Tera Termの個人的な作業用リポジトリ
Revision | 77014228f6fdddd70dc2b248044fcbb5875b3ce1 (tree) |
---|---|
Time | 2018-06-14 19:57:13 |
Author | IWAMOTO Kouichi <sue@iwmt...> |
Commiter | IWAMOTO Kouichi |
encrypt/decrypt 用のバッファを毎回 malloc/free するのではなく使いまわすようにした。
多少は軽く(高速に)なるのを期待したが、あまり(ほとんど)効果は出なかった。
git-svn-id: svn+ssh://svn.osdn.net/svnroot/ttssh2/trunk@7133 f5f01b69-1e22-0410-acbf-894ab4bd6246
@@ -72,6 +72,8 @@ | ||
72 | 72 | |
73 | 73 | #define CMP(a,b) memcmp(a, b, SSH_BLOCKSIZE) |
74 | 74 | |
75 | +static unsigned char *encbuff = NULL; | |
76 | +static unsigned int encbufflen = 0; | |
75 | 77 | |
76 | 78 | static char *get_cipher_name(int cipher); |
77 | 79 |
@@ -200,7 +202,7 @@ BOOL CRYPT_detect_attack(PTInstVar pvar, unsigned char *buf, int bytes) | ||
200 | 202 | |
201 | 203 | BOOL CRYPT_encrypt_aead(PTInstVar pvar, unsigned char *data, unsigned int bytes, unsigned int aadlen, unsigned int authlen) |
202 | 204 | { |
203 | - unsigned char *newbuf = NULL; | |
205 | + unsigned char *newbuff = NULL; | |
204 | 206 | unsigned int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size; |
205 | 207 | unsigned char lastiv[1]; |
206 | 208 | char tmp[80]; |
@@ -218,8 +220,12 @@ BOOL CRYPT_encrypt_aead(PTInstVar pvar, unsigned char *data, unsigned int bytes, | ||
218 | 220 | return FALSE; |
219 | 221 | } |
220 | 222 | |
221 | - if ((newbuf = malloc(bytes)) == NULL) | |
222 | - goto err; | |
223 | + if (bytes > encbufflen) { | |
224 | + if ((newbuff = realloc(encbuff, bytes)) == NULL) | |
225 | + goto err; | |
226 | + encbuff = newbuff; | |
227 | + encbufflen = bytes; | |
228 | + } | |
223 | 229 | |
224 | 230 | if (!EVP_CIPHER_CTX_ctrl(evp, EVP_CTRL_GCM_IV_GEN, 1, lastiv)) |
225 | 231 | goto err; |
@@ -227,10 +233,10 @@ BOOL CRYPT_encrypt_aead(PTInstVar pvar, unsigned char *data, unsigned int bytes, | ||
227 | 233 | if (aadlen && !EVP_Cipher(evp, NULL, data, aadlen) < 0) |
228 | 234 | goto err; |
229 | 235 | |
230 | - if (EVP_Cipher(evp, newbuf, data+aadlen, bytes) < 0) | |
236 | + if (EVP_Cipher(evp, encbuff, data+aadlen, bytes) < 0) | |
231 | 237 | goto err; |
232 | 238 | |
233 | - memcpy(data+aadlen, newbuf, bytes); | |
239 | + memcpy(data+aadlen, encbuff, bytes); | |
234 | 240 | |
235 | 241 | if (EVP_Cipher(evp, NULL, NULL, 0) < 0) |
236 | 242 | goto err; |
@@ -238,13 +244,9 @@ BOOL CRYPT_encrypt_aead(PTInstVar pvar, unsigned char *data, unsigned int bytes, | ||
238 | 244 | if (!EVP_CIPHER_CTX_ctrl(evp, EVP_CTRL_GCM_GET_TAG, authlen, data+aadlen+bytes)) |
239 | 245 | goto err; |
240 | 246 | |
241 | - free(newbuf); | |
242 | - | |
243 | 247 | return TRUE; |
244 | 248 | |
245 | 249 | err: |
246 | - free(newbuf); | |
247 | - | |
248 | 250 | UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)"); |
249 | 251 | _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, |
250 | 252 | get_cipher_name(pvar->crypt_state.sender_cipher)); |
@@ -254,7 +256,7 @@ err: | ||
254 | 256 | |
255 | 257 | BOOL CRYPT_decrypt_aead(PTInstVar pvar, unsigned char *data, unsigned int bytes, unsigned int aadlen, unsigned int authlen) |
256 | 258 | { |
257 | - unsigned char *newbuf = NULL; | |
259 | + unsigned char *newbuff = NULL; | |
258 | 260 | unsigned int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size; |
259 | 261 | unsigned char lastiv[1]; |
260 | 262 | char tmp[80]; |
@@ -272,8 +274,12 @@ BOOL CRYPT_decrypt_aead(PTInstVar pvar, unsigned char *data, unsigned int bytes, | ||
272 | 274 | return FALSE; |
273 | 275 | } |
274 | 276 | |
275 | - if ((newbuf = malloc(bytes)) == NULL) | |
276 | - goto err; | |
277 | + if (bytes > encbufflen) { | |
278 | + if ((newbuff = realloc(encbuff, bytes)) == NULL) | |
279 | + goto err; | |
280 | + encbuff = newbuff; | |
281 | + encbufflen = bytes; | |
282 | + } | |
277 | 283 | |
278 | 284 | if (!EVP_CIPHER_CTX_ctrl(evp, EVP_CTRL_GCM_IV_GEN, 1, lastiv)) |
279 | 285 | goto err; |
@@ -284,11 +290,10 @@ BOOL CRYPT_decrypt_aead(PTInstVar pvar, unsigned char *data, unsigned int bytes, | ||
284 | 290 | if (aadlen && !EVP_Cipher(evp, NULL, data, aadlen) < 0) |
285 | 291 | goto err; |
286 | 292 | |
