Rev 9987 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 9987 | Rev 9990 | ||
|---|---|---|---|
| Line 179... | Line 179... | ||
| 179 | mov edx, [esi] |
179 | mov edx, [esi] |
| 180 | bswap edx |
180 | bswap edx |
| 181 | add edx, 4 |
181 | add edx, 4 |
| 182 | lea eax, [esi+edx] |
182 | lea eax, [esi+edx] |
| 183 | mov [mpint_f_big], eax |
183 | mov [mpint_f_big], eax |
| 184 | invoke sha2_256_update, [temp_ctx], esi, edx |
184 | invoke sha2_256.update, [temp_ctx], esi, edx |
| Line 185... | Line 185... | ||
| 185 | 185 | ||
| 186 | ;-------------------------------------------------------------------------- |
186 | ;-------------------------------------------------------------------------- |
| 187 | ; HASH: uint32 min, minimal size in bits of an acceptable group |
187 | ; HASH: uint32 min, minimal size in bits of an acceptable group |
| 188 | ; uint32 n, preferred size in bits of the group the server will send |
188 | ; uint32 n, preferred size in bits of the group the server will send |
| 189 | ; uint32 max, maximal size in bits of an acceptable group |
189 | ; uint32 max, maximal size in bits of an acceptable group |
| Line 190... | Line 190... | ||
| 190 | invoke sha2_256_update, [temp_ctx], ssh_msg_gex_req+sizeof.ssh_packet_header-ssh_packet_header.message_code, 12 |
190 | invoke sha2_256.update, [temp_ctx], ssh_msg_gex_req+sizeof.ssh_packet_header-ssh_packet_header.message_code, 12 |
| 191 | 191 | ||
| 192 | ;---------------------------- |
192 | ;---------------------------- |
| 193 | ; HASH: mpint p, safe prime |
193 | ; HASH: mpint p, safe prime |
| 194 | stdcall mpint_shrink, [mpint_p] |
194 | stdcall mpint_shrink, [mpint_p] |
| 195 | stdcall mpint_to_big_endian, [mpint_tmp], [mpint_p] |
195 | stdcall mpint_to_big_endian, [mpint_tmp], [mpint_p] |
| Line 196... | Line 196... | ||
| 196 | add eax, 4 |
196 | add eax, 4 |
| 197 | invoke sha2_256_update, [temp_ctx], [mpint_tmp], eax |
197 | invoke sha2_256.update, [temp_ctx], [mpint_tmp], eax |
| 198 | 198 | ||
| 199 | ;---------------------------------------- |
199 | ;---------------------------------------- |
| 200 | ; HASH: mpint g, generator for subgroup |
200 | ; HASH: mpint g, generator for subgroup |
| 201 | stdcall mpint_shrink, [mpint_g] |
201 | stdcall mpint_shrink, [mpint_g] |
| Line 202... | Line 202... | ||
| 202 | stdcall mpint_to_big_endian, [mpint_tmp], [mpint_g] |
202 | stdcall mpint_to_big_endian, [mpint_tmp], [mpint_g] |
| 203 | add eax, 4 |
203 | add eax, 4 |
| 204 | invoke sha2_256_update, [temp_ctx], [mpint_tmp], eax |
204 | invoke sha2_256.update, [temp_ctx], [mpint_tmp], eax |
| 205 | 205 | ||
| 206 | ;--------------------------------------------------- |
206 | ;--------------------------------------------------- |
| 207 | ; HASH: mpint e, exchange value sent by the client |
207 | ; HASH: mpint e, exchange value sent by the client |
| 208 | mov ebx, [con_ptr] |
208 | mov ebx, [con_ptr] |
| 209 | lea esi, [ebx + sshlib_connection.tx_buffer + sizeof.ssh_packet_header] |
209 | lea esi, [ebx + sshlib_connection.tx_buffer + sizeof.ssh_packet_header] |
