Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/cipher.c

Contents of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/cipher.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 9210 - (show annotations) (download) (as text)
Sat Apr 17 08:36:59 2021 UTC (2 years, 10 months ago) by nmaya
File MIME type: text/x-csrc
File size: 17676 byte(s) 
ファイルを分割・コードを移動・関数名を整理・新しい OpenSSH からインポート

- OpenSSH からインポート
  cipher-3des1.c from OpenSSH-7.5p1
  ssherr.c from OpenSSH-8.5p1
  ssherr.h from OpenSSH-8.5p1
1 /*
2 * Copyright (c) 1998-2001, Robert O'Callahan
3 * (C) 2004- TeraTerm Project
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29
30 #include "ttxssh.h"
31 #include "ssh.h"
32 #include "ssherr.h"
33 #include "cipher.h"
34 #include "kex.h"
35
36 #include <openssl/evp.h>
37
38 // from cipher-3des.c
39 extern const EVP_CIPHER* evp_ssh1_3des(void);
40
41 static const struct ssh2cipher ssh2_ciphers[] = {
42 {SSH2_CIPHER_3DES_CBC, "3des-cbc", 8, 24, 0, 0, 0, EVP_des_ede3_cbc}, // RFC4253
43 {SSH2_CIPHER_AES128_CBC, "aes128-cbc", 16, 16, 0, 0, 0, EVP_aes_128_cbc}, // RFC4253
44 {SSH2_CIPHER_AES192_CBC, "aes192-cbc", 16, 24, 0, 0, 0, EVP_aes_192_cbc}, // RFC4253
45 {SSH2_CIPHER_AES256_CBC, "aes256-cbc", 16, 32, 0, 0, 0, EVP_aes_256_cbc}, // RFC4253
46 {SSH2_CIPHER_BLOWFISH_CBC, "blowfish-cbc", 8, 16, 0, 0, 0, EVP_bf_cbc}, // RFC4253
47 {SSH2_CIPHER_AES128_CTR, "aes128-ctr", 16, 16, 0, 0, 0, evp_aes_128_ctr}, // RFC4344
48 {SSH2_CIPHER_AES192_CTR, "aes192-ctr", 16, 24, 0, 0, 0, evp_aes_128_ctr}, // RFC4344
49 {SSH2_CIPHER_AES256_CTR, "aes256-ctr", 16, 32, 0, 0, 0, evp_aes_128_ctr}, // RFC4344
50 {SSH2_CIPHER_ARCFOUR, "arcfour", 8, 16, 0, 0, 0, EVP_rc4}, // RFC4253
51 {SSH2_CIPHER_ARCFOUR128, "arcfour128", 8, 16, 1536, 0, 0, EVP_rc4}, // RFC4345
52 {SSH2_CIPHER_ARCFOUR256, "arcfour256", 8, 32, 1536, 0, 0, EVP_rc4}, // RFC4345
53 {SSH2_CIPHER_CAST128_CBC, "cast128-cbc", 8, 16, 0, 0, 0, EVP_cast5_cbc}, // RFC4253
54 {SSH2_CIPHER_3DES_CTR, "3des-ctr", 8, 24, 0, 0, 0, evp_des3_ctr}, // RFC4344
55 {SSH2_CIPHER_BLOWFISH_CTR, "blowfish-ctr", 8, 32, 0, 0, 0, evp_bf_ctr}, // RFC4344
56 {SSH2_CIPHER_CAST128_CTR, "cast128-ctr", 8, 16, 0, 0, 0, evp_cast5_ctr}, // RFC4344
57 {SSH2_CIPHER_CAMELLIA128_CBC, "camellia128-cbc", 16, 16, 0, 0, 0, EVP_camellia_128_cbc}, // draft-kanno-secsh-camellia-02
58 {SSH2_CIPHER_CAMELLIA192_CBC, "camellia192-cbc", 16, 24, 0, 0, 0, EVP_camellia_192_cbc}, // draft-kanno-secsh-camellia-02
59 {SSH2_CIPHER_CAMELLIA256_CBC, "camellia256-cbc", 16, 32, 0, 0, 0, EVP_camellia_256_cbc}, // draft-kanno-secsh-camellia-02
60 {SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr", 16, 16, 0, 0, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
61 {SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr", 16, 24, 0, 0, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
