svnno****@sourc*****
svnno****@sourc*****
2017年 1月 11日 (水) 23:18:17 JST
Tera TermRevision: 6568
http://sourceforge.jp/projects/ttssh2/scm/svn/commits/6568
Author: yutakapon
Date: 2017-01-11 23:18:17 +0900 (Wed, 11 Jan 2017)
Log Message:
-----------
DH構造体のメンバーアクセスを関数アクセスに変更した。
save_bcrypt_private_key関数で EVP_CIPHER_CTX ポインタ指定ミスを修正した。
Modified Paths:
--------------
branches/openssl_1_1_0/ttssh2/ttxssh/kex.c
branches/openssl_1_1_0/ttssh2/ttxssh/ssh.c
branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c
-------------- next part --------------
Modified: branches/openssl_1_1_0/ttssh2/ttxssh/kex.c
===================================================================
--- branches/openssl_1_1_0/ttssh2/ttxssh/kex.c 2017-01-09 13:04:00 UTC (rev 6567)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/kex.c 2017-01-11 14:18:17 UTC (rev 6568)
@@ -34,6 +34,7 @@
static DH *dh_new_group_asc(const char *gen, const char *modulus)
{
DH *dh = NULL;
+ BIGNUM *p, *g;
if ((dh = DH_new()) == NULL) {
printf("dh_new_group_asc: DH_new");
@@ -40,13 +41,15 @@
goto error;
}
+ DH_get0_pqg(dh, &p, NULL, &g);
+
// P\x82\xC6G\x82͌\xF6\x8AJ\x82\xB5\x82Ă\xE0\x82悢\x91f\x90\x94\x82̑g\x82ݍ\x87\x82킹
- if (BN_hex2bn(&dh->p, modulus) == 0) {
+ if (BN_hex2bn(&p, modulus) == 0) {
printf("BN_hex2bn p");
goto error;
}
- if (BN_hex2bn(&dh->g, gen) == 0) {
+ if (BN_hex2bn(&g, gen) == 0) {
printf("BN_hex2bn g");
goto error;
}
@@ -231,22 +234,26 @@
void dh_gen_key(PTInstVar pvar, DH *dh, int we_need /* bytes */ )
{
int i;
+ BIGNUM *pub_key;
+ BIGNUM *priv_key;
- dh->priv_key = NULL;
+ priv_key = NULL;
// \x94閧\x82ɂ\xB7\x82ׂ\xAB\x97\x90\x90\x94(X)\x82\xAC
for (i = 0 ; i < 10 ; i++) { // retry counter
- if (dh->priv_key != NULL) {
- BN_clear_free(dh->priv_key);
+ if (priv_key != NULL) {
+ BN_clear_free(priv_key);
}
- dh->priv_key = BN_new();
- if (dh->priv_key == NULL)
+ priv_key = BN_new();
+ DH_set0_key(dh, NULL, priv_key);
+ if (priv_key == NULL)
goto error;
- if (BN_rand(dh->priv_key, 2*(we_need*8), 0, 0) == 0)
+ if (BN_rand(priv_key, 2*(we_need*8), 0, 0) == 0)
goto error;
if (DH_generate_key(dh) == 0)
goto error;
- if (dh_pub_is_valid(dh, dh->pub_key))
+ DH_get0_key(dh, &pub_key, NULL);
+ if (dh_pub_is_valid(dh, pub_key))
break;
}
if (i >= 10) {
@@ -467,6 +474,7 @@
int i;
int n = BN_num_bits(dh_pub);
int bits_set = 0;
+ const BIGNUM *p;
// OpenSSL 1.1.0\x82ŁABIGNUM\x8D\\x91\xA2\x91̂\xCCneg\x83\x81\x83\x93\x83o\x81[\x82ɒ\xBC\x90ڃA\x83N\x83Z\x83X\x82ł\xAB\x82Ȃ\xAD\x82Ȃ\xC1\x82\xBD\x82\xBD\x82߁A
// BN_is_negative\x8A\x94\x82ɒu\x8A\xB7\x82\xB7\x82\xE9\x81BOpenSSL 1.0.2\x82ł̓}\x83N\x83\x8D\x92\xE8\x8B`\x82\xB3\x82\xEA\x82Ă\xA2\x82\xE9\x81B
@@ -480,7 +488,8 @@
//debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
/* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
- if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1))
