svnno****@sourc*****
svnno****@sourc*****
2014年 3月 9日 (日) 23:53:07 JST
Tera TermRevision: 5516
http://sourceforge.jp/projects/ttssh2/scm/svn/commits/5516
Author: yutakapon
Date: 2014-03-09 23:53:06 +0900 (Sun, 09 Mar 2014)
Log Message:
-----------
key_private_to_blob2()の50%をポーティングした。
Debug / Release ともビルドが通ることは確認済み。
Modified Paths:
--------------
branches/ssh_ed25519/ttssh2/ttxssh/buffer.c
branches/ssh_ed25519/ttssh2/ttxssh/buffer.h
branches/ssh_ed25519/ttssh2/ttxssh/ed25519_crypto_api.h
branches/ssh_ed25519/ttssh2/ttxssh/key.c
branches/ssh_ed25519/ttssh2/ttxssh/key.h
branches/ssh_ed25519/ttssh2/ttxssh/ssh.h
branches/ssh_ed25519/ttssh2/ttxssh/ttxssh.c
-------------- next part --------------
Modified: branches/ssh_ed25519/ttssh2/ttxssh/buffer.c
===================================================================
--- branches/ssh_ed25519/ttssh2/ttxssh/buffer.c 2014-03-08 15:45:58 UTC (rev 5515)
+++ branches/ssh_ed25519/ttssh2/ttxssh/buffer.c 2014-03-09 14:53:06 UTC (rev 5516)
@@ -266,6 +266,11 @@
}
}
+void buffer_put_cstring(buffer_t *msg, char *ptr)
+{
+ buffer_put_string(msg, ptr, strlen(ptr));
+}
+
void buffer_put_char(buffer_t *msg, int value)
{
char ch = value;
Modified: branches/ssh_ed25519/ttssh2/ttxssh/buffer.h
===================================================================
--- branches/ssh_ed25519/ttssh2/ttxssh/buffer.h 2014-03-08 15:45:58 UTC (rev 5515)
+++ branches/ssh_ed25519/ttssh2/ttxssh/buffer.h 2014-03-09 14:53:06 UTC (rev 5516)
@@ -21,6 +21,7 @@
void buffer_put_raw(buffer_t *msg, char *ptr, int size);
char *buffer_get_string(char **data_ptr, int *buflen_ptr);
void buffer_put_string(buffer_t *msg, char *ptr, int size);
+void buffer_put_cstring(buffer_t *msg, char *ptr);
void buffer_put_char(buffer_t *msg, int value);
void buffer_put_padding(buffer_t *msg, int size);
void buffer_put_int(buffer_t *msg, int value);
Modified: branches/ssh_ed25519/ttssh2/ttxssh/ed25519_crypto_api.h
===================================================================
--- branches/ssh_ed25519/ttssh2/ttxssh/ed25519_crypto_api.h 2014-03-08 15:45:58 UTC (rev 5515)
+++ branches/ssh_ed25519/ttssh2/ttxssh/ed25519_crypto_api.h 2014-03-09 14:53:06 UTC (rev 5516)
@@ -30,16 +30,16 @@
#include <stdio.h>
#include <stdlib.h>
-typedef unsigned char u_int8_t;
-typedef unsigned short int u_int16_t;
-typedef unsigned int u_int32_t;
-typedef long long int int64_t;
-typedef unsigned long long int u_int64_t;
+typedef unsigned char u_int8_t;
+typedef unsigned short int u_int16_t;
+typedef unsigned int u_int32_t;
+typedef long long int int64_t;
+typedef unsigned long long int u_int64_t;
-typedef u_int8_t uint8_t;
-typedef u_int16_t uint16_t;
-typedef u_int32_t uint32_t;
-typedef u_int64_t uint64_t;
+typedef u_int8_t uint8_t;
+typedef u_int16_t uint16_t;
+typedef u_int32_t uint32_t;
+typedef u_int64_t uint64_t;
typedef int crypto_int32;
typedef unsigned int crypto_uint32;
@@ -69,7 +69,7 @@
const unsigned char *, unsigned long long, const unsigned char *);
int crypto_sign_ed25519_keypair(unsigned char *, unsigned char *);
