BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /programs/network @ 6394

  → /programs/network/ @ 6419

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

No changes between revisions

Regard whitespace Rev 6394 → Rev 6419

/programs/network/ssh/Tupfile.lua
0,0 → 1,2
if tup.getconfig("NO_FASM") ~= "" then return end
tup.rule("ssh.asm", "fasm %f %o " .. tup.getconfig("KPACK_CMD"), "ssh")

/programs/network/ssh/aes256-cbc.inc
0,0 → 1,123
; aes256-cbc.inc - AES256 Cipher Block Chaining
;
; Copyright (C) 2016 Jeffrey Amelynck
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
struct aes256_cbc_context aes256_context
vector rb 16
ends
proc aes256_cbc_init _vector
push ebx esi edi
mcall 68, 12, sizeof.aes256_cbc_context
; handle errors
mov ecx, 16/4
mov esi, [_vector]
lea edi, [eax + aes256_cbc_context.vector]
rep movsd
; rep movsd is slow, but we don't care while init
pop edi esi ebx
ret
endp
proc aes256_cbc_encrypt _ctx, _in, _out
push ebx esi edi
DEBUGF 1,'plain : '
stdcall dump_128bit_hex, [_in]
DEBUGF 1,'\n'
mov edi, [_ctx]
lea edi, [edi + aes256_cbc_context.vector]
mov esi, [_in]
lodsd
xor eax, [edi]
stosd
lodsd
xor eax, [edi]
stosd
lodsd
xor eax, [edi]
stosd
lodsd
xor eax, [edi]
stosd
mov esi, [_ctx]
lea eax, [esi + aes256_cbc_context.key]
lea ebx, [esi + aes256_cbc_context.vector]
stdcall aes256_encrypt, eax, ebx, [_out] ; Key, in, out
mov esi, [_out]
mov eax, [_ctx]
lea edi, [eax + aes256_cbc_context.vector]
movsd
movsd
movsd
movsd
DEBUGF 1,'cipher : '
stdcall dump_128bit_hex, [_out]
DEBUGF 1,'\n\n'
pop edi esi ebx
ret
endp
proc aes256_cbc_decrypt _ctx, _in, _out
push ebx esi edi
DEBUGF 1,'cipher : '
stdcall dump_128bit_hex, [_in]
DEBUGF 1,'\n'
mov esi, [_ctx]
lea eax, [esi + aes256_cbc_context.key]
stdcall aes256_decrypt, eax, [_in], [_out] ; Key, in, out
mov esi, [_ctx]
lea esi, [esi + aes256_cbc_context.vector]
mov edi, [_out]
lodsd
xor eax, [edi]
stosd
lodsd
xor eax, [edi]
stosd
lodsd
xor eax, [edi]
stosd
lodsd
xor eax, [edi]
stosd
mov esi, [_in]
mov edi, [_ctx]
lea edi, [edi + aes256_cbc_context.vector]
movsd
movsd
movsd
movsd
DEBUGF 1,'plain : '
stdcall dump_128bit_hex, [_out]
DEBUGF 1,'\n\n'
pop edi esi ebx
ret
endp

/programs/network/ssh/aes256-ctr.inc
0,0 → 1,109
; aes256-ctr.inc - AES256 Counter Mode
;
; Copyright (C) 2016 Ivan Baravy (dunkaist)
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
struct aes256_ctr_context aes256_context
counter rb 16
output rb 16 ; counter after aes_crypt
ends
proc aes256_ctr_init _counter
push ebx esi edi
mcall 68, 12, sizeof.aes256_ctr_context
; handle errors
mov ecx, 16/4
mov esi, [_counter]
lea edi, [eax + aes256_ctr_context.counter]
rep movsd
; rep movsd is slow, but we don't care while init
pop edi esi ebx
ret
endp
proc aes256_ctr_crypt _ctx, _in, _out
push ebx esi edi
DEBUGF 1,'plain : '
stdcall dump_128bit_hex, [_in]
DEBUGF 1,'\n'
mov esi, [_ctx]
lea eax, [esi + aes256_ctr_context.key]
lea ebx, [esi + aes256_ctr_context.counter]
lea ecx, [esi + aes256_ctr_context.output]
stdcall aes256_encrypt, eax, ebx, ecx ; Key, in, out
mov ebx, [_ctx]
mov esi, [_in]
mov edi, [_out]
mov eax, [esi + 4*0]
xor eax, dword[ebx + aes256_ctr_context.output + 4*0]
mov [edi + 4*0], eax
mov eax, [esi + 4*1]
xor eax, dword[ebx + aes256_ctr_context.output + 4*1]
mov [edi + 4*1], eax
mov eax, [esi + 4*2]
xor eax, dword[ebx + aes256_ctr_context.output + 4*2]
mov [edi + 4*2], eax
mov eax, [esi + 4*3]
xor eax, dword[ebx + aes256_ctr_context.output + 4*3]
mov [edi + 4*3], eax
; Increment counter
mov esi, [_ctx]
mov eax, dword[esi + aes256_ctr_context.counter + 4*0]
mov ebx, dword[esi + aes256_ctr_context.counter + 4*1]
mov ecx, dword[esi + aes256_ctr_context.counter + 4*2]
mov edx, dword[esi + aes256_ctr_context.counter + 4*3]
bswap eax
bswap ebx
bswap ecx
bswap edx
inc edx
adc ecx, 0
adc ebx, 0
adc eax, 0
bswap eax
bswap ebx
bswap ecx
bswap edx
mov dword[esi + aes256_ctr_context.counter + 4*0], eax
mov dword[esi + aes256_ctr_context.counter + 4*1], ebx
mov dword[esi + aes256_ctr_context.counter + 4*2], ecx
mov dword[esi + aes256_ctr_context.counter + 4*3], edx
DEBUGF 1,'cipher : '
stdcall dump_128bit_hex, [_out]
DEBUGF 1,'\n\n'
pop edi esi ebx
ret
endp

