Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/trunk/ttssh2/ttxssh/cipher.c

Annotation of /trunk/ttssh2/ttxssh/cipher.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 9210 - (hide annotations) (download) (as text)
Sat Apr 17 08:36:59 2021 UTC (2 years, 11 months ago) by nmaya
Original Path: branches/ssh_chacha20poly1305/ttssh2/ttxssh/cipher.c
File MIME type: text/x-csrc
File size: 17676 byte(s) 
ファイルを分割・コードを移動・関数名を整理・新しい OpenSSH からインポート

- OpenSSH からインポート
  cipher-3des1.c from OpenSSH-7.5p1
  ssherr.c from OpenSSH-8.5p1
  ssherr.h from OpenSSH-8.5p1
1 nmaya 9210 /*
2     * Copyright (c) 1998-2001, Robert O'Callahan
3     * (C) 2004- TeraTerm Project
4     * All rights reserved.
5     *
6     * Redistribution and use in source and binary forms, with or without
7     * modification, are permitted provided that the following conditions
8     * are met:
9     *
10     * 1. Redistributions of source code must retain the above copyright
11     * notice, this list of conditions and the following disclaimer.
12     * 2. Redistributions in binary form must reproduce the above copyright
13     * notice, this list of conditions and the following disclaimer in the
14     * documentation and/or other materials provided with the distribution.
15     * 3. The name of the author may not be used to endorse or promote products
16     * derived from this software without specific prior written permission.
17     *
18     * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
19     * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21     * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
22     * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23     * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24     * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25     * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26     * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27     * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28     */
29    
30     #include "ttxssh.h"
31     #include "ssh.h"
32     #include "ssherr.h"
33     #include "cipher.h"
34     #include "kex.h"
35    
36     #include <openssl/evp.h>
37    
38     // from cipher-3des.c
39     extern const EVP_CIPHER* evp_ssh1_3des(void);
40    
41     static const struct ssh2cipher ssh2_ciphers[] = {
42     {SSH2_CIPHER_3DES_CBC, "3des-cbc", 8, 24, 0, 0, 0, EVP_des_ede3_cbc}, // RFC4253
43     {SSH2_CIPHER_AES128_CBC, "aes128-cbc", 16, 16, 0, 0, 0, EVP_aes_128_cbc}, // RFC4253
44     {SSH2_CIPHER_AES192_CBC, "aes192-cbc", 16, 24, 0, 0, 0, EVP_aes_192_cbc}, // RFC4253
45     {SSH2_CIPHER_AES256_CBC, "aes256-cbc", 16, 32, 0, 0, 0, EVP_aes_256_cbc}, // RFC4253
46     {SSH2_CIPHER_BLOWFISH_CBC, "blowfish-cbc", 8, 16, 0, 0, 0, EVP_bf_cbc}, // RFC4253
47     {SSH2_CIPHER_AES128_CTR, "aes128-ctr", 16, 16, 0, 0, 0, evp_aes_128_ctr}, // RFC4344
48     {SSH2_CIPHER_AES192_CTR, "aes192-ctr", 16, 24, 0, 0, 0, evp_aes_128_ctr}, // RFC4344
49     {SSH2_CIPHER_AES256_CTR, "aes256-ctr", 16, 32, 0, 0, 0, evp_aes_128_ctr}, // RFC4344
50     {SSH2_CIPHER_ARCFOUR, "arcfour", 8, 16, 0, 0, 0, EVP_rc4}, // RFC4253
51     {SSH2_CIPHER_ARCFOUR128, "arcfour128", 8, 16, 1536, 0, 0, EVP_rc4}, // RFC4345
52     {SSH2_CIPHER_ARCFOUR256, "arcfour256", 8, 32, 1536, 0, 0, EVP_rc4}, // RFC4345
53     {SSH2_CIPHER_CAST128_CBC, "cast128-cbc", 8, 16, 0, 0, 0, EVP_cast5_cbc}, // RFC4253
54     {SSH2_CIPHER_3DES_CTR, "3des-ctr", 8, 24, 0, 0, 0, evp_des3_ctr}, // RFC4344
55     {SSH2_CIPHER_BLOWFISH_CTR, "blowfish-ctr", 8, 32, 0, 0, 0, evp_bf_ctr}, // RFC4344
56     {SSH2_CIPHER_CAST128_CTR, "cast128-ctr", 8, 16, 0, 0, 0, evp_cast5_ctr}, // RFC4344
57     {SSH2_CIPHER_CAMELLIA128_CBC, "camellia128-cbc", 16, 16, 0, 0, 0, EVP_camellia_128_cbc}, // draft-kanno-secsh-camellia-02
58     {SSH2_CIPHER_CAMELLIA192_CBC, "camellia192-cbc", 16, 24, 0, 0, 0, EVP_camellia_192_cbc}, // draft-kanno-secsh-camellia-02
