[Ttssh2-commit] [6565] RSA構造体のメンバーアクセスを関数アクセスに変更した。

svnno****@sourc***** svnno****@sourc*****
2017年 1月 9日 (月) 00:36:19 JST


Revision: 6565
          http://sourceforge.jp/projects/ttssh2/scm/svn/commits/6565
Author:   yutakapon
Date:     2017-01-09 00:36:18 +0900 (Mon, 09 Jan 2017)
Log Message:
-----------
RSA構造体のメンバーアクセスを関数アクセスに変更した。

Modified Paths:
--------------
    branches/openssl_1_1_0/ttssh2/ttxssh/crypt.c
    branches/openssl_1_1_0/ttssh2/ttxssh/hosts.c
    branches/openssl_1_1_0/ttssh2/ttxssh/key.c
    branches/openssl_1_1_0/ttssh2/ttxssh/keyfiles.c
    branches/openssl_1_1_0/ttssh2/ttxssh/ssh.c
    branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c

-------------- next part --------------
Modified: branches/openssl_1_1_0/ttssh2/ttxssh/crypt.c
===================================================================
--- branches/openssl_1_1_0/ttssh2/ttxssh/crypt.c	2017-01-08 04:36:03 UTC (rev 6564)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/crypt.c	2017-01-08 15:36:18 UTC (rev 6565)
@@ -872,23 +872,27 @@
                   unsigned char FAR * mod)
 {
 	RSA FAR *key = RSA_new();
+	BIGNUM *e = NULL, *n = NULL;
 
 	if (key != NULL) {
-		key->e = get_bignum(exp);
-		key->n = get_bignum(mod);
+		// OpenSSL 1.1.0\x82ł\xCDRSA\x8D\\x91\xA2\x91̂̃\x81\x83\x93\x83o\x81[\x82ɒ\xBC\x90ڃA\x83N\x83Z\x83X\x82ł\xAB\x82Ȃ\xA2\x82\xBD\x82߁A
+		// RSA_get0_key\x8A֐\x94\x82Ŏ擾\x82\xB7\x82\xE9\x95K\x97v\x82\xAA\x82\xA0\x82\xE9\x81B
+		e = get_bignum(exp);
+		n = get_bignum(mod);
+		RSA_set0_key(key, n, e, NULL);
 	}
 
-	if (key == NULL || key->e == NULL || key->n == NULL) {
+	if (key == NULL || e == NULL || n == NULL) {
 		UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
 		                  "Error setting up RSA keys");
 		notify_fatal_error(pvar, pvar->ts->UIMsg, TRUE);
 
 		if (key != NULL) {
-			if (key->e != NULL) {
-				BN_free(key->e);
+			if (e != NULL) {
+				BN_free(e);
 			}
-			if (key->n != NULL) {
-				BN_free(key->n);
+			if (n != NULL) {
+				BN_free(n);
 			}
 			RSA_free(key);
 		}
@@ -1192,12 +1196,21 @@
 
 int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
 {
-	int server_key_bits =
-		BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
-	int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
-	int server_key_bytes = (server_key_bits + 7) / 8;
-	int host_key_bytes = (host_key_bits + 7) / 8;
+	int server_key_bits;
+	int host_key_bits;
+	int server_key_bytes;
+	int host_key_bytes;
+	BIGNUM *n;
 
+	RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &n, NULL, NULL);
+	server_key_bits = BN_num_bits(n);
+
+	RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &n, NULL, NULL);
+	host_key_bits = BN_num_bits(n);
+
+	server_key_bytes = (server_key_bits + 7) / 8;
+	host_key_bytes = (host_key_bits + 7) / 8;
+
 	if (server_key_bits < host_key_bits) {
 		return host_key_bytes;
 	} else {
@@ -1208,14 +1221,23 @@
 int CRYPT_choose_session_key(PTInstVar pvar,
                              unsigned char FAR * encrypted_key_buf)
 {
-	int server_key_bits =
-		BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
-	int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
-	int server_key_bytes = (server_key_bits + 7) / 8;
-	int host_key_bytes = (host_key_bits + 7) / 8;
+	int server_key_bits;
+	int host_key_bits;
+	int server_key_bytes;
+	int host_key_bytes;
 	int encrypted_key_bytes;
 	int bit_delta;
+	BIGNUM *server_n, *host_n;
 
+	RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &server_n, NULL, NULL);
+	server_key_bits = BN_num_bits(server_n);
+
+	RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &host_n, NULL, NULL);
+	host_key_bits = BN_num_bits(host_n);
+
+	server_key_bytes = (server_key_bits + 7) / 8;
+	host_key_bytes = (host_key_bits + 7) / 8;
+
 	if (server_key_bits < host_key_bits) {
 		encrypted_key_bytes = host_key_bytes;
 		bit_delta = host_key_bits - server_key_bits;
@@ -1237,8 +1259,8 @@
 		char session_id[16];
 		int i;
 
-		BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
-		BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
+		BN_bn2bin(host_n, session_buf);
+		BN_bn2bin(server_n,
 		          session_buf + host_key_bytes);
 		memcpy(session_buf + server_key_bytes + host_key_bytes,
 		       pvar->crypt_state.server_cookie, 8);
@@ -1308,16 +1330,27 @@
                                           int challenge_len,
                                           unsigned char FAR * response)
 {
-	int server_key_bits =
-		BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
-	int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
-	int server_key_bytes = (server_key_bits + 7) / 8;
-	int host_key_bytes = (host_key_bits + 7) / 8;
-	int session_buf_len = server_key_bytes + host_key_bytes + 8;
-	char FAR *session_buf = (char FAR *) malloc(session_buf_len);
+	int server_key_bits;
+	int host_key_bits;
+	int server_key_bytes;
+	int host_key_bytes;
+	int session_buf_len;
+	char FAR *session_buf;
 	char decrypted_challenge[48];
 	int decrypted_challenge_len;
+	BIGNUM *server_n, *host_n;
 