62 {SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr", 16, 32, 0, 0, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
63 #ifdef WITH_CAMELLIA_PRIVATE
64 {SSH2_CIPHER_CAMELLIA128_CBC, "camellia128-cbc@openssh.org", 16, 16, 0, 0, 0, EVP_camellia_128_cbc},
65 {SSH2_CIPHER_CAMELLIA192_CBC, "camellia192-cbc@openssh.org", 16, 24, 0, 0, 0, EVP_camellia_192_cbc},
66 {SSH2_CIPHER_CAMELLIA256_CBC, "camellia256-cbc@openssh.org", 16, 32, 0, 0, 0, EVP_camellia_256_cbc},
67 {SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr@openssh.org", 16, 16, 0, 0, 0, evp_camellia_128_ctr},
68 {SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr@openssh.org", 16, 24, 0, 0, 0, evp_camellia_128_ctr},
69 {SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr@openssh.org", 16, 32, 0, 0, 0, evp_camellia_128_ctr},
70 #endif // WITH_CAMELLIA_PRIVATE
71 {SSH2_CIPHER_AES128_GCM, "aes128-gcm@openssh.com", 16, 16, 0, 12, 16, EVP_aes_128_gcm}, // not RFC5647, PROTOCOL of OpenSSH
72 {SSH2_CIPHER_AES256_GCM, "aes256-gcm@openssh.com", 16, 32, 0, 12, 16, EVP_aes_256_gcm}, // not RFC5647, PROTOCOL of OpenSSH
73 {SSH_CIPHER_NONE, NULL, 0, 0, 0, 0, 0, NULL},
74 };
75
76
77 int get_cipher_id(const struct ssh2cipher *cipher)
78 {
79 if (cipher) {
80 return cipher->id;
81 }
82 else {
83 return 0;
84 }
85 }
86
87 u_int get_cipher_block_size(const struct ssh2cipher *cipher)
88 {
89 u_int blocksize = 0;
90
91 if (cipher) {
92 blocksize = cipher->block_size;
93 }
94
95 return max(blocksize, 8);
96 }
97
98 u_int get_cipher_key_len(const struct ssh2cipher *cipher)
99 {
100 if (cipher) {
101 return cipher->key_len;
102 }
103 else {
104 return 0;
105 }
106 }
107
108 u_int get_cipher_discard_len(const struct ssh2cipher *cipher)
109 {
110 if (cipher) {
111 return cipher->discard_len;
112 }
113 else {
114 return 0;
115 }
116 }
117
118 u_int get_cipher_iv_len(const struct ssh2cipher *cipher)
119 {
120 if (cipher) {
121 if (cipher->iv_len != 0) {
122 return cipher->iv_len;
123 }
124 else {
125 return cipher->block_size;
126 }
127 }
128 else {
129 return 8; // block_size
130 }
131 }
132
133 u_int get_cipher_auth_len(const struct ssh2cipher *cipher)
134 {
135 if (cipher) {
136 return cipher->auth_len;
137 }
138 else {
139 return 0;
140 }
141 }
142
143 const EVP_CIPHER *get_cipher_EVP_CIPHER(const struct ssh2cipher *cipher)
144 {
145 if (cipher) {
146 return cipher->func();
147 }
148 else {
149 return EVP_enc_null();
150 }
151 }
152
153 char *get_cipher_string(const struct ssh2cipher *cipher)
154 {
155 if (cipher) {
156 return cipher->name;
157 }
158 else {
159 return "unknown";
160 }
161 }
162
163 // �����A���S���Y�����������������B
164 const struct ssh2cipher *get_cipher_by_name(char *name)
165 {
166 const struct ssh2cipher *ptr = ssh2_ciphers;
167
168 if (name == NULL || name[0] == '\0')
169 return NULL;
170
171 while (ptr->name != NULL) {
172 if (strcmp(ptr->name, name) == 0) {
173 return ptr;
174 }
175 ptr++;
176 }
177
178 // not found.
