| 78 |
#include "buffer.h" |
#include "buffer.h" |
| 79 |
#include "cipher.h" |
#include "cipher.h" |
| 80 |
#include "key.h" |
#include "key.h" |
| 81 |
|
#include "kex.h" |
| 82 |
|
#include "mac.h" |
| 83 |
|
#include "comp.h" |
| 84 |
#include "dlglib.h" |
#include "dlglib.h" |
| 85 |
|
|
| 86 |
#include "sftp.h" |
#include "sftp.h" |
| 90 |
|
|
| 91 |
#include "libputty.h" |
#include "libputty.h" |
| 92 |
|
|
| 93 |
|
// from cipher-3des.c |
| 94 |
|
extern const EVP_CIPHER* evp_ssh1_3des(void); |
| 95 |
|
|
| 96 |
#undef DialogBoxParam |
#undef DialogBoxParam |
| 97 |
#define DialogBoxParam(p1,p2,p3,p4,p5) \ |
#define DialogBoxParam(p1,p2,p3,p4,p5) \ |
| 98 |
TTDialogBoxParam(p1,p2,p3,p4,p5) |
TTDialogBoxParam(p1,p2,p3,p4,p5) |
| 213 |
init_TTSSH(pvar); |
init_TTSSH(pvar); |
| 214 |
} |
} |
| 215 |
|
|
|
static void normalize_generic_order(char *buf, char default_strings[], int default_strings_len) |
|
|
{ |
|
|
char listed[max(KEX_DH_MAX,max(SSH_CIPHER_MAX,max(KEY_MAX,max(HMAC_MAX,COMP_MAX)))) + 1]; |
|
|
char allowed[max(KEX_DH_MAX,max(SSH_CIPHER_MAX,max(KEY_MAX,max(HMAC_MAX,COMP_MAX)))) + 1]; |
|
|
int i, j, k=-1; |
|
|
|
|
|
memset(listed, 0, sizeof(listed)); |
|
|
memset(allowed, 0, sizeof(allowed)); |
|
|
|
|
|
// 許可されている文字のリストを作る。 |
|
|
for (i = 0; i < default_strings_len ; i++) { |
|
|
allowed[default_strings[i]] = 1; |
|
|
} |
|
|
|
|
|
// 指定された文字列を走査し、許可されていない文字、重複する文字は削除する。 |
|
|
// |
|
|
// ex. (i=5 の文字を削除する) |
|
|
// i=012345 |
|
|
// >:=9<87;A@?B3026(\0) |
|
|
// i+1 |
|
|
// <------------> |
|
|
// ↓ |
|
|
// >:=9<7;A@?B3026(\0) |
|
|
// |
|
|
for (i = 0; buf[i] != 0; i++) { |
|
|
int num = buf[i] - '0'; |
|
|
|
|
|
if (num < 0 || num > default_strings_len |
|
|
|| !allowed[num] |
|
|
|| listed[num]) { |
|
|
memmove(buf + i, buf + i + 1, strlen(buf + i + 1) + 1); |
|
|
i--; |
|
|
} else { |
|
|
listed[num] = 1; |
|
|
} |
|
|
|
|
|
// disabled lineがあれば、位置を覚えておく。 |
|
|
if (num == 0) { |
|
|
k = i; |
|
|
} |
|
|
} |
|
|
|
|
|
// 指定されていない文字があれば、disabled lineの直前に挿入する。 |
|
|
// |
|
|
// ex. (Zを挿入する) |
|
|
// k |
|
|
// >:=9<87;A@?B3026(\0) |
|
|
// k+1 |
|
|
// <----> |
|
|
// ↓ k |
|
|
// >:=9<87;A@?B30026(\0) |
|
|
// ↓ k |
|
|
// >:=9<87;A@?B3Z026(\0) |
|
|
// |
|
|
for (j = 0; j < default_strings_len && default_strings[j] != 0; j++) { |
|
|
int num = default_strings[j]; |
|
|
|
|
|
if (!listed[num] && k >= 0) { |
|
|
int copylen = strlen(buf + k + 1) + 1; |
|
|
|
|
|
memmove(buf + k + 1, buf + k, copylen); |
|
|
buf[k + 1 + copylen] = '\0'; // 終端を忘れずに付ける。 |
|
|
buf[k] = num + '0'; |
|
|
k++; |
|
|
i++; |
|
|
} |
|
|
} |
|
|
if (k < 0) { |
|
|
