Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/trunk/ttssh2/ttxssh/cipher.c

Contents of /trunk/ttssh2/ttxssh/cipher.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 10949 - (show annotations) (download) (as text)
Fri Sep 29 08:35:23 2023 UTC (6 months, 1 week ago) by nmaya
File MIME type: text/x-csrc
File size: 21860 byte(s) 
最初の KEX のときには "ext-info-c" を送信するが、Rekey のときには送信しないようにした

ticket: #36111
1 /*
2 * Copyright (c) 1998-2001, Robert O'Callahan
3 * (C) 2004- TeraTerm Project
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29
30 #include "ttxssh.h"
31 #include "ssh.h"
32 #include "ssherr.h"
33 #include "cipher.h"
34 #include "kex.h"
35
36 #include <openssl/evp.h>
37
38 #include "codeconv.h"
39
40 #include "cipher-3des1.h"
41 #include "cipher-ctr.h"
42
43 static const struct ssh2cipher ssh2_ciphers[] = {
44 {SSH2_CIPHER_3DES_CBC, "3des-cbc", 8, 24, 0, 0, 0, EVP_des_ede3_cbc}, // RFC4253
45 {SSH2_CIPHER_AES128_CBC, "aes128-cbc", 16, 16, 0, 0, 0, EVP_aes_128_cbc}, // RFC4253
46 {SSH2_CIPHER_AES192_CBC, "aes192-cbc", 16, 24, 0, 0, 0, EVP_aes_192_cbc}, // RFC4253
47 {SSH2_CIPHER_AES256_CBC, "aes256-cbc", 16, 32, 0, 0, 0, EVP_aes_256_cbc}, // RFC4253
48 {SSH2_CIPHER_BLOWFISH_CBC, "blowfish-cbc", 8, 16, 0, 0, 0, EVP_bf_cbc}, // RFC4253
49 {SSH2_CIPHER_AES128_CTR, "aes128-ctr", 16, 16, 0, 0, 0, EVP_aes_128_ctr}, // RFC4344
50 {SSH2_CIPHER_AES192_CTR, "aes192-ctr", 16, 24, 0, 0, 0, EVP_aes_192_ctr}, // RFC4344
51 {SSH2_CIPHER_AES256_CTR, "aes256-ctr", 16, 32, 0, 0, 0, EVP_aes_256_ctr}, // RFC4344
52 {SSH2_CIPHER_ARCFOUR, "arcfour", 8, 16, 0, 0, 0, EVP_rc4}, // RFC4253
53 {SSH2_CIPHER_ARCFOUR128, "arcfour128", 8, 16, 1536, 0, 0, EVP_rc4}, // RFC4345
54 {SSH2_CIPHER_ARCFOUR256, "arcfour256", 8, 32, 1536, 0, 0, EVP_rc4}, // RFC4345
55 {SSH2_CIPHER_CAST128_CBC, "cast128-cbc", 8, 16, 0, 0, 0, EVP_cast5_cbc}, // RFC4253
56 {SSH2_CIPHER_3DES_CTR, "3des-ctr", 8, 24, 0, 0, 0, evp_des3_ctr}, // RFC4344
57 {SSH2_CIPHER_BLOWFISH_CTR, "blowfish-ctr", 8, 32, 0, 0, 0, evp_bf_ctr}, // RFC4344
58 {SSH2_CIPHER_CAST128_CTR, "cast128-ctr", 8, 16, 0, 0, 0, evp_cast5_ctr}, // RFC4344
59 {SSH2_CIPHER_CAMELLIA128_CBC, "camellia128-cbc", 16, 16, 0, 0, 0, EVP_camellia_128_cbc}, // draft-kanno-secsh-camellia-02
60 {SSH2_CIPHER_CAMELLIA192_CBC, "camellia192-cbc", 16, 24, 0, 0, 0, EVP_camellia_192_cbc}, // draft-kanno-secsh-camellia-02
61 {SSH2_CIPHER_CAMELLIA256_CBC, "camellia256-cbc", 16, 32, 0, 0, 0, EVP_camellia_256_cbc}, // draft-kanno-secsh-camellia-02
62 #ifndef LIBRESSL_VERSION_NUMBER
63 {SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr", 16, 16, 0, 0, 0, EVP_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
64 {SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr", 16, 24, 0, 0, 0, EVP_camellia_192_ctr}, // draft-kanno-secsh-camellia-02
65 {SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr", 16, 32, 0, 0, 0, EVP_camellia_256_ctr}, // draft-kanno-secsh-camellia-02
66 #else
67 {SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr", 16, 16, 0, 0, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
68 {SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr", 16, 24, 0, 0, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
