Tera TermRevision: 7789
https://osdn.net/projects/ttssh2/scm/svn/commits/7789
Author: yutakapon
Date: 2019-06-22 16:55:24 +0900 (Sat, 22 Jun 2019)
Log Message:
-----------
EVP_CIPHER_CTX 構造体の使用をポインタ化した。
EVP_CIPHER 構造体の使用をポインタ化した。
チケット #36876
Ticket Links:
------------
https://osdn.net/projects/ttssh2/tracker/detail/36876
Modified Paths:
--------------
branches/openssl_1_1_1_v2/ttssh2/ttxssh/cipher-ctr.c
branches/openssl_1_1_1_v2/ttssh2/ttxssh/cipher.h
branches/openssl_1_1_1_v2/ttssh2/ttxssh/crypt.c
branches/openssl_1_1_1_v2/ttssh2/ttxssh/keyfiles.c
branches/openssl_1_1_1_v2/ttssh2/ttxssh/ttxssh.c
branches/openssl_1_1_1_v2/ttssh2/ttxssh/ttxssh.h
-------------- next part --------------
Modified: branches/openssl_1_1_1_v2/ttssh2/ttxssh/cipher-ctr.c
===================================================================
--- branches/openssl_1_1_1_v2/ttssh2/ttxssh/cipher-ctr.c 2019-06-22 07:53:10 UTC (rev 7788)
+++ branches/openssl_1_1_1_v2/ttssh2/ttxssh/cipher-ctr.c 2019-06-22 07:55:24 UTC (rev 7789)
@@ -133,6 +133,8 @@
const EVP_CIPHER *
evp_aes_128_ctr(void)
{
+ /*** TODO: OPENSSL1.1.1 \x83e\x83X\x83g\x8A\xAE\x97\xB9\x8C\xE3\x82ɍ폜\x82\xB7\x82\xE9 ***/
+#if 0
static EVP_CIPHER aes_ctr;
memset(&aes_ctr, 0, sizeof(EVP_CIPHER));
@@ -147,6 +149,23 @@
aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
#endif
return (&aes_ctr);
+#endif
+
+ /********* OPENSSL1.1.1 NOTEST *********/
+ static EVP_CIPHER *p = NULL;
+
+ if (p == NULL) {
+ p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/AES_BLOCK_SIZE, /*key_len*/16);
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
+ }
+ if (p) {
+ EVP_CIPHER_meth_set_iv_length(p, AES_BLOCK_SIZE);
+ EVP_CIPHER_meth_set_init(p, ssh_aes_ctr_init);
+ EVP_CIPHER_meth_set_cleanup(p, ssh_aes_ctr_cleanup);
+ EVP_CIPHER_meth_set_do_cipher(p, ssh_aes_ctr);
+ EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+ }
+ return (p);
}
//============================================================================
@@ -212,6 +231,8 @@
const EVP_CIPHER *
evp_des3_ctr(void)
{
+ /*** TODO: OPENSSL1.1.1 \x83e\x83X\x83g\x8A\xAE\x97\xB9\x8C\xE3\x82ɍ폜\x82\xB7\x82\xE9 ***/
+#if 0
static EVP_CIPHER des3_ctr;
memset(&des3_ctr, 0, sizeof(EVP_CIPHER));
@@ -226,6 +247,23 @@
des3_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
#endif
return (&des3_ctr);
+#endif
+
+ /********* OPENSSL1.1.1 NOTEST *********/
+ static EVP_CIPHER *p = NULL;
+
+ if (p == NULL) {
+ p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/DES_BLOCK_SIZE, /*key_len*/24);
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
+ }
+ if (p) {
+ EVP_CIPHER_meth_set_iv_length(p, DES_BLOCK_SIZE);
+ EVP_CIPHER_meth_set_init(p, ssh_des3_ctr_init);
+ EVP_CIPHER_meth_set_cleanup(p, ssh_des3_ctr_cleanup);
+ EVP_CIPHER_meth_set_do_cipher(p, ssh_des3_ctr);
+ EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+ }