/programs/network/ssh/aes256.inc
0,0 → 1,1652
; aes256.inc - AES256
;
; Copyright (C) 2016 Ivan Baravy (dunkaist)
; Copyright (C) 2016 Jeffrey Amelynck
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
AES256_ROUNDS = 14
struct aes256_context
key rd 4*(AES256_ROUNDS+1)
ends
proc dump_128bit_hex _ptr
pushad
mov esi, [_ptr]
mov ecx, 4
.next_dword:
lodsd
bswap eax
DEBUGF 1,'%x',eax
loop .next_dword
popad
ret
endp
proc aes256_set_encrypt_key _ctx, _userkey
locals
i dd ?
endl
push ebx esi edi
mov [i], 0
mov ebx, [_ctx]
mov esi, [_userkey]
lea edi, [ebx + aes256_context.key]
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lea esi, [ebx + aes256_context.key]
.while:
mov ebx, [esi + 4*7]
mov ecx, [esi + 4*0]
mov eax, ebx
shr eax, 16
movzx eax, al
mov eax, [Te2 + 4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, ebx
shr eax, 8
movzx eax, al
mov eax, [Te3 + 4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, ebx
shr eax, 0
movzx eax, al
mov eax, [Te0 + 4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, ebx
shr eax, 24
mov eax, [Te1 + 4*eax]
and eax, 0x000000ff
xor ecx, eax
mov eax, [i]
xor ecx, [rcon + 4*eax]
mov [esi + 4*8], ecx
xor ecx, [esi + 4*1]
mov [esi + 4*9], ecx
xor ecx, [esi + 4*2]
mov [esi + 4*10], ecx
xor ecx, [esi + 4*3]
mov [esi + 4*11], ecx
inc [i]
cmp [i], 7
jz .done
mov ebx, [esi + 4*11]
mov ecx, [esi + 4*4]
mov eax, ebx
shr eax, 24
mov eax, [Te2 + 4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, ebx
shr eax, 16
movzx eax, al
mov eax, [Te3 + 4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, ebx
shr eax, 8
movzx eax, al
mov eax, [Te0 + 4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, ebx
shr eax, 0
movzx eax, al
mov eax, [Te1 + 4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi + 4*12], ecx
xor ecx, [esi + 4*5]
mov [esi + 4*13], ecx
xor ecx, [esi + 4*6]
mov [esi + 4*14], ecx
xor ecx, [esi + 4*7]
mov [esi + 4*15], ecx
add esi, 4*8
jmp .while
.done:
DEBUGF 1,' \n'
pop edi esi ebx
ret
endp
proc aes256_set_decrypt_key _ctx, _userkey
push ebx esi edi
stdcall aes256_set_encrypt_key, [_ctx], [_userkey]
; Invert the order of the round keys
mov ebx, [_ctx]
lea esi, [ebx + aes256_context.key]
lea edi, [ebx + aes256_context.key + 4*4*AES256_ROUNDS]
@@:
mov eax, [esi+0]
mov ebx, [edi+0]
mov [esi+0], ebx
mov [edi+0], eax
mov eax, [esi+4]
mov ebx, [edi+4]
mov [esi+4], ebx
mov [edi+4], eax
mov eax, [esi+8]
mov ebx, [edi+8]
mov [esi+8], ebx
mov [edi+8], eax
mov eax, [esi+12]
mov ebx, [edi+12]
mov [esi+12], ebx
mov [edi+12], eax
add esi, 4*4
sub edi, 4*4
cmp esi, edi
jb @r
; Apply the inverse MixColumn transform to all round keys but the first and the last
mov ecx, (AES256_ROUNDS-1)*4
mov ebx, [_ctx]
lea edi, [ebx + aes256_context.key + 16]
.inverse:
mov eax, [edi]
shr eax, 24
mov eax, [Te1 + 4*eax]
movzx eax, al
mov ebx, [Td0 + 4*eax]
mov eax, [edi]
shr eax, 16
movzx eax, al
mov eax, [Te1 + 4*eax]
movzx eax, al
mov eax, [Td1 + 4*eax]
xor ebx, eax
mov eax, [edi]
shr eax, 8
movzx eax, al
mov eax, [Te1 + 4*eax]
movzx eax, al
mov eax, [Td2 + 4*eax]
xor ebx, eax
mov eax, [edi]
movzx eax, al
mov eax, [Te1 + 4*eax]
movzx eax, al
mov eax, [Td3 + 4*eax]
xor eax, ebx
stosd
dec ecx
jnz .inverse
.done:
pop edi esi ebx
ret
endp
proc aes256_encrypt _key, _in, _out
locals
s rd 4
t rd 4
r dd ?
endl
push ebx esi edi
DEBUGF 1,'input : '
stdcall dump_128bit_hex, [_in]
DEBUGF 1,'\n'
mov ebx, [_key]
mov esi, [_in]
lea edi, [s]
mov eax, [esi + 4*0]
bswap eax
xor eax, [ebx + 4*0]
mov [edi + 4*0], eax
mov eax, [esi + 4*1]
bswap eax
xor eax, [ebx + 4*1]
mov [edi + 4*1], eax
mov eax, [esi + 4*2]
bswap eax
xor eax, [ebx + 4*2]
mov [edi + 4*2], eax
mov eax, [esi + 4*3]
bswap eax
xor eax, [ebx + 4*3]
mov [edi + 4*3], eax
mov [r], AES256_ROUNDS SHR 1
.for:
lea esi, [s]
lea edi, [t]
mov ecx, [ebx + 4*4]
mov eax, [esi + 4*0]
shr eax, 24
mov eax, [Te0 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*1]
shr eax, 16
movzx eax, al
mov eax, [Te1 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*2]
shr eax, 8
movzx eax, al
mov eax, [Te2 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*3]
movzx eax, al
mov eax, [Te3 + 4*eax]
xor ecx, eax
mov [edi + 4*0], ecx
mov ecx, [ebx + 4*5]
mov eax, [esi + 4*1]
shr eax, 24
mov eax, [Te0 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*2]
shr eax, 16
movzx eax, al
mov eax, [Te1 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*3]
shr eax, 8
movzx eax, al
mov eax, [Te2 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*0]
movzx eax, al
mov eax, [Te3 + 4*eax]
xor ecx, eax
mov [edi + 4*1], ecx
mov ecx, [ebx + 4*6]
mov eax, [esi + 4*2]
shr eax, 24
mov eax, [Te0 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*3]
shr eax, 16
movzx eax, al
mov eax, [Te1 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*0]
shr eax, 8
movzx eax, al
mov eax, [Te2 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*1]
movzx eax, al
mov eax, [Te3 + 4*eax]
xor ecx, eax
mov [edi + 4*2], ecx
mov ecx, [ebx + 4*7]
mov eax, [esi + 4*3]
shr eax, 24
mov eax, [Te0 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*0]
shr eax, 16
movzx eax, al
mov eax, [Te1 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*1]
shr eax, 8
movzx eax, al
mov eax, [Te2 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*2]
movzx eax, al
mov eax, [Te3 + 4*eax]
xor ecx, eax
mov [edi + 4*3], ecx
add ebx, 4*8
dec [r]
jz .end_for
mov ecx, [ebx + 4*0]
mov eax, [edi + 4*0]
shr eax, 24
mov eax, [Te0 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*1]
shr eax, 16
movzx eax, al
mov eax, [Te1 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*2]
shr eax, 8
movzx eax, al
mov eax, [Te2 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*3]
movzx eax, al
mov eax, [Te3 + 4*eax]
xor ecx, eax
mov [esi + 4*0], ecx
mov ecx, [ebx + 4*1]
mov eax, [edi + 4*1]
shr eax, 24
mov eax, [Te0 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*2]
shr eax, 16
movzx eax, al
mov eax, [Te1 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*3]
shr eax, 8
movzx eax, al
mov eax, [Te2 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*0]
movzx eax, al
mov eax, [Te3 + 4*eax]
xor ecx, eax
mov [esi + 4*1], ecx
mov ecx, [ebx + 4*2]
mov eax, [edi + 4*2]
shr eax, 24
mov eax, [Te0 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*3]
shr eax, 16
movzx eax, al
mov eax, [Te1 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*0]
shr eax, 8
movzx eax, al
mov eax, [Te2 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*1]
movzx eax, al
mov eax, [Te3 + 4*eax]
xor ecx, eax
mov [esi + 4*2], ecx
mov ecx, [ebx + 4*3]
mov eax, [edi + 4*3]
shr eax, 24
mov eax, [Te0 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*0]
shr eax, 16
movzx eax, al
mov eax, [Te1 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*1]
shr eax, 8
movzx eax, al
mov eax, [Te2 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*2]
movzx eax, al
mov eax, [Te3 + 4*eax]
xor ecx, eax
mov [esi + 4*3], ecx
jmp .for
.end_for:
mov ecx, [ebx + 4*0]
mov eax, [edi + 4*0]
shr eax, 24
mov eax, [Te2 + 4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, [edi + 4*1]
shr eax, 16
movzx eax, al
mov eax, [Te3 + 4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, [edi + 4*2]
shr eax, 8
movzx eax, al
mov eax, [Te0 + 4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, [edi + 4*3]
movzx eax, al
mov eax, [Te1 + 4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi + 4*0], ecx
mov ecx, [ebx + 4*1]
mov eax, [edi + 4*1]
shr eax, 24
mov eax, [Te2 + 4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, [edi + 4*2]
shr eax, 16
movzx eax, al
mov eax, [Te3 + 4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, [edi + 4*3]
shr eax, 8
movzx eax, al
mov eax, [Te0 + 4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, [edi + 4*0]
movzx eax, al
mov eax, [Te1 + 4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi + 4*1], ecx
mov ecx, [ebx + 4*2]
mov eax, [edi + 4*2]
shr eax, 24
mov eax, [Te2 + 4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, [edi + 4*3]
shr eax, 16
movzx eax, al
mov eax, [Te3 + 4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, [edi + 4*0]
shr eax, 8
movzx eax, al
mov eax, [Te0 + 4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, [edi + 4*1]
movzx eax, al
mov eax, [Te1 + 4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi + 4*2], ecx
mov ecx, [ebx + 4*3]
mov eax, [edi + 4*3]
shr eax, 24
mov eax, [Te2 + 4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, [edi + 4*0]
shr eax, 16
movzx eax, al
mov eax, [Te3 + 4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, [edi + 4*1]
shr eax, 8
movzx eax, al
mov eax, [Te0 + 4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, [edi + 4*2]
movzx eax, al
mov eax, [Te1 + 4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi + 4*3], ecx
mov edi, [_out]
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
DEBUGF 1,'output : '
stdcall dump_128bit_hex, [_out]
DEBUGF 1,'\n'
pop edi esi ebx
ret
endp
proc aes256_decrypt _key, _in, _out
locals
s rd 4
t rd 4
r dd ?
endl
push ebx esi edi
DEBUGF 1,'input : '
stdcall dump_128bit_hex, [_in]
DEBUGF 1,'\n'
mov ebx, [_key]
mov esi, [_in]
lea edi, [s]
mov eax, [esi + 4*0]
bswap eax
xor eax, [ebx + 4*0]
mov [edi + 4*0], eax
mov eax, [esi + 4*1]
bswap eax
xor eax, [ebx + 4*1]
mov [edi + 4*1], eax
mov eax, [esi + 4*2]
bswap eax
xor eax, [ebx + 4*2]
mov [edi + 4*2], eax
mov eax, [esi + 4*3]
bswap eax
xor eax, [ebx + 4*3]
mov [edi + 4*3], eax
mov [r], AES256_ROUNDS SHR 1
.for:
lea esi, [s]
lea edi, [t]
mov ecx, [ebx + 4*4]
mov eax, [esi + 4*0]
shr eax, 24
mov eax, [Td0 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*3]
shr eax, 16
movzx eax, al
mov eax, [Td1 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*2]
shr eax, 8
movzx eax, al
mov eax, [Td2 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*1]
movzx eax, al
mov eax, [Td3 + 4*eax]
xor ecx, eax
mov [edi + 4*0], ecx
mov ecx, [ebx + 4*5]
mov eax, [esi + 4*1]
shr eax, 24
mov eax, [Td0 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*0]
shr eax, 16
movzx eax, al
mov eax, [Td1 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*3]
shr eax, 8
movzx eax, al
mov eax, [Td2 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*2]
movzx eax, al
mov eax, [Td3 + 4*eax]
xor ecx, eax
mov [edi + 4*1], ecx
mov ecx, [ebx + 4*6]
mov eax, [esi + 4*2]
shr eax, 24
mov eax, [Td0 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*1]
shr eax, 16
movzx eax, al
mov eax, [Td1 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*0]
shr eax, 8
movzx eax, al
mov eax, [Td2 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*3]
movzx eax, al
mov eax, [Td3 + 4*eax]
xor ecx, eax
mov [edi + 4*2], ecx
mov ecx, [ebx + 4*7]
mov eax, [esi + 4*3]
shr eax, 24
mov eax, [Td0 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*2]
shr eax, 16
movzx eax, al
mov eax, [Td1 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*1]
shr eax, 8
movzx eax, al
mov eax, [Td2 + 4*eax]
xor ecx, eax
mov eax, [esi + 4*0]
movzx eax, al
mov eax, [Td3 + 4*eax]
xor ecx, eax
mov [edi + 4*3], ecx
add ebx, 4*8
dec [r]
jz .end_for
mov ecx, [ebx + 4*0]
mov eax, [edi + 4*0]
shr eax, 24
mov eax, [Td0 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*3]
shr eax, 16
movzx eax, al
mov eax, [Td1 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*2]
shr eax, 8
movzx eax, al
mov eax, [Td2 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*1]
movzx eax, al
mov eax, [Td3 + 4*eax]
xor ecx, eax
mov [esi + 4*0], ecx
mov ecx, [ebx + 4*1]
mov eax, [edi + 4*1]
shr eax, 24
mov eax, [Td0 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*0]
shr eax, 16
movzx eax, al
mov eax, [Td1 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*3]
shr eax, 8
movzx eax, al
mov eax, [Td2 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*2]
movzx eax, al
mov eax, [Td3 + 4*eax]
xor ecx, eax
mov [esi + 4*1], ecx
mov ecx, [ebx + 4*2]
mov eax, [edi + 4*2]
shr eax, 24
mov eax, [Td0 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*1]
shr eax, 16
movzx eax, al
mov eax, [Td1 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*0]
shr eax, 8
movzx eax, al
mov eax, [Td2 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*3]
movzx eax, al
mov eax, [Td3 + 4*eax]
xor ecx, eax
mov [esi + 4*2], ecx
mov ecx, [ebx + 4*3]
mov eax, [edi + 4*3]
shr eax, 24
mov eax, [Td0 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*2]
shr eax, 16
movzx eax, al
mov eax, [Td1 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*1]
shr eax, 8
movzx eax, al
mov eax, [Td2 + 4*eax]
xor ecx, eax
mov eax, [edi + 4*0]
movzx eax, al
mov eax, [Td3 + 4*eax]
xor ecx, eax
mov [esi + 4*3], ecx
jmp .for
.end_for:
; Apply last round
mov ecx, [ebx + 4*0]
mov eax, [edi + 4*0]
shr eax, 24
movzx eax, [Td4 + eax]
shl eax, 24
xor ecx, eax
mov eax, [edi + 4*3]
shr eax, 16
movzx eax, al
movzx eax, [Td4 + eax]
shl eax, 16
xor ecx, eax
mov eax, [edi + 4*2]
shr eax, 8
movzx eax, al
movzx eax, [Td4 + eax]
shl eax, 8
xor ecx, eax
mov eax, [edi + 4*1]
movzx eax, al
movzx eax, [Td4 + eax]
xor ecx, eax
mov [esi + 4*0], ecx
mov ecx, [ebx + 4*1]
mov eax, [edi + 4*1]
shr eax, 24
movzx eax, [Td4 + eax]
shl eax, 24
xor ecx, eax
mov eax, [edi + 4*0]
shr eax, 16
movzx eax, al
movzx eax, [Td4 + eax]
shl eax, 16
xor ecx, eax
mov eax, [edi + 4*3]
shr eax, 8
movzx eax, al
movzx eax, [Td4 + eax]
shl eax, 8
xor ecx, eax
mov eax, [edi + 4*2]
movzx eax, al
movzx eax, [Td4 + eax]
xor ecx, eax
mov [esi + 4*1], ecx
mov ecx, [ebx + 4*2]
mov eax, [edi + 4*2]
shr eax, 24
movzx eax, [Td4 + eax]
shl eax, 24
xor ecx, eax
mov eax, [edi + 4*1]
shr eax, 16
movzx eax, al
movzx eax, [Td4 + eax]
shl eax, 16
xor ecx, eax
mov eax, [edi + 4*0]
shr eax, 8
movzx eax, al
movzx eax, [Td4 + eax]
shl eax, 8
xor ecx, eax
mov eax, [edi + 4*3]
movzx eax, al
movzx eax, [Td4 + eax]
xor ecx, eax
mov [esi + 4*2], ecx
mov ecx, [ebx + 4*3]
mov eax, [edi + 4*3]
shr eax, 24
movzx eax, [Td4 + eax]
shl eax, 24
xor ecx, eax
mov eax, [edi + 4*2]
shr eax, 16
movzx eax, al
movzx eax, [Td4 + eax]
shl eax, 16
xor ecx, eax
mov eax, [edi + 4*1]
shr eax, 8
movzx eax, al
movzx eax, [Td4 + eax]
shl eax, 8
xor ecx, eax
mov eax, [edi + 4*0]
movzx eax, al
movzx eax, [Td4 + eax]
xor ecx, eax
mov [esi + 4*3], ecx
mov edi, [_out]
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
DEBUGF 1,'output : '
stdcall dump_128bit_hex, [_out]
DEBUGF 1,'\n'
pop edi esi ebx
ret
endp
iglobal
Te0 dd \
0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, \
0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, \
0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, \
0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, \
0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87, \
0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, \
0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, \
0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b, \
0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, \
0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, \
0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, \
0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f, \
0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, \
0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5, \
0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, \
0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, \
0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e, \
0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, \
0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, \
0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497, \
0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, \
0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, \
0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b, \
0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, \
0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, \
0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, \
0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, \
0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, \
0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, \
0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504, \
0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, \
0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d, \
0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, \
0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, \
0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, \
0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395, \
0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, \
0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, \
0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, \
0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, \
0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e, \
0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, \
0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, \
0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b, \
0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, \
0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, \
0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, \
0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818, \
0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, \
0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651, \
0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, \
0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, \
0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, \
0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, \
0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, \
0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9, \
0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, \
0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, \
0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920, \
0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, \
0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, \
0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8, \
0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, \
0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
Te1 dd \
0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, \
0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5, \
0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b, \
0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676, \
0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d, \
0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0, \
0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf, \
0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0, \
0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626, \
0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc, \
0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1, \
0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515, \
0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3, \
0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a, \
0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2, \
0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575, \
0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a, \
0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0, \
0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3, \
0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484, \
0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded, \
0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b, \
0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939, \
0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf, \
0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb, \
0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585, \
0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f, \
0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8, \
0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f, \
0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5, \
0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121, \
0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2, \
0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec, \
0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717, \
0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d, \
0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373, \
0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc, \
0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888, \
0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414, \
0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb, \
0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a, \
0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c, \
0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262, \
0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979, \
0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d, \
0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9, \
0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea, \
0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808, \
0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e, \
0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6, \
0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f, \
0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a, \
0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666, \
0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e, \
0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9, \
0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e, \
0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111, \
0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494, \
0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9, \
0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf, \
0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d, \
0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868, \
0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f, \
0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616
Te2 dd \
0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, \
0xf20dfff2, 0x6bbdd66b, 0x6fb1de6f, 0xc55491c5, \
0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b, \
0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76, \
0xca458fca, 0x829d1f82, 0xc94089c9, 0x7d87fa7d, \
0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0, \
0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af, \
0x9cbf239c, 0xa4f753a4, 0x7296e472, 0xc05b9bc0, \
0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26, \
0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc, \
0x345c6834, 0xa5f451a5, 0xe534d1e5, 0xf108f9f1, \
0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15, \
0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3, \
0x18283018, 0x96a13796, 0x050f0a05, 0x9ab52f9a, \
0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2, \
0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75, \
0x091b1209, 0x839e1d83, 0x2c74582c, 0x1a2e341a, \
0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0, \
0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3, \
0x297b5229, 0xe33edde3, 0x2f715e2f, 0x84971384, \
0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed, \
0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b, \
0x6abed46a, 0xcb468dcb, 0xbed967be, 0x394b7239, \
0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf, \
0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb, \
0x43c58643, 0x4dd79a4d, 0x33556633, 0x85941185, \
0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f, \
0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8, \
0x51f3a251, 0xa3fe5da3, 0x40c08040, 0x8f8a058f, \
0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5, \
0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221, \
0x10302010, 0xff1ae5ff, 0xf30efdf3, 0xd26dbfd2, \
0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec, \
0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17, \
0xc45793c4, 0xa7f255a7, 0x7e82fc7e, 0x3d477a3d, \
0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673, \
0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc, \
0x22664422, 0x2a7e542a, 0x90ab3b90, 0x88830b88, \
0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814, \
0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb, \
0xe03bdbe0, 0x32566432, 0x3a4e743a, 0x0a1e140a, \
0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c, \
0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462, \
0x91a83991, 0x95a43195, 0xe437d3e4, 0x798bf279, \
0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d, \
0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9, \
0x6cb4d86c, 0x56faac56, 0xf407f3f4, 0xea25cfea, \
0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008, \
0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e, \
0x1c24381c, 0xa6f157a6, 0xb4c773b4, 0xc65197c6, \
0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f, \
0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a, \
0x7090e070, 0x3e427c3e, 0xb5c471b5, 0x66aacc66, \
0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e, \
0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9, \
0x86911786, 0xc15899c1, 0x1d273a1d, 0x9eb9279e, \
0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211, \
0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394, \
0x9bb62d9b, 0x1e223c1e, 0x87921587, 0xe920c9e9, \
0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df, \
0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d, \
0xbfda65bf, 0xe631d7e6, 0x42c68442, 0x68b8d068, \
0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f, \
0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16
Te3 dd \
0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, \
0xf2f20dff, 0x6b6bbdd6, 0x6f6fb1de, 0xc5c55491, \
0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56, \
0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec, \
0xcaca458f, 0x82829d1f, 0xc9c94089, 0x7d7d87fa, \
0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb, \
0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45, \
0x9c9cbf23, 0xa4a4f753, 0x727296e4, 0xc0c05b9b, \
0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c, \
0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83, \
0x34345c68, 0xa5a5f451, 0xe5e534d1, 0xf1f108f9, \
0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a, \
0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d, \
0x18182830, 0x9696a137, 0x05050f0a, 0x9a9ab52f, \
0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf, \
0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea, \
0x09091b12, 0x83839e1d, 0x2c2c7458, 0x1a1a2e34, \
0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b, \
0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d, \
0x29297b52, 0xe3e33edd, 0x2f2f715e, 0x84849713, \
0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1, \
0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6, \
0x6a6abed4, 0xcbcb468d, 0xbebed967, 0x39394b72, \
0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85, \
0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed, \
0x4343c586, 0x4d4dd79a, 0x33335566, 0x85859411, \
0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe, \
0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b, \
0x5151f3a2, 0xa3a3fe5d, 0x4040c080, 0x8f8f8a05, \
0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1, \
0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342, \
0x10103020, 0xffff1ae5, 0xf3f30efd, 0xd2d26dbf, \
0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3, \
0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e, \
0xc4c45793, 0xa7a7f255, 0x7e7e82fc, 0x3d3d477a, \
0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6, \
0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3, \
0x22226644, 0x2a2a7e54, 0x9090ab3b, 0x8888830b, \
0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28, \
0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad, \
0xe0e03bdb, 0x32325664, 0x3a3a4e74, 0x0a0a1e14, \
0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8, \
0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4, \
0x9191a839, 0x9595a431, 0xe4e437d3, 0x79798bf2, \
0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da, \
0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049, \
0x6c6cb4d8, 0x5656faac, 0xf4f407f3, 0xeaea25cf, \
0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810, \
0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c, \
0x1c1c2438, 0xa6a6f157, 0xb4b4c773, 0xc6c65197, \
0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e, \
0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f, \
0x707090e0, 0x3e3e427c, 0xb5b5c471, 0x6666aacc, \
0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c, \
0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069, \
0x86869117, 0xc1c15899, 0x1d1d273a, 0x9e9eb927, \
0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322, \
0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733, \
0x9b9bb62d, 0x1e1e223c, 0x87879215, 0xe9e920c9, \
0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5, \
0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a, \
0xbfbfda65, 0xe6e631d7, 0x4242c684, 0x6868b8d0, \
0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e, \
0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c
Td0 dd \
0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, \
0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, \
0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25, \
0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, \
0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1, \
0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, \
0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, \
0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844, \
0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, \
0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, \
0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45, \
0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94, \
0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, \
0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a, \
0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, \
0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, \
0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1, \
0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, \
0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, \
0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051, \
0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, \
0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, \
0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77, \
0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb, \
0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, \
0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e, \
0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, \
0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, \
0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e, \
0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16, \
0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, \
0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8, \
0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd, \
0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, \
0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163, \
0xd731dcca, 0x42638510, 0x13972240, 0x84c61120, \
0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, \
0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0, \
0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422, \
0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, \
0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36, \
0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, \
0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, \
0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5, \
0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, \
0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, \
0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8, \
0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6, \
0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, \
0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0, \
0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, \
0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, \
0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df, \
0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, \
0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, \
0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713, \
0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89, \
0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, \
0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf, \
0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86, \
0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, \
0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541, \
0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, \
0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
Td1 dd \
0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e, \
0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303, \
0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c, \
0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3, \
0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0, \
0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9, \
0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259, \
0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8, \
0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971, \
0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a, \
0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f, \
0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b, \
0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8, \
0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab, \
0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708, \
0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682, \
0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2, \
0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe, \
0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb, \
0x390b83ec, 0xaa4060ef, 0x065e719f, 0x51bd6e10, \
0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd, \
0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015, \
0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e, \
0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee, \
0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000, \
0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72, \
0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39, \
0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e, \
0xb10c0a67, 0x0f9357e7, 0xd2b4ee96, 0x9e1b9b91, \
0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a, \
0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17, \
0x0b0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9, \
0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60, \
0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e, \
0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1, \
0xcad731dc, 0x10426385, 0x40139722, 0x2084c611, \
0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1, \
0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3, \
0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964, \
0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390, \
0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b, \
0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf, \
0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46, \
0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af, \
0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512, \
0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb, \
0x09cd2678, 0xf46e5918, 0x01ec9ab7, 0xa8834f9a, \
0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8, \
0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c, \
0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266, \
0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8, \
0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6, \
0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604, \
0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551, \
0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41, \
0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647, \
0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c, \
0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1, \
0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737, \
0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db, \
0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340, \
0x72161dc3, 0x0cbce225, 0x8b283c49, 0x41ff0d95, \
0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1, \
0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857
Td2 dd \
0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27, \
0x6bcb3bab, 0x45f11f9d, 0x58abacfa, 0x03934be3, \
0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502, \
0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562, \
0x5a49deb1, 0x1b6725ba, 0x0e9845ea, 0xc0e15dfe, \
0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3, \
0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552, \
0x832dd4be, 0x21d35874, 0x692949e0, 0xc8448ec9, \
0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9, \
0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce, \
0x4a1863df, 0x3182e51a, 0x33609751, 0x7f456253, \
0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908, \
0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b, \
0xd323ab73, 0x02e2724b, 0x8f57e31f, 0xab2a6655, \
0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337, \
0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16, \
0x1c2b8acf, 0xb492a779, 0xf2f0f307, 0xe2a14e69, \
0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6, \
0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6, \
0xec390b83, 0xefaa4060, 0x9f065e71, 0x1051bd6e, \
0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6, \
0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050, \
0xfb241998, 0xe997d6bd, 0x43cc8940, 0x9e7767d9, \
0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8, \
0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000, \
0x86830980, 0xed48322b, 0x70ac1e11, 0x724e6c5a, \
0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d, \
0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436, \
0x67b10c0a, 0xe70f9357, 0x96d2b4ee, 0x919e1b9b, \
0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12, \
0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b, \
0x0d0b0e09, 0xc7adf28b, 0xa8b92db6, 0xa9c8141e, \
0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f, \
0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb, \
0x29768b43, 0xc6dccb23, 0xfc68b6ed, 0xf163b8e4, \
0xdccad731, 0x85104263, 0x22401397, 0x112084c6, \
0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729, \
0x2f4b1d9e, 0x30f3dcb2, 0x52ec0d86, 0xe3d077c1, \
0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9, \
0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233, \
0x4ec78749, 0xd1c1d938, 0xa2fe8cca, 0x0b3698d4, \
0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad, \
0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e, \
0x13c2f68d, 0xb8e890d8, 0xf75e2e39, 0xaff582c3, \
0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25, \
0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b, \
0x7809cd26, 0x18f46e59, 0xb701ec9a, 0x9aa8834f, \
0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15, \
0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0, \
0xb2af31a4, 0x23312a3f, 0x9430c6a5, 0x66c035a2, \
0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7, \
0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791, \
0xd68d764d, 0xb04d43ef, 0x4d54ccaa, 0x04dfe496, \
0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665, \
0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b, \
0x1d5ab367, 0xd25292db, 0x5633e910, 0x47136dd6, \
0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13, \
0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47, \
0xdf599cd2, 0x733f55f2, 0xce791814, 0x37bf73c7, \
0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844, \
0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3, \
0xc372161d, 0x250cbce2, 0x498b283c, 0x9541ff0d, \
0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456, \
0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8
Td3 dd \
0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, \
0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b, \
0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5, \
0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, \
0xb15a49de, 0xba1b6725, 0xea0e9845, 0xfec0e15d, \
0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b, \
0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, \
0xbe832dd4, 0x7421d358, 0xe0692949, 0xc9c8448e, \
0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27, \
0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, \
0xdf4a1863, 0x1a3182e5, 0x51336097, 0x537f4562, \
0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9, \
0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, \
0x73d323ab, 0x4b02e272, 0x1f8f57e3, 0x55ab2a66, \
0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3, \
0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced, \
0xcf1c2b8a, 0x79b492a7, 0x07f2f0f3, 0x69e2a14e, \
0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4, \
0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, \
0x83ec390b, 0x60efaa40, 0x719f065e, 0x6e1051bd, \
0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d, \
0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60, \
0x98fb2419, 0xbde997d6, 0x4043cc89, 0xd99e7767, \
0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79, \
0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000, \
0x80868309, 0x2bed4832, 0x1170ac1e, 0x5a724e6c, \
0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736, \
0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, \
0x0a67b10c, 0x57e70f93, 0xee96d2b4, 0x9b919e1b, \
0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c, \
0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, \
0x090d0b0e, 0x8bc7adf2, 0xb6a8b92d, 0x1ea9c814, \
0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3, \
0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, \
0x4329768b, 0x23c6dccb, 0xedfc68b6, 0xe4f163b8, \
0x31dccad7, 0x63851042, 0x97224013, 0xc6112084, \
0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, \
0x9e2f4b1d, 0xb230f3dc, 0x8652ec0d, 0xc1e3d077, \
0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247, \
0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, \
0x494ec787, 0x38d1c1d9, 0xcaa2fe8c, 0xd40b3698, \
0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f, \
0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, \
0x8d13c2f6, 0xd8b8e890, 0x39f75e2e, 0xc3aff582, \
0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf, \
0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, \
0x267809cd, 0x5918f46e, 0x9ab701ec, 0x4f9aa883, \
0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef, \
0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, \
0xa4b2af31, 0x3f23312a, 0xa59430c6, 0xa266c035, \
0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533, \
0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, \
0x4dd68d76, 0xefb04d43, 0xaa4d54cc, 0x9604dfe4, \
0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46, \
0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb, \
0x671d5ab3, 0xdbd25292, 0x105633e9, 0xd647136d, \
0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb, \
0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, \
0xd2df599c, 0xf2733f55, 0x14ce7918, 0xc737bf73, \
0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678, \
0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, \
0x1dc37216, 0xe2250cbc, 0x3c498b28, 0x0d9541ff, \
0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064, \
0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0
Td4 db \
0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, \
0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, \
0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, \
0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, \
0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, \
0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, \
0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, \
0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, \
0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, \
0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, \
0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, \
0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, \
0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, \
0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, \
0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, \
0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, \
0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, \
0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, \
0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, \
0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, \
0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, \
0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, \
0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, \
0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, \
0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, \
0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, \
0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, \
0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, \
0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, \
0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, \
0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, \
0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
rcon dd \
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, \
0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000
endg