59     {SSH2_CIPHER_CAMELLIA256_CBC, "camellia256-cbc", 16, 32, 0, 0, 0, EVP_camellia_256_cbc}, // draft-kanno-secsh-camellia-02
60     {SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr", 16, 16, 0, 0, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
61     {SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr", 16, 24, 0, 0, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
62     {SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr", 16, 32, 0, 0, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
63     #ifdef WITH_CAMELLIA_PRIVATE
64     {SSH2_CIPHER_CAMELLIA128_CBC, "camellia128-cbc@openssh.org", 16, 16, 0, 0, 0, EVP_camellia_128_cbc},
65     {SSH2_CIPHER_CAMELLIA192_CBC, "camellia192-cbc@openssh.org", 16, 24, 0, 0, 0, EVP_camellia_192_cbc},
66     {SSH2_CIPHER_CAMELLIA256_CBC, "camellia256-cbc@openssh.org", 16, 32, 0, 0, 0, EVP_camellia_256_cbc},
67     {SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr@openssh.org", 16, 16, 0, 0, 0, evp_camellia_128_ctr},
68     {SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr@openssh.org", 16, 24, 0, 0, 0, evp_camellia_128_ctr},
69     {SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr@openssh.org", 16, 32, 0, 0, 0, evp_camellia_128_ctr},
70     #endif // WITH_CAMELLIA_PRIVATE
71     {SSH2_CIPHER_AES128_GCM, "aes128-gcm@openssh.com", 16, 16, 0, 12, 16, EVP_aes_128_gcm}, // not RFC5647, PROTOCOL of OpenSSH
72     {SSH2_CIPHER_AES256_GCM, "aes256-gcm@openssh.com", 16, 32, 0, 12, 16, EVP_aes_256_gcm}, // not RFC5647, PROTOCOL of OpenSSH
73     {SSH_CIPHER_NONE, NULL, 0, 0, 0, 0, 0, NULL},
74     };
75    
76    
77     int get_cipher_id(const struct ssh2cipher *cipher)
78     {
79     if (cipher) {
80     return cipher->id;
81     }
82     else {
83     return 0;
84     }
85     }
86    
87     u_int get_cipher_block_size(const struct ssh2cipher *cipher)
88     {
89     u_int blocksize = 0;
90    
91     if (cipher) {
92     blocksize = cipher->block_size;
93     }
94    
95     return max(blocksize, 8);
96     }
97    
98     u_int get_cipher_key_len(const struct ssh2cipher *cipher)
99     {
100     if (cipher) {
101     return cipher->key_len;
102     }
103     else {
104     return 0;
105     }
106     }
107    
108     u_int get_cipher_discard_len(const struct ssh2cipher *cipher)
109     {
110     if (cipher) {
111     return cipher->discard_len;
112     }
113     else {
114     return 0;
115     }
116     }
117    
118     u_int get_cipher_iv_len(const struct ssh2cipher *cipher)
119     {
120     if (cipher) {
121     if (cipher->iv_len != 0) {
122     return cipher->iv_len;
123     }
124     else {
125     return cipher->block_size;
126     }
127     }
128     else {
129     return 8; // block_size
130     }
131     }
132    
133     u_int get_cipher_auth_len(const struct ssh2cipher *cipher)
134     {
135     if (cipher) {
136     return cipher->auth_len;
137     }
138     else {
139     return 0;
140     }
141     }
142    
143     const EVP_CIPHER *get_cipher_EVP_CIPHER(const struct ssh2cipher *cipher)
144     {
145     if (cipher) {
146     return cipher->func();
147     }
148     else {
149     return EVP_enc_null();
150     }
151     }
152    
153     char *get_cipher_string(const struct ssh2cipher *cipher)
154     {
155     if (cipher) {
156     return cipher->name;
157     }
158     else {
159     return "unknown";
160     }
161     }
162    
163     // �����A���S���Y�����������������B
164     const struct ssh2cipher *get_cipher_by_name(char *name)
165     {
166     const struct ssh2cipher *ptr = ssh2_ciphers;
167    
168     if (name == NULL || name[0] == '\0')
169     return NULL;
170    
171     while (ptr->name != NULL) {
172     if (strcmp(ptr->name, name) == 0) {
173     return ptr;
174     }
175     ptr++;
176     }
177    
178     // not found.