+	RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &server_n, NULL, NULL);
+	server_key_bits = BN_num_bits(server_n);
+
+	RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &host_n, NULL, NULL);
+	host_key_bits = BN_num_bits(host_n);
+
+	server_key_bytes = (server_key_bits + 7) / 8;
+	host_key_bytes = (host_key_bits + 7) / 8;
+	session_buf_len = server_key_bytes + host_key_bytes + 8;
+	session_buf = (char FAR *) malloc(session_buf_len);
+
 	decrypted_challenge_len =
 		RSA_private_decrypt(challenge_len, challenge, challenge,
 		                    AUTH_get_cur_cred(pvar)->key_pair->rsa,
@@ -1338,8 +1371,8 @@
 		       decrypted_challenge_len);
 	}
 
-	BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
-	BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
+	BN_bn2bin(host_n, session_buf);
+	BN_bn2bin(server_n,
 	          session_buf + host_key_bytes);
 	memcpy(session_buf + server_key_bytes + host_key_bytes,
 	       pvar->crypt_state.server_cookie, 8);
@@ -1903,6 +1936,8 @@
 
 void CRYPT_get_server_key_info(PTInstVar pvar, char FAR * dest, int len)
 {
+	BIGNUM *server_n, *host_n;
+
 	if (SSHv1(pvar)) {
 		if (pvar->crypt_state.server_key.RSA_key == NULL
 		 || pvar->crypt_state.host_key.RSA_key == NULL) {
@@ -1909,11 +1944,14 @@
 			UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
 			strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
 		} else {
+			RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &server_n, NULL, NULL);
+			RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &host_n, NULL, NULL);
+
 			UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
 			                  "%d-bit server key, %d-bit host key");
 			_snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
-			            BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
-			            BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
+			            BN_num_bits(server_n),
+			            BN_num_bits(host_n));
 		}
 	} else { // SSH2
 			UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO2", pvar,

Modified: branches/openssl_1_1_0/ttssh2/ttxssh/hosts.c
===================================================================
--- branches/openssl_1_1_0/ttssh2/ttxssh/hosts.c	2017-01-08 04:36:03 UTC (rev 6564)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/hosts.c	2017-01-08 15:36:18 UTC (rev 6565)
@@ -982,6 +982,8 @@
 	const EC_GROUP *group;
 	const EC_POINT *pa, *pb;
 	Key *a, *b;
+	BIGNUM *e = NULL, *n = NULL;
+	BIGNUM *se = NULL, *sn = NULL;
 
 	if (src->type != key->type) {
 		return -1;
@@ -1002,9 +1004,11 @@
 		*/
 
 	case KEY_RSA: // SSH2 RSA host public key
+		RSA_get0_key(key->rsa, &n, &e, NULL);
+		RSA_get0_key(src->rsa, &sn, &se, NULL);
 		return key->rsa != NULL && src->rsa != NULL &&
-			BN_cmp(key->rsa->e, src->rsa->e) == 0 &&
-			BN_cmp(key->rsa->n, src->rsa->n) == 0;
+			BN_cmp(e, se) == 0 &&
+			BN_cmp(n, sn) == 0;
 
 	case KEY_DSA: // SSH2 DSA host public key
 		return key->dsa != NULL && src->dsa &&

Modified: branches/openssl_1_1_0/ttssh2/ttxssh/key.c
===================================================================
--- branches/openssl_1_1_0/ttssh2/ttxssh/key.c	2017-01-08 04:36:03 UTC (rev 6564)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/key.c	2017-01-08 15:36:18 UTC (rev 6565)
@@ -520,20 +520,26 @@
 RSA *duplicate_RSA(RSA *src)
 {
 	RSA *rsa = NULL;
+	BIGNUM *e = NULL, *n = NULL;
+	BIGNUM *se = NULL, *sn = NULL;
 
 	rsa = RSA_new();
 	if (rsa == NULL)
 		goto error;
-	rsa->n = BN_new();
-	rsa->e = BN_new();
-	if (rsa->n == NULL || rsa->e == NULL) {
+
+	n = BN_new();
+	e = BN_new();
+	RSA_set0_key(rsa, n, e, NULL);
+	if (n == NULL || e == NULL) {
 		RSA_free(rsa);
 		goto error;
 	}
 