/programs/network/ssh/dh_gex.inc
0,0 → 1,422
; dh_gex.inc - Diffie Hellman Group exchange
;
; Copyright (C) 2015-2016 Jeffrey Amelynck
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
; https://www.ietf.org/rfc/rfc4419.txt
; TODO: dont convert mpints to little endian immediately.
; Or maybe even better, not at all.
proc dh_gex
;----------------------------------------------
; >> Send Diffie-Hellman Group Exchange Request
DEBUGF 1, "Sending GEX\n"
stdcall ssh_send_packet, [socketnum], ssh_gex_req, ssh_gex_req.length, 0
cmp eax, -1
je .socket_err
;---------------------------------------------
; << Parse Diffie-Hellman Group Exchange Group
stdcall ssh_recv_packet, [socketnum], rx_buffer, BUFFERSIZE, 0
cmp eax, -1
je .socket_err
cmp [rx_buffer+ssh_header.message_code], SSH_MSG_KEX_DH_GEX_GROUP
jne proto_err
DEBUGF 1, "Received GEX group\n"
mov esi, rx_buffer+sizeof.ssh_header
mov edi, dh_p
DEBUGF 1, "DH modulus (p): "
call mpint_to_little_endian
stdcall mpint_print, dh_p
DEBUGF 1, "DH base (g): "
mov edi, dh_g
call mpint_to_little_endian
stdcall mpint_print, dh_g
;-------------------------------------------
; >> Send Diffie-Hellman Group Exchange Init
; generate a random number x, where 1 < x < (p-1)/2
mov edi, dh_x+4
mov [dh_x], DH_PRIVATE_KEY_SIZE/8
mov ecx, DH_PRIVATE_KEY_SIZE/8/4
@@:
push ecx
call MBRandom
pop ecx
stosd
dec ecx
jnz @r
; If the highest bit is set, add a zero byte
shl eax, 1
jnc @f
mov byte[edi], 0
inc dword[dh_x]
@@:
; Fill remaining bytes with zeros ; TO BE REMOVED ?
if ((MAX_BITS-DH_PRIVATE_KEY_SIZE) > 0)
mov ecx, (MAX_BITS-DH_PRIVATE_KEY_SIZE)/8/4
xor eax, eax
rep stosd
end if
DEBUGF 1, "DH x: "
stdcall mpint_length, dh_x;;;;;;;;;;;;;
stdcall mpint_print, dh_x
; Compute e = g^x mod p
stdcall mpint_modexp, dh_e, dh_g, dh_x, dh_p
stdcall mpint_length, dh_e
DEBUGF 1, "DH e: "
stdcall mpint_print, dh_e
; Create group exchange init packet
mov edi, tx_buffer+ssh_header.message_code
mov al, SSH_MSG_KEX_DH_GEX_INIT
stosb
mov esi, dh_e
call mpint_to_big_endian
DEBUGF 1, "Sending GEX init\n"
mov ecx, dword[tx_buffer+ssh_header.message_code+1]
bswap ecx
add ecx, 5
stdcall ssh_send_packet, [socketnum], tx_buffer+ssh_header.message_code, ecx, 0
cmp eax, -1
je .socket_err
;---------------------------------------------
; << Parse Diffie-Hellman Group Exchange Reply
stdcall ssh_recv_packet, [socketnum], rx_buffer, BUFFERSIZE, 0
cmp eax, -1
je .socket_err
cmp [rx_buffer+ssh_header.message_code], SSH_MSG_KEX_DH_GEX_REPLY
jne .proto_err
DEBUGF 1, "Received GEX Reply\n"
;--------------------------------
; HASH: string K_S, the host key
mov esi, rx_buffer+sizeof.ssh_header
mov edx, [esi]
bswap edx
add edx, 4
lea ebx, [esi+edx]
push ebx
call sha256_update
;--------------------------------------------------------------------------
; HASH: uint32 min, minimal size in bits of an acceptable group
; uint32 n, preferred size in bits of the group the server will send
; uint32 max, maximal size in bits of an acceptable group
mov esi, ssh_gex_req+sizeof.ssh_header-ssh_header.message_code
mov edx, 12
call sha256_update
;----------------------------
; HASH: mpint p, safe prime
mov esi, dh_p
mov edi, mpint_tmp
call mpint_to_big_endian
lea edx, [eax+4]
mov esi, mpint_tmp
call sha256_update
;----------------------------------------
; HASH: mpint g, generator for subgroup
mov esi, dh_g
mov edi, mpint_tmp
call mpint_to_big_endian
lea edx, [eax+4]
mov esi, mpint_tmp
call sha256_update
;---------------------------------------------------
; HASH: mpint e, exchange value sent by the client
mov esi, tx_buffer+sizeof.ssh_header
mov edx, [esi]
bswap edx
add edx, 4
call sha256_update
;---------------------------------------------------
; HASH: mpint f, exchange value sent by the server
mov esi, [esp]
mov edx, [esi]
bswap edx
add edx, 4
call sha256_update
pop esi
mov edi, dh_f
call mpint_to_little_endian
DEBUGF 1, "DH f: "
stdcall mpint_print, dh_f
mov edi, dh_signature
call mpint_to_little_endian
DEBUGF 1, "DH signature: "
stdcall mpint_print, dh_signature
;--------------------------------------
; Calculate shared secret K = f^x mod p
stdcall mpint_modexp, rx_buffer, dh_f, dh_x, dh_p
stdcall mpint_length, rx_buffer
DEBUGF 1, "DH K: "
stdcall mpint_print, rx_buffer
; We always need it in big endian order, so store it as such.
mov edi, dh_K
mov esi, rx_buffer
call mpint_to_big_endian
mov [dh_K.length], eax
;-----------------------------------
; HASH: mpint K, the shared secret
mov edx, [dh_K.length]
add edx, 4
mov esi, dh_K
call sha256_update
;-------------------------------
; Finalize the exchange hash (H)
mov edi, dh_H
call sha256_final
DEBUGF 1, "Exchange hash H: "
stdcall dump_256bit_hex, dh_H
; TODO: skip this block when re-keying
mov esi, dh_H
mov edi, session_id
mov ecx, 32/4
rep movsd
;---------------
; Calculate keys
; TODO: re-use partial hash of K and H
;---------------------------------------------------------------
; Initial IV client to server: HASH(K || H || "A" || session_id)
call sha256_init
mov edx, [dh_K.length]
add edx, 4
mov esi, dh_K
call sha256_update
mov edx, 32
mov esi, dh_H
call sha256_update
mov edx, 1
mov esi, str_A
call sha256_update
mov edx, 32
mov esi, session_id
call sha256_update
mov edi, tx_iv
call sha256_final
DEBUGF 1, "Remote IV: "
stdcall dump_256bit_hex, tx_iv
;---------------------------------------------------------------
; Initial IV server to client: HASH(K || H || "B" || session_id)
call sha256_init
mov edx, [dh_K.length]
add edx, 4
mov esi, dh_K
call sha256_update
mov edx, 32
mov esi, dh_H
call sha256_update
mov edx, 1
mov esi, str_B
call sha256_update
mov edx, 32
mov esi, session_id
call sha256_update
mov edi, rx_iv
call sha256_final
DEBUGF 1, "Local IV: "
stdcall dump_256bit_hex, rx_iv
;-------------------------------------------------------------------
; Encryption key client to server: HASH(K || H || "C" || session_id)
call sha256_init
mov edx, [dh_K.length]
add edx, 4
mov esi, dh_K
call sha256_update
mov edx, 32
mov esi, dh_H
call sha256_update
mov edx, 1
mov esi, str_C
call sha256_update
mov edx, 32
mov esi, session_id
call sha256_update
mov edi, tx_enc_key
call sha256_final
DEBUGF 1, "Remote key: "
stdcall dump_256bit_hex, tx_enc_key
;-------------------------------------------------------------------
; Encryption key server to client: HASH(K || H || "D" || session_id)
call sha256_init
mov edx, [dh_K.length]
add edx, 4
mov esi, dh_K
call sha256_update
mov edx, 32
mov esi, dh_H
call sha256_update
mov edx, 1
mov esi, str_D
call sha256_update
mov edx, 32
mov esi, session_id
call sha256_update
mov edi, rx_enc_key
call sha256_final
DEBUGF 1, "Local key: "
stdcall dump_256bit_hex, rx_enc_key
;------------------------------------------------------------------
; Integrity key client to server: HASH(K || H || "E" || session_id)
call sha256_init
mov edx, [dh_K.length]
add edx, 4
mov esi, dh_K
call sha256_update
mov edx, 32
mov esi, dh_H
call sha256_update
mov edx, 1
mov esi, str_E
call sha256_update
mov edx, 32
mov esi, session_id
call sha256_update
mov edi, tx_int_key
call sha256_final
DEBUGF 1, "Remote Integrity key: "
stdcall dump_256bit_hex, tx_int_key
;------------------------------------------------------------------
; Integrity key server to client: HASH(K || H || "F" || session_id)
call sha256_init
mov edx, [dh_K.length]
add edx, 4
mov esi, dh_K
call sha256_update
mov edx, 32
mov esi, dh_H
call sha256_update
mov edx, 1
mov esi, str_F
call sha256_update
mov edx, 32
mov esi, session_id
call sha256_update
mov edi, rx_int_key
call sha256_final
DEBUGF 1, "Local Integrity key: "
stdcall dump_256bit_hex, rx_int_key
;-------------------------------------
; << Parse Diffie-Hellman New Keys MSG
stdcall ssh_recv_packet, [socketnum], rx_buffer, BUFFERSIZE, 0
cmp eax, -1
je .socket_err
cmp [rx_buffer+ssh_header.message_code], SSH_MSG_NEWKEYS
jne .proto_err
DEBUGF 1, "Received New Keys\n"
;-------------------------------
; >> Reply with New Keys message
stdcall ssh_send_packet, [socketnum], ssh_new_keys, ssh_new_keys.length, 0
xor eax, eax
ret
.socket_err:
DEBUGF 2, "Socket error during key exchange!\n"
mov eax, 1
ret
.proto_err:
DEBUGF 2, "Protocol error during key exchange!\n"
mov eax, 2
ret
endp
proc dump_256bit_hex _ptr
pushad
mov esi, [_ptr]
mov ecx, 8
.next_dword:
lodsd
bswap eax
DEBUGF 1,'%x',eax
loop .next_dword
DEBUGF 1,'\n'
popad
ret
endp
iglobal
str_A db 'A'
str_B db 'B'
str_C db 'C'
str_D db 'D'
str_E db 'E'
str_F db 'F'
endg