j = 0; |
|
|
} |
|
|
else { |
|
|
j++; |
|
|
} |
|
|
|
|
|
// disabled lineが存在しない場合は、そのまま末尾に追加する。 |
|
|
for (; j < default_strings_len ; j++) { |
|
|
int num = default_strings[j]; |
|
|
|
|
|
if (!listed[num]) { |
|
|
buf[i] = num + '0'; |
|
|
listed[num] = 1; |
|
|
i++; |
|
|
} |
|
|
} |
|
|
|
|
|
buf[i] = 0; |
|
|
} |
|
|
|
|
|
/* |
|
|
* Remove unsupported cipher or duplicated cipher. |
|
|
* Add unspecified ciphers at the end of list. |
|
|
*/ |
|
|
static void normalize_cipher_order(char *buf) |
|
|
{ |
|
|
/* SSH_CIPHER_NONE means that all ciphers below that one are disabled. |
|
|
We *never* allow no encryption. */ |
|
|
static char default_strings[] = { |
|
|
SSH2_CIPHER_AES256_GCM, |
|
|
SSH2_CIPHER_CAMELLIA256_CTR, |
|
|
SSH2_CIPHER_AES256_CTR, |
|
|
SSH2_CIPHER_CAMELLIA256_CBC, |
|
|
SSH2_CIPHER_AES256_CBC, |
|
|
SSH2_CIPHER_CAMELLIA192_CTR, |
|
|
SSH2_CIPHER_AES192_CTR, |
|
|
SSH2_CIPHER_CAMELLIA192_CBC, |
|
|
SSH2_CIPHER_AES192_CBC, |
|
|
SSH2_CIPHER_AES128_GCM, |
|
|
SSH2_CIPHER_CAMELLIA128_CTR, |
|
|
SSH2_CIPHER_AES128_CTR, |
|
|
SSH2_CIPHER_CAMELLIA128_CBC, |
|
|
SSH2_CIPHER_AES128_CBC, |
|
|
SSH2_CIPHER_3DES_CTR, |
|
|
SSH2_CIPHER_3DES_CBC, |
|
|
SSH2_CIPHER_BLOWFISH_CTR, |
|
|
SSH2_CIPHER_BLOWFISH_CBC, |
|
|
SSH2_CIPHER_CAST128_CTR, |
|
|
SSH2_CIPHER_CAST128_CBC, |
|
|
SSH_CIPHER_3DES, |
|
|
SSH_CIPHER_NONE, |
|
|
SSH2_CIPHER_ARCFOUR256, |
|
|
SSH2_CIPHER_ARCFOUR128, |
|
|
SSH2_CIPHER_ARCFOUR, |
|
|
SSH_CIPHER_BLOWFISH, |
|
|
SSH_CIPHER_DES, |
|
|
0, 0, 0 // Dummy for SSH_CIPHER_IDEA, SSH_CIPHER_TSS, SSH_CIPHER_RC4 |
|
|
}; |
|
|
|
|
|
normalize_generic_order(buf, default_strings, NUM_ELEM(default_strings)); |
|
|
} |
|
|
|
|
|
static void normalize_kex_order(char *buf) |
|
|
{ |
|
|
static char default_strings[] = { |
|
|
KEX_ECDH_SHA2_256, |
|
|
KEX_ECDH_SHA2_384, |
|
|
KEX_ECDH_SHA2_521, |
|
|
KEX_DH_GRP18_SHA512, |
|
|
KEX_DH_GRP16_SHA512, |
|
|
KEX_DH_GRP14_SHA256, |
|
|
KEX_DH_GEX_SHA256, |
|
|
KEX_DH_GEX_SHA1, |
|
|
KEX_DH_GRP14_SHA1, |
|
|
KEX_DH_GRP1_SHA1, |
|
|
KEX_DH_NONE, |
|
|
}; |
|
|
|
|
|
normalize_generic_order(buf, default_strings, NUM_ELEM(default_strings)); |
|
|
} |
|
|
|
|
|
static void normalize_host_key_order(char *buf) |
|
|
{ |
|
|
static char default_strings[] = { |
|
|
KEY_ECDSA256, |
|
|
KEY_ECDSA384, |
|
|
KEY_ECDSA521, |
|
|
KEY_ED25519, |
|
|
KEY_RSA, |
|
|
KEY_DSA, |
|
|
KEY_NONE, |
|
|
}; |
|
|
|
|
|
normalize_generic_order(buf, default_strings, NUM_ELEM(default_strings)); |
|
|
} |
|
|
|
|
|
static void normalize_mac_order(char *buf) |
|
|
{ |
|
|
static char default_strings[] = { |
|
|
HMAC_SHA2_512_EtM, |
|
|