+	RSA_get0_key(src, &sn, &se, NULL);
+
 	// \x90[\x82\xA2\x83R\x83s\x81[(deep copy)\x82\xF0\x8Ds\x82\xA4\x81B\x90󂢃R\x83s\x81[(shallow copy)\x82\xCDNG\x81B
-	BN_copy(rsa->n, src->n);
-	BN_copy(rsa->e, src->e);
+	BN_copy(n, sn);
+	BN_copy(e, se);
 
 error:
 	return (rsa);
@@ -626,6 +632,7 @@
 	int len = 0;
 	int nlen, elen;
 	RSA *rsa;
+	BIGNUM *e = NULL, *n = NULL;
 
 	ctx = EVP_MD_CTX_new();
 	if (ctx == NULL)
@@ -650,15 +657,16 @@
 	switch (k->type) {
 	case KEY_RSA1:
 		rsa = make_key(NULL, k->bits, k->exp, k->mod);
-		nlen = BN_num_bytes(rsa->n);
-		elen = BN_num_bytes(rsa->e);
+		RSA_get0_key(rsa, &n, &e, NULL);
+		nlen = BN_num_bytes(n);
+		elen = BN_num_bytes(e);
 		len = nlen + elen;
 		blob = malloc(len);
 		if (blob == NULL) {
 			// TODO:
 		}
-		BN_bn2bin(rsa->n, blob);
-		BN_bn2bin(rsa->e, blob + nlen);
+		BN_bn2bin(n, blob);
+		BN_bn2bin(e, blob + nlen);
 		RSA_free(rsa);
 		break;
 
@@ -725,12 +733,15 @@
 unsigned int
 key_size(const Key *k)
 {
+	BIGNUM *n = NULL;
+
 	switch (k->type) {
 	case KEY_RSA1:
 		// SSH1\x82̏ꍇ\x82\xCD key->rsa \x82\xC6 key->dsa \x82\xCD NULL \x82ł\xA0\x82\xE9\x82̂ŁA\x8Eg\x82\xED\x82Ȃ\xA2\x81B
 		return k->bits;
 	case KEY_RSA:
-		return BN_num_bits(k->rsa->n);
+		RSA_get0_key(k->rsa, &n, NULL, NULL);
+		return BN_num_bits(n);
 	case KEY_DSA:
 		return BN_num_bits(k->dsa->p);
 	case KEY_ECDSA256:
@@ -949,17 +960,27 @@
 //
 static void key_add_private(Key *k)
 {
+	BIGNUM *d, *iqmp, *q, *p, *dmq1, *dmp1;
+
+	d = iqmp = q = p = dmq1 = dmp1 = NULL;
+
 	switch (k->type) {
 		case KEY_RSA1:
 		case KEY_RSA:
-			k->rsa->d = BN_new();
-			k->rsa->iqmp = BN_new();
-			k->rsa->q = BN_new();
-			k->rsa->p = BN_new();
-			k->rsa->dmq1 = BN_new();
-			k->rsa->dmp1 = BN_new();
-			if (k->rsa->d == NULL || k->rsa->iqmp == NULL || k->rsa->q == NULL ||
-				k->rsa->p == NULL || k->rsa->dmq1 == NULL || k->rsa->dmp1 == NULL)
+			d = BN_new();
+			RSA_set0_key(k->rsa, NULL, NULL, d);
+
+			iqmp = BN_new();
+			q = BN_new();
+			p = BN_new();
+			RSA_set0_factors(k->rsa, p, q);
+
+			dmq1 = BN_new();
+			dmp1 = BN_new();
+			RSA_set0_crt_params(k->rsa, dmp1, dmq1, iqmp);
+
+			if (d == NULL || iqmp == NULL || q == NULL ||
+				p == NULL || dmq1 == NULL || dmp1 == NULL)
 				goto error;
 			break;
 
@@ -989,29 +1010,24 @@
 	return;
 
 error:
-	if (k->rsa->d) {
-		BN_free(k->rsa->d);
-		k->rsa->d = NULL;
+	if (d) {
+		BN_free(d);
+		// RSA_set0_key\x8A֐\x94\x82ł̓\x81\x83\x93\x83o\x81[\x82\xC9NULL\x82\xF0\x83Z\x83b\x83g\x82\xB7\x82邱\x82Ƃ͂ł\xAB\x82Ȃ\xA2\x81B
 	}
-	if (k->rsa->iqmp) {
-		BN_free(k->rsa->iqmp);
-		k->rsa->iqmp = NULL;
+	if (iqmp) {
+		BN_free(iqmp);
 	}
-	if (k->rsa->q) {
-		BN_free(k->rsa->q);
-		k->rsa->q = NULL;
+	if (q) {
+		BN_free(q);
 	}
-	if (k->rsa->p) {
-		BN_free(k->rsa->p);
-		k->rsa->p = NULL;
+	if (p) {
+		BN_free(p);
 	}
-	if (k->rsa->dmq1) {
-		BN_free(k->rsa->dmq1);
-		k->rsa->dmq1 = NULL;
+	if (dmq1) {
+		BN_free(dmq1);
 	}
-	if (k->rsa->dmp1) {
-		BN_free(k->rsa->dmp1);
-		k->rsa->dmp1 = NULL;
+	if (dmp1) {
+		BN_free(dmp1);
 	}
 
