comment

7 months ago · 903d1bb497
parent 17910e6968
commit 903d1bb497
1 changed files with 48 additions and 48 deletions
--- a/src/Reptile/userland/transport/pel.c
+++ b/src/Reptile/userland/transport/pel.c
@ -14,42 +14,42 @@
 #include "pel.h"
 #include "sha1.h"
-/* global data */
+/* 全局数据 */
 int pel_errno;
 struct pel_context {
-	/* AES-CBC-128 variables */
+	/* AES-CBC-128 变量 */
-	struct aes_context SK; /* Rijndael session key  */
+	struct aes_context SK; /* Rijndael 会话密钥 */
-	unsigned char LCT[16]; /* last ciphertext block */
+	unsigned char LCT[16]; /* 最后一个密文块 */
-	/* HMAC-SHA1 variables */
+	/* HMAC-SHA1 变量 */
-	unsigned char k_ipad[64]; /* inner padding  */
+	unsigned char k_ipad[64]; /* 内部填充 */
-	unsigned char k_opad[64]; /* outer padding  */
+	unsigned char k_opad[64]; /* 外部填充 */
-	unsigned long int p_cntr; /* packet counter */
+	unsigned long int p_cntr; /* 数据包计数器 */
 };
-struct pel_context send_ctx; /* to encrypt outgoing data */
+struct pel_context send_ctx; /* 用于加密传出数据 */
-struct pel_context recv_ctx; /* to decrypt incoming data */
+struct pel_context recv_ctx; /* 用于解密传入数据 */
-unsigned char challenge[16] = /* version-specific */
+unsigned char challenge[16] = /* 版本特定 */
-    "\x58\x90\xAE\x86\xF1\xB9\x1C\xF6"
+	"\x58\x90\xAE\x86\xF1\xB9\x1C\xF6"
-    "\x29\x83\x95\x71\x1D\xDE\x58\x0D";
+	"\x29\x83\x95\x71\x1D\xDE\x58\x0D";
 unsigned char buffer[BUFSIZE + 16 + 20];
-/* function declaration */
+/* 函数声明 */
 void pel_setup_context(struct pel_context *pel_ctx, char *key,
-		       unsigned char IV[20]);
+			   unsigned char IV[20]);
 int pel_send_all(int s, void *buf, size_t len, int flags);
 int pel_recv_all(int s, void *buf, size_t len, int flags);
-/* session setup - client side */
+/* 会话初始化 - 客户端 */
 int pel_client_init(int server, char *key)
 {
@ -58,7 +58,7 @@ int pel_client_init(int server, char *key)
 	struct sha1_context sha1_ctx;
 	unsigned char IV1[20], IV2[20];
-	/* generate both initialization vectors */
+	/* 生成两个初始化向量 */
 	pid = getpid();
@ -90,26 +90,26 @@ int pel_client_init(int server, char *key)
 	memcpy(IV2, &buffer[20], 20);
-	/* and pass them to the server */
+	/* 将它们传递给服务器 */
 	ret = pel_send_all(server, buffer, 40, 0);
 	if (ret != PEL_SUCCESS)
 		return (PEL_FAILURE);
-	/* setup the session keys */
+	/* 设置会话密钥 */
 	pel_setup_context(&send_ctx, key, IV1);
 	pel_setup_context(&recv_ctx, key, IV2);
-	/* handshake - encrypt and send the client's challenge */
+	/* 握手 - 加密并发送客户端的挑战 */
 	ret = pel_send_msg(server, challenge, 16);
 	if (ret != PEL_SUCCESS)
 		return (PEL_FAILURE);
-	/* handshake - decrypt and verify the server's challenge */
+	/* 握手 - 解密并验证服务器的挑战 */
 	ret = pel_recv_msg(server, buffer, &len);
@ -127,14 +127,14 @@ int pel_client_init(int server, char *key)