69 {SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr", 16, 32, 0, 0, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
70 #endif
71 #ifdef WITH_CAMELLIA_PRIVATE
72 {SSH2_CIPHER_CAMELLIA128_CBC, "camellia128-cbc@openssh.org", 16, 16, 0, 0, 0, EVP_camellia_128_cbc},
73 {SSH2_CIPHER_CAMELLIA192_CBC, "camellia192-cbc@openssh.org", 16, 24, 0, 0, 0, EVP_camellia_192_cbc},
74 {SSH2_CIPHER_CAMELLIA256_CBC, "camellia256-cbc@openssh.org", 16, 32, 0, 0, 0, EVP_camellia_256_cbc},
75 {SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr@openssh.org", 16, 16, 0, 0, 0, evp_camellia_128_ctr},
76 {SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr@openssh.org", 16, 24, 0, 0, 0, evp_camellia_128_ctr},
77 {SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr@openssh.org", 16, 32, 0, 0, 0, evp_camellia_128_ctr},
78 #endif // WITH_CAMELLIA_PRIVATE
79 {SSH2_CIPHER_AES128_GCM, "aes128-gcm@openssh.com", 16, 16, 0, 12, 16, EVP_aes_128_gcm}, // not RFC5647, PROTOCOL of OpenSSH
80 {SSH2_CIPHER_AES256_GCM, "aes256-gcm@openssh.com", 16, 32, 0, 12, 16, EVP_aes_256_gcm}, // not RFC5647, PROTOCOL of OpenSSH
81 {SSH2_CIPHER_CHACHAPOLY, "chacha20-poly1305@openssh.com", 8, 64, 0, 0, 16, EVP_enc_null},
82 {SSH_CIPHER_NONE, "none", 8, 0, 0, 0, 0, EVP_enc_null}, // for no passphrase key file
83 {SSH_CIPHER_3DES, "3des", 8, 16, 0, 0, 0, evp_ssh1_3des}, // for RSA1 key file
84 };
85
86
87 int get_cipher_id(const struct ssh2cipher *cipher)
88 {
89 if (cipher) {
90 return cipher->id;
91 }
92 else {
93 return 0;
94 }
95 }
96
97 u_int get_cipher_block_size(const struct ssh2cipher *cipher)
98 {
99 u_int blocksize = 0;
100
101 if (cipher) {
102 blocksize = cipher->block_size;
103 }
104
105 return max(blocksize, 8);
106 }
107
108 u_int get_cipher_key_len(const struct ssh2cipher *cipher)
109 {
110 if (cipher) {
111 return cipher->key_len;
112 }
113 else {
114 return 0;
115 }
116 }
117
118 u_int get_cipher_discard_len(const struct ssh2cipher *cipher)
119 {
120 if (cipher) {
121 return cipher->discard_len;
122 }
123 else {
124 return 0;
125 }
126 }
127
128 u_int get_cipher_iv_len(const struct ssh2cipher *cipher)
129 {
130 if (cipher) {
131 if (cipher->iv_len != 0 || cipher->id == SSH2_CIPHER_CHACHAPOLY) {
132 return cipher->iv_len;
133 }
134 else {
135 return cipher->block_size;
136 }
137 }
138 else {
139 return 8; // block_size
140 }
141 }
142
143 u_int get_cipher_auth_len(const struct ssh2cipher *cipher)
144 {
145 if (cipher) {
146 return cipher->auth_len;
147 }
148 else {
149 return 0;
150 }
151 }
152
153 const EVP_CIPHER *get_cipher_EVP_CIPHER(const struct ssh2cipher *cipher)
154 {
155 if (cipher) {
156 return cipher->func();
157 }
158 else {
159 return EVP_enc_null();
160 }
161 }
162
163 char *get_cipher_string(const struct ssh2cipher *cipher)
164 {
165 if (cipher) {
166 return cipher->name;
167 }
168 else {
169 return "unknown";
170 }
171 }
172
173 // �����A���S���Y�����������������B
174 const struct ssh2cipher *get_cipher_by_name(char *name)
175 {
176 const struct ssh2cipher *ptr = ssh2_ciphers;
177
178 if (name == NULL || name[0] == '\0')
179 return NULL;
180
181 while (ptr->name != NULL) {
182 if (strcmp(ptr->name, name) == 0) {
183 return ptr;
184 }
185 ptr++;
186 }
187
188 // not found.