 
@@ -1037,6 +1053,7 @@
 	Key *k = NULL;
 	RSA *rsa;
 	DSA *dsa;
+	BIGNUM *e = NULL, *n = NULL;
 
 	k = calloc(1, sizeof(Key));
 	if (k == NULL)
@@ -1054,9 +1071,10 @@
 			rsa = RSA_new();
 			if (rsa == NULL)
 				goto error;
-			rsa->n = BN_new();
-			rsa->e = BN_new();
-			if (rsa->n == NULL || rsa->e == NULL)
+			n = BN_new();
+			e = BN_new();
+			RSA_set0_key(rsa, n, e, NULL);
+			if (n == NULL || e == NULL)
 				goto error;
 			k->rsa = rsa;
 			break;
@@ -1236,6 +1254,7 @@
 	char *sshname, *tmp;
 	int len;
 	int ret = 1;  // success
+	BIGNUM *e = NULL, *n = NULL;
 
 	b = buffer_init();
 	sshname = get_sshname_from_key(key);
@@ -1242,9 +1261,10 @@
 
 	switch (key->type) {
 	case KEY_RSA:
+		RSA_get0_key(key->rsa, &n, &e, NULL);
 		buffer_put_string(b, sshname, strlen(sshname));
-		buffer_put_bignum2(b, key->rsa->e);
-		buffer_put_bignum2(b, key->rsa->n);
+		buffer_put_bignum2(b, e);
+		buffer_put_bignum2(b, n);
 		break;
 	case KEY_DSA:
 		buffer_put_string(b, sshname, strlen(sshname));
@@ -1307,6 +1327,7 @@
 	Key *hostkey = NULL;  // hostkey
 	ssh_keytype type;
 	unsigned char *pk = NULL;
+	BIGNUM *e = NULL, *n = NULL;
 
 	if (data == NULL)
 		goto error;
@@ -1334,14 +1355,15 @@
 		if (rsa == NULL) {
 			goto error;
 		}
-		rsa->n = BN_new();
-		rsa->e = BN_new();
-		if (rsa->n == NULL || rsa->e == NULL) {
+		n = BN_new();
+		e = BN_new();
+		RSA_set0_key(rsa, n, e, NULL);
+		if (n == NULL || e == NULL) {
 			goto error;
 		}
 
-		buffer_get_bignum2(&data, rsa->e);
-		buffer_get_bignum2(&data, rsa->n);
+		buffer_get_bignum2(&data, e);
+		buffer_get_bignum2(&data, n);
 
 		hostkey->type = type;
 		hostkey->rsa = rsa;
@@ -1674,6 +1696,7 @@
 	buffer_t *msg = NULL;
 	Key *keypair;
 	char *s, *tmp;
+	BIGNUM *e = NULL, *n = NULL;
 
 	msg = buffer_init();
 	if (msg == NULL) {
@@ -1686,9 +1709,10 @@
 	switch (keypair->type) {
 	case KEY_RSA: // RSA
 		s = get_sshname_from_key(keypair);
+		RSA_get0_key(keypair->rsa, &n, &e, NULL);
 		buffer_put_string(msg, s, strlen(s));
-		buffer_put_bignum2(msg, keypair->rsa->e); // \x8C\xF6\x8AJ\x8Ew\x90\x94
-		buffer_put_bignum2(msg, keypair->rsa->n); // p\x81~q
+		buffer_put_bignum2(msg, e); // \x8C\xF6\x8AJ\x8Ew\x90\x94
+		buffer_put_bignum2(msg, n); // p\x81~q
 		break;
 	case KEY_DSA: // DSA
 		s = get_sshname_from_key(keypair);
@@ -1778,6 +1802,7 @@
 void key_private_serialize(Key *key, buffer_t *b)
 {
 	char *s;
+	BIGNUM *e, *n, *d, *iqmp, *p, *q;
 	
 	s = get_sshname_from_key(key);
 	buffer_put_cstring(b, s);
@@ -1784,12 +1809,16 @@
 
 	switch (key->type) {
 		case KEY_RSA:
-			buffer_put_bignum2(b, key->rsa->n);
-			buffer_put_bignum2(b, key->rsa->e);
-			buffer_put_bignum2(b, key->rsa->d);
-			buffer_put_bignum2(b, key->rsa->iqmp);
-			buffer_put_bignum2(b, key->rsa->p);
-			buffer_put_bignum2(b, key->rsa->q);
+			RSA_get0_key(key->rsa, &n, &e, &d);
+			RSA_get0_factors(key->rsa, &p, &q);
+			RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp);
+
+			buffer_put_bignum2(b, n);
+			buffer_put_bignum2(b, e);
+			buffer_put_bignum2(b, d);
+			buffer_put_bignum2(b, iqmp);
+			buffer_put_bignum2(b, p);
+			buffer_put_bignum2(b, q);
 			break;
 
 		case KEY_DSA:
@@ -1824,6 +1853,7 @@
 {
 	BIGNUM *aux = NULL;
 	BN_CTX *ctx = NULL;
+	BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
 
 	if ((aux = BN_new()) == NULL)
 		goto error;
@@ -1830,10 +1860,14 @@
 	if ((ctx = BN_CTX_new()) == NULL)
 		goto error;
 
-	if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) ||
-	    (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) ||
-	    (BN_sub(aux, rsa->p, BN_value_one()) == 0) ||
-	    (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0))
+	RSA_get0_key(rsa, &n, &e, &d);
+	RSA_get0_factors(rsa, &p, &q);
+	RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
+
+	if ((BN_sub(aux, q, BN_value_one()) == 0) ||
+	    (BN_mod(dmq1, d, aux, ctx) == 0) ||
+	    (BN_sub(aux, p, BN_value_one()) == 0) ||
+	    (BN_mod(dmp1, d, aux, ctx) == 0))
 		goto error;
 
 error:
@@ -1886,6 +1920,7 @@
 	Key *k = NULL;
 	unsigned int pklen, sklen;
 	int type;
+	BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
 
 	type_name = buffer_get_string_msg(blob, NULL);
 	if (type_name == NULL)
@@ -1896,13 +1931,17 @@
 
 	switch (type) {
 		case KEY_RSA:
-			buffer_get_bignum2_msg(blob, k->rsa->n);
-			buffer_get_bignum2_msg(blob, k->rsa->e);
-			buffer_get_bignum2_msg(blob, k->rsa->d);
-			buffer_get_bignum2_msg(blob, k->rsa->iqmp);
-			buffer_get_bignum2_msg(blob, k->rsa->p);
-			buffer_get_bignum2_msg(blob, k->rsa->q);
+			RSA_get0_key(k->rsa, &n, &e, &d);
+			RSA_get0_factors(k->rsa, &p, &q);
+			RSA_get0_crt_params(k->rsa, &dmp1, &dmq1, &iqmp);
 