179 return NULL;
180 }
181
182 // �\����
183 char *get_cipher_name(int cipher_id)
184 {
185 switch (cipher_id) {
186 case SSH_CIPHER_NONE:
187 return "None";
188 case SSH_CIPHER_3DES:
189 return "3DES (168 key bits)";
190 case SSH_CIPHER_DES:
191 return "DES (56 key bits)";
192 case SSH_CIPHER_BLOWFISH:
193 return "Blowfish (256 key bits)";
194
195 // SSH2
196 case SSH2_CIPHER_3DES_CBC:
197 return "3des-cbc";
198 case SSH2_CIPHER_AES128_CBC:
199 return "aes128-cbc";
200 case SSH2_CIPHER_AES192_CBC:
201 return "aes192-cbc";
202 case SSH2_CIPHER_AES256_CBC:
203 return "aes256-cbc";
204 case SSH2_CIPHER_BLOWFISH_CBC:
205 return "blowfish-cbc";
206 case SSH2_CIPHER_AES128_CTR:
207 return "aes128-ctr";
208 case SSH2_CIPHER_AES192_CTR:
209 return "aes192-ctr";
210 case SSH2_CIPHER_AES256_CTR:
211 return "aes256-ctr";
212 case SSH2_CIPHER_ARCFOUR:
213 return "arcfour";
214 case SSH2_CIPHER_ARCFOUR128:
215 return "arcfour128";
216 case SSH2_CIPHER_ARCFOUR256:
217 return "arcfour256";
218 case SSH2_CIPHER_CAST128_CBC:
219 return "cast-128-cbc";
220 case SSH2_CIPHER_3DES_CTR:
221 return "3des-ctr";
222 case SSH2_CIPHER_BLOWFISH_CTR:
223 return "blowfish-ctr";
224 case SSH2_CIPHER_CAST128_CTR:
225 return "cast-128-ctr";
226 case SSH2_CIPHER_CAMELLIA128_CBC:
227 return "camellia128-cbc";
228 case SSH2_CIPHER_CAMELLIA192_CBC:
229 return "camellia192-cbc";
230 case SSH2_CIPHER_CAMELLIA256_CBC:
231 return "camellia256-cbc";
232 case SSH2_CIPHER_CAMELLIA128_CTR:
233 return "camellia128-ctr";
234 case SSH2_CIPHER_CAMELLIA192_CTR:
235 return "camellia192-ctr";
236 case SSH2_CIPHER_CAMELLIA256_CTR:
237 return "camellia256-ctr";
238 case SSH2_CIPHER_AES128_GCM:
239 return "aes128-gcm@openssh.com";
240 case SSH2_CIPHER_AES256_GCM:
241 return "aes256-gcm@openssh.com";
242
243 default:
244 return "Unknown";
245 }
246 }
247
248 // ���X�g�{�b�N�X�\����
249 char *get_listbox_cipher_name(int cipher_id, PTInstVar pvar)
250 {
251 switch (cipher_id) {
252 case SSH_CIPHER_NONE:
253 UTIL_get_lang_msg("DLG_SSHSETUP_CIPHER_BORDER", pvar,
254 "<ciphers below this line are disabled>");
255 return pvar->ts->UIMsg;
256 case SSH_CIPHER_3DES:
257 return "3DES(SSH1)";
258 case SSH_CIPHER_DES:
259 return "DES(SSH1)";
260 case SSH_CIPHER_BLOWFISH:
261 return "Blowfish(SSH1)";
262
263 // for SSH2(yutaka)
264 case SSH2_CIPHER_AES128_CBC:
265 return "aes128-cbc(SSH2)";
266 case SSH2_CIPHER_AES192_CBC:
267 return "aes192-cbc(SSH2)";
268 case SSH2_CIPHER_AES256_CBC:
269 return "aes256-cbc(SSH2)";
270 case SSH2_CIPHER_3DES_CBC:
271 return "3des-cbc(SSH2)";
272 case SSH2_CIPHER_BLOWFISH_CBC:
273 return "blowfish-cbc(SSH2)";
274 case SSH2_CIPHER_AES128_CTR:
275 return "aes128-ctr(SSH2)";
276 case SSH2_CIPHER_AES192_CTR:
277 return "aes192-ctr(SSH2)";