+ DH_get0_pqg(dh, &p, NULL, NULL);
+ if (bits_set > 1 && (BN_cmp(dh_pub, p) == -1))
return 1;
//logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
return 0;
Modified: branches/openssl_1_1_0/ttssh2/ttxssh/ssh.c
===================================================================
--- branches/openssl_1_1_0/ttssh2/ttxssh/ssh.c 2017-01-09 13:04:00 UTC (rev 6567)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/ssh.c 2017-01-11 14:18:17 UTC (rev 6568)
@@ -5195,6 +5195,7 @@
buffer_t *msg = NULL;
unsigned char *outmsg;
int len;
+ BIGNUM *pub_key;
// Diffie-Hellman key agreement
switch (pvar->kex_type) {
@@ -5224,7 +5225,8 @@
return;
}
- buffer_put_bignum2(msg, dh->pub_key);
+ DH_get0_key(dh, &pub_key, NULL);
+ buffer_put_bignum2(msg, pub_key);
len = buffer_len(msg);
outmsg = begin_send_packet(pvar, SSH2_MSG_KEXDH_INIT, len);
@@ -5349,6 +5351,7 @@
buffer_t *msg = NULL;
unsigned char *outmsg;
char tmpbuf[256];
+ BIGNUM *pub_key;
notify_verbose_message(pvar, "SSH2_MSG_KEX_DH_GEX_GROUP was received.", LOG_LEVEL_VERBOSE);
@@ -5434,8 +5437,7 @@
dh = DH_new();
if (dh == NULL)
goto error;
- dh->p = p;
- dh->g = g;
+ DH_set0_pqg(dh, p, NULL, g);
// \x94閧\x82ɂ\xB7\x82ׂ\xAB\x97\x90\x90\x94(X)\x82\xAC
dh_gen_key(pvar, dh, pvar->we_need);
@@ -5445,7 +5447,8 @@
if (msg == NULL) {
goto error;
}
- buffer_put_bignum2(msg, dh->pub_key);
+ DH_get0_key(dh, &pub_key, NULL);
+ buffer_put_bignum2(msg, pub_key);
len = buffer_len(msg);
outmsg = begin_send_packet(pvar, SSH2_MSG_KEX_DH_GEX_INIT, len);
memcpy(outmsg, buffer_ptr(msg), len);
@@ -5460,9 +5463,14 @@
pvar->kexdh = dh;
{
- push_bignum_memdump("DH_GEX_GROUP", "p", dh->p);
- push_bignum_memdump("DH_GEX_GROUP", "g", dh->g);
- push_bignum_memdump("DH_GEX_GROUP", "pub_key", dh->pub_key);
+ BIGNUM *p, *q, *pub_key;
+
+ DH_get0_pqg(dh, &p, &q, NULL);
+ DH_get0_key(dh, &pub_key, NULL);
+
+ push_bignum_memdump("DH_GEX_GROUP", "p", p);
+ push_bignum_memdump("DH_GEX_GROUP", "g", g);
+ push_bignum_memdump("DH_GEX_GROUP", "pub_key", pub_key);
}
SSH2_dispatch_init(2);
@@ -5585,6 +5593,7 @@
char *emsg, emsg_tmp[1024]; // error message
int ret, hashlen;
Key *hostkey; // hostkey
+ BIGNUM *pub_key;
notify_verbose_message(pvar, "SSH2_MSG_KEXDH_REPLY was received.", LOG_LEVEL_VERBOSE);
@@ -5665,6 +5674,7 @@
// \x83n\x83b\x83V\x83\x85\x82̌v\x8EZ
/* calc and verify H */
+ DH_get0_key(pvar->kexdh, &pub_key, NULL);
hash = kex_dh_hash(get_kex_algorithm_EVP_MD(pvar->kex_type),
pvar->client_version_string,
pvar->server_version_string,
@@ -5671,7 +5681,7 @@
buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex),
buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex),
server_host_key_blob, bloblen,
- pvar->kexdh->pub_key,
+ pub_key,
dh_server_pub,
share_key,
&hashlen);
@@ -5765,7 +5775,8 @@
}