+			buffer_get_bignum2_msg(blob, n);
+			buffer_get_bignum2_msg(blob, e);
+			buffer_get_bignum2_msg(blob, d);
+			buffer_get_bignum2_msg(blob, iqmp);
+			buffer_get_bignum2_msg(blob, p);
+			buffer_get_bignum2_msg(blob, q);
+
 			/* Generate additional parameters */
 			rsa_generate_additional_parameters(k->rsa);
 			break;

Modified: branches/openssl_1_1_0/ttssh2/ttxssh/keyfiles.c
===================================================================
--- branches/openssl_1_1_0/ttssh2/ttxssh/keyfiles.c	2017-01-08 04:36:03 UTC (rev 6564)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/keyfiles.c	2017-01-08 15:36:18 UTC (rev 6565)
@@ -68,24 +68,31 @@
 	BOOL OK = FALSE;
 	BIGNUM *r = BN_new();
 	BN_CTX *ctx = BN_CTX_new();
+	BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
 
-	if (BN_cmp(key->p, key->q) < 0) {
-		BIGNUM *tmp = key->p;
+	RSA_get0_key(key, &n, &e, &d);
+	RSA_get0_factors(key, &p, &q);
+	RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp);
 
-		key->p = key->q;
-		key->q = tmp;
+	if (BN_cmp(p, q) < 0) {
+		BIGNUM *tmp = p;
+
+		p = q;
+		q = tmp;
+		RSA_set0_factors(key, p, q);
 	}
 
 	if (r != NULL && ctx != NULL) {
-		key->dmp1 = BN_new();
-		key->dmq1 = BN_new();
-		key->iqmp = BN_mod_inverse(NULL, key->q, key->p, ctx);
+		dmp1 = BN_new();
+		dmq1 = BN_new();
+		iqmp = BN_mod_inverse(NULL, q, p, ctx);
+		RSA_set0_crt_params(key, dmp1, dmq1, iqmp);
 
-		if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) {
-			OK = BN_sub(r, key->p, BN_value_one())
-			  && BN_mod(key->dmp1, key->d, r, ctx)
-			  && BN_sub(r, key->q, BN_value_one())
-			  && BN_mod(key->dmq1, key->d, r, ctx);
+		if (dmp1 != NULL && dmq1 != NULL && iqmp != NULL) {
+			OK = BN_sub(r, p, BN_value_one())
+			  && BN_mod(dmp1, d, r, ctx)
+			  && BN_sub(r, q, BN_value_one())
+			  && BN_mod(dmq1, d, r, ctx);
 		}
 	}
 
@@ -109,6 +116,7 @@
 	int cipher;
 	RSA FAR *key;
 	unsigned int E_index, N_index, D_index, U_index, P_index, Q_index = 0;
+	BIGNUM *e, *n, *d, *p, *q;
 
 	*invalid_passphrase = FALSE;
 
@@ -293,11 +301,13 @@
 	}
 
 	key = RSA_new();
-	key->n = get_bignum(keyfile_data + N_index);
-	key->e = get_bignum(keyfile_data + E_index);
-	key->d = get_bignum(keyfile_data + D_index);
-	key->p = get_bignum(keyfile_data + P_index);
-	key->q = get_bignum(keyfile_data + Q_index);
+	n = get_bignum(keyfile_data + N_index);
+	e = get_bignum(keyfile_data + E_index);
+	d = get_bignum(keyfile_data + D_index);
+	RSA_set0_key(key, e, n, d);
+	p = get_bignum(keyfile_data + P_index);
+	q = get_bignum(keyfile_data + Q_index);
+	RSA_set0_factors(key, p, q);
 
 	if (!normalize_key(key)) {
 		UTIL_get_lang_msg("MSG_KEYFILES_CRYPTOLIB_ERROR", pvar,
@@ -380,7 +390,7 @@
 	encoded = buffer_init();
 	copy_consumed = buffer_init();
 	cipher_ctx = EVP_CIPHER_CTX_new();
-	if (blob == NULL || b == NULL || ;kdf == NULL || encoded == NULL || copy_consumed == NULL || cipher_ctx == NULL)
+	if (blob == NULL || b == NULL || kdf == NULL || encoded == NULL || copy_consumed == NULL || cipher_ctx == NULL)
 		goto error;
 