278 case SSH2_CIPHER_AES256_CTR:
279 return "aes256-ctr(SSH2)";
280 case SSH2_CIPHER_ARCFOUR:
281 return "arcfour(SSH2)";
282 case SSH2_CIPHER_ARCFOUR128:
283 return "arcfour128(SSH2)";
284 case SSH2_CIPHER_ARCFOUR256:
285 return "arcfour256(SSH2)";
286 case SSH2_CIPHER_CAST128_CBC:
287 return "cast128-cbc(SSH2)";
288 case SSH2_CIPHER_3DES_CTR:
289 return "3des-ctr(SSH2)";
290 case SSH2_CIPHER_BLOWFISH_CTR:
291 return "blowfish-ctr(SSH2)";
292 case SSH2_CIPHER_CAST128_CTR:
293 return "cast128-ctr(SSH2)";
294 case SSH2_CIPHER_CAMELLIA128_CBC:
295 return "camellia128-cbc(SSH2)";
296 case SSH2_CIPHER_CAMELLIA192_CBC:
297 return "camellia192-cbc(SSH2)";
298 case SSH2_CIPHER_CAMELLIA256_CBC:
299 return "camellia256-cbc(SSH2)";
300 case SSH2_CIPHER_CAMELLIA128_CTR:
301 return "camellia128-ctr(SSH2)";
302 case SSH2_CIPHER_CAMELLIA192_CTR:
303 return "camellia192-ctr(SSH2)";
304 case SSH2_CIPHER_CAMELLIA256_CTR:
305 return "camellia256-ctr(SSH2)";
306 case SSH2_CIPHER_AES128_GCM:
307 return "aes128-gcm@openssh.com(SSH2)";
308 case SSH2_CIPHER_AES256_GCM:
309 return "aes256-gcm@openssh.com(SSH2)";
310
311 default:
312 return NULL;
313 }
314 }
315
316 /*
317 * Remove unsupported cipher or duplicated cipher.
318 * Add unspecified ciphers at the end of list.
319 */
320 void normalize_cipher_order(char *buf)
321 {
322 /* SSH_CIPHER_NONE means that all ciphers below that one are disabled.
323 We *never* allow no encryption. */
324 static char default_strings[] = {
325 SSH2_CIPHER_AES256_GCM,
326 SSH2_CIPHER_CAMELLIA256_CTR,
327 SSH2_CIPHER_AES256_CTR,
328 SSH2_CIPHER_CAMELLIA256_CBC,
329 SSH2_CIPHER_AES256_CBC,
330 SSH2_CIPHER_CAMELLIA192_CTR,
331 SSH2_CIPHER_AES192_CTR,
332 SSH2_CIPHER_CAMELLIA192_CBC,
333 SSH2_CIPHER_AES192_CBC,
334 SSH2_CIPHER_AES128_GCM,
335 SSH2_CIPHER_CAMELLIA128_CTR,
336 SSH2_CIPHER_AES128_CTR,
337 SSH2_CIPHER_CAMELLIA128_CBC,
338 SSH2_CIPHER_AES128_CBC,
339 SSH2_CIPHER_3DES_CTR,
340 SSH2_CIPHER_3DES_CBC,
341 SSH2_CIPHER_BLOWFISH_CTR,
342 SSH2_CIPHER_BLOWFISH_CBC,
343 SSH2_CIPHER_CAST128_CTR,
344 SSH2_CIPHER_CAST128_CBC,
345 SSH_CIPHER_3DES,
346 SSH_CIPHER_NONE,
347 SSH2_CIPHER_ARCFOUR256,
348 SSH2_CIPHER_ARCFOUR128,
349 SSH2_CIPHER_ARCFOUR,
350 SSH_CIPHER_BLOWFISH,
351 SSH_CIPHER_DES,
352 0, 0, 0 // Dummy for SSH_CIPHER_IDEA, SSH_CIPHER_TSS, SSH_CIPHER_RC4
353 };
354
355 normalize_generic_order(buf, default_strings, NUM_ELEM(default_strings));
356 }
357
358 const struct ssh2cipher *choose_SSH2_cipher_algorithm(char *server_proposal, char *my_proposal)
359 {
360 char str_cipher[32];
361 const struct ssh2cipher *ptr = ssh2_ciphers;
362
363 choose_SSH2_proposal(server_proposal, my_proposal, str_cipher, sizeof(str_cipher));
364 return get_cipher_by_name(str_cipher);
365 }
366
367 void SSH2_update_cipher_myproposal(PTInstVar pvar)
