X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=sshdes.c;h=13487fcd79bdb704451eb2f296af77dc6b2f126e;hb=5471539a6738484b48fb938c88dce547a3e4b299;hp=f2736691fbbe952078fbfaf6f1c43a4505d5bd79;hpb=961503e449be3c456dc2f3af1cafd38de5efe519;p=PuTTY.git diff --git a/sshdes.c b/sshdes.c index f2736691..13487fcd 100644 --- a/sshdes.c +++ b/sshdes.c @@ -934,7 +934,7 @@ void des_encrypt_xdmauth(const unsigned char *keydata, { DESContext dc; des_keysetup_xdmauth(keydata, &dc); - des_cbc_encrypt(blk, 24, &dc); + des_cbc_encrypt(blk, len, &dc); } void des_decrypt_xdmauth(const unsigned char *keydata, @@ -942,21 +942,23 @@ void des_decrypt_xdmauth(const unsigned char *keydata, { DESContext dc; des_keysetup_xdmauth(keydata, &dc); - des_cbc_decrypt(blk, 24, &dc); + des_cbc_decrypt(blk, len, &dc); } static const struct ssh2_cipher ssh_3des_ssh2 = { des3_make_context, des3_free_context, des3_iv, des3_key, - des3_ssh2_encrypt_blk, des3_ssh2_decrypt_blk, + des3_ssh2_encrypt_blk, des3_ssh2_decrypt_blk, NULL, NULL, "3des-cbc", - 8, 168, SSH_CIPHER_IS_CBC, "triple-DES CBC" + 8, 168, 24, SSH_CIPHER_IS_CBC, "triple-DES CBC", + NULL }; static const struct ssh2_cipher ssh_3des_ssh2_ctr = { des3_make_context, des3_free_context, des3_iv, des3_key, - des3_ssh2_sdctr, des3_ssh2_sdctr, + des3_ssh2_sdctr, des3_ssh2_sdctr, NULL, NULL, "3des-ctr", - 8, 168, 0, "triple-DES SDCTR" + 8, 168, 24, 0, "triple-DES SDCTR", + NULL }; /* @@ -969,16 +971,18 @@ static const struct ssh2_cipher ssh_3des_ssh2_ctr = { */ static const struct ssh2_cipher ssh_des_ssh2 = { des_make_context, des3_free_context, des3_iv, des_key, - des_ssh2_encrypt_blk, des_ssh2_decrypt_blk, + des_ssh2_encrypt_blk, des_ssh2_decrypt_blk, NULL, NULL, "des-cbc", - 8, 56, SSH_CIPHER_IS_CBC, "single-DES CBC" + 8, 56, 8, SSH_CIPHER_IS_CBC, "single-DES CBC", + NULL }; static const struct ssh2_cipher ssh_des_sshcom_ssh2 = { des_make_context, des3_free_context, des3_iv, des_key, - des_ssh2_encrypt_blk, des_ssh2_decrypt_blk, + des_ssh2_encrypt_blk, des_ssh2_decrypt_blk, NULL, NULL, "des-cbc@ssh.com", - 8, 56, SSH_CIPHER_IS_CBC, "single-DES CBC" + 8, 56, 8, SSH_CIPHER_IS_CBC, "single-DES CBC", + NULL }; static const struct ssh2_cipher *const des3_list[] = { @@ -1031,3 +1035,58 @@ const struct ssh_cipher ssh_des = { des_encrypt_blk, des_decrypt_blk, 8, "single-DES CBC" }; + +#ifdef TEST_XDM_AUTH + +/* + * Small standalone utility which allows encryption and decryption of + * single cipher blocks in the XDM-AUTHORIZATION-1 style. Written + * during the rework of X authorisation for connection sharing, to + * check the corner case when xa1_firstblock matches but the rest of + * the authorisation is bogus. + * + * Just compile this file on its own with the above ifdef symbol + * predefined: + +gcc -DTEST_XDM_AUTH -o sshdes sshdes.c + + */ + +#include +void *safemalloc(size_t n, size_t size) { return calloc(n, size); } +void safefree(void *p) { return free(p); } +void smemclr(void *p, size_t size) { memset(p, 0, size); } +int main(int argc, char **argv) +{ + unsigned char words[2][8]; + unsigned char out[8]; + int i, j; + + memset(words, 0, sizeof(words)); + + for (i = 0; i < 2; i++) { + for (j = 0; j < 8 && argv[i+1][2*j]; j++) { + char x[3]; + unsigned u; + x[0] = argv[i+1][2*j]; + x[1] = argv[i+1][2*j+1]; + x[2] = 0; + sscanf(x, "%02x", &u); + words[i][j] = u; + } + } + + memcpy(out, words[0], 8); + des_decrypt_xdmauth(words[1], out, 8); + printf("decrypt(%s,%s) = ", argv[1], argv[2]); + for (i = 0; i < 8; i++) printf("%02x", out[i]); + printf("\n"); + + memcpy(out, words[0], 8); + des_encrypt_xdmauth(words[1], out, 8); + printf("encrypt(%s,%s) = ", argv[1], argv[2]); + for (i = 0; i < 8; i++) printf("%02x", out[i]); + printf("\n"); +} + +#endif