179     return NULL;
180     }
181    
182     // �\����
183     char *get_cipher_name(int cipher_id)
184     {
185     switch (cipher_id) {
186     case SSH_CIPHER_NONE:
187     return "None";
188     case SSH_CIPHER_3DES:
189     return "3DES (168 key bits)";
190     case SSH_CIPHER_DES:
191     return "DES (56 key bits)";
192     case SSH_CIPHER_BLOWFISH:
193     return "Blowfish (256 key bits)";
194    
195     // SSH2
196     case SSH2_CIPHER_3DES_CBC:
197     return "3des-cbc";
198     case SSH2_CIPHER_AES128_CBC:
199     return "aes128-cbc";
200     case SSH2_CIPHER_AES192_CBC:
201     return "aes192-cbc";
202     case SSH2_CIPHER_AES256_CBC:
203     return "aes256-cbc";
204     case SSH2_CIPHER_BLOWFISH_CBC:
205     return "blowfish-cbc";
206     case SSH2_CIPHER_AES128_CTR:
207     return "aes128-ctr";
208     case SSH2_CIPHER_AES192_CTR:
209     return "aes192-ctr";
210     case SSH2_CIPHER_AES256_CTR:
211     return "aes256-ctr";
212     case SSH2_CIPHER_ARCFOUR:
213     return "arcfour";
214     case SSH2_CIPHER_ARCFOUR128:
215     return "arcfour128";
216     case SSH2_CIPHER_ARCFOUR256:
217     return "arcfour256";
218     case SSH2_CIPHER_CAST128_CBC:
219     return "cast-128-cbc";
220     case SSH2_CIPHER_3DES_CTR:
221     return "3des-ctr";
222     case SSH2_CIPHER_BLOWFISH_CTR:
223     return "blowfish-ctr";
224     case SSH2_CIPHER_CAST128_CTR:
225     return "cast-128-ctr";
226     case SSH2_CIPHER_CAMELLIA128_CBC:
227     return "camellia128-cbc";
228     case SSH2_CIPHER_CAMELLIA192_CBC:
229     return "camellia192-cbc";
230     case SSH2_CIPHER_CAMELLIA256_CBC:
231     return "camellia256-cbc";
232     case SSH2_CIPHER_CAMELLIA128_CTR:
233     return "camellia128-ctr";
234     case SSH2_CIPHER_CAMELLIA192_CTR:
235     return "camellia192-ctr";
236     case SSH2_CIPHER_CAMELLIA256_CTR:
237     return "camellia256-ctr";
238     case SSH2_CIPHER_AES128_GCM:
239     return "aes128-gcm@openssh.com";
240     case SSH2_CIPHER_AES256_GCM:
241     return "aes256-gcm@openssh.com";
242    
243     default:
244     return "Unknown";
245     }
246     }
247    
248     // ���X�g�{�b�N�X�\����
249     char *get_listbox_cipher_name(int cipher_id, PTInstVar pvar)
250     {
251     switch (cipher_id) {
252     case SSH_CIPHER_NONE:
253     UTIL_get_lang_msg("DLG_SSHSETUP_CIPHER_BORDER", pvar,
254     "<ciphers below this line are disabled>");
255     return pvar->ts->UIMsg;
256     case SSH_CIPHER_3DES:
257     return "3DES(SSH1)";
258     case SSH_CIPHER_DES:
259     return "DES(SSH1)";
260     case SSH_CIPHER_BLOWFISH:
261     return "Blowfish(SSH1)";
262    
263     // for SSH2(yutaka)
264     case SSH2_CIPHER_AES128_CBC:
265     return "aes128-cbc(SSH2)";
266     case SSH2_CIPHER_AES192_CBC:
267     return "aes192-cbc(SSH2)";
268     case SSH2_CIPHER_AES256_CBC:
269     return "aes256-cbc(SSH2)";
270     case SSH2_CIPHER_3DES_CBC:
271     return "3des-cbc(SSH2)";
272     case SSH2_CIPHER_BLOWFISH_CBC:
273     return "blowfish-cbc(SSH2)";
274     case SSH2_CIPHER_AES128_CTR:
275     return "aes128-ctr(SSH2)";
276     case SSH2_CIPHER_AES192_CTR:
277     return "aes192-ctr(SSH2)";
