; ssh_transport.inc - SSH transport layer
;
; Copyright (C) 2016 Jeffrey Amelynck
;
; This program is free software: you can redistribute it and/or modify
; it under the terms of the GNU General Public License as published by
; the Free Software Foundation, either version 3 of the License, or
; (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program. If not, see <http://www.gnu.org/licenses/>.
struct ssh_header
length dd ?
padding db ?
message_code db ?
ends
proc dummy_encrypt _key, _in, _out
ret
endp
proc ssh_recv_packet sock, buf, size, flags
locals
bufferptr dd ?
remaining dd ?
padding dd ?
endl
DEBUGF 1, "ssh_recv_packet\n"
; Receive first block (Read length, padding length, message code)
mcall recv, [sock], [buf], [rx_blocksize], [flags]
DEBUGF 1, "chunk = %u\n", eax
cmp eax, [rx_blocksize]
jne .fail ;;;;
; stdcall [decrypt_proc], [rx_context], [buf], [buf]
mov ebx, [buf]
movzx eax, [ebx+ssh_header.padding]
mov [padding], eax
mov eax, [ebx+ssh_header.length]
bswap eax ; length to little endian
mov [ebx+ssh_header.length], eax
DEBUGF 1, "ssh_recv_packet length = %u\n", eax
cmp eax, [size]
ja .fail ;;;;
sub eax, [rx_blocksize]
add eax, 4
mov [remaining], eax
add ebx, [rx_blocksize]
mov [bufferptr], ebx
.receive_loop:
mcall recv, [sock], [bufferptr], [remaining], 0
DEBUGF 1, "chunk = %u\n", eax
cmp eax, 0
jbe .fail
add [bufferptr], eax
sub [remaining], eax
ja .receive_loop
; .decrypt_loop:
; stdcall [decrypt_proc], [rx_context], [buf], [buf]
; ja .decrypt_loop
; .hmac_loop:
; TODO
; ja .hmac_loop
; Return usefull data length in eax
mov eax, [buf]
movzx ebx, [eax+ssh_header.padding]
mov eax, [eax+ssh_header.length]
sub eax, ebx
DEBUGF 1, "ssh_recv_packet complete, usefull data length=%u\n", eax
ret
.fail:
DEBUGF 1, "ssh_recv_packet failed!\n"
mov eax, -1
ret
endp
proc ssh_send_packet sock, buf, payloadsize, flags
locals
size dd ?
endl
DEBUGF 1, "ssh_send_packet: size=%u\n", [payloadsize]
mov eax, [payloadsize]
inc eax ; padding length byte
lea edx, [eax+4] ; total packet size (without padding)
mov [size], edx
mov ebx, [tx_blocksize]
dec ebx
and edx, ebx
neg edx
add edx, [tx_blocksize]
cmp edx, 4 ; minimum padding size
jae @f
add edx, [tx_blocksize]
@@:
DEBUGF 1, "Padding %u bytes\n", edx
add [size], edx
add eax, edx
DEBUGF 1, "Total size: %u\n", eax
bswap eax
mov edi, tx_buffer
stosd
mov al, dl
stosb
mov esi, [buf]
; cmp esi, edi
; je @f
mov ecx, [payloadsize]
rep movsb
; @@:
mov ebx, edx
mov esi, edx
and ebx, 3
jz @f
call MBRandom
mov dword[edi], eax
add edi, ebx
@@:
shr esi, 2
@@:
call MBRandom
stosd
dec esi
jnz @r
mcall send, [sock], tx_buffer, [size], [flags]
ret
endp