+ return (p);
}
//============================================================================
@@ -306,6 +344,8 @@
const EVP_CIPHER *
evp_bf_ctr(void)
{
+ /*** TODO: OPENSSL1.1.1 \x83e\x83X\x83g\x8A\xAE\x97\xB9\x8C\xE3\x82ɍ폜\x82\xB7\x82\xE9 ***/
+#if 0
static EVP_CIPHER blowfish_ctr;
memset(&blowfish_ctr, 0, sizeof(EVP_CIPHER));
@@ -320,6 +360,23 @@
blowfish_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
#endif
return (&blowfish_ctr);
+#endif
+
+ static EVP_CIPHER *p = NULL;
+
+ /********* OPENSSL1.1.1 NOTEST *********/
+ if (p == NULL) {
+ p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/BF_BLOCK, /*key_len*/16);
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
+ }
+ if (p) {
+ EVP_CIPHER_meth_set_iv_length(p, BF_BLOCK);
+ EVP_CIPHER_meth_set_init(p, ssh_bf_ctr_init);
+ EVP_CIPHER_meth_set_cleanup(p, ssh_bf_ctr_cleanup);
+ EVP_CIPHER_meth_set_do_cipher(p, ssh_bf_ctr);
+ EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+ }
+ return (p);
}
//============================================================================
@@ -400,6 +457,8 @@
const EVP_CIPHER *
evp_cast5_ctr(void)
{
+ /*** TODO: OPENSSL1.1.1 \x83e\x83X\x83g\x8A\xAE\x97\xB9\x8C\xE3\x82ɍ폜\x82\xB7\x82\xE9 ***/
+#if 0
static EVP_CIPHER cast5_ctr;
memset(&cast5_ctr, 0, sizeof(EVP_CIPHER));
@@ -414,6 +473,23 @@
cast5_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
#endif
return (&cast5_ctr);
+#endif
+
+ /********* OPENSSL1.1.1 NOTEST *********/
+ static EVP_CIPHER *p = NULL;
+
+ if (p == NULL) {
+ p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/CAST_BLOCK, /*key_len*/16);
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
+ }
+ if (p) {
+ EVP_CIPHER_meth_set_iv_length(p, CAST_BLOCK);
+ EVP_CIPHER_meth_set_init(p, ssh_cast5_ctr_init);
+ EVP_CIPHER_meth_set_cleanup(p, ssh_cast5_ctr_cleanup);
+ EVP_CIPHER_meth_set_do_cipher(p, ssh_cast5_ctr);
+ EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+ }
+ return (p);
}
//============================================================================
@@ -486,6 +562,8 @@
const EVP_CIPHER *
evp_camellia_128_ctr(void)
{
+ /*** TODO: OPENSSL1.1.1 \x83e\x83X\x83g\x8A\xAE\x97\xB9\x8C\xE3\x82ɍ폜\x82\xB7\x82\xE9 ***/
+#if 0
static EVP_CIPHER camellia_ctr;
memset(&camellia_ctr, 0, sizeof(EVP_CIPHER));
@@ -500,4 +578,21 @@
camellia_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
#endif
return (&camellia_ctr);
+#endif
+
+ /********* OPENSSL1.1.1 NOTEST *********/
+ static EVP_CIPHER *p = NULL;
+
+ if (p == NULL) {
+ p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/CAMELLIA_BLOCK_SIZE, /*key_len*/16);
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
+ }
+ if (p) {
+ EVP_CIPHER_meth_set_iv_length(p, CAMELLIA_BLOCK_SIZE);
+ EVP_CIPHER_meth_set_init(p, ssh_camellia_ctr_init);
+ EVP_CIPHER_meth_set_cleanup(p, ssh_camellia_ctr_cleanup);