-int bcrypt_pbkdf(const char *, size_t, const u_int8_t *, size_t,
- u_int8_t *, size_t, unsigned int);
+int bcrypt_pbkdf(const char *, size_t, const u_int8_t *, size_t,
+ u_int8_t *, size_t, unsigned int);
#endif
Modified: branches/ssh_ed25519/ttssh2/ttxssh/key.c
===================================================================
--- branches/ssh_ed25519/ttssh2/ttxssh/key.c 2014-03-08 15:45:58 UTC (rev 5515)
+++ branches/ssh_ed25519/ttssh2/ttxssh/key.c 2014-03-09 14:53:06 UTC (rev 5516)
@@ -806,6 +806,10 @@
buffer_put_ecpoint(b, EC_KEY_get0_group(key->ecdsa),
EC_KEY_get0_public_key(key->ecdsa));
break;
+ case KEY_ED25519:
+ buffer_put_cstring(b, sshname);
+ buffer_put_string(b, key->ed25519_pk, ED25519_PK_SZ);
+ break;
default:
ret = 0;
Modified: branches/ssh_ed25519/ttssh2/ttxssh/key.h
===================================================================
--- branches/ssh_ed25519/ttssh2/ttxssh/key.h 2014-03-08 15:45:58 UTC (rev 5515)
+++ branches/ssh_ed25519/ttssh2/ttxssh/key.h 2014-03-09 14:53:06 UTC (rev 5516)
@@ -27,7 +27,11 @@
*/
#include "ttxssh.h"
+#include "ed25519_crypto_api.h"
+#define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES
+#define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES
+
int key_verify(Key *key,
unsigned char *signature, unsigned int signaturelen,
unsigned char *data, unsigned int datalen);
Modified: branches/ssh_ed25519/ttssh2/ttxssh/ssh.h
===================================================================
--- branches/ssh_ed25519/ttssh2/ttxssh/ssh.h 2014-03-08 15:45:58 UTC (rev 5515)
+++ branches/ssh_ed25519/ttssh2/ttxssh/ssh.h 2014-03-09 14:53:06 UTC (rev 5516)
@@ -260,6 +260,7 @@
{KEY_ECDSA256, "ecdsa-sha2-nistp256"}, // RFC5656
{KEY_ECDSA384, "ecdsa-sha2-nistp384"}, // RFC5656
{KEY_ECDSA521, "ecdsa-sha2-nistp521"}, // RFC5656
+ {KEY_ED25519, "ssh-ed25519"},
{KEY_UNSPEC, "ssh-unknown"},
{KEY_NONE, NULL},
};
@@ -455,6 +456,9 @@
int bits;
unsigned char *exp;
unsigned char *mod;
+ // SSH2 ED25519
+ unsigned char *ed25519_sk;
+ unsigned char *ed25519_pk;
} Key;
// fingerprint\x82̎\xED\x95\xCA
Modified: branches/ssh_ed25519/ttssh2/ttxssh/ttxssh.c
===================================================================
--- branches/ssh_ed25519/ttssh2/ttxssh/ttxssh.c 2014-03-08 15:45:58 UTC (rev 5515)
+++ branches/ssh_ed25519/ttssh2/ttxssh/ttxssh.c 2014-03-09 14:53:06 UTC (rev 5516)
@@ -76,7 +76,6 @@
#include "buffer.h"
#include "cipher.h"
#include "key.h"
-#include "ed25519_crypto_api.h"
#include "sftp.h"
@@ -110,13 +109,13 @@
/* WIN32 allows multiple instances of a DLL */
static TInstVar InstVar;
-/* openssh private key file format */
-#define MARK_BEGIN "-----BEGIN OPENSSH PRIVATE KEY-----\n"
-#define MARK_END "-----END OPENSSH PRIVATE KEY-----\n"
-#define KDFNAME "bcrypt"
-#define AUTH_MAGIC "openssh-key-v1"
-#define SALT_LEN 16
-#define DEFAULT_CIPHERNAME "aes256-cbc"
+/* openssh private key file format */
+#define MARK_BEGIN "-----BEGIN OPENSSH PRIVATE KEY-----\n"
+#define MARK_END "-----END OPENSSH PRIVATE KEY-----\n"
+#define KDFNAME "bcrypt"
+#define AUTH_MAGIC "openssh-key-v1"