189 return NULL;
190 }
191
192 // �\����
193 char *get_cipher_name(int cipher_id)
194 {
195 switch (cipher_id) {
196 case SSH_CIPHER_NONE:
197 return "None";
198 case SSH_CIPHER_3DES:
199 return "3DES (168 key bits)";
200 case SSH_CIPHER_DES:
201 return "DES (56 key bits)";
202 case SSH_CIPHER_BLOWFISH:
203 return "Blowfish (256 key bits)";
204
205 // SSH2
206 case SSH2_CIPHER_3DES_CBC:
207 return "3des-cbc";
208 case SSH2_CIPHER_AES128_CBC:
209 return "aes128-cbc";
210 case SSH2_CIPHER_AES192_CBC:
211 return "aes192-cbc";
212 case SSH2_CIPHER_AES256_CBC:
213 return "aes256-cbc";
214 case SSH2_CIPHER_BLOWFISH_CBC:
215 return "blowfish-cbc";
216 case SSH2_CIPHER_AES128_CTR:
217 return "aes128-ctr";
218 case SSH2_CIPHER_AES192_CTR:
219 return "aes192-ctr";
220 case SSH2_CIPHER_AES256_CTR:
221 return "aes256-ctr";
222 case SSH2_CIPHER_ARCFOUR:
223 return "arcfour";
224 case SSH2_CIPHER_ARCFOUR128:
225 return "arcfour128";
226 case SSH2_CIPHER_ARCFOUR256:
227 return "arcfour256";
228 case SSH2_CIPHER_CAST128_CBC:
229 return "cast-128-cbc";
230 case SSH2_CIPHER_3DES_CTR:
231 return "3des-ctr";
232 case SSH2_CIPHER_BLOWFISH_CTR:
233 return "blowfish-ctr";
234 case SSH2_CIPHER_CAST128_CTR:
235 return "cast-128-ctr";
236 case SSH2_CIPHER_CAMELLIA128_CBC:
237 return "camellia128-cbc";
238 case SSH2_CIPHER_CAMELLIA192_CBC:
239 return "camellia192-cbc";
240 case SSH2_CIPHER_CAMELLIA256_CBC:
241 return "camellia256-cbc";
242 case SSH2_CIPHER_CAMELLIA128_CTR:
243 return "camellia128-ctr";
244 case SSH2_CIPHER_CAMELLIA192_CTR:
245 return "camellia192-ctr";
246 case SSH2_CIPHER_CAMELLIA256_CTR:
247 return "camellia256-ctr";
248 case SSH2_CIPHER_AES128_GCM:
249 return "aes128-gcm@openssh.com";
250 case SSH2_CIPHER_AES256_GCM:
251 return "aes256-gcm@openssh.com";
252 case SSH2_CIPHER_CHACHAPOLY:
253 return "chacha20-poly1305@openssh.com(SSH2)";
254
255 default:
256 return "Unknown";
257 }
258 }
259
260 // ���X�g�{�b�N�X�\����
261 wchar_t *get_listbox_cipher_nameW(int cipher_id, PTInstVar pvar)
262 {
263 typedef struct {
264 int no;
265 const char *nameA;
266 } list_t;
267 static const list_t list[] = {
268 { SSH_CIPHER_3DES, "3DES(SSH1)" },
269 { SSH_CIPHER_DES, "DES(SSH1)" },
270 { SSH_CIPHER_BLOWFISH, "Blowfish(SSH1)" },
271 { SSH2_CIPHER_AES128_CBC, "aes128-cbc(SSH2)" },
272 { SSH2_CIPHER_AES192_CBC, "aes192-cbc(SSH2)" },
273 { SSH2_CIPHER_AES256_CBC, "aes256-cbc(SSH2)" },
274 { SSH2_CIPHER_3DES_CBC, "3des-cbc(SSH2)" },
275 { SSH2_CIPHER_BLOWFISH_CBC, "blowfish-cbc(SSH2)" },
276 { SSH2_CIPHER_AES128_CTR, "aes128-ctr(SSH2)" },
277 { SSH2_CIPHER_AES192_CTR, "aes192-ctr(SSH2)" },
278 { SSH2_CIPHER_AES256_CTR, "aes256-ctr(SSH2)" },
279 { SSH2_CIPHER_ARCFOUR, "arcfour(SSH2)" },
280 { SSH2_CIPHER_ARCFOUR128, "arcfour128(SSH2)" },
281 { SSH2_CIPHER_ARCFOUR256, "arcfour256(SSH2)" },
282 { SSH2_CIPHER_CAST128_CBC, "cast128-cbc(SSH2)" },
283 { SSH2_CIPHER_3DES_CTR, "3des-ctr(SSH2)" },