+ EVP_CIPHER_meth_set_do_cipher(p, ssh_camellia_ctr);
+ EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+ }
+ return (p);
}
Modified: branches/openssl_1_1_1_v2/ttssh2/ttxssh/cipher.h
===================================================================
--- branches/openssl_1_1_1_v2/ttssh2/ttxssh/cipher.h 2019-06-22 07:53:10 UTC (rev 7788)
+++ branches/openssl_1_1_1_v2/ttssh2/ttxssh/cipher.h 2019-06-22 07:55:24 UTC (rev 7789)
@@ -63,7 +63,7 @@
struct Cipher;
struct CipherContext {
int plaintext;
- EVP_CIPHER_CTX evp;
+ EVP_CIPHER_CTX *evp;
Cipher *cipher;
};
Modified: branches/openssl_1_1_1_v2/ttssh2/ttxssh/crypt.c
===================================================================
--- branches/openssl_1_1_1_v2/ttssh2/ttxssh/crypt.c 2019-06-22 07:53:10 UTC (rev 7788)
+++ branches/openssl_1_1_1_v2/ttssh2/ttxssh/crypt.c 2019-06-22 07:55:24 UTC (rev 7789)
@@ -206,7 +206,8 @@
unsigned int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
unsigned char lastiv[1];
char tmp[80];
- EVP_CIPHER_CTX *evp = &pvar->evpcip[MODE_OUT];
+ EVP_CIPHER_CTX *evp = pvar->evpcip[MODE_OUT];
+ /********* OPENSSL1.1.1 NOTEST *********/
if (bytes == 0)
return TRUE;
@@ -260,7 +261,8 @@
unsigned int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
unsigned char lastiv[1];
char tmp[80];
- EVP_CIPHER_CTX *evp = &pvar->evpcip[MODE_IN];
+ EVP_CIPHER_CTX *evp = pvar->evpcip[MODE_IN];
+ /********* OPENSSL1.1.1 NOTEST *********/
if (bytes == 0)
return TRUE;
@@ -338,7 +340,8 @@
encbufflen = bytes;
}
- if (EVP_Cipher(&pvar->evpcip[MODE_OUT], encbuff, buf, bytes) == 0) {
+ /********* OPENSSL1.1.1 NOTEST *********/
+ if (EVP_Cipher(pvar->evpcip[MODE_OUT], encbuff, buf, bytes) == 0) {
UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
_snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
get_cipher_name(pvar->crypt_state.sender_cipher));
@@ -374,7 +377,8 @@
encbufflen = bytes;
}
- if (EVP_Cipher(&pvar->evpcip[MODE_IN], encbuff, buf, bytes) == 0) {
+ /********* OPENSSL1.1.1 NOTEST *********/
+ if (EVP_Cipher(pvar->evpcip[MODE_IN], encbuff, buf, bytes) == 0) {
UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
_snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
get_cipher_name(pvar->crypt_state.receiver_cipher));
@@ -1110,7 +1114,8 @@
cipher = pvar->ciphers[MODE_OUT];
if (cipher) {
enc = &pvar->ssh2_keys[MODE_OUT].enc;
- cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
+ /********* OPENSSL1.1.1 NOTEST *********/
+ cipher_init_SSH2(pvar->evpcip[MODE_OUT],
enc->key, get_cipher_key_len(cipher),
enc->iv, get_cipher_iv_len(cipher),
CIPHER_ENCRYPT,
@@ -1158,7 +1163,8 @@
cipher = pvar->ciphers[MODE_IN];
if (cipher) {
enc = &pvar->ssh2_keys[MODE_IN].enc;
- cipher_init_SSH2(&pvar->evpcip[MODE_IN],
+ /********* OPENSSL1.1.1 NOTEST *********/