| Line 210... | Line 210... | ||
| 210 | mov edx, [esi] |
210 | mov edx, [esi] |
| 211 | bswap edx |
211 | bswap edx |
| 212 | add edx, 4 |
212 | add edx, 4 |
| 213 | invoke sha2_256_update, [temp_ctx], esi, edx |
213 | invoke sha2_256.update, [temp_ctx], esi, edx |
| 214 | 214 | ||
| 215 | ;--------------------------------------------------- |
215 | ;--------------------------------------------------- |
| 216 | ; HASH: mpint f, exchange value sent by the server |
216 | ; HASH: mpint f, exchange value sent by the server |
| Line 217... | Line 217... | ||
| 217 | mov esi, [mpint_f_big] |
217 | mov esi, [mpint_f_big] |
| 218 | mov edx, [esi] |
218 | mov edx, [esi] |
| 219 | bswap edx |
219 | bswap edx |
| 220 | add edx, 4 |
220 | add edx, 4 |
| Line 238... | Line 238... | ||
| 238 | mov [K_length], eax |
238 | mov [K_length], eax |
| Line 239... | Line 239... | ||
| 239 | 239 | ||
| 240 | ;----------------------------------- |
240 | ;----------------------------------- |
| 241 | ; HASH: mpint K, the shared secret |
241 | ; HASH: mpint K, the shared secret |
| 242 | add eax, 4 |
242 | add eax, 4 |
| Line 243... | Line 243... | ||
| 243 | invoke sha2_256_update, [temp_ctx], [mpint_K_big], eax |
243 | invoke sha2_256.update, [temp_ctx], [mpint_K_big], eax |
| 244 | 244 | ||
| 245 | ;------------------------------- |
245 | ;------------------------------- |
| 246 | ; Finalize the exchange hash (H) |
246 | ; Finalize the exchange hash (H) |
| 247 | invoke sha2_256_finish, [temp_ctx] |
247 | invoke sha2_256.finish, [temp_ctx] |
| 248 | mov esi, [temp_ctx] |
248 | mov esi, [temp_ctx] |
| 249 | mov edi, [H] |
249 | mov edi, [H] |
| Line 300... | Line 300... | ||
| 300 | ;--------------- |
300 | ;--------------- |
| 301 | ; Calculate keys |
301 | ; Calculate keys |
| Line 302... | Line 302... | ||
| 302 | 302 | ||
| Line 303... | Line 303... | ||
| 303 | ; First, calculate partial hash of K and H so we can re-use it for every key. |
303 | ; First, calculate partial hash of K and H so we can re-use it for every key. |
| Line 304... | Line 304... | ||
| 304 | 304 | ||
| 305 | invoke sha2_256_init, [k_h_ctx] |
305 | invoke sha2_256.init, [k_h_ctx] |
| 306 | 306 | ||
| 307 | mov ecx, [K_length] |
307 | mov ecx, [K_length] |
| Line 308... | Line 308... | ||
| 308 | add ecx, 4 |
308 | add ecx, 4 |
| 309 | invoke sha2_256_update, [k_h_ctx], [mpint_K_big], ecx |
309 | invoke sha2_256.update, [k_h_ctx], [mpint_K_big], ecx |
| Line 310... | Line 310... | ||
| 310 | invoke sha2_256_update, [k_h_ctx], [H], SHA2_256_LEN |
310 | invoke sha2_256.update, [k_h_ctx], [H], SHA2_256_LEN |
| 311 | 311 | ||
| 312 | ;--------------------------------------------------------------- |
312 | ;--------------------------------------------------------------- |
| 313 | ; Initial IV client to server: HASH(K || H || "A" || session_id) |
313 | ; Initial IV client to server: HASH(K || H || "A" || session_id) |
| 314 | 314 | ||
| 315 | mov esi, [k_h_ctx] |
315 | mov esi, [k_h_ctx] |
| 316 | mov edi, [temp_ctx] |
316 | mov edi, [temp_ctx] |
| 317 | mov ecx, LIBCRASH_CTX_LEN/4 |
317 | mov ecx, LIBCRASH_CTX_LEN/4 |