368 {
369 static char buf[512]; // TODO: malloc()��������
370 int cipher;
371 int len, i;
372 char *c_str;
373
374 // ���M�������������������������A�O�������B(2006.6.26 maya)
375 if (pvar->socket != INVALID_SOCKET) {
376 return;
377 }
378
379 // �����A���S���Y���D���������������Amyproposal[]�������������B(2004.11.6 yutaka)
380 buf[0] = '\0';
381 for (i = 0 ; pvar->settings.CipherOrder[i] != 0 ; i++) {
382 cipher = pvar->settings.CipherOrder[i] - '0';
383 if (cipher == 0) // disabled line
384 break;
385 switch (cipher) {
386 case SSH2_CIPHER_3DES_CBC:
387 c_str = "3des-cbc,";
388 break;
389 case SSH2_CIPHER_3DES_CTR:
390 c_str = "3des-ctr,";
391 break;
392 case SSH2_CIPHER_BLOWFISH_CBC:
393 c_str = "blowfish-cbc,";
394 break;
395 case SSH2_CIPHER_BLOWFISH_CTR:
396 c_str = "blowfish-ctr,";
397 break;
398 case SSH2_CIPHER_AES128_CBC:
399 c_str = "aes128-cbc,";
400 break;
401 case SSH2_CIPHER_AES192_CBC:
402 c_str = "aes192-cbc,";
403 break;
404 case SSH2_CIPHER_AES256_CBC:
405 c_str = "aes256-cbc,";
406 break;
407 case SSH2_CIPHER_AES128_CTR:
408 c_str = "aes128-ctr,";
409 break;
410 case SSH2_CIPHER_AES192_CTR:
411 c_str = "aes192-ctr,";
412 break;
413 case SSH2_CIPHER_AES256_CTR:
414 c_str = "aes256-ctr,";
415 break;
416 case SSH2_CIPHER_ARCFOUR:
417 c_str = "arcfour,";
418 break;
419 case SSH2_CIPHER_ARCFOUR128:
420 c_str = "arcfour128,";
421 break;
422 case SSH2_CIPHER_ARCFOUR256:
423 c_str = "arcfour256,";
424 break;
425 case SSH2_CIPHER_CAST128_CBC:
426 c_str = "cast128-cbc,";
427 break;
428 case SSH2_CIPHER_CAST128_CTR:
429 c_str = "cast128-ctr,";
430 break;
431 #ifdef WITH_CAMELLIA_PRIVATE
432 case SSH2_CIPHER_CAMELLIA128_CBC:
433 c_str = "camellia128-cbc,camellia128-cbc@openssh.org,";
434 break;
435 case SSH2_CIPHER_CAMELLIA192_CBC:
436 c_str = "camellia192-cbc,camellia192-cbc@openssh.org,";
437 break;
438 case SSH2_CIPHER_CAMELLIA256_CBC:
439 c_str = "camellia256-cbc,camellia256-cbc@openssh.org,";
440 break;
441 case SSH2_CIPHER_CAMELLIA128_CTR:
442 c_str = "camellia128-ctr,camellia128-ctr@openssh.org,";
443 break;
444 case SSH2_CIPHER_CAMELLIA192_CTR:
445 c_str = "camellia192-ctr,camellia192-ctr@openssh.org,";
446 break;
447 case SSH2_CIPHER_CAMELLIA256_CTR:
448 c_str = "camellia256-ctr,camellia256-ctr@openssh.org,";
449 break;
450 #endif // WITH_CAMELLIA_PRIVATE
451 case SSH2_CIPHER_CAMELLIA128_CBC:
452 c_str = "camellia128-cbc,";
453 break;
454 case SSH2_CIPHER_CAMELLIA192_CBC:
455 c_str = "camellia192-cbc,";
456 break;
457 case SSH2_CIPHER_CAMELLIA256_CBC:
458 c_str = "camellia256-cbc,";
459 break;
460 case SSH2_CIPHER_CAMELLIA128_CTR:
461 c_str = "camellia128-ctr,";
462 break;
463 case SSH2_CIPHER_CAMELLIA192_CTR:
464 c_str = "camellia192-ctr,";
465 break;