// TTSSH\x83o\x81[\x83W\x83\x87\x83\x93\x8F\xEE\x95\xF1\x82ɕ\\x8E\xA6\x82\xB7\x82\xE9\x83L\x81[\x83r\x83b\x83g\x90\x94\x82\xF0\x8B\x81\x82߂Ă\xA8\x82\xAD (2004.10.30 yutaka)
- pvar->client_key_bits = BN_num_bits(pvar->kexdh->pub_key);
+ DH_get0_key(pvar->kexdh, &pub_key, NULL);
+ pvar->client_key_bits = BN_num_bits(pub_key);
pvar->server_key_bits = BN_num_bits(dh_server_pub);
SSH2_dispatch_init(3);
@@ -5813,6 +5824,8 @@
char *emsg, emsg_tmp[1024]; // error message
int ret, hashlen;
Key *hostkey = NULL; // hostkey
+ BIGNUM *p, *g;
+ BIGNUM *pub_key;
notify_verbose_message(pvar, "SSH2_MSG_KEX_DH_GEX_REPLY was received.", LOG_LEVEL_VERBOSE);
@@ -5894,6 +5907,8 @@
// \x83n\x83b\x83V\x83\x85\x82̌v\x8EZ
/* calc and verify H */
+ DH_get0_pqg(pvar->kexdh, &p, NULL, &g);
+ DH_get0_key(pvar->kexdh, &pub_key, NULL);
hash = kex_dh_gex_hash(
get_kex_algorithm_EVP_MD(pvar->kex_type),
pvar->client_version_string,
@@ -5905,9 +5920,9 @@
pvar->kexgex_min,
pvar->kexgex_bits,
pvar->kexgex_max,
- pvar->kexdh->p,
- pvar->kexdh->g,
- pvar->kexdh->pub_key,
+ p,
+ g,
+ pub_key,
/////// KEXGEX
dh_server_pub,
share_key,
@@ -6002,7 +6017,8 @@
}
// TTSSH\x83o\x81[\x83W\x83\x87\x83\x93\x8F\xEE\x95\xF1\x82ɕ\\x8E\xA6\x82\xB7\x82\xE9\x83L\x81[\x83r\x83b\x83g\x90\x94\x82\xF0\x8B\x81\x82߂Ă\xA8\x82\xAD (2004.10.30 yutaka)
- pvar->client_key_bits = BN_num_bits(pvar->kexdh->pub_key);
+ DH_get0_key(pvar->kexdh, &pub_key, NULL);
+ pvar->client_key_bits = BN_num_bits(pub_key);
pvar->server_key_bits = BN_num_bits(dh_server_pub);
SSH2_dispatch_init(3);
Modified: branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c
===================================================================
--- branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c 2017-01-09 13:04:00 UTC (rev 6567)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c 2017-01-11 14:18:17 UTC (rev 6568)
@@ -4346,7 +4346,7 @@
// \x88Í\x86\x89\xBB\x82̏\x80\x94\xF5
// TODO: OpenSSH 6.5\x82ł\xCD -Z \x83I\x83v\x83V\x83\x87\x83\x93\x82ŁA\x88Í\x86\x89\xBB\x83A\x83\x8B\x83S\x83\x8A\x83Y\x83\x80\x82\xF0\x8Ew\x92\xE8\x89”\\x82\xBE\x82\xAA\x81A
// \x82\xB1\x82\xB1\x82ł\xCD"AES256-CBC"\x82ɌŒ\xE8\x82Ƃ\xB7\x82\xE9\x81B
- cipher_init_SSH2(&cipher_ctx, key, keylen, key + keylen, ivlen, CIPHER_ENCRYPT,
+ cipher_init_SSH2(cipher_ctx, key, keylen, key + keylen, ivlen, CIPHER_ENCRYPT,
get_cipher_EVP_CIPHER(ciphernameval), 0, pvar);
SecureZeroMemory(key, keylen + ivlen);
free(key);
@@ -4390,12 +4390,12 @@
/* encrypt */
cp = buffer_append_space(encoded, buffer_len(b) + authlen);
- if (EVP_Cipher(&cipher_ctx, cp, buffer_ptr(b), buffer_len(b)) == 0) {
+ if (EVP_Cipher(cipher_ctx, cp, buffer_ptr(b), buffer_len(b)) == 0) {
//strncpy_s(errmsg, errmsg_len, "Key decrypt error", _TRUNCATE);
//free(decrypted);
//goto error;
}
- cipher_cleanup_SSH2(&cipher_ctx);
+ cipher_cleanup_SSH2(cipher_ctx);
len = 2 * buffer_len(encoded);
cp = malloc(len);