+ cipher_init_SSH2(pvar->evpcip[MODE_IN],
enc->key, get_cipher_key_len(cipher),
enc->iv, get_cipher_iv_len(cipher),
CIPHER_DECRYPT,
Modified: branches/openssl_1_1_1_v2/ttssh2/ttxssh/keyfiles.c
===================================================================
--- branches/openssl_1_1_1_v2/ttssh2/ttxssh/keyfiles.c 2019-06-22 07:53:10 UTC (rev 7788)
+++ branches/openssl_1_1_1_v2/ttssh2/ttxssh/keyfiles.c 2019-06-22 07:55:24 UTC (rev 7789)
@@ -373,7 +373,7 @@
int dlen, i;
SSH2Cipher *cipher;
size_t authlen;
- EVP_CIPHER_CTX cipher_ctx;
+ EVP_CIPHER_CTX *cipher_ctx = NULL;
blob = buffer_init();
b = buffer_init();
@@ -380,7 +380,10 @@
kdf = buffer_init();
encoded = buffer_init();
copy_consumed = buffer_init();
- if (blob == NULL || b == NULL || kdf == NULL || encoded == NULL || copy_consumed == NULL)
+ /********* OPENSSL1.1.1 NOTEST *********/
+ cipher_ctx = EVP_CIPHER_CTX_new();
+
+ if (blob == NULL || b == NULL || kdf == NULL || encoded == NULL || copy_consumed == NULL || cipher_ctx == NULL)
goto error;
// \x83t\x83@\x83C\x83\x8B\x82\xF0\x82\xB7\x82ׂēǂݍ\x9E\x82\xDE
@@ -539,15 +542,16 @@
}
}
+ /********* OPENSSL1.1.1 NOTEST *********/
// \x95\x9C\x8D\x86\x89\xBB
cp = buffer_append_space(b, len);
- cipher_init_SSH2(&cipher_ctx, key, keylen, key + keylen, ivlen, CIPHER_DECRYPT,
+ cipher_init_SSH2(cipher_ctx, key, keylen, key + keylen, ivlen, CIPHER_DECRYPT,
get_cipher_EVP_CIPHER(cipher), 0, 0, pvar);
- if (EVP_Cipher(&cipher_ctx, cp, buffer_tail_ptr(copy_consumed), len) == 0) {
+ if (EVP_Cipher(cipher_ctx, cp, buffer_tail_ptr(copy_consumed), len) == 0) {
cipher_cleanup_SSH2(&cipher_ctx);
goto error;
}
- cipher_cleanup_SSH2(&cipher_ctx);
+ cipher_cleanup_SSH2(cipher_ctx);
buffer_consume(copy_consumed, len);
if (buffer_remain_len(copy_consumed) != 0) {
@@ -603,6 +607,11 @@
free(salt);
free(comment);
+ /********* OPENSSL1.1.1 NOTEST *********/
+ if (cipher_ctx) {
+ EVP_CIPHER_CTX_free(cipher_ctx);
+ }
+
// KDF \x82ł͂Ȃ\xA9\x82\xC1\x82\xBD
if (keyfmt == NULL) {
fseek(fp, 0, SEEK_SET);
@@ -915,9 +924,13 @@
const EVP_MD *md = EVP_sha1();
EVP_MD_CTX ctx;
unsigned char key[40], iv[32];
- EVP_CIPHER_CTX cipher_ctx;
+ EVP_CIPHER_CTX *cipher_ctx = NULL;
char *decrypted = NULL;
+ /********* OPENSSL1.1.1 NOTEST *********/
+ cipher_ctx = EVP_CIPHER_CTX_new();
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
+
EVP_DigestInit(&ctx, md);
EVP_DigestUpdate(&ctx, "\0\0\0\0", 4);
EVP_DigestUpdate(&ctx, passphrase, strlen(passphrase));
@@ -930,20 +943,23 @@
memset(iv, 0, sizeof(iv));
+ /********* OPENSSL1.1.1 NOTEST *********/
// decrypt
- cipher_init_SSH2(&cipher_ctx, key, 32, iv, 16, CIPHER_DECRYPT, EVP_aes_256_cbc(), 0, 0, pvar);
+ cipher_init_SSH2(cipher_ctx, key, 32, iv, 16, CIPHER_DECRYPT, EVP_aes_256_cbc(), 0, 0, pvar);
len = buffer_len(prikey);
decrypted = (char *)malloc(len);