/programs/network/ssh/mcodes.inc
0,0 → 1,32
SSH_MSG_DISCONNECT = 1
SSH_MSG_IGNORE = 2
SSH_MSG_UNIMPLEMENTED = 3
SSH_MSG_DEBUG = 4
SSH_MSG_SERVICE_REQUEST = 5
SSH_MSG_SERVICE_ACCEPT = 6
SSH_MSG_KEXINIT = 20
SSH_MSG_NEWKEYS = 21
SSH_MSG_KEX_DH_GEX_REQUEST_OLD = 30
SSH_MSG_KEX_DH_GEX_GROUP = 31
SSH_MSG_KEX_DH_GEX_INIT = 32
SSH_MSG_KEX_DH_GEX_REPLY = 33
SSH_MSG_KEX_DH_GEX_REQUEST = 34
SSH_MSG_USERAUTH_REQUEST = 50
SSH_MSG_USERAUTH_FAILURE = 51
SSH_MSG_USERAUTH_SUCCESS = 52
SSH_MSG_USERAUTH_BANNER = 53
SSH_MSG_GLOBAL_REQUEST = 80
SSH_MSG_REQUEST_SUCCESS = 81
SSH_MSG_REQUEST_FAILURE = 82
SSH_MSG_CHANNEL_OPEN = 90
SSH_MSG_CHANNEL_OPEN_CONFIRMATION = 91
SSH_MSG_CHANNEL_OPEN_FAILURE = 92
SSH_MSG_CHANNEL_WINDOW_ADJUST = 93
SSH_MSG_CHANNEL_DATA = 94
SSH_MSG_CHANNEL_EXTENDED_DATA = 95
SSH_MSG_CHANNEL_EOF = 96
SSH_MSG_CHANNEL_CLOSE = 97
SSH_MSG_CHANNEL_REQUEST = 98
SSH_MSG_CHANNEL_SUCCESS = 99
SSH_MSG_CHANNEL_FAILURE = 100