HMAC_SHA2_256_EtM, |
|
|
HMAC_SHA1_EtM, |
|
|
HMAC_SHA2_512, |
|
|
HMAC_SHA2_256, |
|
|
HMAC_SHA1, |
|
|
HMAC_RIPEMD160_EtM, |
|
|
HMAC_RIPEMD160, |
|
|
HMAC_MD5_EtM, |
|
|
HMAC_MD5, |
|
|
HMAC_NONE, |
|
|
HMAC_SHA1_96_EtM, |
|
|
HMAC_MD5_96_EtM, |
|
|
HMAC_SHA1_96, |
|
|
HMAC_MD5_96, |
|
|
0, // Dummy for HMAC_SHA2_512_96, |
|
|
0, // Dummy for HMAC_SHA2_256_96, |
|
|
}; |
|
|
|
|
|
normalize_generic_order(buf, default_strings, NUM_ELEM(default_strings)); |
|
|
} |
|
|
|
|
|
static void normalize_comp_order(char *buf) |
|
|
{ |
|
|
static char default_strings[] = { |
|
|
COMP_DELAYED, |
|
|
COMP_ZLIB, |
|
|
COMP_NOCOMP, |
|
|
COMP_NONE, |
|
|
}; |
|
|
|
|
|
normalize_generic_order(buf, default_strings, NUM_ELEM(default_strings)); |
|
|
} |
|
|
|
|
|
|
|
| 216 |
/* Remove local settings from the shared memory block. */ |
/* Remove local settings from the shared memory block. */ |
| 217 |
static void clear_local_settings(PTInstVar pvar) |
static void clear_local_settings(PTInstVar pvar) |
| 218 |
{ |
{ |
| 949 |
HOSTS_open(pvar); |
HOSTS_open(pvar); |
| 950 |
FWDUI_open(pvar); |
FWDUI_open(pvar); |
| 951 |
|
|
| 952 |
// 設定を myproposal に反映するのは、接続直前のここだけ。 (2006.6.26 maya) |
// 設定を myproposal に反映するのは、接続直前のここだけ。 |
| 953 |
SSH2_update_kex_myproposal(pvar); |
SSH2_update_kex_myproposal(pvar); |
| 954 |
SSH2_update_host_key_myproposal(pvar); |
SSH2_update_host_key_myproposal(pvar); |
| 955 |
SSH2_update_cipher_myproposal(pvar); |
SSH2_update_cipher_myproposal(pvar); |
| 2096 |
UTIL_get_lang_msg("DLG_ABOUT_HOSTKEY", pvar, "Host Key:"); |
UTIL_get_lang_msg("DLG_ABOUT_HOSTKEY", pvar, "Host Key:"); |
| 2097 |
strncat_s(buf2, sizeof(buf2), pvar->ts->UIMsg, _TRUNCATE); |
strncat_s(buf2, sizeof(buf2), pvar->ts->UIMsg, _TRUNCATE); |
| 2098 |
strncat_s(buf2, sizeof(buf2), " ", _TRUNCATE); |
strncat_s(buf2, sizeof(buf2), " ", _TRUNCATE); |
| 2099 |
strncat_s(buf2, sizeof(buf2), get_ssh_keytype_name(pvar->hostkey_type), _TRUNCATE); |
strncat_s(buf2, sizeof(buf2), get_ssh2_hostkey_type_name(pvar->hostkey_type), _TRUNCATE); |
| 2100 |
strncat_s(buf2, sizeof(buf2), "\r\n", _TRUNCATE); |
strncat_s(buf2, sizeof(buf2), "\r\n", _TRUNCATE); |
| 2101 |
|
|
| 2102 |
UTIL_get_lang_msg("DLG_ABOUT_ENCRYPTION", pvar, "Encryption:"); |
UTIL_get_lang_msg("DLG_ABOUT_ENCRYPTION", pvar, "Encryption:"); |
| 2335 |
return FALSE; |
return FALSE; |
| 2336 |
} |
} |
| 2337 |
|
|
|
static char *get_cipher_name(int cipher) |
|
|
{ |
|
|
switch (cipher) { |
|
|
case SSH_CIPHER_NONE: |
|
|
UTIL_get_lang_msg("DLG_SSHSETUP_CIPHER_BORDER", pvar, |
|
|
"<ciphers below this line are disabled>"); |
|
|
return pvar->ts->UIMsg; |