- if (EVP_Cipher(&cipher_ctx, decrypted, prikey->buf, len) == 0) {
+ if (EVP_Cipher(cipher_ctx, decrypted, prikey->buf, len) == 0) {
strncpy_s(errmsg, errmsg_len, "Key decrypt error", _TRUNCATE);
free(decrypted);
- cipher_cleanup_SSH2(&cipher_ctx);
+ cipher_cleanup_SSH2(cipher_ctx);
+ EVP_CIPHER_CTX_free(cipher_ctx);
goto error;
}
buffer_clear(prikey);
buffer_append(prikey, decrypted, len);
free(decrypted);
- cipher_cleanup_SSH2(&cipher_ctx);
+ cipher_cleanup_SSH2(cipher_ctx);
+ EVP_CIPHER_CTX_free(cipher_ctx);
}
// verity MAC
@@ -1451,9 +1467,13 @@
if (strcmp(encname, "3des-cbc") == 0) {
MD5_CTX md;
unsigned char key[32], iv[16];
- EVP_CIPHER_CTX cipher_ctx;
+ EVP_CIPHER_CTX *cipher_ctx = NULL;
char *decrypted = NULL;
+ /********* OPENSSL1.1.1 NOTEST *********/
+ cipher_ctx = EVP_CIPHER_CTX_new();
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
+
MD5_Init(&md);
MD5_Update(&md, passphrase, strlen(passphrase));
MD5_Final(key, &md);
@@ -1466,16 +1486,18 @@
memset(iv, 0, sizeof(iv));
// decrypt
- cipher_init_SSH2(&cipher_ctx, key, 24, iv, 8, CIPHER_DECRYPT, EVP_des_ede3_cbc(), 0, 0, pvar);
+ cipher_init_SSH2(cipher_ctx, key, 24, iv, 8, CIPHER_DECRYPT, EVP_des_ede3_cbc(), 0, 0, pvar);
decrypted = (char *)malloc(len);
- if (EVP_Cipher(&cipher_ctx, decrypted, blob->buf + blob->offset, len) == 0) {
+ if (EVP_Cipher(cipher_ctx, decrypted, blob->buf + blob->offset, len) == 0) {
strncpy_s(errmsg, errmsg_len, "Key decrypt error", _TRUNCATE);
- cipher_cleanup_SSH2(&cipher_ctx);
+ cipher_cleanup_SSH2(cipher_ctx);
+ EVP_CIPHER_CTX_free(cipher_ctx);
goto error;
}
buffer_append(blob2, decrypted, len);
free(decrypted);
- cipher_cleanup_SSH2(&cipher_ctx);
+ cipher_cleanup_SSH2(cipher_ctx);
+ EVP_CIPHER_CTX_free(cipher_ctx);
*invalid_passphrase = TRUE;
}
Modified: branches/openssl_1_1_1_v2/ttssh2/ttxssh/ttxssh.c
===================================================================
--- branches/openssl_1_1_1_v2/ttssh2/ttxssh/ttxssh.c 2019-06-22 07:53:10 UTC (rev 7788)
+++ branches/openssl_1_1_1_v2/ttssh2/ttxssh/ttxssh.c 2019-06-22 07:55:24 UTC (rev 7789)
@@ -144,6 +144,11 @@
FWDUI_init(pvar);
ssh_heartbeat_lock_initialize();
+
+ /********* OPENSSL1.1.1 NOTEST *********/
+ pvar->evpcip[MODE_IN] = EVP_CIPHER_CTX_new();
+ pvar->evpcip[MODE_OUT] = EVP_CIPHER_CTX_new();
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
}
static void uninit_TTSSH(PTInstVar pvar)
@@ -175,6 +180,10 @@
}
ssh_heartbeat_lock_finalize();
+
+ /********* OPENSSL1.1.1 NOTEST *********/
+ EVP_CIPHER_CTX_free(pvar->evpcip[MODE_IN]);
+ EVP_CIPHER_CTX_free(pvar->evpcip[MODE_OUT]);
}
static void PASCAL TTXInit(PTTSet ts, PComVar cv)
@@ -3579,7 +3588,7 @@
*/
struct ssh1_3des_ctx
{
- EVP_CIPHER_CTX k1, k2, k3;
+ EVP_CIPHER_CTX *k1, *k2, *k3;
};
static int ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, int enc)
@@ -3589,6 +3598,11 @@