/programs/network/ssh/mpint.inc
0,0 → 1,568
; mpint.inc - Multi precision integer procedures
;
; Copyright (C) 2015-2016 Jeffrey Amelynck
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
MPINT_MAX_LEN = MAX_BITS/8
; TODO: make procedures use real number length instead of hardcoded maximum length (MPINT_MAX_LEN)
mpint_to_little_endian:
; Load length dword
lodsd
; Convert to little endian
bswap eax
stosd
test eax, eax
jz .zero
; Copy data, convert to little endian meanwhile
push eax
add esi, eax
push esi
dec esi
mov ecx, eax
std
@@:
lodsb
mov byte[edi], al
inc edi
dec ecx
jnz @r
cld
pop esi eax
; Fill the rest of the buffer with zeros.
.zero:
mov ecx, MAX_BITS/8
sub ecx, eax
xor al, al
rep stosb
ret
mpint_to_big_endian:
; Load length dword
lodsd
test eax, eax
jz .zero
mov ecx, eax
add esi, ecx
dec esi
test byte[esi], 0x80 ; Is the highest bit set?
jz @f
inc eax
@@:
push eax
bswap eax
stosd
; Copy data, convert to big endian meanwhile
std
; Append zero byte if highest bit is 0
test byte[esi], 0x80
jz @f
mov byte[edi], 0
inc edi
@@:
lodsb
mov byte[edi], al
inc edi
dec ecx
jnz @r
cld
pop eax
ret
.zero:
stosd
ret
proc mpint_length uses edi eax ecx, mpint
mov edi, [mpint]
mov ecx, MPINT_MAX_LEN
push edi
lea edi, [edi + ecx + 4 - 1]
xor al, al
std
repe scasb
cld
je @f
inc ecx
@@:
pop edi
mov [edi], ecx
ret
endp
proc mpint_print uses ecx esi eax, src
DEBUGF 1, "0x"
mov esi, [src]
mov ecx, [esi]
test ecx, ecx
jz .zero
lea esi, [esi + ecx + 4 - 1]
pushf
std
.loop:
lodsb
DEBUGF 1, "%x", eax:2
dec ecx
jnz .loop
DEBUGF 1, "\n"
popf
ret
.zero:
DEBUGF 1, "00\n"
ret
endp
proc mpint_zero uses edi ecx eax, dst
mov edi, [dst]
xor eax, eax
mov ecx, MPINT_MAX_LEN/4+1
rep stosd
ret
endp
proc mpint_zero? uses edi ecx eax, dst
mov edi, [dst]
add edi, 4
mov ecx, MPINT_MAX_LEN/4
xor eax, eax
repe scasd
ret
endp
; return an index number giving the position of the highest order bit
proc mpint_hob uses edi ecx, dst
mov edi, [dst]
; start from the high order byte
add edi, MPINT_MAX_LEN+4-1
mov ecx, MPINT_MAX_LEN
xor eax, eax
; scan byte by byte for the first non-zero byte
std
repe scasb
cld
je .zero
; calculate how many bits this is, plus 7
lea eax, [ecx*8-1]
; load this high order byte into cl
mov cl, [edi+1]
; shift bits of this byte right, until the byte reaches zero, counting bits meanwhile
@@:
inc eax
shr cl, 1
jnz @r
.zero:
ret
endp
proc mpint_cmp uses esi edi ecx, dst, src
mov esi, [src]
mov edi, [dst]
; start from the high order byte
add esi, MPINT_MAX_LEN+4-4
add edi, MPINT_MAX_LEN+4-4
mov ecx, MPINT_MAX_LEN/4
std
repe cmpsd
cld
ret
endp
proc mpint_mov uses esi edi ecx, dst, src
mov esi, [src]
mov edi, [dst]
mov ecx, MPINT_MAX_LEN/4+1
rep movsd
ret
endp
proc mpint_mov0 uses esi edi ecx eax, dst, src
mov esi, [src]
mov edi, [dst]
mov ecx, [esi]
mov eax, ecx
neg eax
add esi, 4
add edi, 4
rep movsb
add eax, MPINT_MAX_LEN
jz @f
mov ecx, eax
xor eax, eax
rep stosb
@@:
ret
endp
proc mpint_shl1 uses edi ecx eax, dst
mov edi, [dst]
add edi, 4
mov ecx, MPINT_MAX_LEN/4-1
shl dword[edi], 1
lahf
@@:
add edi, 4
sahf
rcl dword[edi], 1
lahf
dec ecx
jnz @r
sahf
ret
endp
proc mpint_shr1 uses edi ecx eax, dst
mov edi, [dst]
add edi, MPINT_MAX_LEN+4-4
mov ecx, MPINT_MAX_LEN/4-1
shr dword[edi], 1
lahf
@@:
sub edi, 4
sahf
rcr dword[edi], 1
lahf
dec ecx
jnz @r
sahf
ret
endp
proc mpint_shl uses eax ebx ecx edx esi edi, dst, shift
mov ecx, [shift]
shr ecx, 3 ; 8 bits in one byte
cmp ecx, MPINT_MAX_LEN
jge .zero
mov esi, [dst]
add esi, MPINT_MAX_LEN+4-4
mov edi, esi
and ecx, not 11b
sub esi, ecx
mov edx, MPINT_MAX_LEN/4-1
shr ecx, 2 ; 4 bytes in one dword
push ecx
sub edx, ecx
mov ecx, [shift]
and ecx, 11111b
std
.loop:
lodsd
mov ebx, [esi]
shld eax, ebx, cl
stosd
dec edx
jnz .loop
lodsd
shl eax, cl
stosd
; fill the lsb bytes with zeros
pop ecx
test ecx, ecx
jz @f
xor eax, eax
rep stosd
@@:
cld
ret
.zero:
stdcall mpint_zero, [dst]
ret
endp
; Left shift and copy
proc mpint_shlmov uses eax ebx ecx edx esi edi, dst, src, shift
mov ecx, [shift]
shr ecx, 3 ; 8 bits in one byte
cmp ecx, MPINT_MAX_LEN
jge .zero
mov esi, [src]
add esi, MPINT_MAX_LEN+4-4
mov edi, [dst]
add edi, MPINT_MAX_LEN+4-4
and ecx, not 11b
sub esi, ecx
mov edx, MPINT_MAX_LEN/4-1
shr ecx, 2 ; 4 bytes in one dword
push ecx
sub edx, ecx
mov ecx, [shift]
and ecx, 11111b
std
.loop:
lodsd
mov ebx, [esi]
shld eax, ebx, cl
stosd
dec edx
jnz .loop
lodsd
shl eax, cl
stosd
; fill the lsb bytes with zeros
pop ecx
test ecx, ecx
jz @f
xor eax, eax
rep stosd
@@:
cld
ret
.zero:
stdcall mpint_zero, [dst]
ret
endp
proc mpint_add uses esi edi ecx eax, dst, src
mov esi, [src]
add esi, 4
mov edi, [dst]
add edi, 4
mov ecx, MPINT_MAX_LEN/4
xor ah, ah ; clear flags (Carry flag most importantly)
@@:
sahf
lodsd
adc [edi], eax
lahf
add edi, 4
dec ecx
jnz @r
sahf
ret
endp
proc mpint_sub uses eax esi edi ecx, dst, src
mov esi, [src]
add esi, 4
mov edi, [dst]
add edi, 4
mov ecx, MPINT_MAX_LEN/4
; dst = dst + (NOT src) + 1
stc ; Setting CF takes care of the +1
pushf
@@:
lodsd
not eax
popf
adc [edi], eax
pushf
add edi, 4
dec ecx
jnz @r
popf
ret
endp
proc mpint_mul uses esi edi ecx ebx eax, dst, A, B
stdcall mpint_zero, [dst]
; first, find the byte in A containing the highest order bit
mov ecx, MPINT_MAX_LEN
mov edi, [A]
add edi, MPINT_MAX_LEN+4-1
std
xor al, al
repe scasb
cld
je .zero
inc ecx
mov al, [edi+1]
mov esi, edi
mov bl, 8
@@:
shl al, 1
jc .first_hit
dec bl
jnz @r
; Then, starting from this byte, iterate through the bits in A,
; starting from the highest order bit down to the lowest order bit.
.next_byte:
mov al, [edi]
dec edi
mov bl, 8
.next_bit:
stdcall mpint_shl1, [dst]
shl al, 1
jnc .zero_bit
.first_hit:
stdcall mpint_add, [dst], [B]
.zero_bit:
dec bl
jnz .next_bit
dec ecx
jnz .next_byte
.zero:
ret
endp
proc mpint_mod uses eax ecx, dst, mod
; if mod is zero, return
stdcall mpint_zero?, [mod]
jz .zero
stdcall mpint_cmp, [mod], [dst]
jb .done ; if dst < mod, dst = dst
je .zero ; if dst == mod, dst = 0
; left shift mod until the high order bits of mod and dst are aligned
stdcall mpint_hob, [dst]
mov ecx, eax
stdcall mpint_hob, [mod]
sub ecx, eax
stdcall mpint_shlmov, mpint_tmp, [mod], ecx
inc ecx
; For every bit in dst (starting from the high order bit):
.loop:
; determine if dst is bigger than mpint_tmp
stdcall mpint_cmp, [dst], mpint_tmp
ja @f
; if so, subtract mpint_tmp from dst
stdcall mpint_sub, [dst], mpint_tmp
@@:
dec ecx
jz .done
; shift mpint_tmp right by 1
stdcall mpint_shr1, mpint_tmp
jmp .loop
.zero:
stdcall mpint_zero, [dst]
.done:
ret
endp
proc mpint_modexp uses edi eax ebx ecx, dst, base, exp, mod
; If mod is zero, return
stdcall mpint_zero?, [mod]
jz .mod_zero
; Find the highest order byte in exponent
mov edi, [exp]
mov ecx, [edi]
lea edi, [edi + 4 + ecx - 1]
; Find the highest order bit in this byte
mov al, [edi]
test al, al
jz .invalid
mov bl, 9
@@:
dec bl
shl al, 1
jnc @r
; Initialise result to base, to take care of the highest order bit
stdcall mpint_mov0, [dst], [base]
dec bl
jz .next_byte
.bit_loop:
; For each bit, square result
stdcall mpint_mov, mpint_tmp, [dst]
stdcall mpint_mul, [dst], mpint_tmp, mpint_tmp
stdcall mpint_mod, [dst], [mod]
; If the bit is set, multiply result by the base
shl al, 1
jnc .next_bit
stdcall mpint_mov, mpint_tmp, [dst]
stdcall mpint_mul, [dst], [base], mpint_tmp
stdcall mpint_mod, [dst], [mod]
.next_bit:
dec bl
jnz .bit_loop
.next_byte:
dec ecx
jz .done
dec edi
mov al, [edi]
mov bl, 8
jmp .bit_loop
.done:
ret
.mod_zero:
DEBUGF 1, "modexp with modulo 0\n"
; if mod is zero, result = 0
stdcall mpint_zero, [dst]
ret
.exp_zero:
DEBUGF 1, "modexp with exponent 0\n"
; if exponent is zero, result = 1
stdcall mpint_zero, [dst]
mov eax, [dst]
mov byte[eax], 1
mov byte[eax+4], 1
ret
.invalid:
DEBUGF 1, "modexp: Invalid input!\n"
ret
endp