284 { SSH2_CIPHER_BLOWFISH_CTR, "blowfish-ctr(SSH2)" },
285 { SSH2_CIPHER_CAST128_CTR, "cast128-ctr(SSH2)" },
286 { SSH2_CIPHER_CAMELLIA128_CBC, "camellia128-cbc(SSH2)" },
287 { SSH2_CIPHER_CAMELLIA192_CBC, "camellia192-cbc(SSH2)" },
288 { SSH2_CIPHER_CAMELLIA256_CBC, "camellia256-cbc(SSH2)" },
289 { SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr(SSH2)" },
290 { SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr(SSH2)" },
291 { SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr(SSH2)" },
292 { SSH2_CIPHER_AES128_GCM, "aes128-gcm@openssh.com(SSH2)" },
293 { SSH2_CIPHER_AES256_GCM, "aes256-gcm@openssh.com(SSH2)" },
294 { SSH2_CIPHER_CHACHAPOLY, "chacha20-poly1305@openssh.com(SSH2)" },
295 };
296 int i;
297 const list_t *p = list;
298
299 if (cipher_id == SSH_CIPHER_NONE) {
300 wchar_t uimsg[MAX_UIMSG];
301 UTIL_get_lang_msgW("DLG_SSHSETUP_CIPHER_BORDER", pvar,
302 L"<ciphers below this line are disabled>", uimsg);
303 return _wcsdup(uimsg);
304 }
305 for (i = 0; i < _countof(list); p++,i++) {
306 if (p->no == cipher_id) {
307 return ToWcharA(p->nameA);
308 }
309 }
310 return NULL;
311 }
312
313 /*
314 * Remove unsupported cipher or duplicated cipher.
315 * Add unspecified ciphers at the end of list.
316 */
317 void normalize_cipher_order(char *buf)
318 {
319 /* SSH_CIPHER_NONE means that all ciphers below that one are disabled.
320 We *never* allow no encryption. */
321 static char default_strings[] = {
322 SSH2_CIPHER_AES256_GCM,
323 #if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER <= 0x3040300fL || LIBRESSL_VERSION_NUMBER >= 0x3070100fL
324 SSH2_CIPHER_CAMELLIA256_CTR,
325 #endif
326 SSH2_CIPHER_CHACHAPOLY,
327 SSH2_CIPHER_AES256_CTR,
328 SSH2_CIPHER_CAMELLIA256_CBC,
329 SSH2_CIPHER_AES256_CBC,
330 #if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER <= 0x3040300fL || LIBRESSL_VERSION_NUMBER >= 0x3070100fL
331 SSH2_CIPHER_CAMELLIA192_CTR,
332 #endif
333 SSH2_CIPHER_AES192_CTR,
334 SSH2_CIPHER_CAMELLIA192_CBC,
335 SSH2_CIPHER_AES192_CBC,
336 SSH2_CIPHER_AES128_GCM,
337 #if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER <= 0x3040300fL || LIBRESSL_VERSION_NUMBER >= 0x3070100fL
338 SSH2_CIPHER_CAMELLIA128_CTR,
339 #endif
340 SSH2_CIPHER_AES128_CTR,
341 SSH2_CIPHER_CAMELLIA128_CBC,
342 SSH2_CIPHER_AES128_CBC,
343 #if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER <= 0x3040300fL || LIBRESSL_VERSION_NUMBER >= 0x3070100fL
344 SSH2_CIPHER_3DES_CTR,
345 #endif
346 SSH2_CIPHER_3DES_CBC,
347 #if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER <= 0x3040300fL || LIBRESSL_VERSION_NUMBER >= 0x3070100fL
348 SSH2_CIPHER_BLOWFISH_CTR,
349 #endif
350 SSH2_CIPHER_BLOWFISH_CBC,
351 #if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER <= 0x3040300fL || LIBRESSL_VERSION_NUMBER >= 0x3070100fL
352 SSH2_CIPHER_CAST128_CTR,
353 #endif
354 SSH2_CIPHER_CAST128_CBC,
355 SSH_CIPHER_3DES,
356 SSH_CIPHER_NONE,
357 SSH2_CIPHER_ARCFOUR256,
358 SSH2_CIPHER_ARCFOUR128,