278     case SSH2_CIPHER_AES256_CTR:
279     return "aes256-ctr(SSH2)";
280     case SSH2_CIPHER_ARCFOUR:
281     return "arcfour(SSH2)";
282     case SSH2_CIPHER_ARCFOUR128:
283     return "arcfour128(SSH2)";
284     case SSH2_CIPHER_ARCFOUR256:
285     return "arcfour256(SSH2)";
286     case SSH2_CIPHER_CAST128_CBC:
287     return "cast128-cbc(SSH2)";
288     case SSH2_CIPHER_3DES_CTR:
289     return "3des-ctr(SSH2)";
290     case SSH2_CIPHER_BLOWFISH_CTR:
291     return "blowfish-ctr(SSH2)";
292     case SSH2_CIPHER_CAST128_CTR:
293     return "cast128-ctr(SSH2)";
294     case SSH2_CIPHER_CAMELLIA128_CBC:
295     return "camellia128-cbc(SSH2)";
296     case SSH2_CIPHER_CAMELLIA192_CBC:
297     return "camellia192-cbc(SSH2)";
298     case SSH2_CIPHER_CAMELLIA256_CBC:
299     return "camellia256-cbc(SSH2)";
300     case SSH2_CIPHER_CAMELLIA128_CTR:
301     return "camellia128-ctr(SSH2)";
302     case SSH2_CIPHER_CAMELLIA192_CTR:
303     return "camellia192-ctr(SSH2)";
304     case SSH2_CIPHER_CAMELLIA256_CTR:
305     return "camellia256-ctr(SSH2)";
306     case SSH2_CIPHER_AES128_GCM:
307     return "aes128-gcm@openssh.com(SSH2)";
308     case SSH2_CIPHER_AES256_GCM:
309     return "aes256-gcm@openssh.com(SSH2)";
310    
311     default:
312     return NULL;
313     }
314     }
315    
316     /*
317     * Remove unsupported cipher or duplicated cipher.
318     * Add unspecified ciphers at the end of list.
319     */
320     void normalize_cipher_order(char *buf)
321     {
322     /* SSH_CIPHER_NONE means that all ciphers below that one are disabled.
323     We *never* allow no encryption. */
324     static char default_strings[] = {
325     SSH2_CIPHER_AES256_GCM,
326     SSH2_CIPHER_CAMELLIA256_CTR,
327     SSH2_CIPHER_AES256_CTR,
328     SSH2_CIPHER_CAMELLIA256_CBC,
329     SSH2_CIPHER_AES256_CBC,
330     SSH2_CIPHER_CAMELLIA192_CTR,
331     SSH2_CIPHER_AES192_CTR,
332     SSH2_CIPHER_CAMELLIA192_CBC,
333     SSH2_CIPHER_AES192_CBC,
334     SSH2_CIPHER_AES128_GCM,
335     SSH2_CIPHER_CAMELLIA128_CTR,
336     SSH2_CIPHER_AES128_CTR,
337     SSH2_CIPHER_CAMELLIA128_CBC,
338     SSH2_CIPHER_AES128_CBC,
339     SSH2_CIPHER_3DES_CTR,
340     SSH2_CIPHER_3DES_CBC,
341     SSH2_CIPHER_BLOWFISH_CTR,
342     SSH2_CIPHER_BLOWFISH_CBC,
343     SSH2_CIPHER_CAST128_CTR,
344     SSH2_CIPHER_CAST128_CBC,
345     SSH_CIPHER_3DES,
346     SSH_CIPHER_NONE,
347     SSH2_CIPHER_ARCFOUR256,
348     SSH2_CIPHER_ARCFOUR128,
349     SSH2_CIPHER_ARCFOUR,
350     SSH_CIPHER_BLOWFISH,
351     SSH_CIPHER_DES,
352     0, 0, 0 // Dummy for SSH_CIPHER_IDEA, SSH_CIPHER_TSS, SSH_CIPHER_RC4
353     };
354    
355     normalize_generic_order(buf, default_strings, NUM_ELEM(default_strings));
356     }
357    
358     const struct ssh2cipher *choose_SSH2_cipher_algorithm(char *server_proposal, char *my_proposal)
359     {
360     char str_cipher[32];
361     const struct ssh2cipher *ptr = ssh2_ciphers;
362    
363     choose_SSH2_proposal(server_proposal, my_proposal, str_cipher, sizeof(str_cipher));
364     return get_cipher_by_name(str_cipher);
365     }
366    
367     void SSH2_update_cipher_myproposal(PTInstVar pvar)