|
|
case SSH_CIPHER_3DES: |
|
|
return "3DES(SSH1)"; |
|
|
case SSH_CIPHER_DES: |
|
|
return "DES(SSH1)"; |
|
|
case SSH_CIPHER_BLOWFISH: |
|
|
return "Blowfish(SSH1)"; |
|
|
|
|
|
// for SSH2(yutaka) |
|
|
case SSH2_CIPHER_AES128_CBC: |
|
|
return "aes128-cbc(SSH2)"; |
|
|
case SSH2_CIPHER_AES192_CBC: |
|
|
return "aes192-cbc(SSH2)"; |
|
|
case SSH2_CIPHER_AES256_CBC: |
|
|
return "aes256-cbc(SSH2)"; |
|
|
case SSH2_CIPHER_3DES_CBC: |
|
|
return "3des-cbc(SSH2)"; |
|
|
case SSH2_CIPHER_BLOWFISH_CBC: |
|
|
return "blowfish-cbc(SSH2)"; |
|
|
case SSH2_CIPHER_AES128_CTR: |
|
|
return "aes128-ctr(SSH2)"; |
|
|
case SSH2_CIPHER_AES192_CTR: |
|
|
return "aes192-ctr(SSH2)"; |
|
|
case SSH2_CIPHER_AES256_CTR: |
|
|
return "aes256-ctr(SSH2)"; |
|
|
case SSH2_CIPHER_ARCFOUR: |
|
|
return "arcfour(SSH2)"; |
|
|
case SSH2_CIPHER_ARCFOUR128: |
|
|
return "arcfour128(SSH2)"; |
|
|
case SSH2_CIPHER_ARCFOUR256: |
|
|
return "arcfour256(SSH2)"; |
|
|
case SSH2_CIPHER_CAST128_CBC: |
|
|
return "cast128-cbc(SSH2)"; |
|
|
case SSH2_CIPHER_3DES_CTR: |
|
|
return "3des-ctr(SSH2)"; |
|
|
case SSH2_CIPHER_BLOWFISH_CTR: |
|
|
return "blowfish-ctr(SSH2)"; |
|
|
case SSH2_CIPHER_CAST128_CTR: |
|
|
return "cast128-ctr(SSH2)"; |
|
|
case SSH2_CIPHER_CAMELLIA128_CBC: |
|
|
return "camellia128-cbc(SSH2)"; |
|
|
case SSH2_CIPHER_CAMELLIA192_CBC: |
|
|
return "camellia192-cbc(SSH2)"; |
|
|
case SSH2_CIPHER_CAMELLIA256_CBC: |
|
|
return "camellia256-cbc(SSH2)"; |
|
|
case SSH2_CIPHER_CAMELLIA128_CTR: |
|
|
return "camellia128-ctr(SSH2)"; |
|
|
case SSH2_CIPHER_CAMELLIA192_CTR: |
|
|
return "camellia192-ctr(SSH2)"; |
|
|
case SSH2_CIPHER_CAMELLIA256_CTR: |
|
|
return "camellia256-ctr(SSH2)"; |
|
|
case SSH2_CIPHER_AES128_GCM: |
|
|
return "aes128-gcm@openssh.com(SSH2)"; |
|
|
case SSH2_CIPHER_AES256_GCM: |
|
|
return "aes256-gcm@openssh.com(SSH2)"; |
|
|
|
|
|
default: |
|
|
return NULL; |
|
|
} |
|
|
} |
|
|
|
|
| 2338 |
static void set_move_button_status(HWND dlg, int type, int up, int down) |
static void set_move_button_status(HWND dlg, int type, int up, int down) |
| 2339 |
{ |
{ |
| 2340 |
HWND cipherControl = GetDlgItem(dlg, type); |
HWND cipherControl = GetDlgItem(dlg, type); |
| 2427 |
|
|
| 2428 |
for (i = 0; pvar->settings.CipherOrder[i] != 0; i++) { |
for (i = 0; pvar->settings.CipherOrder[i] != 0; i++) { |
| 2429 |
int cipher = pvar->settings.CipherOrder[i] - '0'; |
int cipher = pvar->settings.CipherOrder[i] - '0'; |
| 2430 |
char *name = get_cipher_name(cipher); |
char *name = get_listbox_cipher_name(cipher, pvar); |
| 2431 |
|
|
| 2432 |
if (name != NULL) { |
if (name != NULL) { |