359 SSH2_CIPHER_ARCFOUR,
360 SSH_CIPHER_BLOWFISH,
361 SSH_CIPHER_DES,
362 #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER > 0x3040300fL && LIBRESSL_VERSION_NUMBER < 0x3070100fL
363 0, 0, 0, // Dummy for SSH2_CIPHER_CAMELLIA256_CTR, SSH2_CIPHER_CAMELLIA192_CTR, SSH2_CIPHER_CAMELLIA128_CTR
364 0, 0, 0, // Dummy for SSH2_CIPHER_3DES_CTR, SSH2_CIPHER_BLOWFISH_CTR, SSH2_CIPHER_CAST128_CTR
365 #endif
366 0, 0, 0 // Dummy for SSH_CIPHER_IDEA, SSH_CIPHER_TSS, SSH_CIPHER_RC4
367 };
368
369 normalize_generic_order(buf, default_strings, NUM_ELEM(default_strings));
370 }
371
372 const struct ssh2cipher *choose_SSH2_cipher_algorithm(char *server_proposal, char *my_proposal)
373 {
374 char str_cipher[32];
375 const struct ssh2cipher *ptr = ssh2_ciphers;
376
377 choose_SSH2_proposal(server_proposal, my_proposal, str_cipher, sizeof(str_cipher));
378 return get_cipher_by_name(str_cipher);
379 }
380
381 void SSH2_update_cipher_myproposal(PTInstVar pvar)
382 {
383 static char buf[512]; // TODO: malloc()��������
384 int cipher;
385 int len, i;
386 char *c_str;
387
388 // ���M�������������������������L�[������
389 // �L�[������������������������
390 if (pvar->socket != INVALID_SOCKET) {
391 return;
392 }
393
394 // �����A���S���Y���D���������������Amyproposal[]�������������B(2004.11.6 yutaka)
395 buf[0] = '\0';
396 for (i = 0 ; pvar->settings.CipherOrder[i] != 0 ; i++) {
397 cipher = pvar->settings.CipherOrder[i] - '0';
398 if (cipher == 0) // disabled line
399 break;
400 switch (cipher) {
401 case SSH2_CIPHER_3DES_CBC:
402 c_str = "3des-cbc,";
403 break;
404 case SSH2_CIPHER_3DES_CTR:
405 c_str = "3des-ctr,";
406 break;
407 case SSH2_CIPHER_BLOWFISH_CBC:
408 c_str = "blowfish-cbc,";
409 break;
410 case SSH2_CIPHER_BLOWFISH_CTR:
411 c_str = "blowfish-ctr,";
412 break;
413 case SSH2_CIPHER_AES128_CBC:
414 c_str = "aes128-cbc,";
415 break;
416 case SSH2_CIPHER_AES192_CBC:
417 c_str = "aes192-cbc,";
418 break;
419 case SSH2_CIPHER_AES256_CBC:
420 c_str = "aes256-cbc,";
421 break;
422 case SSH2_CIPHER_AES128_CTR:
423 c_str = "aes128-ctr,";
424 break;
425 case SSH2_CIPHER_AES192_CTR:
426 c_str = "aes192-ctr,";
427 break;
428 case SSH2_CIPHER_AES256_CTR:
429 c_str = "aes256-ctr,";
430 break;
431 case SSH2_CIPHER_ARCFOUR:
432 c_str = "arcfour,";
433 break;
434 case SSH2_CIPHER_ARCFOUR128:
435 c_str = "arcfour128,";
436 break;
437 case SSH2_CIPHER_ARCFOUR256:
438 c_str = "arcfour256,";
439 break;
440 case SSH2_CIPHER_CAST128_CBC:
441 c_str = "cast128-cbc,";
442 break;
443 case SSH2_CIPHER_CAST128_CTR:
444 c_str = "cast128-ctr,";
445 break;
446 #ifdef WITH_CAMELLIA_PRIVATE
447 case SSH2_CIPHER_CAMELLIA128_CBC:
448 c_str = "camellia128-cbc,camellia128-cbc@openssh.org,";
449 break;
450 case SSH2_CIPHER_CAMELLIA192_CBC:
451 c_str = "camellia192-cbc,camellia192-cbc@openssh.org,";
452 break;
453 case SSH2_CIPHER_CAMELLIA256_CBC:
454 c_str = "camellia256-cbc,camellia256-cbc@openssh.org,";
455 break;