466 case SSH2_CIPHER_CAMELLIA256_CTR:
467 c_str = "camellia256-ctr,";
468 break;
469 case SSH2_CIPHER_AES128_GCM:
470 c_str = "aes128-gcm@openssh.com,";
471 break;
472 case SSH2_CIPHER_AES256_GCM:
473 c_str = "aes256-gcm@openssh.com,";
474 break;
475 default:
476 continue;
477 }
478 strncat_s(buf, sizeof(buf), c_str, _TRUNCATE);
479 }
480 len = strlen(buf);
481 if (len > 0)
482 buf[len - 1] = '\0'; // get rid of comma
483 myproposal[PROPOSAL_ENC_ALGS_CTOS] = buf; // Client To Server
484 myproposal[PROPOSAL_ENC_ALGS_STOC] = buf; // Server To Client
485 }
486
487
488 //
489 // SSH2�p�A���S���Y����������
490 //
491 void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
492 const u_char *key, u_int keylen,
493 const u_char *iv, u_int ivlen,
494 int do_encrypt,
495 const EVP_CIPHER *type,
496 int discard_len,
497 unsigned int authlen,
498 PTInstVar pvar)
499 {
500 int klen;
501 unsigned char *junk = NULL, *discard = NULL;
502 char tmp[80];
503
504 EVP_CIPHER_CTX_reset(evp);
505
506 if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (do_encrypt == CIPHER_ENCRYPT)) == 0) {
507 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
508 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
509 notify_fatal_error(pvar, tmp, TRUE);
510 return;
511 }
512 if (authlen &&
513 !EVP_CIPHER_CTX_ctrl(evp, EVP_CTRL_GCM_SET_IV_FIXED, -1, (u_char *)iv)) {
514 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
515 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
516 notify_fatal_error(pvar, tmp, TRUE);
517 return;
518 }
519 klen = EVP_CIPHER_CTX_key_length(evp);
520 if (klen > 0 && keylen != (u_int)klen) {
521 if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
522 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
523 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
524 notify_fatal_error(pvar, tmp, TRUE);
525 return;
526 }
527 }
528 if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
529 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
530 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 4);
531 notify_fatal_error(pvar, tmp, TRUE);
532 return;
533 }
534
535 if (discard_len > 0) {
536 junk = malloc(discard_len);
537 discard = malloc(discard_len);
538 if (junk == NULL || discard == NULL ||
539 EVP_Cipher(evp, discard, junk, discard_len) == 0) {
540 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
541 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 5);
542 notify_fatal_error(pvar, tmp, TRUE);
543 }
544 else {
545 SecureZeroMemory(discard, discard_len);
546 }
547 free(junk);
548 free(discard);
549 }
550 }
551
552 //
553 // SSH2�p�A���S���Y�����j��
554 ///
555 void cipher_free_SSH2(EVP_CIPHER_CTX *evp)
556 {
557 EVP_CIPHER_CTX_free(evp);
558 }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help