diff options
Diffstat (limited to 'deattack.c')
-rw-r--r-- | deattack.c | 54 |
1 files changed, 18 insertions, 36 deletions
diff --git a/deattack.c b/deattack.c index d174abc76..1b37e4dab 100644 --- a/deattack.c +++ b/deattack.c | |||
@@ -1,3 +1,4 @@ | |||
1 | /* $OpenBSD: deattack.c,v 1.30 2006/09/16 19:53:37 djm Exp $ */ | ||
1 | /* | 2 | /* |
2 | * Cryptographic attack detector for ssh - source code | 3 | * Cryptographic attack detector for ssh - source code |
3 | * | 4 | * |
@@ -18,14 +19,18 @@ | |||
18 | */ | 19 | */ |
19 | 20 | ||
20 | #include "includes.h" | 21 | #include "includes.h" |
21 | RCSID("$OpenBSD: deattack.c,v 1.19 2003/09/18 08:49:45 markus Exp $"); | ||
22 | 22 | ||
23 | #include <sys/types.h> | ||
24 | |||
25 | #include <string.h> | ||
26 | #include <stdio.h> | ||
27 | #include <stdarg.h> | ||
28 | |||
29 | #include "xmalloc.h" | ||
23 | #include "deattack.h" | 30 | #include "deattack.h" |
24 | #include "log.h" | 31 | #include "log.h" |
25 | #include "crc32.h" | 32 | #include "crc32.h" |
26 | #include "getput.h" | 33 | #include "misc.h" |
27 | #include "xmalloc.h" | ||
28 | #include "deattack.h" | ||
29 | 34 | ||
30 | /* | 35 | /* |
31 | * CRC attack detection has a worst-case behaviour that is O(N^3) over | 36 | * CRC attack detection has a worst-case behaviour that is O(N^3) over |
@@ -61,7 +66,7 @@ RCSID("$OpenBSD: deattack.c,v 1.19 2003/09/18 08:49:45 markus Exp $"); | |||
61 | 66 | ||
62 | 67 | ||
63 | /* Hash function (Input keys are cipher results) */ | 68 | /* Hash function (Input keys are cipher results) */ |
64 | #define HASH(x) GET_32BIT(x) | 69 | #define HASH(x) get_u32(x) |
65 | 70 | ||
66 | #define CMP(a, b) (memcmp(a, b, SSH_BLOCKSIZE)) | 71 | #define CMP(a, b) (memcmp(a, b, SSH_BLOCKSIZE)) |
67 | 72 | ||
@@ -69,22 +74,17 @@ static void | |||
69 | crc_update(u_int32_t *a, u_int32_t b) | 74 | crc_update(u_int32_t *a, u_int32_t b) |
70 | { | 75 | { |
71 | b ^= *a; | 76 | b ^= *a; |
72 | *a = ssh_crc32((u_char *) &b, sizeof(b)); | 77 | *a = ssh_crc32((u_char *)&b, sizeof(b)); |
73 | } | 78 | } |
74 | 79 | ||
75 | /* detect if a block is used in a particular pattern */ | 80 | /* detect if a block is used in a particular pattern */ |
76 | static int | 81 | static int |
77 | check_crc(u_char *S, u_char *buf, u_int32_t len, | 82 | check_crc(u_char *S, u_char *buf, u_int32_t len) |
78 | u_char *IV) | ||
79 | { | 83 | { |
80 | u_int32_t crc; | 84 | u_int32_t crc; |
81 | u_char *c; | 85 | u_char *c; |
82 | 86 | ||
83 | crc = 0; | 87 | crc = 0; |
84 | if (IV && !CMP(S, IV)) { | ||
85 | crc_update(&crc, 1); | ||
86 | crc_update(&crc, 0); | ||
87 | } | ||
88 | for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { | 88 | for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { |
89 | if (!CMP(S, c)) { | 89 | if (!CMP(S, c)) { |
90 | crc_update(&crc, 1); | 90 | crc_update(&crc, 1); |
@@ -100,7 +100,7 @@ check_crc(u_char *S, u_char *buf, u_int32_t len, | |||
100 | 100 | ||
101 | /* Detect a crc32 compensation attack on a packet */ | 101 | /* Detect a crc32 compensation attack on a packet */ |
102 | int | 102 | int |
103 | detect_attack(u_char *buf, u_int32_t len, u_char *IV) | 103 | detect_attack(u_char *buf, u_int32_t len) |