456 case SSH2_CIPHER_CAMELLIA128_CTR:
457 c_str = "camellia128-ctr,camellia128-ctr@openssh.org,";
458 break;
459 case SSH2_CIPHER_CAMELLIA192_CTR:
460 c_str = "camellia192-ctr,camellia192-ctr@openssh.org,";
461 break;
462 case SSH2_CIPHER_CAMELLIA256_CTR:
463 c_str = "camellia256-ctr,camellia256-ctr@openssh.org,";
464 break;
465 #endif // WITH_CAMELLIA_PRIVATE
466 case SSH2_CIPHER_CAMELLIA128_CBC:
467 c_str = "camellia128-cbc,";
468 break;
469 case SSH2_CIPHER_CAMELLIA192_CBC:
470 c_str = "camellia192-cbc,";
471 break;
472 case SSH2_CIPHER_CAMELLIA256_CBC:
473 c_str = "camellia256-cbc,";
474 break;
475 case SSH2_CIPHER_CAMELLIA128_CTR:
476 c_str = "camellia128-ctr,";
477 break;
478 case SSH2_CIPHER_CAMELLIA192_CTR:
479 c_str = "camellia192-ctr,";
480 break;
481 case SSH2_CIPHER_CAMELLIA256_CTR:
482 c_str = "camellia256-ctr,";
483 break;
484 case SSH2_CIPHER_AES128_GCM:
485 c_str = "aes128-gcm@openssh.com,";
486 break;
487 case SSH2_CIPHER_AES256_GCM:
488 c_str = "aes256-gcm@openssh.com,";
489 break;
490 case SSH2_CIPHER_CHACHAPOLY:
491 c_str = "chacha20-poly1305@openssh.com,";
492 break;
493 default:
494 continue;
495 }
496 strncat_s(buf, sizeof(buf), c_str, _TRUNCATE);
497 }
498 len = strlen(buf);
499 if (len > 0)
500 buf[len - 1] = '\0'; // get rid of comma
501 myproposal[PROPOSAL_ENC_ALGS_CTOS] = buf; // Client To Server
502 myproposal[PROPOSAL_ENC_ALGS_STOC] = buf; // Server To Client
503 }
504
505
506 //
507 // SSH2�p�A���S���Y����������
508 //
509 int cipher_init_SSH2(
510 struct sshcipher_ctx **ccp, const struct ssh2cipher *cipher,
511 const u_char *key, u_int keylen,
512 const u_char *iv, u_int ivlen,
513 int do_encrypt,
514 PTInstVar pvar)
515 {
516 struct sshcipher_ctx *cc = NULL;
517 int ret = SSH_ERR_INTERNAL_ERROR;
518 const EVP_CIPHER *type;
519 int klen;
520 unsigned char *junk = NULL, *discard = NULL;
521 char tmp[80];
522
523 *ccp = NULL;
524 if ((cc = calloc(sizeof(*cc), 1)) == NULL) {
525 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
526 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 1);
527 notify_fatal_error(pvar, tmp, TRUE);
528 return SSH_ERR_ALLOC_FAIL;
529 }
530
531 if (keylen < cipher->key_len) {
532 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
533 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 2);
534 notify_fatal_error(pvar, tmp, TRUE);
535 ret = SSH_ERR_INVALID_ARGUMENT;
536 goto out;
537 }
538 if (iv != NULL && ivlen < get_cipher_iv_len(cipher)) {
539 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
540 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 3);
541 notify_fatal_error(pvar, tmp, TRUE);
542 ret = SSH_ERR_INVALID_ARGUMENT;
543 goto out;
544 }
545
546 cc->cipher = cipher;
547 if (cipher->id == SSH2_CIPHER_CHACHAPOLY) {
548 cc->cp_ctx = chachapoly_new(key, keylen);
549 ret = cc->cp_ctx != NULL ? 0 : SSH_ERR_INVALID_ARGUMENT;
550 if (ret == SSH_ERR_INVALID_ARGUMENT) {
551 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