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {
c = malloc(sizeof(*c));
+ /********* OPENSSL1.1.1 NOTEST *********/
+ c->k1 = EVP_CIPHER_CTX_new();
+ c->k2 = EVP_CIPHER_CTX_new();
+ c->k3 = EVP_CIPHER_CTX_new();
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
EVP_CIPHER_CTX_set_app_data(ctx, c);
}
if (key == NULL)
@@ -3603,12 +3617,15 @@
else
k1 += 16;
}
- EVP_CIPHER_CTX_init(&c->k1);
- EVP_CIPHER_CTX_init(&c->k2);
- EVP_CIPHER_CTX_init(&c->k3);
- if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||
- EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||
- EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {
+ EVP_CIPHER_CTX_init(c->k1);
+ EVP_CIPHER_CTX_init(c->k2);
+ EVP_CIPHER_CTX_init(c->k3);
+ if (EVP_CipherInit(c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||
+ EVP_CipherInit(c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||
+ EVP_CipherInit(c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {
+ EVP_CIPHER_CTX_free(c->k1);
+ EVP_CIPHER_CTX_free(c->k2);
+ EVP_CIPHER_CTX_free(c->k3);
SecureZeroMemory(c, sizeof(*c));
free(c);
EVP_CIPHER_CTX_set_app_data(ctx, NULL);
@@ -3625,9 +3642,10 @@
//error("ssh1_3des_cbc: no context");
return (0);
}
- if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 ||
- EVP_Cipher(&c->k2, dest, dest, len) == 0 ||
- EVP_Cipher(&c->k3, dest, dest, len) == 0)
+ /********* OPENSSL1.1.1 NOTEST *********/
+ if (EVP_Cipher(c->k1, dest, (u_char *)src, len) == 0 ||
+ EVP_Cipher(c->k2, dest, dest, len) == 0 ||
+ EVP_Cipher(c->k3, dest, dest, len) == 0)
return (0);
return (1);
}
@@ -3674,6 +3692,8 @@
const EVP_CIPHER *evp_ssh1_3des(void)
{
+ /*** TODO: OPENSSL1.1.1 \x83e\x83X\x83g\x8A\xAE\x97\xB9\x8C\xE3\x82ɍ폜\x82\xB7\x82\xE9 ***/
+#if 0
static EVP_CIPHER ssh1_3des;
memset(&ssh1_3des, 0, sizeof(EVP_CIPHER));
@@ -3686,6 +3706,22 @@
ssh1_3des.do_cipher = ssh1_3des_cbc;
ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH;
return (&ssh1_3des);
+#endif
+ static EVP_CIPHER *p = NULL;
+
+ /********* OPENSSL1.1.1 NOTEST *********/
+ if (p == NULL) {
+ p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/8, /*key_len*/16);
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
+ }
+ if (p) {
+ EVP_CIPHER_meth_set_iv_length(p, 0);
+ EVP_CIPHER_meth_set_init(p, ssh1_3des_init);
+ EVP_CIPHER_meth_set_cleanup(p, ssh1_3des_cleanup);
+ EVP_CIPHER_meth_set_do_cipher(p, ssh1_3des_cbc);
+ EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH);
+ }
+ return (p);
}
static void ssh_make_comment(char *comment, int maxlen)
@@ -4038,7 +4074,7 @@
int blocksize, keylen, ivlen, authlen, i, n;
unsigned char *key = NULL, salt[SALT_LEN];
char *kdfname = KDFNAME;
- EVP_CIPHER_CTX cipher_ctx;
+ EVP_CIPHER_CTX *cipher_ctx = NULL;
Key keyblob;
unsigned char *cp = NULL;
unsigned int len, check;
@@ -4049,7 +4085,9 @@