| 2433 |
SendMessage(cipherControl, LB_ADDSTRING, 0, (LPARAM) name); |
SendMessage(cipherControl, LB_ADDSTRING, 0, (LPARAM) name); |
| 2469 |
"<Host Keys below this line are disabled>"); |
"<Host Keys below this line are disabled>"); |
| 2470 |
name = pvar->ts->UIMsg; |
name = pvar->ts->UIMsg; |
| 2471 |
} else { |
} else { |
| 2472 |
name = get_ssh_keytype_name(index); |
name = get_ssh2_hostkey_type_name(index); |
| 2473 |
} |
} |
| 2474 |
|
|
| 2475 |
if (name != NULL) { |
if (name != NULL) { |
| 2678 |
buf[0] = 0; |
buf[0] = 0; |
| 2679 |
SendMessage(cipherControl, LB_GETTEXT, i, (LPARAM) buf); |
SendMessage(cipherControl, LB_GETTEXT, i, (LPARAM) buf); |
| 2680 |
for (j = 0; j <= SSH_CIPHER_MAX; j++) { |
for (j = 0; j <= SSH_CIPHER_MAX; j++) { |
| 2681 |
char *cipher_name = get_cipher_name(j); |
char *cipher_name = get_listbox_cipher_name(j, pvar); |
| 2682 |
if (cipher_name != NULL && strcmp(buf, cipher_name) == 0) { |
if (cipher_name != NULL && strcmp(buf, cipher_name) == 0) { |
| 2683 |
break; |
break; |
| 2684 |
} |
} |
| 2732 |
SendMessage(cipherControl, LB_GETTEXT, i, (LPARAM) buf); |
SendMessage(cipherControl, LB_GETTEXT, i, (LPARAM) buf); |
| 2733 |
for (j = 0; |
for (j = 0; |
| 2734 |
j <= KEY_MAX |
j <= KEY_MAX |
| 2735 |
&& strcmp(buf, get_ssh_keytype_name(j)) != 0; j++) { |
&& strcmp(buf, get_ssh2_hostkey_type_name(j)) != 0; j++) { |
| 2736 |
} |
} |
| 2737 |
if (j <= KEY_MAX) { |
if (j <= KEY_MAX) { |
| 2738 |
buf2[buf2index] = '0' + j; |
buf2[buf2index] = '0' + j; |
| 3275 |
} |
} |
| 3276 |
|
|
| 3277 |
|
|
|
// |
|
|
// SSH1 3DES |
|
|
// |
|
|
/* |
|
|
* This is used by SSH1: |
|
|
* |
|
|
* What kind of triple DES are these 2 routines? |
|
|
* |
|
|
* Why is there a redundant initialization vector? |
|
|
* |
|
|
* If only iv3 was used, then, this would till effect have been |
|
|
* outer-cbc. However, there is also a private iv1 == iv2 which |
|
|
* perhaps makes differential analysis easier. On the other hand, the |
|
|
* private iv1 probably makes the CRC-32 attack ineffective. This is a |
|
|
* result of that there is no longer any known iv1 to use when |
|
|
* choosing the X block. |
|
|
*/ |
|
|
struct ssh1_3des_ctx |
|
|
{ |
|
|
EVP_CIPHER_CTX *k1, *k2, *k3; |
|
|
}; |
|
|
|
|
|
static int ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, int enc) |
|
|
{ |
|
|
struct ssh1_3des_ctx *c; |
|
|
u_char *k1, *k2, *k3; |
|
|
|
|
|
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { |
|
|
c = malloc(sizeof(*c)); |
|
|
c->k1 = EVP_CIPHER_CTX_new(); |
|
|
c->k2 = EVP_CIPHER_CTX_new(); |
|
|
c->k3 = EVP_CIPHER_CTX_new(); |
|
|