 	// \x83t\x83@\x83C\x83\x8B\x82\xF0\x82\xB7\x82ׂēǂݍ\x9E\x82\xDE
@@ -1031,6 +1041,8 @@
 	case KEY_RSA:
 	{
 		char *pubkey_type, *pub, *pri;
+		BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
+
 		pub = pubkey->buf;
 		pri = prikey->buf;
 		pubkey_type = buffer_get_string(&pub, NULL);
@@ -1046,29 +1058,34 @@
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
-		result->rsa->e = BN_new();
-		result->rsa->n = BN_new();
-		result->rsa->d = BN_new();
-		result->rsa->p = BN_new();
-		result->rsa->q = BN_new();
-		result->rsa->iqmp = BN_new();
-		if (result->rsa->e == NULL ||
-		    result->rsa->n == NULL ||
-		    result->rsa->d == NULL ||
-		    result->rsa->p == NULL ||
-		    result->rsa->q == NULL ||
-		    result->rsa->iqmp == NULL) {
+		e = BN_new();
+		n = BN_new();
+		d = BN_new();
+		RSA_set0_key(result->rsa, e, n, d);
+
+		p = BN_new();
+		q = BN_new();
+		RSA_set0_factors(result->rsa, p, q);
+
+		iqmp = BN_new();
+		RSA_set0_crt_params(result->rsa, NULL, NULL, iqmp);
+		if (e == NULL ||
+		    n == NULL ||
+		    d == NULL ||
+		    p == NULL ||
+		    q == NULL ||
+		    iqmp == NULL) {
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
 
-		buffer_get_bignum2(&pub, result->rsa->e);
-		buffer_get_bignum2(&pub, result->rsa->n);
+		buffer_get_bignum2(&pub, e);
+		buffer_get_bignum2(&pub, n);
 
-		buffer_get_bignum2(&pri, result->rsa->d);
-		buffer_get_bignum2(&pri, result->rsa->p);
-		buffer_get_bignum2(&pri, result->rsa->q);
-		buffer_get_bignum2(&pri, result->rsa->iqmp);
+		buffer_get_bignum2(&pri, d);
+		buffer_get_bignum2(&pri, p);
+		buffer_get_bignum2(&pri, q);
+		buffer_get_bignum2(&pri, iqmp);
 
 		break;
 	}
@@ -1382,33 +1399,40 @@
 	switch (result->type) {
 	case KEY_RSA:
 	{
+		BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
+
 		result->rsa = RSA_new();
 		if (result->rsa == NULL) {
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
-		result->rsa->e = BN_new();
-		result->rsa->n = BN_new();
-		result->rsa->d = BN_new();
-		result->rsa->p = BN_new();
-		result->rsa->q = BN_new();
-		result->rsa->iqmp = BN_new();
-		if (result->rsa->e == NULL ||
-		    result->rsa->n == NULL ||
-		    result->rsa->d == NULL ||
-		    result->rsa->p == NULL ||
-		    result->rsa->q == NULL ||
-		    result->rsa->iqmp == NULL) {
+		e = BN_new();
+		n = BN_new();
+		d = BN_new();
+		RSA_set0_key(result->rsa, e, n, d);
+
+		p = BN_new();
+		q = BN_new();
+		RSA_set0_factors(result->rsa, p, q);
+
+		iqmp = BN_new();
+		RSA_set0_crt_params(result->rsa, NULL, NULL, iqmp);
+		if (e == NULL ||
+		    n == NULL ||
+		    d == NULL ||
+		    p == NULL ||
+		    q == NULL ||
+		    iqmp == NULL) {
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
 
-		buffer_get_bignum_SECSH(blob2, result->rsa->e);
-		buffer_get_bignum_SECSH(blob2, result->rsa->d);
-		buffer_get_bignum_SECSH(blob2, result->rsa->n);
-		buffer_get_bignum_SECSH(blob2, result->rsa->iqmp);
-		buffer_get_bignum_SECSH(blob2, result->rsa->p);
-		buffer_get_bignum_SECSH(blob2, result->rsa->q);
+		buffer_get_bignum_SECSH(blob2, e);
+		buffer_get_bignum_SECSH(blob2, d);
+		buffer_get_bignum_SECSH(blob2, n);
+		buffer_get_bignum_SECSH(blob2, iqmp);
+		buffer_get_bignum_SECSH(blob2, p);
+		buffer_get_bignum_SECSH(blob2, q);
 
 		break;
 	}

Modified: branches/openssl_1_1_0/ttssh2/ttxssh/ssh.c
===================================================================
--- branches/openssl_1_1_0/ttssh2/ttxssh/ssh.c	2017-01-08 04:36:03 UTC (rev 6564)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/ssh.c	2017-01-08 15:36:18 UTC (rev 6565)
@@ -2429,24 +2429,35 @@
 			}
 		}
 		else if (pvar->auth_state.cur_cred.method == SSH_AUTH_PAGEANT) {
-			int server_key_bits = BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
-			int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
-			int server_key_bytes = (server_key_bits + 7) / 8;
-			int host_key_bytes = (host_key_bits + 7) / 8;
-			int session_buf_len = server_key_bytes + host_key_bytes + 8;
-			char FAR *session_buf = (char FAR *) malloc(session_buf_len);
+			int server_key_bits;
+			int host_key_bits;
+			int server_key_bytes;
+			int host_key_bytes;
+			int session_buf_len;
+			char FAR *session_buf;
 			unsigned char session_id[16];
+			BIGNUM *server_n, *host_n;
 
 			unsigned char *hash;
 			int pubkeylen, hashlen;
 