kdf = buffer_init();
encoded = buffer_init();
blob = buffer_init();
- if (b == NULL || kdf == NULL || encoded == NULL || blob == NULL)
+ /********* OPENSSL1.1.1 NOTEST *********/
+ cipher_ctx = EVP_CIPHER_CTX_new();
+ if (b == NULL || kdf == NULL || encoded == NULL || blob == NULL || cipher_ctx == NULL)
goto ed25519_error;
if (passphrase == NULL || !strlen(passphrase)) {
@@ -4175,6 +4213,11 @@
buffer_free(kdf);
buffer_free(encoded);
buffer_free(blob);
+
+ /********* OPENSSL1.1.1 NOTEST *********/
+ if (cipher_ctx) {
+ EVP_CIPHER_CTX_free(cipher_ctx);
+ }
}
static BOOL CALLBACK TTXKeyGenerator(HWND dlg, UINT msg, WPARAM wParam,
@@ -4791,7 +4834,7 @@
MD5_CTX md;
unsigned char digest[16];
char *passphrase = buf;
- EVP_CIPHER_CTX cipher_ctx;
+ EVP_CIPHER_CTX *cipher_ctx = NULL;
FILE *fp;
char wrapped[4096];
@@ -4810,6 +4853,10 @@
break;
}
+ /********* OPENSSL1.1.1 NOTEST *********/
+ cipher_ctx = EVP_CIPHER_CTX_new();
+ /*** TODO: OPENSSL1.1.1 ERROR CHECK ***/
+
// set random value
rnd = arc4random();
tmp[0] = rnd & 0xff;
@@ -4855,10 +4902,11 @@
MD5_Init(&md);
MD5_Update(&md, (const unsigned char *)passphrase, strlen(passphrase));
MD5_Final(digest, &md);
+ /********* OPENSSL1.1.1 NOTEST *********/
if (cipher_num == SSH_CIPHER_NONE) {
- cipher_init_SSH2(&cipher_ctx, digest, 16, NULL, 0, CIPHER_ENCRYPT, EVP_enc_null(), 0, 0, pvar);
+ cipher_init_SSH2(cipher_ctx, digest, 16, NULL, 0, CIPHER_ENCRYPT, EVP_enc_null(), 0, 0, pvar);
} else {
- cipher_init_SSH2(&cipher_ctx, digest, 16, NULL, 0, CIPHER_ENCRYPT, evp_ssh1_3des(), 0, 0, pvar);
+ cipher_init_SSH2(cipher_ctx, digest, 16, NULL, 0, CIPHER_ENCRYPT, evp_ssh1_3des(), 0, 0, pvar);
}
len = buffer_len(b);
if (len % 8) { // fatal error
@@ -4870,10 +4918,10 @@
goto error;
}
- if (EVP_Cipher(&cipher_ctx, wrapped, buffer_ptr(b), len) == 0) {
+ if (EVP_Cipher(cipher_ctx, wrapped, buffer_ptr(b), len) == 0) {
goto error;
}
- if (EVP_CIPHER_CTX_cleanup(&cipher_ctx) == 0) {
+ if (EVP_CIPHER_CTX_cleanup(cipher_ctx) == 0) {
goto error;
}
@@ -4896,6 +4944,10 @@
error:;
buffer_free(b);
buffer_free(enc);
+ /********* OPENSSL1.1.1 NOTEST *********/
+ if (cipher_ctx) {
+ EVP_CIPHER_CTX_free(cipher_ctx);
+ }
} else if (private_key.type == KEY_ED25519) { // SSH2 ED25519
save_bcrypt_private_key(buf, filename, comment, dlg, pvar, rounds);
Modified: branches/openssl_1_1_1_v2/ttssh2/ttxssh/ttxssh.h
===================================================================
--- branches/openssl_1_1_1_v2/ttssh2/ttxssh/ttxssh.h 2019-06-22 07:53:10 UTC (rev 7788)
+++ branches/openssl_1_1_1_v2/ttssh2/ttxssh/ttxssh.h 2019-06-22 07:55:24 UTC (rev 7789)
@@ -277,7 +277,7 @@
char *session_id;
int session_id_len;
SSHKeys ssh2_keys[MODE_MAX];
- EVP_CIPHER_CTX evpcip[MODE_MAX];
+ EVP_CIPHER_CTX *evpcip[MODE_MAX];
int userauth_success;
int shell_id;
/*int remote_id;*/