/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335で処置予定) ***/ |
|
|
EVP_CIPHER_CTX_set_app_data(ctx, c); |
|
|
} |
|
|
if (key == NULL) |
|
|
return (1); |
|
|
if (enc == -1) |
|
|
enc = EVP_CIPHER_CTX_encrypting(ctx); // ctx->encrypt |
|
|
k1 = k2 = k3 = (u_char *) key; |
|
|
k2 += 8; |
|
|
if (EVP_CIPHER_CTX_key_length(ctx) >= 16+8) { |
|
|
if (enc) |
|
|
k3 += 16; |
|
|
else |
|
|
k1 += 16; |
|
|
} |
|
|
if (EVP_CipherInit(c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || |
|
|
EVP_CipherInit(c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || |
|
|
EVP_CipherInit(c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { |
|
|
EVP_CIPHER_CTX_free(c->k1); |
|
|
EVP_CIPHER_CTX_free(c->k2); |
|
|
EVP_CIPHER_CTX_free(c->k3); |
|
|
SecureZeroMemory(c, sizeof(*c)); |
|
|
free(c); |
|
|
EVP_CIPHER_CTX_set_app_data(ctx, NULL); |
|
|
return (0); |
|
|
} |
|
|
return (1); |
|
|
} |
|
|
|
|
|
static int ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) |
|
|
{ |
|
|
struct ssh1_3des_ctx *c; |
|
|
|
|
|
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { |
|
|
//error("ssh1_3des_cbc: no context"); |
|
|
return (0); |
|
|
} |
|
|
if (EVP_Cipher(c->k1, dest, (u_char *)src, len) == 0 || |
|
|
EVP_Cipher(c->k2, dest, dest, len) == 0 || |
|
|
EVP_Cipher(c->k3, dest, dest, len) == 0) |
|
|
return (0); |
|
|
return (1); |
|
|
} |
|
|
|
|
|
static int ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) |
|
|
{ |
|
|
struct ssh1_3des_ctx *c; |
|
|
|
|
|
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { |
|
|
EVP_CIPHER_CTX_free(c->k1); |
|
|
EVP_CIPHER_CTX_free(c->k2); |
|
|
EVP_CIPHER_CTX_free(c->k3); |
|
|
SecureZeroMemory(c, sizeof(*c)); |
|
|
free(c); |
|
|
EVP_CIPHER_CTX_set_app_data(ctx, NULL); |
|
|
} |
|
|
return (1); |
|
|
} |
|
|
|
|
|
// 下記関数は未使用。 |
|
|
void ssh1_3des_iv(EVP_CIPHER_CTX *evp, int doset, u_char *iv, int len) |
|
|
{ |
|
|
struct ssh1_3des_ctx *c; |
|
|
|
|
|
if (len != 24) |
|
|
//fatal("%s: bad 3des iv length: %d", __func__, len); |
|
|
; |
|
|
|
|
|
if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL) |
|
|
//fatal("%s: no 3des context", __func__); |
|
|
; |
|
|
|
|
|
if (doset) { |
|
|
//debug3("%s: Installed 3DES IV", __func__); |
|
|
memcpy(EVP_CIPHER_CTX_iv_noconst(c->k1), iv, 8); |
|
|
memcpy(EVP_CIPHER_CTX_iv_noconst(c->k2), iv + 8, 8); |
|
|
memcpy(EVP_CIPHER_CTX_iv_noconst(c->k3), iv + 16, 8); |
|
|
} else { |
|
|
//debug3("%s: Copying 3DES IV", __func__); |
|
|
memcpy(iv, EVP_CIPHER_CTX_iv(c->k1), 8); |
|
|
memcpy(iv + 8, EVP_CIPHER_CTX_iv(c->k2), 8); |
|
|
memcpy(iv + 16, EVP_CIPHER_CTX_iv(c->k3), 8); |
|
|
} |
|
|