+			RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &server_n, NULL, NULL);
+			RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &host_n, NULL, NULL);
+
+			server_key_bits = BN_num_bits(server_n);
+			host_key_bits = BN_num_bits(host_n);
+			server_key_bytes = (server_key_bits + 7) / 8;
+			host_key_bytes = (host_key_bits + 7) / 8;
+			session_buf_len = server_key_bytes + host_key_bytes + 8;
+			session_buf = (char FAR *) malloc(session_buf_len);
+
 			/* Pageant \x82Ƀn\x83b\x83V\x83\x85\x82\xF0\x8Cv\x8EZ\x82\xB5\x82Ă\xE0\x82炤 */
 			// \x8C\xF6\x8AJ\x8C\xAE\x82̒\xB7\x82\xB3
 			pubkeylen = putty_get_ssh1_keylen(pvar->pageant_curkey,
 			                                  pvar->pageant_keylistlen);
 			// \x83Z\x83b\x83V\x83\x87\x83\x93ID\x82\xF0\x8D쐬
-			BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
-			BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
+			BN_bn2bin(host_n, session_buf);
+			BN_bn2bin(server_n,
 			          session_buf + host_key_bytes);
 			memcpy(session_buf + server_key_bytes + host_key_bytes,
 			       pvar->crypt_state.server_cookie, 8);
@@ -2474,6 +2485,8 @@
 
 static void try_send_credentials(PTInstVar pvar)
 {
+	BIGNUM *e, *n;
+
 	if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_CREDENTIALS) == 0) {
 		AUTHCred FAR *cred = AUTH_get_cur_cred(pvar);
 		static const int RSA_msgs[] =
@@ -2530,8 +2543,12 @@
 				break;
 			}
 		case SSH_AUTH_RSA:{
-				int len = BN_num_bytes(cred->key_pair->rsa->n);
-				unsigned char FAR *outmsg =
+				int len;
+				unsigned char FAR *outmsg;
+
+				RSA_get0_key(cred->key_pair->rsa, &n, NULL, NULL);
+				len = BN_num_bytes(n);
+				outmsg =
 					begin_send_packet(pvar, SSH_CMSG_AUTH_RSA, 2 + len);
 
 				notify_verbose_message(pvar,
@@ -2539,17 +2556,23 @@
 				                       LOG_LEVEL_VERBOSE);
 
 				set_ushort16_MSBfirst(outmsg, len * 8);
-				BN_bn2bin(cred->key_pair->rsa->n, outmsg + 2);
+				BN_bn2bin(n, outmsg + 2);
 				/* don't destroy the current credentials yet */
 				enque_handlers(pvar, 2, RSA_msgs, RSA_handlers);
 				break;
 			}
 		case SSH_AUTH_RHOSTS_RSA:{
-				int mod_len = BN_num_bytes(cred->key_pair->rsa->n);
-				int name_len = strlen(cred->rhosts_client_user);
-				int exp_len = BN_num_bytes(cred->key_pair->rsa->e);
+				int mod_len;
+				int name_len;
+				int exp_len;
 				int index;
-				unsigned char FAR *outmsg =
+				unsigned char FAR *outmsg;
+
+				RSA_get0_key(cred->key_pair->rsa, &n, &e, NULL);
+				mod_len = BN_num_bytes(n);
+				name_len = strlen(cred->rhosts_client_user);
+				exp_len = BN_num_bytes(e);
+				outmsg =
 					begin_send_packet(pvar, SSH_CMSG_AUTH_RHOSTS_RSA,
 					                  12 + mod_len + name_len + exp_len);
 
@@ -2563,11 +2586,11 @@
 
 				set_uint32(outmsg + index, 8 * mod_len);
 				set_ushort16_MSBfirst(outmsg + index + 4, 8 * exp_len);
-				BN_bn2bin(cred->key_pair->rsa->e, outmsg + index + 6);
+				BN_bn2bin(e, outmsg + index + 6);
 				index += 6 + exp_len;
 
 				set_ushort16_MSBfirst(outmsg + index, 8 * mod_len);
-				BN_bn2bin(cred->key_pair->rsa->n, outmsg + index + 2);
+				BN_bn2bin(n, outmsg + index + 2);
 				/* don't destroy the current credentials yet */
 				enque_handlers(pvar, 2, RSA_msgs, RSA_handlers);
 				break;
@@ -5684,9 +5707,11 @@
 	if ((ret = key_verify(hostkey, signature, siglen, hash, hashlen)) != 1) {
 		if (ret == -3 && hostkey->type == KEY_RSA) {
 			if (!pvar->settings.EnableRsaShortKeyServer) {
+				BIGNUM *n;
+				RSA_get0_key(hostkey->rsa, &n, NULL, NULL);
 				_snprintf_s(emsg_tmp, sizeof(emsg_tmp), _TRUNCATE,
 				            "key verify error(remote rsa key length is too short %d-bit) "
-				            "@ handle_SSH2_dh_kex_reply()", BN_num_bits(hostkey->rsa->n));
+				            "@ handle_SSH2_dh_kex_reply()", BN_num_bits(n));
 			}
 			else {
 				goto cont;
@@ -5919,9 +5944,11 @@
 	if ((ret = key_verify(hostkey, signature, siglen, hash, hashlen)) != 1) {
 		if (ret == -3 && hostkey->type == KEY_RSA) {
 			if (!pvar->settings.EnableRsaShortKeyServer) {
+				BIGNUM *n;
+				RSA_get0_key(hostkey->rsa, &n, NULL, NULL);
 				_snprintf_s(emsg_tmp, sizeof(emsg_tmp), _TRUNCATE,
 				            "key verify error(remote rsa key length is too short %d-bit) "
-				            "@ handle_SSH2_dh_gex_reply()", BN_num_bits(hostkey->rsa->n));
+				            "@ handle_SSH2_dh_gex_reply()", BN_num_bits(n));
 			}
 			else {
 				goto cont;
@@ -6151,9 +6178,11 @@
 	if ((ret = key_verify(hostkey, signature, siglen, hash, hashlen)) != 1) {
 		if (ret == -3 && hostkey->type == KEY_RSA) {
 			if (!pvar->settings.EnableRsaShortKeyServer) {
+				BIGNUM *n;
+				RSA_get0_key(hostkey->rsa, &n, NULL, NULL);
 				_snprintf_s(emsg_tmp, sizeof(emsg_tmp), _TRUNCATE,
 				            "key verify error(remote rsa key length is too short %d-bit) "
-				            "@ handle_SSH2_ecdh_kex_reply()", BN_num_bits(hostkey->rsa->n));
+				            "@ handle_SSH2_ecdh_kex_reply()", BN_num_bits(n));
 			}
 			else {
 				goto cont;