/programs/network/ssh/random.inc
0,0 → 1,127
; ----------------------------- MOTHER.ASM -----------------------------
; Mother-of-All random number generator by Agner Fog 1998
; 32-bit mode version for 80x86 and compatible microprocessors
;
; MRandom returns a floating point number between 0 and 1.
; MRandomInit must be called before the first call to MRandom.
;
; C++ prototypes:
; extern "C" void MRandomInit (int seed);
; extern "C" double MRandom (void);
; extern "C" int MIRandom (int min, int max);
;
; © 1998, 2004 Agner Fog.
; GNU General Public License www.gnu.org/copyleft/gpl.html
; ----------------------------------------------------------------------
; The MRandom function is optimized for the Pentium microprocessor.
iglobal
mf3 dd 2111111111 ; factors
mf2 dd 1492
mf1 dd 1776
mf0 dd 5115
endg
uglobal
m0 dd ? ; history buffer
m1 dd ?
m2 dd ?
m3 dd ?
mc dd ?
temprng dq ? ; used for conversion to float
endg
proc init_random
mcall 26, 10 ; seed
xor ecx, ecx
; make random numbers and put them into buffer
@@:
imul eax, 29943829
dec eax
mov [m0+ecx*4], eax
inc ecx
cmp ecx, 5
jb @r
push edi
mov edi, 19
@@:
call MRandom
fstp st0
dec edi
jnz @r
pop edi
ret
endp
proc MRandom
call MBRandom ; random bits
mov edx, eax ; fast conversion to float
shr eax, 12
or eax, 3ff00000h
shl edx, 20
mov dword[temprng+4], eax
mov dword[temprng], edx
fld1
fld [temprng] ; partial memory stall here
fsubr st0, st1
ret
endp
proc MIRandom, max, min ; make random integer in desired interval
call MBRandom ; make random number
mov edx, [max]
mov ecx, [min]
sub edx, ecx
js .error ; max < min
inc edx ; max - min + 1
mul edx ; multiply random number by interval and truncate
lea eax, [edx+ecx] ; add min
ret
.error:
mov eax, 80000000h ; error exit
ret
endp
proc MBRandom
push edi
mov eax, [mf3]
mul [m3] ; x[n-4]
mov ecx, eax
mov eax, [m2] ; x[n-3]
mov edi, edx
mov [m3], eax
mul [mf2]
add ecx, eax
mov eax, [m1] ; x[n-2]
adc edi, edx
mov [m2], eax
mul [mf1]
add ecx, eax
mov eax, [m0] ; x[n-1]
adc edi, edx
mov [m1], eax
mul [mf0]
add eax, ecx
adc edx, edi
add eax, [mc]
adc edx, 0
mov [m0], eax
mov [mc], edx
pop edi
ret
endp

/programs/network/ssh/ssh.asm
0,0 → 1,578
; ssh.asm - SSH client for KolibriOS
;
; Copyright (C) 2015-2016 Jeffrey Amelynck
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
format binary as ""
__DEBUG__ = 1
__DEBUG_LEVEL__ = 1
BUFFERSIZE = 4096
MAX_BITS = 8192
DH_PRIVATE_KEY_SIZE = 256
use32
db 'MENUET01' ; signature
dd 1 ; header version
dd start ; entry point
dd i_end ; initialized size
dd mem+4096 ; required memory
dd mem+4096 ; stack pointer
dd hostname ; parameters
dd 0 ; path
include '../../macros.inc'
purge mov,add,sub
include '../../proc32.inc'
include '../../dll.inc'
include '../../debug-fdo.inc'
include '../../network.inc'
;include '../../develop/libraries/libcrash/trunk/libcrash.inc'
include 'mcodes.inc'
include 'ssh_transport.inc'
include 'dh_gex.inc'
include 'mpint.inc'
include 'random.inc'
include 'aes256.inc'
include 'aes256-ctr.inc'
include 'aes256-cbc.inc'
include '../../fs/kfar/trunk/kfar_arc/sha256.inc'
; macros for network byte order
macro dd_n op {
dd 0 or (((op) and 0FF000000h) shr 24) or \
(((op) and 000FF0000h) shr 8) or \
(((op) and 00000FF00h) shl 8) or \
(((op) and 0000000FFh) shl 24)
}
macro dw_n op {
dw 0 or (((op) and 0FF00h) shr 8) or \
(((op) and 000FFh) shl 8)
}
start:
mcall 68, 11 ; Init heap
DEBUGF 1, "SSH: Loading libraries\n"
stdcall dll.Load, @IMPORT
test eax, eax
jnz exit
DEBUGF 1, "SSH: Init PRNG\n"
call init_random
DEBUGF 1, "SSH: Init Console\n"
invoke con_start, 1
invoke con_init, 80, 25, 80, 25, title
; Check for parameters
cmp byte[hostname], 0
jne resolve
main:
invoke con_cls
; Welcome user
invoke con_write_asciiz, str1
prompt:
; write prompt
invoke con_write_asciiz, str2
; read string
mov esi, hostname
invoke con_gets, esi, 256
; check for exit
test eax, eax
jz done
cmp byte[esi], 10
jz done
resolve:
mov [sockaddr1.port], 22 shl 8
; delete terminating '\n'
mov esi, hostname
@@:
lodsb
cmp al, ':'
je .do_port
cmp al, 0x20
ja @r
mov byte[esi-1], 0
jmp .done
.do_port:
xor eax, eax
xor ebx, ebx
mov byte[esi-1], 0
.portloop:
lodsb
cmp al, 0x20
jbe .port_done
sub al, '0'
jb hostname_error
cmp al, 9
ja hostname_error
lea ebx, [ebx*4 + ebx]
shl ebx, 1
add ebx, eax
jmp .portloop
.port_done:
xchg bl, bh
mov [sockaddr1.port], bx
.done:
; resolve name
push esp ; reserve stack place
push esp
invoke getaddrinfo, hostname, 0, 0
pop esi
; test for error
test eax, eax
jnz dns_error
invoke con_cls
invoke con_write_asciiz, str3
invoke con_write_asciiz, hostname
; write results
invoke con_write_asciiz, str8
; convert IP address to decimal notation
mov eax, [esi+addrinfo.ai_addr]
mov eax, [eax+sockaddr_in.sin_addr]
mov [sockaddr1.ip], eax
invoke inet_ntoa, eax
; write result
invoke con_write_asciiz, eax
; free allocated memory
invoke freeaddrinfo, esi
invoke con_write_asciiz, str9
mcall 40, EVM_STACK + EVM_KEY
invoke con_cls
; Create socket
mcall socket, AF_INET4, SOCK_STREAM, 0
cmp eax, -1
jz socket_err
mov [socketnum], eax
; Connect
mcall connect, [socketnum], sockaddr1, 18
test eax, eax
jnz socket_err
; Start calculating hash meanwhile
call sha256_init
; HASH: string V_C, the client's version string (CR and NL excluded)
mov esi, ssh_ident_ha
mov edx, ssh_ident.length+4-2
call sha256_update
; Send our identification string
DEBUGF 1, "Sending ID string\n"
mcall send, [socketnum], ssh_ident, ssh_ident.length, 0
cmp eax, -1
je socket_err
; Check protocol version of server
mcall recv, [socketnum], rx_buffer, BUFFERSIZE, 0
cmp eax, -1
je socket_err
DEBUGF 1, "Received ID string\n"
cmp dword[rx_buffer], "SSH-"
jne proto_err
cmp dword[rx_buffer+4], "2.0-"
jne proto_err
; HASH: string V_S, the server's version string (CR and NL excluded)
lea edx, [eax+2]
sub eax, 2
bswap eax
mov [rx_buffer-4], eax
mov esi, rx_buffer-4
call sha256_update
; Key Exchange init
DEBUGF 1, "Sending KEX init\n"
mov edi, ssh_kex.cookie
call MBRandom
stosd
call MBRandom
stosd
call MBRandom
stosd
call MBRandom
stosd
stdcall ssh_send_packet, [socketnum], ssh_kex, ssh_kex.length, 0
cmp eax, -1
je socket_err
; HASH: string I_C, the payload of the client's SSH_MSG_KEXINIT
mov eax, [tx_buffer+ssh_header.length]
bswap eax
movzx ebx, [tx_buffer+ssh_header.padding]
sub eax, ebx
dec eax
lea edx, [eax+4]
bswap eax
mov [tx_buffer+1], eax
mov esi, tx_buffer+1
call sha256_update
; Check key exchange init of server
stdcall ssh_recv_packet, [socketnum], rx_buffer, BUFFERSIZE, 0
cmp eax, -1
je socket_err
cmp [rx_buffer+ssh_header.message_code], SSH_MSG_KEXINIT
jne proto_err
DEBUGF 1, "Received KEX init\n"
lea esi, [rx_buffer+sizeof.ssh_header+16]
lodsd
bswap eax
DEBUGF 1, "kex_algorithms: %s\n", esi
add esi, eax
lodsd
bswap eax
DEBUGF 1, "server_host_key_algorithms: %s\n", esi
add esi, eax
lodsd
bswap eax
DEBUGF 1, "encryption_algorithms_client_to_server: %s\n", esi
add esi, eax
lodsd
bswap eax
DEBUGF 1, "encryption_algorithms_server_to_client: %s\n", esi
add esi, eax
lodsd
bswap eax
DEBUGF 1, "mac_algorithms_client_to_server: %s\n", esi
add esi, eax
lodsd
bswap eax
DEBUGF 1, "mac_algorithms_server_to_client: %s\n", esi
add esi, eax
lodsd
bswap eax
DEBUGF 1, "compression_algorithms_client_to_server: %s\n", esi
add esi, eax
lodsd
bswap eax
DEBUGF 1, "compression_algorithms_server_to_client: %s\n", esi
add esi, eax
lodsd
bswap eax
DEBUGF 1, "languages_client_to_server: %s\n", esi
add esi, eax
lodsd
bswap eax
DEBUGF 1, "languages_server_to_client: %s\n", esi
add esi, eax
lodsb
DEBUGF 1, "KEX First Packet Follows: %u\n", al
; TODO
; HASH: string I_S, the payload of the servers's SSH_MSG_KEXINIT
mov eax, [rx_buffer+ssh_header.length]
movzx ebx, [rx_buffer+ssh_header.padding]
sub eax, ebx
dec eax
lea edx, [eax+4]
bswap eax
mov [rx_buffer+sizeof.ssh_header-5], eax
mov esi, rx_buffer+sizeof.ssh_header-5
call sha256_update
; Exchange keys with the server
stdcall dh_gex
test eax, eax
jnz exit
; Set keys
DEBUGF 1, "SSH: Init encryption\n"
stdcall aes256_cbc_init, rx_iv
mov [rx_context], eax
stdcall aes256_set_encrypt_key, [rx_context], rx_enc_key
mov [decrypt_proc], aes256_cbc_decrypt
mov [rx_blocksize], 32
DEBUGF 1, "SSH: Init decryption\n"
stdcall aes256_cbc_init, tx_iv
mov [tx_context], eax
stdcall aes256_set_decrypt_key, [tx_context], tx_enc_key
mov [encrypt_proc], aes256_cbc_encrypt
mov [tx_blocksize], 32
; Launch network thread
mcall 18, 7
push eax
mcall 51, 1, thread, mem - 2048
pop ecx
mcall 18, 3
mainloop:
call [con_get_flags]
test eax, 0x200 ; con window closed?
jnz exit
stdcall ssh_recv_packet, [socketnum], rx_buffer, BUFFERSIZE, 0
cmp eax, -1
je closed
DEBUGF 1, 'SSH: got %u bytes of data !\n', eax
mov esi, rx_buffer
mov ecx, eax
pusha
@@:
lodsb
DEBUGF 1, "%x ", eax:2
dec ecx
jnz @r
popa
lea edi, [esi + eax]
mov byte [edi], 0
invoke con_write_asciiz, esi
jmp mainloop
proto_err:
DEBUGF 1, "SSH: protocol error\n"
invoke con_write_asciiz, str7
jmp prompt
socket_err:
DEBUGF 1, "SSH: socket error %d\n", ebx
invoke con_write_asciiz, str6
jmp prompt
dns_error:
DEBUGF 1, "SSH: DNS error %d\n", eax
invoke con_write_asciiz, str5
jmp prompt
hostname_error:
invoke con_write_asciiz, str10
jmp prompt
closed:
invoke con_write_asciiz, str11
jmp prompt
done:
invoke con_exit, 1
exit:
DEBUGF 1, "SSH: Exiting\n"
mcall close, [socketnum]
mcall -1
thread:
mcall 40, 0
.loop:
invoke con_getch2
mov [send_data], ax
xor esi, esi
inc esi
test al, al
jnz @f
inc esi
@@:
stdcall ssh_send_packet, [socketnum], send_data, 0
invoke con_get_flags
test eax, 0x200 ; con window closed?
jz .loop
mcall -1
; data
title db 'Secure Shell',0
str1 db 'SSH client for KolibriOS',10,10,\
'Please enter URL of SSH server (host:port)',10,10,0
str2 db '> ',0
str3 db 'Connecting to ',0
str4 db 10,0
str5 db 'Name resolution failed.',10,10,0
str6 db 'A socket error occured.',10,10,0
str7 db 'A protocol error occured.',10,10,0
str8 db ' (',0
str9 db ')',10,0
str10 db 'Invalid hostname.',10,10,0
str11 db 10,'Remote host closed the connection.',10,10,0
sockaddr1:
dw AF_INET4
.port dw 0
.ip dd 0
rb 10
ssh_ident_ha:
dd_n (ssh_ident.length-2)
ssh_ident:
db "SSH-2.0-KolibriOS_SSH_0.01",13,10
.length = $ - ssh_ident
ssh_kex:
db SSH_MSG_KEXINIT
.cookie:
rd 4
.kex_algorithms:
dd_n .server_host_key_algorithms - .kex_algorithms - 4
db "diffie-hellman-group-exchange-sha256" ; diffie-hellman-group-exchange-sha1
.server_host_key_algorithms:
dd_n .encryption_algorithms_client_to_server - .server_host_key_algorithms - 4
db "ssh-rsa" ;,ssh-dss
.encryption_algorithms_client_to_server:
dd_n .encryption_algorithms_server_to_client - .encryption_algorithms_client_to_server - 4
db "aes256-cbc" ;,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128"
.encryption_algorithms_server_to_client:
dd_n .mac_algorithms_client_to_server - .encryption_algorithms_server_to_client - 4
db "aes256-cbc" ;,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128"
.mac_algorithms_client_to_server:
dd_n .mac_algorithms_server_to_client - .mac_algorithms_client_to_server - 4
db "hmac-sha2-256" ;,hmac-sha1,hmac-sha1-96,hmac-md5"
.mac_algorithms_server_to_client:
dd_n .compression_algorithms_client_to_server - .mac_algorithms_server_to_client - 4
db "hmac-sha2-256" ;,hmac-sha1,hmac-sha1-96,hmac-md5"
.compression_algorithms_client_to_server:
dd_n .compression_algorithms_server_to_client - .compression_algorithms_client_to_server - 4
db "none" ;,zlib"
.compression_algorithms_server_to_client:
dd_n .languages_client_to_server - .compression_algorithms_server_to_client - 4
db "none" ;,zlib"
.languages_client_to_server:
dd_n .languages_server_to_client - .languages_client_to_server - 4
db ""
.languages_server_to_client:
dd_n .first_kex_packet_follows - .languages_server_to_client - 4
db ""
.first_kex_packet_follows:
db 0
.reserved:
dd_n 0
.length = $ - ssh_kex
ssh_gex_req:
db SSH_MSG_KEX_DH_GEX_REQUEST
dd_n 128 ; DH GEX min
dd_n 256 ; DH GEX number of bits
dd_n 512 ; DH GEX Max
.length = $ - ssh_gex_req
ssh_new_keys:
db SSH_MSG_NEWKEYS
.length = $ - ssh_new_keys
include_debug_strings
; import
align 4
@IMPORT:
library network, 'network.obj', \
console, 'console.obj';, \
; libcrash, 'libcrash.obj'
import network, \
getaddrinfo, 'getaddrinfo', \
freeaddrinfo, 'freeaddrinfo', \
inet_ntoa, 'inet_ntoa'
import console, \
con_start, 'START', \
con_init, 'con_init', \
con_write_asciiz, 'con_write_asciiz', \
con_exit, 'con_exit', \
con_gets, 'con_gets', \
con_cls, 'con_cls', \
con_getch2, 'con_getch2', \
con_set_cursor_pos, 'con_set_cursor_pos', \
con_write_string, 'con_write_string', \
con_get_flags, 'con_get_flags'
;import libcrash, \
; crash.hash, 'crash_hash'
IncludeIGlobals
i_end:
decrypt_proc dd dummy_encrypt
encrypt_proc dd dummy_encrypt
rx_blocksize dd 4
tx_blocksize dd 4
rx_context dd ?
tx_context dd ?
IncludeUGlobals
socketnum dd ?
rx_packet_length dd ? ;;;;;
rx_buffer: rb BUFFERSIZE+1
tx_buffer: rb BUFFERSIZE+1
send_data dw ?
hostname rb 1024
; Diffie Hellman variables
dh_p dd ?
rb MAX_BITS/8
dh_g dd ?
rb MAX_BITS/8
dh_x dd ?
rb MAX_BITS/8
dh_e dd ?
rb MAX_BITS/8
dh_f dd ?
rb MAX_BITS/8
dh_signature dd ?
rb MAX_BITS/8
; Output from key exchange
dh_K dd ? ; Shared Secret (Big endian)
rb MAX_BITS/8
.length dd ? ; Length in little endian
dh_H rb 32 ; Exchange Hash
session_id rb 32
rx_iv rb 32 ; Rx initialisation vector
tx_iv rb 32 ; Tx initialisation vector
rx_enc_key rb 32 ; Rx encryption key
tx_enc_key rb 32 ; Tx encryption key
rx_int_key rb 32 ; Rx integrity key
tx_int_key rb 32 ; Tx integrity key
; Temporary values ; To be removed
mpint_tmp rb MPINT_MAX_LEN+4
mem:

/programs/network/ssh/ssh_transport.inc
0,0 → 1,153
; ssh_transport.inc - SSH transport layer
;
; Copyright (C) 2016 Jeffrey Amelynck
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
struct ssh_header
length dd ?
padding db ?
message_code db ?
ends
proc dummy_encrypt _key, _in, _out
ret
endp
proc ssh_recv_packet sock, buf, size, flags
locals
bufferptr dd ?
remaining dd ?
padding dd ?
endl
DEBUGF 1, "ssh_recv_packet\n"
; Receive first block (Read length, padding length, message code)
mcall recv, [sock], [buf], [rx_blocksize], [flags]
DEBUGF 1, "chunk = %u\n", eax
cmp eax, [rx_blocksize]
jne .fail ;;;;
; stdcall [decrypt_proc], [rx_context], [buf], [buf]
mov ebx, [buf]
movzx eax, [ebx+ssh_header.padding]
mov [padding], eax
mov eax, [ebx+ssh_header.length]
bswap eax ; length to little endian
mov [ebx+ssh_header.length], eax
DEBUGF 1, "ssh_recv_packet length = %u\n", eax
cmp eax, [size]
ja .fail ;;;;
sub eax, [rx_blocksize]
add eax, 4
mov [remaining], eax
add ebx, [rx_blocksize]
mov [bufferptr], ebx
.receive_loop:
mcall recv, [sock], [bufferptr], [remaining], 0
DEBUGF 1, "chunk = %u\n", eax
cmp eax, 0
jbe .fail
add [bufferptr], eax
sub [remaining], eax
ja .receive_loop
; .decrypt_loop:
; stdcall [decrypt_proc], [rx_context], [buf], [buf]
; ja .decrypt_loop
; .hmac_loop:
; TODO
; ja .hmac_loop
; Return usefull data length in eax
mov eax, [buf]
movzx ebx, [eax+ssh_header.padding]
mov eax, [eax+ssh_header.length]
sub eax, ebx
DEBUGF 1, "ssh_recv_packet complete, usefull data length=%u\n", eax
ret
.fail:
DEBUGF 1, "ssh_recv_packet failed!\n"
mov eax, -1
ret
endp
proc ssh_send_packet sock, buf, payloadsize, flags
locals
size dd ?
endl
DEBUGF 1, "ssh_send_packet: size=%u\n", [payloadsize]
mov eax, [payloadsize]
inc eax ; padding length byte
lea edx, [eax+4] ; total packet size (without padding)
mov [size], edx
mov ebx, [tx_blocksize]
dec ebx
and edx, ebx
neg edx
add edx, [tx_blocksize]
cmp edx, 4 ; minimum padding size
jae @f
add edx, [tx_blocksize]
@@:
DEBUGF 1, "Padding %u bytes\n", edx
add [size], edx
add eax, edx
DEBUGF 1, "Total size: %u\n", eax
bswap eax
mov edi, tx_buffer
stosd
mov al, dl
stosb
mov esi, [buf]
; cmp esi, edi
; je @f
mov ecx, [payloadsize]
rep movsb
; @@:
mov ebx, edx
mov esi, edx
and ebx, 3
jz @f
call MBRandom
mov dword[edi], eax
add edi, ebx
@@:
shr esi, 2
@@:
call MBRandom
stosd
dec esi
jnz @r
mcall send, [sock], tx_buffer, [size], [flags]
ret
endp