287 | - if (EVP_Cipher(evp, newbuf, data+aadlen, bytes) < 0) | |
293 | + if (EVP_Cipher(evp, encbuff, data+aadlen, bytes) < 0) | |
288 | 294 | goto err; |
289 | 295 | |
290 | - memcpy(data+aadlen, newbuf, bytes); | |
291 | - free(newbuf); | |
296 | + memcpy(data+aadlen, encbuff, bytes); | |
292 | 297 | |
293 | 298 | if (EVP_Cipher(evp, NULL, NULL, 0) < 0) |
294 | 299 | return FALSE; |
@@ -296,8 +301,6 @@ BOOL CRYPT_decrypt_aead(PTInstVar pvar, unsigned char *data, unsigned int bytes, | ||
296 | 301 | return TRUE; |
297 | 302 | |
298 | 303 | err: |
299 | - free(newbuf); | |
300 | - | |
301 | 304 | UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)"); |
302 | 305 | _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, |
303 | 306 | get_cipher_name(pvar->crypt_state.receiver_cipher)); |
@@ -311,7 +314,7 @@ static void no_encrypt(PTInstVar pvar, unsigned char *buf, int bytes) | ||
311 | 314 | |
312 | 315 | static void crypt_SSH2_encrypt(PTInstVar pvar, unsigned char *buf, int bytes) |
313 | 316 | { |
314 | - unsigned char *newbuf; | |
317 | + unsigned char *newbuff; | |
315 | 318 | int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size; |
316 | 319 | char tmp[80]; |
317 | 320 |
@@ -328,24 +331,26 @@ static void crypt_SSH2_encrypt(PTInstVar pvar, unsigned char *buf, int bytes) | ||
328 | 331 | return; |
329 | 332 | } |
330 | 333 | |
331 | - if ((newbuf = malloc(bytes)) == NULL) | |
332 | - return; | |
334 | + if (bytes > encbufflen) { | |
335 | + if ((newbuff = realloc(encbuff, bytes)) == NULL) | |
336 | + return; | |
337 | + encbuff = newbuff; | |
338 | + encbufflen = bytes; | |
339 | + } | |
333 | 340 | |
334 | - if (EVP_Cipher(&pvar->evpcip[MODE_OUT], newbuf, buf, bytes) == 0) { | |
341 | + if (EVP_Cipher(&pvar->evpcip[MODE_OUT], encbuff, buf, bytes) == 0) { | |
335 | 342 | UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)"); |
336 | 343 | _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, |
337 | 344 | get_cipher_name(pvar->crypt_state.sender_cipher)); |
338 | 345 | notify_fatal_error(pvar, tmp, TRUE); |
339 | 346 | } else { |
340 | - memcpy(buf, newbuf, bytes); | |
347 | + memcpy(buf, encbuff, bytes); | |
341 | 348 | } |
342 | - | |
343 | - free(newbuf); | |
344 | 349 | } |
345 | 350 | |
346 | 351 | static void crypt_SSH2_decrypt(PTInstVar pvar, unsigned char *buf, int bytes) |
347 | 352 | { |
348 | - unsigned char *newbuf; | |
353 | + unsigned char *newbuff; | |
349 | 354 | int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size; |
350 | 355 | char tmp[80]; |
351 | 356 |
@@ -362,19 +367,21 @@ static void crypt_SSH2_decrypt(PTInstVar pvar, unsigned char *buf, int bytes) | ||
362 | 367 | return; |
363 | 368 | } |
364 | 369 | |
365 | - if ((newbuf = malloc(bytes)) == NULL) | |
366 | - return; | |
370 | + if (bytes > encbufflen) { | |
371 | + if ((newbuff = malloc(bytes)) == NULL) | |
372 | + return; | |
373 | + encbuff = newbuff; | |
374 | + encbufflen = bytes; | |
375 | + } | |
367 | 376 | |
368 | - if (EVP_Cipher(&pvar->evpcip[MODE_IN], newbuf, buf, bytes) == 0) { | |
377 | + if (EVP_Cipher(&pvar->evpcip[MODE_IN], encbuff, buf, bytes) == 0) { | |
369 | 378 | UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)"); |
370 | 379 | _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg, |
371 | 380 | get_cipher_name(pvar->crypt_state.receiver_cipher)); |
372 | 381 | notify_fatal_error(pvar, tmp, TRUE); |
373 | 382 | } else { |
374 | - memcpy(buf, newbuf, bytes); | |
383 | + memcpy(buf, encbuff, bytes); | |
375 | 384 | } |
376 | - | |
377 | - free(newbuf); | |
378 | 385 | } |
379 | 386 | |
380 | 387 | static void c3DES_encrypt(PTInstVar pvar, unsigned char *buf, int bytes) |
@@ -1307,6 +1314,10 @@ void CRYPT_free_public_key(CRYPTPublicKey * key) | ||
1307 | 1314 | |
1308 | 1315 | void CRYPT_end(PTInstVar pvar) |
1309 | 1316 | { |
1317 | + free(encbuff); | |
1318 | + encbuff = NULL; | |
1319 | + encbufflen = 0; | |
1320 | + | |
1310 | 1321 | destroy_public_key(&pvar->crypt_state.host_key); |
1311 | 1322 | destroy_public_key(&pvar->crypt_state.server_key); |
1312 | 1323 |