Modified: branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c
===================================================================
--- branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c	2017-01-08 04:36:03 UTC (rev 6564)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c	2017-01-08 15:36:18 UTC (rev 6565)
@@ -3657,6 +3657,8 @@
 	{
 		RSA *priv = NULL;
 		RSA *pub = NULL;
+		BIGNUM *e, *n;
+		BIGNUM *p_e, *p_n;
 
 		// private key
 		priv =  RSA_generate_key(bits, 35, cbfunc, cbarg);
@@ -3666,15 +3668,18 @@
 
 		// public key
 		pub = RSA_new();
-		pub->n = BN_new();
-		pub->e = BN_new();
-		if (pub->n == NULL || pub->e == NULL) {
+		n = BN_new();
+		e = BN_new();
+		RSA_set0_key(pub, e, n, NULL);
+		if (n == NULL || e == NULL) {
 			RSA_free(pub);
 			goto error;
 		}
 
-		BN_copy(pub->n, priv->n);
-		BN_copy(pub->e, priv->e);
+		RSA_get0_key(priv, &p_n, &p_e, NULL);
+
+		BN_copy(n, p_n);
+		BN_copy(e, p_e);
 		public_key.rsa = pub;
 		break;
 	}
@@ -4875,15 +4880,18 @@
 				RSA *rsa = public_key.rsa;
 				int bits;
 				char *buf;
+				BIGNUM *e, *n;
 
-				bits = BN_num_bits(rsa->n);
+				RSA_get0_key(rsa, &n, &e, NULL);
+
+				bits = BN_num_bits(n);
 				fprintf(fp, "%u", bits);
 
-				buf = BN_bn2dec(rsa->e);
+				buf = BN_bn2dec(e);
 				fprintf(fp, " %s", buf);
 				OPENSSL_free(buf);
 
-				buf = BN_bn2dec(rsa->n);
+				buf = BN_bn2dec(n);
 				fprintf(fp, " %s", buf);
 				OPENSSL_free(buf);
 
@@ -4897,6 +4905,7 @@
 				char *blob;
 				char *uuenc; // uuencode data
 				int uulen;
+				BIGNUM *e, *n;
 
 				b = buffer_init();
 				if (b == NULL)
@@ -4913,10 +4922,11 @@
 					break;
 
 				case KEY_RSA: // RSA
+					RSA_get0_key(rsa, &n, &e, NULL);
 					keyname = "ssh-rsa";
 					buffer_put_string(b, keyname, strlen(keyname));
-					buffer_put_bignum2(b, rsa->e);
-					buffer_put_bignum2(b, rsa->n);
+					buffer_put_bignum2(b, e);
+					buffer_put_bignum2(b, n);
 					break;
 
 				case KEY_ECDSA256: // ECDSA
@@ -5089,6 +5099,7 @@
 				EVP_CIPHER_CTX *cipher_ctx = NULL;
 				FILE *fp;
 				char wrapped[4096];
+				BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
 
 				if (passphrase[0] == '\0') { // passphrase is empty
 					cipher_num = SSH_CIPHER_NONE;
@@ -5117,11 +5128,15 @@
 
 				// set private key
 				rsa = private_key.rsa;
-				buffer_put_bignum(b, rsa->d);
-				buffer_put_bignum(b, rsa->iqmp);
-				buffer_put_bignum(b, rsa->q);
-				buffer_put_bignum(b, rsa->p);
+				RSA_get0_key(rsa, &n, &e, &d);
+				RSA_get0_factors(rsa, &p, &q);
+				RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
 
+				buffer_put_bignum(b, d);
+				buffer_put_bignum(b, iqmp);
+				buffer_put_bignum(b, q);
+				buffer_put_bignum(b, p);
+
 				// padding with 8byte align
 				while (buffer_len(b) % 8) {
 					buffer_put_char(b, 0);
@@ -5143,9 +5158,9 @@
 				buffer_put_int(enc, 0);  // type is 'int'!! (For future extension)
 
 				/* Store public key.  This will be in plain text. */
-				buffer_put_int(enc, BN_num_bits(rsa->n));
-				buffer_put_bignum(enc, rsa->n);
-				buffer_put_bignum(enc, rsa->e);
+				buffer_put_int(enc, BN_num_bits(n));
+				buffer_put_bignum(enc, n);
+				buffer_put_bignum(enc, e);
 				buffer_put_string(enc, comment, strlen(comment));
 
 				// setup the MD5ed passphrase to cipher encryption key



Ttssh2-commit メーリングリストの案内