| 318 | rep movsd |
318 | rep movsd |
| 319 | lea edx, [session_id_x] |
319 | lea edx, [session_id_x] |
| 320 | mov byte[edx], 'A' |
320 | mov byte[edx], 'A' |
| 321 | invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1 |
321 | invoke sha2_256.update, [temp_ctx], edx, SHA2_256_LEN+1 |
| 322 | invoke sha2_256_finish, [temp_ctx] |
322 | invoke sha2_256.finish, [temp_ctx] |
| Line 333... | Line 333... | ||
| 333 | mov edi, [temp_ctx] |
333 | mov edi, [temp_ctx] |
| 334 | mov ecx, LIBCRASH_CTX_LEN/4 |
334 | mov ecx, LIBCRASH_CTX_LEN/4 |
| 335 | rep movsd |
335 | rep movsd |
| 336 | lea edx, [session_id_x] |
336 | lea edx, [session_id_x] |
| 337 | mov byte[edx], 'B' |
337 | mov byte[edx], 'B' |
| 338 | invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1 |
338 | invoke sha2_256.update, [temp_ctx], edx, SHA2_256_LEN+1 |
| 339 | invoke sha2_256_finish, [temp_ctx] |
339 | invoke sha2_256.finish, [temp_ctx] |
| 340 | mov ebx, [con_ptr] |
340 | mov ebx, [con_ptr] |
| 341 | lea edi, [ebx + sshlib_connection.rx_iv] |
341 | lea edi, [ebx + sshlib_connection.rx_iv] |
| 342 | mov esi, [temp_ctx] |
342 | mov esi, [temp_ctx] |
| 343 | mov ecx, SHA2_256_LEN/4 |
343 | mov ecx, SHA2_256_LEN/4 |
| 344 | rep movsd |
344 | rep movsd |
| Line 350... | Line 350... | ||
| 350 | mov edi, [temp_ctx] |
350 | mov edi, [temp_ctx] |
| 351 | mov ecx, LIBCRASH_CTX_LEN/4 |
351 | mov ecx, LIBCRASH_CTX_LEN/4 |
| 352 | rep movsd |
352 | rep movsd |
| 353 | lea edx, [session_id_x] |
353 | lea edx, [session_id_x] |
| 354 | mov byte[edx], 'C' |
354 | mov byte[edx], 'C' |
| 355 | invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1 |
355 | invoke sha2_256.update, [temp_ctx], edx, SHA2_256_LEN+1 |
| 356 | invoke sha2_256_finish, [temp_ctx] |
356 | invoke sha2_256.finish, [temp_ctx] |
| Line 357... | Line 357... | ||
| 357 | 357 | ||
| 358 | mov ebx, [con_ptr] |
358 | mov ebx, [con_ptr] |
| 359 | lea edi, [ebx+sshlib_connection.tx_enc_key] |
359 | lea edi, [ebx+sshlib_connection.tx_enc_key] |
| 360 | mov esi, [temp_ctx] |
360 | mov esi, [temp_ctx] |
| Line 365... | Line 365... | ||
| 365 | mov edi, [temp_ctx] |
365 | mov edi, [temp_ctx] |
| 366 | mov ecx, LIBCRASH_CTX_LEN/4 |
366 | mov ecx, LIBCRASH_CTX_LEN/4 |
| 367 | rep movsd |
367 | rep movsd |
| 368 | mov ebx, [con_ptr] |
368 | mov ebx, [con_ptr] |
| 369 | lea edi, [ebx+sshlib_connection.tx_enc_key] |
369 | lea edi, [ebx+sshlib_connection.tx_enc_key] |
| 370 | invoke sha2_256_update, [temp_ctx], edi, SHA2_256_LEN |
370 | invoke sha2_256.update, [temp_ctx], edi, SHA2_256_LEN |
| 371 | invoke sha2_256_finish, [temp_ctx] |
371 | invoke sha2_256.finish, [temp_ctx] |
| Line 372... | Line 372... | ||
| 372 | 372 | ||
| 373 | mov ebx, [con_ptr] |
373 | mov ebx, [con_ptr] |
| 374 | add edi, 256/8 |
374 | add edi, 256/8 |
| 375 | mov esi, [temp_ctx] |
375 | mov esi, [temp_ctx] |
| Line 383... | Line 383... | ||
| 383 | mov edi, [temp_ctx] |
383 | mov edi, [temp_ctx] |
| 384 | mov ecx, LIBCRASH_CTX_LEN/4 |
384 | mov ecx, LIBCRASH_CTX_LEN/4 |
| 385 | rep movsd |
385 | rep movsd |
| 386 | lea edx, [session_id_x] |