+#define SALT_LEN 16
+#define DEFAULT_CIPHERNAME "aes256-cbc"
#define DEFAULT_ROUNDS 16
/*
@@ -3411,9 +3410,6 @@
static ssh_public_key_t public_key = {NULL, NULL, NULL, NULL, NULL, KEY_UNSPEC};
-#define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES
-#define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES
-
static void free_ssh_key(void)
{
// DSA_free(), RSA_free()\x82\xC9NULL\x82\xF0\x93n\x82\xB5\x82Ă\xE0\x96\xE2\x91\xE8\x82͂Ȃ\xB5\x81B
@@ -4725,14 +4721,19 @@
} else if (private_key.type == KEY_ED25519) { // SSH2 ED25519 (based on key_private_to_blob2)
SSHCipher ciphernameval = SSH2_CIPHER_AES256_CBC;
- //char *ciphername = DEFAULT_CIPHERNAME;
+ char *ciphername = DEFAULT_CIPHERNAME;
int rounds = DEFAULT_ROUNDS;
buffer_t *b = NULL;
buffer_t *kdf = NULL;
+ buffer_t *encoded = NULL;
int block_size, keylen, ivlen, authlen;
unsigned char *key = NULL, salt[SALT_LEN];
- const char *kdfname = KDFNAME;
+ char *kdfname = KDFNAME;
char *passphrase = buf;
+ EVP_CIPHER_CTX cipher_ctx;
+ Key keyblob;
+ unsigned char *cp = NULL;
+ unsigned int len;
b = buffer_init();
if (b == NULL)
@@ -4747,20 +4748,45 @@
authlen = 0;
key = calloc(1, keylen + ivlen);
- if (strcmp(kdfname, "none") != 0) {
- arc4random_buf(salt, SALT_LEN);
- if (bcrypt_pbkdf(passphrase, strlen(passphrase),
- salt, SALT_LEN, key, keylen + ivlen, rounds) < 0)
- //fatal("bcrypt_pbkdf failed");
- ;
- buffer_put_string(&kdf, salt, SALT_LEN);
- buffer_put_int(&kdf, rounds);
+ if (strcmp(kdfname, "none") != 0) {
+ arc4random_buf(salt, SALT_LEN);
+ if (bcrypt_pbkdf(passphrase, strlen(passphrase),
+ salt, SALT_LEN, key, keylen + ivlen, rounds) < 0)
+ //fatal("bcrypt_pbkdf failed");
+ ;
+ buffer_put_string(kdf, salt, SALT_LEN);
+ buffer_put_int(kdf, rounds);
}
+ // \x88Í\x86\x89\xBB\x82̏\x80\x94\xF5
+ // TODO: OpenSSH 6.5\x82ł\xCD -Z \x83I\x83v\x83V\x83\x87\x83\x93\x82ŁA\x88Í\x86\x89\xBB\x83A\x83\x8B\x83S\x83\x8A\x83Y\x83\x80\x82\xF0\x8Ew\x92\xE8\x89”\\x82\xBE\x82\xAA\x81A
+ // \x82\xB1\x82\xB1\x82ł\xCD"AES256-CBC"\x82ɌŒ\xE8\x82Ƃ\xB7\x82\xE9\x81B
+ cipher_init_SSH2(&cipher_ctx, key, keylen, key + keylen, ivlen, CIPHER_ENCRYPT,
+ get_cipher_EVP_CIPHER(ciphernameval), 0, pvar);
+ memset(key, 0, keylen + ivlen);
+ free(key);
+ encoded = buffer_init();
+ if (encoded == NULL)
+ goto ed25519_error;
+ buffer_append(encoded, AUTH_MAGIC, sizeof(AUTH_MAGIC));
+ buffer_put_cstring(encoded, ciphername);
+ buffer_put_cstring(encoded, kdfname);
+ buffer_put_string(encoded, buffer_ptr(kdf), buffer_len(kdf));
+ buffer_put_int(encoded, 1); /* number of keys */
+ // key_to_blob()\x82\xF0\x88ꎞ\x97\x98\x97p\x82\xB7\x82邽\x82߁AKey\x8D\\x91\xA2\x91̂\xF0\x8F\x89\x8A\x{227B0B7}\x82\xE9\x81B
+ keyblob.type = private_key.type;
+ keyblob.ed25519_pk = private_key.ed25519_pk;
+ keyblob.ed25519_sk = private_key.ed25519_sk;
+ key_to_blob(&keyblob, &cp, &len); /* public key */
+ buffer_put_string(encoded, cp, len);
+
+ memset(cp, 0, len);
+ free(cp);
+
ed25519_error:
buffer_free(b);
buffer_free(kdf);
- free(key);
+ buffer_free(encoded);
} else { // SSH2 RSA, DSA, ECDSA
int len;