} |
|
|
|
|
|
const EVP_CIPHER *evp_ssh1_3des(void) |
|
|
{ |
|
|
static EVP_CIPHER *p = NULL; |
|
|
|
|
|
if (p == NULL) { |
|
|
p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/8, /*key_len*/16); |
|
|
/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335で処置予定) ***/ |
|
|
} |
|
|
if (p) { |
|
|
EVP_CIPHER_meth_set_iv_length(p, 0); |
|
|
EVP_CIPHER_meth_set_init(p, ssh1_3des_init); |
|
|
EVP_CIPHER_meth_set_cleanup(p, ssh1_3des_cleanup); |
|
|
EVP_CIPHER_meth_set_do_cipher(p, ssh1_3des_cbc); |
|
|
EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH); |
|
|
} |
|
|
return (p); |
|
|
} |
|
|
|
|
| 3278 |
static void ssh_make_comment(char *comment, int maxlen) |
static void ssh_make_comment(char *comment, int maxlen) |
| 3279 |
{ |
{ |
| 3280 |
char user[UNLEN + 1], host[128]; |
char user[UNLEN + 1], host[128]; |
| 3634 |
// based on OpenSSH 6.5:key_save_private(), key_private_to_blob2() |
// based on OpenSSH 6.5:key_save_private(), key_private_to_blob2() |
| 3635 |
static void save_bcrypt_private_key(char *passphrase, char *filename, char *comment, HWND dlg, PTInstVar pvar, int rounds) |
static void save_bcrypt_private_key(char *passphrase, char *filename, char *comment, HWND dlg, PTInstVar pvar, int rounds) |
| 3636 |
{ |
{ |
| 3637 |
SSH2Cipher *cipher = NULL; |
const struct ssh2cipher *cipher = NULL; |
| 3638 |
char *ciphername = DEFAULT_CIPHERNAME; |
char *ciphername = DEFAULT_CIPHERNAME; |
| 3639 |
buffer_t *b = NULL; |
buffer_t *b = NULL; |
| 3640 |
buffer_t *kdf = NULL; |
buffer_t *kdf = NULL; |
| 4232 |
case KEY_ECDSA256: // ECDSA |
case KEY_ECDSA256: // ECDSA |
| 4233 |
case KEY_ECDSA384: |
case KEY_ECDSA384: |
| 4234 |
case KEY_ECDSA521: |
case KEY_ECDSA521: |
| 4235 |
keyname = get_ssh_keytype_name(public_key.type); |
keyname = get_ssh2_hostkey_type_name(public_key.type); |
| 4236 |
buffer_put_string(b, keyname, strlen(keyname)); |
buffer_put_string(b, keyname, strlen(keyname)); |
| 4237 |
s = curve_keytype_to_name(public_key.type); |
s = curve_keytype_to_name(public_key.type); |
| 4238 |
buffer_put_string(b, s, strlen(s)); |
buffer_put_string(b, s, strlen(s)); |
| 4241 |
break; |
break; |
| 4242 |
|
|
| 4243 |
case KEY_ED25519: |
case KEY_ED25519: |
| 4244 |
keyname = get_ssh_keytype_name(public_key.type); |
keyname = get_ssh2_hostkey_type_name(public_key.type); |
| 4245 |
buffer_put_cstring(b, keyname); |
buffer_put_cstring(b, keyname); |
| 4246 |
buffer_put_string(b, public_key.ed25519_pk, ED25519_PK_SZ); |
buffer_put_string(b, public_key.ed25519_pk, ED25519_PK_SZ); |
| 4247 |
break; |
break; |
Tera Term
Parent Directory
Revision Log
Patch