368     {
369     static char buf[512]; // TODO: malloc()��������
370     int cipher;
371     int len, i;
372     char *c_str;
373    
374     // ���M�������������������������A�O�������B(2006.6.26 maya)
375     if (pvar->socket != INVALID_SOCKET) {
376     return;
377     }
378    
379     // �����A���S���Y���D���������������Amyproposal[]�������������B(2004.11.6 yutaka)
380     buf[0] = '\0';
381     for (i = 0 ; pvar->settings.CipherOrder[i] != 0 ; i++) {
382     cipher = pvar->settings.CipherOrder[i] - '0';
383     if (cipher == 0) // disabled line
384     break;
385     switch (cipher) {
386     case SSH2_CIPHER_3DES_CBC:
387     c_str = "3des-cbc,";
388     break;
389     case SSH2_CIPHER_3DES_CTR:
390     c_str = "3des-ctr,";
391     break;
392     case SSH2_CIPHER_BLOWFISH_CBC:
393     c_str = "blowfish-cbc,";
394     break;
395     case SSH2_CIPHER_BLOWFISH_CTR:
396     c_str = "blowfish-ctr,";
397     break;
398     case SSH2_CIPHER_AES128_CBC:
399     c_str = "aes128-cbc,";
400     break;
401     case SSH2_CIPHER_AES192_CBC:
402     c_str = "aes192-cbc,";
403     break;
404     case SSH2_CIPHER_AES256_CBC:
405     c_str = "aes256-cbc,";
406     break;
407     case SSH2_CIPHER_AES128_CTR:
408     c_str = "aes128-ctr,";
409     break;
410     case SSH2_CIPHER_AES192_CTR:
411     c_str = "aes192-ctr,";
412     break;
413     case SSH2_CIPHER_AES256_CTR:
414     c_str = "aes256-ctr,";
415     break;
416     case SSH2_CIPHER_ARCFOUR:
417     c_str = "arcfour,";
418     break;
419     case SSH2_CIPHER_ARCFOUR128:
420     c_str = "arcfour128,";
421     break;
422     case SSH2_CIPHER_ARCFOUR256:
423     c_str = "arcfour256,";
424     break;
425     case SSH2_CIPHER_CAST128_CBC:
426     c_str = "cast128-cbc,";
427     break;
428     case SSH2_CIPHER_CAST128_CTR:
429     c_str = "cast128-ctr,";
430     break;
431     #ifdef WITH_CAMELLIA_PRIVATE
432     case SSH2_CIPHER_CAMELLIA128_CBC:
433     c_str = "camellia128-cbc,camellia128-cbc@openssh.org,";
434     break;
435     case SSH2_CIPHER_CAMELLIA192_CBC:
436     c_str = "camellia192-cbc,camellia192-cbc@openssh.org,";
437     break;
438     case SSH2_CIPHER_CAMELLIA256_CBC:
439     c_str = "camellia256-cbc,camellia256-cbc@openssh.org,";
440     break;
441     case SSH2_CIPHER_CAMELLIA128_CTR:
442     c_str = "camellia128-ctr,camellia128-ctr@openssh.org,";
443     break;
444     case SSH2_CIPHER_CAMELLIA192_CTR:
445     c_str = "camellia192-ctr,camellia192-ctr@openssh.org,";
446     break;
447     case SSH2_CIPHER_CAMELLIA256_CTR:
448     c_str = "camellia256-ctr,camellia256-ctr@openssh.org,";
449     break;
450     #endif // WITH_CAMELLIA_PRIVATE
451     case SSH2_CIPHER_CAMELLIA128_CBC:
452     c_str = "camellia128-cbc,";
453     break;
454     case SSH2_CIPHER_CAMELLIA192_CBC:
455     c_str = "camellia192-cbc,";
456     break;
457     case SSH2_CIPHER_CAMELLIA256_CBC:
458     c_str = "camellia256-cbc,";
459     break;
460     case SSH2_CIPHER_CAMELLIA128_CTR:
461     c_str = "camellia128-ctr,";
462     break;
463     case SSH2_CIPHER_CAMELLIA192_CTR:
464     c_str = "camellia192-ctr,";
465     break;