104 | { | 104 | { |
105 | static u_int16_t *h = (u_int16_t *) NULL; | 105 | static u_int16_t *h = (u_int16_t *) NULL; |
106 | static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; | 106 | static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; |
@@ -118,26 +118,20 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) | |||
118 | 118 | ||
119 | if (h == NULL) { | 119 | if (h == NULL) { |
120 | debug("Installing crc compensation attack detector."); | 120 | debug("Installing crc compensation attack detector."); |
121 | h = (u_int16_t *) xmalloc(l * HASH_ENTRYSIZE); | 121 | h = (u_int16_t *) xcalloc(l, HASH_ENTRYSIZE); |
122 | n = l; | 122 | n = l; |
123 | } else { | 123 | } else { |
124 | if (l > n) { | 124 | if (l > n) { |
125 | h = (u_int16_t *) xrealloc(h, l * HASH_ENTRYSIZE); | 125 | h = (u_int16_t *)xrealloc(h, l, HASH_ENTRYSIZE); |
126 | n = l; | 126 | n = l; |
127 | } | 127 | } |
128 | } | 128 | } |
129 | 129 | ||
130 | if (len <= HASH_MINBLOCKS) { | 130 | if (len <= HASH_MINBLOCKS) { |
131 | for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { | 131 | for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { |
132 | if (IV && (!CMP(c, IV))) { | ||
133 | if ((check_crc(c, buf, len, IV))) | ||
134 | return (DEATTACK_DETECTED); | ||
135 | else | ||
136 | break; | ||
137 | } | ||
138 | for (d = buf; d < c; d += SSH_BLOCKSIZE) { | 132 | for (d = buf; d < c; d += SSH_BLOCKSIZE) { |
139 | if (!CMP(c, d)) { | 133 | if (!CMP(c, d)) { |
140 | if ((check_crc(c, buf, len, IV))) | 134 | if ((check_crc(c, buf, len))) |
141 | return (DEATTACK_DETECTED); | 135 | return (DEATTACK_DETECTED); |
142 | else | 136 | else |
143 | break; | 137 | break; |
@@ -148,25 +142,13 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) | |||
148 | } | 142 | } |
149 | memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE); | 143 | memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE); |
150 | 144 | ||
151 | if (IV) | ||
152 | h[HASH(IV) & (n - 1)] = HASH_IV; | ||
153 | |||
154 | for (c = buf, same = j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { | 145 | for (c = buf, same = j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { |
155 | for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; | 146 | for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; |
156 | i = (i + 1) & (n - 1)) { | 147 | i = (i + 1) & (n - 1)) { |
157 | if (h[i] == HASH_IV) { | 148 | if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { |
158 | if (!CMP(c, IV)) { | ||
159 | if (++same > MAX_IDENTICAL) | ||
160 | return (DEATTACK_DOS_DETECTED); | ||
161 | if (check_crc(c, buf, len, IV)) | ||
162 | return (DEATTACK_DETECTED); | ||
163 | else | ||
164 | break; | ||
165 | } | ||
166 | } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { | ||
167 | if (++same > MAX_IDENTICAL) | 149 | if (++same > MAX_IDENTICAL) |
168 | return (DEATTACK_DOS_DETECTED); | 150 | return (DEATTACK_DOS_DETECTED); |
169 | if (check_crc(c, buf, len, IV)) | 151 | if (check_crc(c, buf, len)) |
170 | return (DEATTACK_DETECTED); | 152 | return (DEATTACK_DETECTED); |
171 | else | 153 | else |
172 | break; | 154 | break; |