/programs/network/ssh/test/aestest.asm
0,0 → 1,279
; aestest.inc - AES test suite
;
; Copyright (C) 2016 Ivan Baravy (dunkaist)
; Copyright (C) 2016 Jeffrey Amelynck
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
format binary as ""
use32
org 0x0
db 'MENUET01'
dd 0x01,start,i_end,e_end,e_end,0,0
__DEBUG__ = 1
__DEBUG_LEVEL__ = 1
include '../../../proc32.inc'
include '../../../macros.inc'
include '../../../dll.inc'
include '../../../debug-fdo.inc'
;include 'libcrash.inc'
include '../aes256.inc'
include '../aes256-ctr.inc'
include '../aes256-cbc.inc'
; Test vectors are taken from the very end of sp800-38a.pdf
start:
mcall 68, 11
DEBUGF 1,'===========================================\n'
DEBUGF 1,'AES256_CTR_CRYPT\n'
DEBUGF 1,'\n'
DEBUGF 1,'key : '
stdcall dump_128bit_hex, key
DEBUGF 1,'\n'
DEBUGF 1,' '
stdcall dump_128bit_hex, key+16
DEBUGF 1,'\n'
DEBUGF 1,'\n'
DEBUGF 1,'counter: '
stdcall dump_128bit_hex, counter
DEBUGF 1,'\n'
DEBUGF 1,'\n'
stdcall aes256_ctr_init, counter
; returns context, save it to ebx
mov ebx, eax
stdcall aes256_set_encrypt_key, ebx, key
mov esi, plain
mov edi, cipher
mov ecx, 4
@@:
push ecx
stdcall aes256_ctr_crypt, ebx, esi, edi
pop ecx
add esi, 16
add edi, 16
loop @r
DEBUGF 1,'===========================================\n'
DEBUGF 1,'AES256_CBC_ENCRYPT\n'
DEBUGF 1,'\n'
DEBUGF 1,'key : '
stdcall dump_128bit_hex, key
DEBUGF 1,'\n'
DEBUGF 1,' '
stdcall dump_128bit_hex, key+16
DEBUGF 1,'\n'
DEBUGF 1,'\n'
DEBUGF 1,'IV : '
stdcall dump_128bit_hex, iv
DEBUGF 1,'\n'
DEBUGF 1,'\n'
stdcall aes256_cbc_init, iv
; returns context, save it to ebx
mov ebx, eax
stdcall aes256_set_encrypt_key, ebx, key
mov esi, plain
mov edi, cipher
mov ecx, 4
@@:
push ecx
stdcall aes256_cbc_encrypt, ebx, esi, edi
pop ecx
add esi, 16
add edi, 16
loop @r
DEBUGF 1,'===========================================\n'
DEBUGF 1,'AES256_CBC_DECRYPT\n'
DEBUGF 1,'\n'
DEBUGF 1,'key : '
stdcall dump_128bit_hex, key
DEBUGF 1,'\n'
DEBUGF 1,' '
stdcall dump_128bit_hex, key+16
DEBUGF 1,'\n'
DEBUGF 1,'\n'
DEBUGF 1,'IV : '
stdcall dump_128bit_hex, iv
DEBUGF 1,'\n'
DEBUGF 1,'\n'
stdcall aes256_cbc_init, iv
; returns context, save it to ebx
mov ebx, eax
stdcall aes256_set_decrypt_key, ebx, key
mov esi, cipher
mov edi, plain
mov ecx, 4
@@:
push ecx
stdcall aes256_cbc_decrypt, ebx, esi, edi
pop ecx
add esi, 16
add edi, 16
loop @r
quit:
DEBUGF 1,'===========================================\n'
mcall -1
key db 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,0x2b,0x73,0xae,0xf0,\
0x85,0x7d,0x77,0x81,0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,\
0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
iv db 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,\
0x0c,0x0d,0x0e,0x0f
counter db 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,0xf8,0xf9,0xfa,0xfb,\
0xfc,0xfd,0xfe,0xff
plain db 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,0xe9,0x3d,0x7e,0x11,\
0x73,0x93,0x17,0x2a,0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,\
0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,0x30,0xc8,0x1c,0x46,\
0xa3,0x5c,0xe4,0x11,0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,\
0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,0xad,0x2b,0x41,0x7b,\
0xe6,0x6c,0x37,0x10
cipher rd 16
; CTR-AES256.Encrypt
;
; Key 603deb1015ca71be2b73aef0857d7781
; 1f352c073b6108d72d9810a30914dff4
; Init. Counter f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
;
;
; Block #1
;
; Input Block f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
; Output Block 0bdf7df1591716335e9a8b15c860c502
; Plaintext 6bc1bee22e409f96e93d7e117393172a
; Ciphertext 601ec313775789a5b7a7f504bbf3d228
;
;
; Block #2
;
; Input Block f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
; Output Block 5a6e699d536119065433863c8f657b94
; Plaintext ae2d8a571e03ac9c9eb76fac45af8e51
; Ciphertext f443e3ca4d62b59aca84e990cacaf5c5
;
;
; Block #3
;
; Input Block f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
; Output Block 1bc12c9c01610d5d0d8bd6a3378eca62
; Plaintext 30c81c46a35ce411e5fbc1191a0a52ef
; Ciphertext 2b0930daa23de94ce87017ba2d84988d
;
;
; Block #4
;
; Input Block f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
; Output Block 2956e1c8693536b1bee99c73a31576b6
; Plaintext f69f2445df4f9b17ad2b417be66c3710
; Ciphertext dfc9c58db67aada613c2dd08457941a6
; CBC-AES256.Encrypt
; Key 603deb1015ca71be2b73aef0857d7781
; 1f352c073b6108d72d9810a30914dff4
; IV 000102030405060708090a0b0c0d0e0f
;
; Block #1
;
; Plaintext 6bc1bee22e409f96e93d7e117393172a
; Input Block 6bc0bce12a459991e134741a7f9e1925
; Output Block f58c4c04d6e5f1ba779eabfb5f7bfbd6
; Ciphertext f58c4c04d6e5f1ba779eabfb5f7bfbd6
;
; Block #2
;
; Plaintext ae2d8a571e03ac9c9eb76fac45af8e51
; Input Block 5ba1c653c8e65d26e929c4571ad47587
; Output Block 9cfc4e967edb808d679f777bc6702c7d
; Ciphertext 9cfc4e967edb808d679f777bc6702c7d
;
; Block #3
;
; Plaintext 30c81c46a35ce411e5fbc1191a0a52ef
; Input Block ac3452d0dd87649c8264b662dc7a7e92
; Output Block 39f23369a9d9bacfa530e26304231461
; Ciphertext 39f23369a9d9bacfa530e26304231461
;
; Block #4
;
; Plaintext f69f2445df4f9b17ad2b417be66c3710
; Input Block cf6d172c769621d8081ba318e24f2371
; Output Block b2eb05e2c39be9fcda6c19078c6a9d1b
; Ciphertext b2eb05e2c39be9fcda6c19078c6a9d1b
; CBC-AES256.Decrypt
; Key 603deb1015ca71be2b73aef0857d7781
; 1f352c073b6108d72d9810a30914dff4
; IV 000102030405060708090a0b0c0d0e0f
;
; Block #1
;
; Ciphertext f58c4c04d6e5f1ba779eabfb5f7bfbd6
; Input Block f58c4c04d6e5f1ba779eabfb5f7bfbd6
; Output Block 6bc0bce12a459991e134741a7f9e1925
; Plaintext 6bc1bee22e409f96e93d7e117393172a
;
; Block #2
;
; Ciphertext 9cfc4e967edb808d679f777bc6702c7d
; Input Block 9cfc4e967edb808d679f777bc6702c7d
; Output Block 5ba1c653c8e65d26e929c4571ad47587
; Plaintext ae2d8a571e03ac9c9eb76fac45af8e51
;
; Block #3
;
; Ciphertext 39f23369a9d9bacfa530e26304231461
; Input Block 39f23369a9d9bacfa530e26304231461
; Output Block ac3452d0dd87649c8264b662dc7a7e92
; Plaintext 30c81c46a35ce411e5fbc1191a0a52ef
;
; Block #4
;
; Ciphertext b2eb05e2c39be9fcda6c19078c6a9d1b
; Input Block b2eb05e2c39be9fcda6c19078c6a9d1b
; Output Block cf6d172c769621d8081ba318e24f2371
; Plaintext f69f2445df4f9b17ad2b417be66c3710
include_debug_strings
IncludeIGlobals
i_end:
IncludeUGlobals
rb 0x1000 ;stack
e_end:

/programs/network/ssh/test/modexp.asm
0,0 → 1,185
; modexp.asm - Modular exponentiation test suite
;
; Copyright (C) 2015-2016 Jeffrey Amelynck
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
format binary as ""
__DEBUG__ = 1
__DEBUG_LEVEL__ = 1
MAX_BITS = 256
use32
db 'MENUET01' ; signature
dd 1 ; header version
dd start ; entry point
dd i_end ; initialized size
dd mem+4096 ; required memory
dd mem+4096 ; stack pointer
dd 0 ; parameters
dd 0 ; path
include '../../../macros.inc'
purge mov,add,sub
include '../../../proc32.inc'
include '../../../debug-fdo.inc'
include '../mpint.inc'
start:
DEBUGF 1, "ModExp Test suite\n"
DEBUGF 1, "mpint_zero\n"
stdcall mpint_zero, mpint_A
stdcall mpint_print, mpint_A
mov dword[mpint_A+00], 32
mov dword[mpint_A+04], 0xCAFEBABE
mov dword[mpint_A+08], 0xDEADBEEF
mov dword[mpint_A+12], 0xCAFEBABE
mov dword[mpint_A+16], 0xDEADBEEF
mov dword[mpint_A+20], 0xCAFEBABE
mov dword[mpint_A+24], 0xDEADBEEF
mov dword[mpint_A+28], 0xCAFEBABE
mov dword[mpint_A+32], 0xDEADBEEF
stdcall mpint_print, mpint_A
DEBUGF 1, "mpint_shl, 3\n"
stdcall mpint_shl, mpint_A, 3
stdcall mpint_length, mpint_A
stdcall mpint_print, mpint_A
DEBUGF 1, "mpint_shl, 40\n"
stdcall mpint_shl, mpint_A, 40
stdcall mpint_length, mpint_A
stdcall mpint_print, mpint_A
DEBUGF 1, "8 times mpint_shl1\n"
stdcall mpint_shl1, mpint_A
stdcall mpint_shl1, mpint_A
stdcall mpint_shl1, mpint_A
stdcall mpint_shl1, mpint_A
stdcall mpint_shl1, mpint_A
stdcall mpint_shl1, mpint_A
stdcall mpint_shl1, mpint_A
stdcall mpint_shl1, mpint_A
stdcall mpint_length, mpint_A
stdcall mpint_print, mpint_A
mov dword[mpint_B+00], 32
mov dword[mpint_B+04], 0xCAFEBABE
mov dword[mpint_B+08], 0xDEADBEEF
mov dword[mpint_B+12], 0xCAFEBABE
mov dword[mpint_B+16], 0xDEADBEEF
mov dword[mpint_B+20], 0xCAFEBABE
mov dword[mpint_B+24], 0xDEADBEEF
mov dword[mpint_B+28], 0xCAFEBABE
mov dword[mpint_B+32], 0xDEADBEEF
stdcall mpint_print, mpint_A
stdcall mpint_print, mpint_B
DEBUGF 1, "mpint_add\n"
stdcall mpint_add, mpint_B, mpint_A
stdcall mpint_length, mpint_B
stdcall mpint_print, mpint_B
DEBUGF 1, "mpint_sub\n"
stdcall mpint_sub, mpint_B, mpint_A
stdcall mpint_length, mpint_B
stdcall mpint_print, mpint_B
mov dword[mpint_B+04], 0xCAFEBABE
mov dword[mpint_B+08], 0xDEADBEEF
mov dword[mpint_B+12], 0xCAFEBABE
mov dword[mpint_B+16], 0xDEADBEEF
mov dword[mpint_B+20], 0xCAFEBABE
mov dword[mpint_B+24], 0xDEADBEEF
mov dword[mpint_B+28], 0x0
mov dword[mpint_B+32], 0x0
stdcall mpint_print, mpint_A
stdcall mpint_print, mpint_B
DEBUGF 1, "mpint_mod\n"
stdcall mpint_mod, mpint_A, mpint_B
stdcall mpint_print, mpint_A
stdcall mpint_zero, mpint_A
mov dword[mpint_A+0], 2
mov dword[mpint_A+4], 1936
stdcall mpint_zero, mpint_B
mov dword[mpint_B+0], 2
mov dword[mpint_B+4], 497
stdcall mpint_cmp, mpint_A, mpint_B
stdcall mpint_mod, mpint_A, mpint_B
DEBUGF 1, "1936 mod 497\n"
stdcall mpint_print, mpint_A
stdcall mpint_zero, mpint_A
mov dword[mpint_A+00], 32
mov dword[mpint_A+04], 0xCAFEBABE
mov dword[mpint_A+08], 0xDEADBEEF
mov dword[mpint_A+12], 0xCAFEBABE
mov dword[mpint_A+16], 0xDEADBEEF
mov dword[mpint_A+20], 0xCAFEBABE
mov dword[mpint_A+24], 0xDEADBEEF
mov dword[mpint_A+28], 0xCAFEBABE
mov dword[mpint_A+32], 0xDEADBEEF
stdcall mpint_zero, mpint_B
mov dword[mpint_B+0], 2
mov dword[mpint_B+4], 0x0100
stdcall mpint_print, mpint_A
stdcall mpint_print, mpint_B
DEBUGF 1, "mpint_mul by A*B\n"
stdcall mpint_mul, mpint_C, mpint_A, mpint_B
stdcall mpint_length, mpint_C
stdcall mpint_print, mpint_C
stdcall mpint_print, mpint_A
stdcall mpint_print, mpint_B
DEBUGF 1, "mpint_mul by B*A\n"
stdcall mpint_mul, mpint_C, mpint_B, mpint_A
stdcall mpint_length, mpint_C
stdcall mpint_print, mpint_C
stdcall mpint_hob, mpint_C
DEBUGF 1, "mpint_hob: %u\n", eax
stdcall mpint_zero, mpint_A
stdcall mpint_zero, mpint_B
stdcall mpint_zero, mpint_C
mov dword[mpint_A+0], 1
mov dword[mpint_A+4], 4
mov dword[mpint_B+0], 1
mov dword[mpint_B+4], 13
mov dword[mpint_C+0], 2
mov dword[mpint_C+4], 497
stdcall mpint_modexp, mpint_D, mpint_A, mpint_B, mpint_C
DEBUGF 1, "4**13 mod 497\n"
stdcall mpint_length, mpint_D
stdcall mpint_print, mpint_D
mcall -1
i_end:
mpint_A rb MPINT_MAX_LEN+4
mpint_B rb MPINT_MAX_LEN+4
mpint_C rb MPINT_MAX_LEN+4
mpint_D rb MPINT_MAX_LEN+4
mpint_tmp rb MPINT_MAX_LEN+4
include_debug_strings
mem:

/programs/network/ssh/test
Property changes:
Added: svn:ignore
+aestest
+modexp

/programs/network/ssh
Property changes:
Added: svn:ignore
+ssh