466     case SSH2_CIPHER_CAMELLIA256_CTR:
467     c_str = "camellia256-ctr,";
468     break;
469     case SSH2_CIPHER_AES128_GCM:
470     c_str = "aes128-gcm@openssh.com,";
471     break;
472     case SSH2_CIPHER_AES256_GCM:
473     c_str = "aes256-gcm@openssh.com,";
474     break;
475     default:
476     continue;
477     }
478     strncat_s(buf, sizeof(buf), c_str, _TRUNCATE);
479     }
480     len = strlen(buf);
481     if (len > 0)
482     buf[len - 1] = '\0'; // get rid of comma
483     myproposal[PROPOSAL_ENC_ALGS_CTOS] = buf; // Client To Server
484     myproposal[PROPOSAL_ENC_ALGS_STOC] = buf; // Server To Client
485     }
486    
487    
488     //
489     // SSH2�p�A���S���Y����������
490     //
491     void cipher_init_SSH2(EVP_CIPHER_CTX *evp,
492     const u_char *key, u_int keylen,
493     const u_char *iv, u_int ivlen,
494     int do_encrypt,
495     const EVP_CIPHER *type,
496     int discard_len,
497     unsigned int authlen,
498     PTInstVar pvar)
499     {
500     int klen;
501     unsigned char *junk = NULL, *discard = NULL;
502     char tmp[80];
503    
504     EVP_CIPHER_CTX_reset(evp);
505    
506     if (EVP_CipherInit(evp, type, NULL, (u_char *)iv, (do_encrypt == CIPHER_ENCRYPT)) == 0) {
507     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
508     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 1);
509     notify_fatal_error(pvar, tmp, TRUE);
510     return;
511     }
512     if (authlen &&
513     !EVP_CIPHER_CTX_ctrl(evp, EVP_CTRL_GCM_SET_IV_FIXED, -1, (u_char *)iv)) {
514     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
515     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 2);
516     notify_fatal_error(pvar, tmp, TRUE);
517     return;
518     }
519     klen = EVP_CIPHER_CTX_key_length(evp);
520     if (klen > 0 && keylen != (u_int)klen) {
521     if (EVP_CIPHER_CTX_set_key_length(evp, keylen) == 0) {
522     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
523     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 3);
524     notify_fatal_error(pvar, tmp, TRUE);
525     return;
526     }
527     }
528     if (EVP_CipherInit(evp, NULL, (u_char *)key, NULL, -1) == 0) {
529     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
530     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 4);
531     notify_fatal_error(pvar, tmp, TRUE);
532     return;
533     }
534    
535     if (discard_len > 0) {
536     junk = malloc(discard_len);
537     discard = malloc(discard_len);
538     if (junk == NULL || discard == NULL ||
539     EVP_Cipher(evp, discard, junk, discard_len) == 0) {
540     UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
541     _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, 5);
542     notify_fatal_error(pvar, tmp, TRUE);
543     }
544     else {
545     SecureZeroMemory(discard, discard_len);
546     }
547     free(junk);
548     free(discard);
549     }
550     }
551    
552     //
553     // SSH2�p�A���S���Y�����j��
554     ///
555     void cipher_free_SSH2(EVP_CIPHER_CTX *evp)
556     {
557     EVP_CIPHER_CTX_free(evp);
558     }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help