552 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 4);
553 notify_fatal_error(pvar, tmp, TRUE);
554 }
555 goto out;
556 }
557 type = (*cipher->func)();
558 if ((cc->evp = EVP_CIPHER_CTX_new()) == NULL) {
559 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
560 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 5);
561 notify_fatal_error(pvar, tmp, TRUE);
562 ret = SSH_ERR_ALLOC_FAIL;
563 goto out;
564 }
565 if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv, (do_encrypt == CIPHER_ENCRYPT)) == 0) {
566 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
567 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 6);
568 notify_fatal_error(pvar, tmp, TRUE);
569 ret = SSH_ERR_LIBCRYPTO_ERROR;
570 goto out;
571 }
572 if (get_cipher_auth_len(cipher) &&
573 !EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_SET_IV_FIXED, -1, (u_char *)iv)) {
574 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
575 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 7);
576 notify_fatal_error(pvar, tmp, TRUE);
577 ret = SSH_ERR_LIBCRYPTO_ERROR;
578 goto out;
579 }
580 klen = EVP_CIPHER_CTX_key_length(cc->evp);
581 if (klen > 0 && keylen != (u_int)klen) {
582 if (EVP_CIPHER_CTX_set_key_length(cc->evp, keylen) == 0) {
583 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
584 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 8);
585 notify_fatal_error(pvar, tmp, TRUE);
586 ret = SSH_ERR_LIBCRYPTO_ERROR;
587 goto out;
588 }
589 }
590 if (EVP_CipherInit(cc->evp, NULL, (u_char *)key, NULL, -1) == 0) {
591 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
592 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 9);
593 notify_fatal_error(pvar, tmp, TRUE);
594 ret = SSH_ERR_LIBCRYPTO_ERROR;
595 goto out;
596 }
597
598 if (cipher->discard_len > 0) {
599 junk = malloc(cipher->discard_len);
600 discard = malloc(cipher->discard_len);
601 if (junk == NULL || discard == NULL ||
602 EVP_Cipher(cc->evp, discard, junk, cipher->discard_len) == 0) {
603 UTIL_get_lang_msg("MSG_CIPHER_INIT_ERROR", pvar, "Cipher initialize error(%d)");
604 _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->UIMsg, 10);
605 notify_fatal_error(pvar, tmp, TRUE);
606 }
607 else {
608 SecureZeroMemory(discard, cipher->discard_len);
609 }
610 free(junk);
611 free(discard);
612 }
613 ret = 0;
614
615 out:
616 if (ret == 0) {
617 *ccp = cc;
618 }
619 else {
620 if (cc != NULL) {
621 EVP_CIPHER_CTX_free(cc->evp);
622 SecureZeroMemory(cc, sizeof(*cc));
623 }
624 }
625 return ret;
626 }
627
628 //
629 // SSH2�p�A���S���Y�����j��
630 ///
631 void cipher_free_SSH2(struct sshcipher_ctx *cc)
632 {
633 if (cc == NULL)
634 return;
635 if (cc->cipher->id == SSH2_CIPHER_CHACHAPOLY) {
636 chachapoly_free(cc->cp_ctx);
637 cc->cp_ctx = NULL;
638 }
639 EVP_CIPHER_CTX_free(cc->evp);
640 cc->evp = NULL;
641 SecureZeroMemory(cc, sizeof(*cc));
642 }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help