ne7ssh_string.h"
00041
00042 class ne7ssh_session;
00043
00047 class ne7ssh_crypt
00048 {
00049 private:
00050 ne7ssh_session* session;
00051
00052 enum kexMethods { DH_GROUP1_SHA1, DH_GROUP14_SHA1 };
00053 uint32 kexMethod;
00054
00055 enum hostkeyMethods { SSH_DSS, SSH_RSA };
00056 uint32 hostkeyMethod;
00057
00058 enum cryptoMethods { TDES_CBC, AES128_CBC, AES192_CBC, AES256_CBC, BLOWFISH_CBC, CAST128_CBC, TWOFISH_CBC };
00059 uint32 c2sCryptoMethod;
00060 uint32 s2cCryptoMethod;
00061
00062 enum macMethods { HMAC_SHA1, HMAC_MD5, HMAC_NONE };
00063 uint32 c2sMacMethod;
00064 uint32 s2cMacMethod;
00065
00066 enum cmprsMethods { NONE, ZLIB };
00067 uint32 c2sCmprsMethod;
00068 uint32 s2cCmprsMethod;
00069
00070 bool inited;
00071 Botan::SecureVector<Botan::byte> H;
00072 Botan::SecureVector<Botan::byte> K;
00073
00074 Botan::Pipe *encrypt;
00075 Botan::Pipe *decrypt;
00076 Botan::Pipe *compress;
00077 Botan::Pipe *decompress;
00078 Botan::HMAC *hmacOut, *hmacIn;
00079
00080 Botan::DH_PrivateKey *privKexKey;
00081
00082 uint32 encryptBlock;
00083 uint32 decryptBlock;
00084
00090 bool getDHGroup1Sha1Public (Botan::BigInt& publicKey);
00091
00097 bool getDHGroup14Sha1Public (Botan::BigInt &publicKey);
00098
00104 Botan::DSA_PublicKey* getDSAKey (Botan::SecureVector<Botan::byte>& hostKey);
00105
00111 Botan::RSA_PublicKey* getRSAKey (Botan::SecureVector<Botan::byte> &hostKey);
00112
00117 const char* getHashAlgo();
00118
00124 const char* getCryptAlgo (uint32 crypto);
00125
00131 const char* getHmacAlgo (uint32 method);
00132
00139 uint32 getMacKeyLen (uint32 method);
00140
00147 uint32 getMacDigestLen (uint32 method);
00148
00157 bool compute_key (Botan::SecureVector<Botan::byte>& key, Botan::byte ID, uint32 nBytes);
00158
00159
00160 public:
00165 ne7ssh_crypt(ne7ssh_session* _session);
00166
00170 ~ne7ssh_crypt();
00171
00177 bool isInited () { return inited; }
00178
00183 uint32 getEncryptBlock () { return encryptBlock; }
00184
00189 uint32 getDecryptBlock () { return decryptBlock; }
00190
00195 uint32 getMacOutLen () { return getMacDigestLen (c2sMacMethod); }
00196
00201 uint32 getMacInLen () { return getMacDigestLen (s2cMacMethod); }
00202
00210 bool agree (Botan::SecureVector<Botan::byte>& result, const char* local, Botan::SecureVector<Botan::byte>& remote);
00211
00217 bool negotiatedKex (Botan::SecureVector<Botan::byte>& kexAlgo);
00218
00224 bool negotiatedHostkey (Botan::SecureVector<Botan::byte>& hostKeyAlgo);
00225
00231 bool negotiatedCryptoC2s (Botan::SecureVector<Botan::byte>& cryptoAlgo);
00232
00238 bool negotiatedCryptoS2c (Botan::SecureVector<Botan::byte>& cryptoAlgo);
00239
00245 bool negotiatedMacC2s (Botan::SecureVector<Botan::byte>& macAlgo);
00246
00252 bool negotiatedMacS2c (Botan::SecureVector<Botan::byte>& macAlgo);
00253
00259 bool negotiatedCmprsC2s (Botan::SecureVector<Botan::byte>& cmprsAlgo);
00260
00266 bool negotiatedCmprsS2c (Botan::SecureVector<Botan::byte>& cmprsAlgo);
00267
00273 bool getKexPublic (Botan::BigInt& publicKey);
00274
00281 bool makeKexSecret (Botan::SecureVector<Botan::byte>& result, Botan::BigInt& f);
00282
00289 bool computeH (Botan::SecureVector<Botan::byte>& result, Botan::SecureVector<Botan::byte>& val);
00290
00297 bool verifySig (Botan::SecureVector<Botan::byte>& hostKey, Botan::SecureVector<Botan::byte>& sig);
00298
00303 bool makeNewKeys ();
00304
00314 bool encryptPacket (Botan::SecureVector<Botan::byte>& crypted, Botan::SecureVector<Botan::byte>& hmac, Botan::SecureVector<Botan::byte>& packet, uint32 seq);
00315
00323 bool decryptPacket (Botan::SecureVector<Botan::byte>& decrypted, Botan::SecureVector<Botan::byte>& packet, uint32 len);
00324
00331 void computeMac (Botan::SecureVector<Botan::byte>& hmac, Botan::SecureVector<Botan::byte>& packet, uint32 seq);
00332
00337 void compressData (Botan::SecureVector<Botan::byte>& buffer);
00338
00343 void decompressData (Botan::SecureVector<Botan::byte>& buffer);
00344
00349 bool isCompressed () { if (decompress) return true; else return false; }
00350
00355 };
00356
00357 #endif