386 | lea edx, [session_id_x] |
| 387 | mov byte[edx], 'D' |
387 | mov byte[edx], 'D' |
| 388 | invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1 |
388 | invoke sha2_256.update, [temp_ctx], edx, SHA2_256_LEN+1 |
| 389 | invoke sha2_256_finish, [temp_ctx] |
389 | invoke sha2_256.finish, [temp_ctx] |
| Line 390... | Line 390... | ||
| 390 | 390 | ||
| 391 | mov ebx, [con_ptr] |
391 | mov ebx, [con_ptr] |
| 392 | lea edi, [ebx+sshlib_connection.rx_enc_key] |
392 | lea edi, [ebx+sshlib_connection.rx_enc_key] |
| 393 | mov esi, [temp_ctx] |
393 | mov esi, [temp_ctx] |
| Line 398... | Line 398... | ||
| 398 | mov edi, [temp_ctx] |
398 | mov edi, [temp_ctx] |
| 399 | mov ecx, LIBCRASH_CTX_LEN/4 |
399 | mov ecx, LIBCRASH_CTX_LEN/4 |
| 400 | rep movsd |
400 | rep movsd |
| 401 | mov ebx, [con_ptr] |
401 | mov ebx, [con_ptr] |
| 402 | lea edi, [ebx+sshlib_connection.rx_enc_key] |
402 | lea edi, [ebx+sshlib_connection.rx_enc_key] |
| 403 | invoke sha2_256_update, [temp_ctx], edi, SHA2_256_LEN |
403 | invoke sha2_256.update, [temp_ctx], edi, SHA2_256_LEN |
| 404 | invoke sha2_256_finish, [temp_ctx] |
404 | invoke sha2_256.finish, [temp_ctx] |
| Line 405... | Line 405... | ||
| 405 | 405 | ||
| 406 | mov ebx, [con_ptr] |
406 | mov ebx, [con_ptr] |
| 407 | add edi, 256/8 |
407 | add edi, 256/8 |
| 408 | mov esi, [temp_ctx] |
408 | mov esi, [temp_ctx] |
| Line 416... | Line 416... | ||
| 416 | mov edi, [temp_ctx] |
416 | mov edi, [temp_ctx] |
| 417 | mov ecx, LIBCRASH_CTX_LEN/4 |
417 | mov ecx, LIBCRASH_CTX_LEN/4 |
| 418 | rep movsd |
418 | rep movsd |
| 419 | lea edx, [session_id_x] |
419 | lea edx, [session_id_x] |
| 420 | mov byte[edx], 'E' |
420 | mov byte[edx], 'E' |
| 421 | invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1 |
421 | invoke sha2_256.update, [temp_ctx], edx, SHA2_256_LEN+1 |
| 422 | invoke sha2_256_finish, [temp_ctx] |
422 | invoke sha2_256.finish, [temp_ctx] |
| 423 | mov ebx, [con_ptr] |
423 | mov ebx, [con_ptr] |
| 424 | lea edi, [ebx + sshlib_connection.tx_int_key] |
424 | lea edi, [ebx + sshlib_connection.tx_int_key] |
| 425 | mov esi, [temp_ctx] |
425 | mov esi, [temp_ctx] |
| 426 | mov ecx, SHA2_256_LEN/4 |
426 | mov ecx, SHA2_256_LEN/4 |
| 427 | rep movsd |
427 | rep movsd |
| Line 433... | Line 433... | ||
| 433 | mov edi, [temp_ctx] |
433 | mov edi, [temp_ctx] |
| 434 | mov ecx, LIBCRASH_CTX_LEN/4 |
434 | mov ecx, LIBCRASH_CTX_LEN/4 |
| 435 | rep movsd |
435 | rep movsd |
| 436 | lea edx, [session_id_x] |
436 | lea edx, [session_id_x] |
| 437 | mov byte[edx], 'F' |
437 | mov byte[edx], 'F' |
| 438 | invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1 |
438 | invoke sha2_256.update, [temp_ctx], edx, SHA2_256_LEN+1 |
| 439 | invoke sha2_256_finish, [temp_ctx] |
439 | invoke sha2_256.finish, [temp_ctx] |
| 440 | mov ebx, [con_ptr] |
440 | mov ebx, [con_ptr] |
| 441 | lea edi, [ebx + sshlib_connection.rx_int_key] |
441 | lea edi, [ebx + sshlib_connection.rx_int_key] |
| 442 | mov esi, [temp_ctx] |
442 | mov esi, [temp_ctx] |
| 443 | mov ecx, SHA2_256_LEN/4 |
443 | mov ecx, SHA2_256_LEN/4 |
| 444 | rep movsd |
444 | rep movsd |