crypt.h

00001 /***************************************************************************
00002  *   Copyright (C) 2005-2007 by NetSieben Technologies INC                 *
00003  *   Author: Andrew Useckas                                                *
00004  *   Email: andrew@netsieben.com                                           *
00005  *                                                                         *
00006  *   Windows Port and bugfixes: Keef Aragon <keef@netsieben.com>           *
00007  *                                                                         *
00008  *   This program may be distributed under the terms of the Q Public       *
00009  *   License as defined by Trolltech AS of Norway and appearing in the     *
00010  *   file LICENSE.QPL included in the packaging of this file.              *
00011  *                                                                         *
00012  *   This program is distributed in the hope that it will be useful,       *
00013  *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
00014  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                  *
00015  ***************************************************************************/
00016 
00017 #ifndef CRYPT_H
00018 #define CRYPT_H
00019 
00020 #include <botan/dl_group.h>
00021 #include <botan/dh.h>
00022 #include <botan/pubkey.h>
00023 #include <botan/lookup.h>
00024 #include <botan/dsa.h>
00025 #include <botan/rsa.h>
00026 #include <botan/look_pk.h>
00027 #include <botan/pubkey.h>
00028 
00029 
00030 // #if defined(BOTAN_EXT_COMPRESSOR_ZLIB)
00031 //   #include <botan/zlib.h>
00032 // #else
00033 //   #error "Zlib support is not compiled into Botan"
00034 // #endif
00035 
00036 #include <botan/cbc.h>
00037 #include <botan/hmac.h>
00038 
00039 #include "ne7ssh_types.h"
00040 #include "ne7ssh_string.h"
00041 
00042 class ne7ssh_session;
00043 
00047 class ne7ssh_crypt
00048 {
00049   private:
00050     ne7ssh_session* session;
00051 
00052     enum kexMethods { DH_GROUP1_SHA1, DH_GROUP14_SHA1 };
00053     uint32 kexMethod;
00054 
00055     enum hostkeyMethods { SSH_DSS, SSH_RSA };
00056     uint32 hostkeyMethod;
00057 
00058     enum cryptoMethods { TDES_CBC, AES128_CBC, AES192_CBC, AES256_CBC, BLOWFISH_CBC, CAST128_CBC, TWOFISH_CBC };
00059     uint32 c2sCryptoMethod;
00060     uint32 s2cCryptoMethod;
00061 
00062     enum macMethods { HMAC_SHA1, HMAC_MD5, HMAC_NONE };
00063     uint32 c2sMacMethod;
00064     uint32 s2cMacMethod; 
00065 
00066     enum cmprsMethods { NONE, ZLIB };
00067     uint32 c2sCmprsMethod;
00068     uint32 s2cCmprsMethod; 
00069 
00070     bool inited;
00071     Botan::SecureVector<Botan::byte> H;
00072     Botan::SecureVector<Botan::byte> K;
00073 
00074     Botan::Pipe *encrypt;
00075     Botan::Pipe *decrypt;
00076     Botan::Pipe *compress;
00077     Botan::Pipe *decompress;
00078     Botan::HMAC *hmacOut, *hmacIn;
00079 
00080     Botan::DH_PrivateKey *privKexKey;
00081 
00082     uint32 encryptBlock;
00083     uint32 decryptBlock;
00084 
00090     bool getDHGroup1Sha1Public (Botan::BigInt& publicKey);
00091 
00097     bool getDHGroup14Sha1Public (Botan::BigInt &publicKey);
00098 
00104     Botan::DSA_PublicKey* getDSAKey (Botan::SecureVector<Botan::byte>& hostKey);
00105 
00111     Botan::RSA_PublicKey* getRSAKey (Botan::SecureVector<Botan::byte> &hostKey);
00112 
00117     const char* getHashAlgo();
00118 
00124     const char* getCryptAlgo (uint32 crypto);
00125 
00131     const char* getHmacAlgo (uint32 method);
00132 
00139     uint32 getMacKeyLen (uint32 method);
00140 
00147     uint32 getMacDigestLen (uint32 method);
00148 
00157     bool compute_key (Botan::SecureVector<Botan::byte>& key, Botan::byte ID, uint32 nBytes);
00158 
00159 
00160   public:
00165     ne7ssh_crypt(ne7ssh_session* _session);
00166 
00170     ~ne7ssh_crypt();
00171 
00177     bool isInited () { return inited; }
00178 
00183     uint32 getEncryptBlock () { return encryptBlock; }
00184 
00189     uint32 getDecryptBlock () { return decryptBlock; }
00190 
00195     uint32 getMacOutLen () { return getMacDigestLen (c2sMacMethod); }
00196 
00201     uint32 getMacInLen () { return getMacDigestLen (s2cMacMethod); }
00202 
00210     bool agree (Botan::SecureVector<Botan::byte>& result, const char* local, Botan::SecureVector<Botan::byte>& remote);
00211 
00217     bool negotiatedKex (Botan::SecureVector<Botan::byte>& kexAlgo);
00218 
00224     bool negotiatedHostkey (Botan::SecureVector<Botan::byte>& hostKeyAlgo);
00225 
00231     bool negotiatedCryptoC2s (Botan::SecureVector<Botan::byte>& cryptoAlgo);
00232 
00238     bool negotiatedCryptoS2c (Botan::SecureVector<Botan::byte>& cryptoAlgo);
00239 
00245     bool negotiatedMacC2s (Botan::SecureVector<Botan::byte>& macAlgo);
00246 
00252     bool negotiatedMacS2c (Botan::SecureVector<Botan::byte>& macAlgo);
00253 
00259     bool negotiatedCmprsC2s (Botan::SecureVector<Botan::byte>& cmprsAlgo);
00260 
00266     bool negotiatedCmprsS2c (Botan::SecureVector<Botan::byte>& cmprsAlgo);
00267 
00273     bool getKexPublic (Botan::BigInt& publicKey);
00274 
00281     bool makeKexSecret (Botan::SecureVector<Botan::byte>& result, Botan::BigInt& f);
00282 
00289     bool computeH (Botan::SecureVector<Botan::byte>& result, Botan::SecureVector<Botan::byte>& val);
00290 
00297     bool verifySig (Botan::SecureVector<Botan::byte>& hostKey, Botan::SecureVector<Botan::byte>& sig);
00298 
00303     bool makeNewKeys ();
00304 
00314     bool encryptPacket (Botan::SecureVector<Botan::byte>& crypted, Botan::SecureVector<Botan::byte>& hmac, Botan::SecureVector<Botan::byte>& packet, uint32 seq);
00315 
00323     bool decryptPacket (Botan::SecureVector<Botan::byte>& decrypted, Botan::SecureVector<Botan::byte>& packet, uint32 len);
00324 
00331     void computeMac (Botan::SecureVector<Botan::byte>& hmac, Botan::SecureVector<Botan::byte>& packet, uint32 seq);
00332 
00337     void compressData (Botan::SecureVector<Botan::byte>& buffer);
00338 
00343     void decompressData (Botan::SecureVector<Botan::byte>& buffer);
00344 
00349     bool isCompressed () { if (decompress) return true; else return false; }
00350 
00355 };
00356 
00357 #endif

Generated on Tue May 5 14:10:41 2009 for ne7ssh.kdevelop by  doxygen 1.5.9