 	return (PEL_SUCCESS);
 }
-/* session setup - server side */
+/* 会话初始化 - 服务器 */
 int pel_server_init(int client, char *key)
 {
 	int ret, len;
 	unsigned char IV1[20], IV2[20];
-	/* get the IVs from the client */
+	/* 从客户端获取 IVs */
 	ret = pel_recv_all(client, buffer, 40, 0);
@ -144,12 +144,12 @@ int pel_server_init(int client, char *key)
 	memcpy(IV2, &buffer[0], 20);
 	memcpy(IV1, &buffer[20], 20);
-	/* setup the session keys */
+	/* 设置会话密钥 */
 	pel_setup_context(&send_ctx, key, IV1);
 	pel_setup_context(&recv_ctx, key, IV2);
-	/* handshake - decrypt and verify the client's challenge */
+	/* 握手 - 解密并验证客户端的挑战 */
 	ret = pel_recv_msg(client, buffer, &len);
@ -162,7 +162,7 @@ int pel_server_init(int client, char *key)
 		return (PEL_FAILURE);
 	}
-	/* handshake - encrypt and send the server's challenge */
+	/* 握手 - 加密并发送服务器的挑战 */
 	ret = pel_send_msg(client, challenge, 16);
@ -174,10 +174,10 @@ int pel_server_init(int client, char *key)
 	return (PEL_SUCCESS);
 }
-/* this routine computes the AES & HMAC session keys */
+/* 该例程计算 AES 和 HMAC 会话密钥 */
 void pel_setup_context(struct pel_context *pel_ctx, char *key,
-		       unsigned char IV[20])
+			   unsigned char IV[20])
 {
 	int i;
 	struct sha1_context sha1_ctx;
@ -202,7 +202,7 @@ void pel_setup_context(struct pel_context *pel_ctx, char *key,
 	pel_ctx->p_cntr = 0;
 }
-/* encrypt and transmit a message */
+/* 加密并传输消息 */
 int pel_send_msg(int sockfd, unsigned char *msg, int length)
 {
@ -210,7 +210,7 @@ int pel_send_msg(int sockfd, unsigned char *msg, int length)
 	struct sha1_context sha1_ctx;
 	int i, j, ret, blk_len;
-	/* verify the message length */
+	/* 验证消息长度 */
 	if (length <= 0 || length > BUFSIZE) {
 		pel_errno = PEL_BAD_MSG_LENGTH;
@ -218,16 +218,16 @@ int pel_send_msg(int sockfd, unsigned char *msg, int length)
 		return (PEL_FAILURE);
 	}
-	/* write the message length at start of buffer */
+	/* 将消息长度写入缓冲区开始位置 */
 	buffer[0] = (length >> 8) & 0xFF;
 	buffer[1] = (length)&0xFF;
-	/* append the message content */
+	/* 追加消息内容 */
 	memcpy(buffer + 2, msg, length);
-	/* round up to AES block length (16 bytes) */
+	/* 向上取整到 AES 块长度 (16 字节) */
 	blk_len = 2 + length;
@ -235,7 +235,7 @@ int pel_send_msg(int sockfd, unsigned char *msg, int length)
 		blk_len += 16 - (blk_len & 0x0F);
 	}
-	/* encrypt the buffer with AES-CBC-128 */
+	/* 使用 AES-CBC-128 加密缓冲区 */
 	for (i = 0; i < blk_len; i += 16) {
 		for (j = 0; j < 16; j++) {
@ -247,7 +247,7 @@ int pel_send_msg(int sockfd, unsigned char *msg, int length)
 		memcpy(send_ctx.LCT, &buffer[i], 16);
 	}
-	/* compute the HMAC-SHA1 of the ciphertext */
+	/* 计算密文的 HMAC-SHA1 */
 	buffer[blk_len] = (send_ctx.p_cntr << 24) & 0xFF;
 	buffer[blk_len + 1] = (send_ctx.p_cntr << 16) & 0xFF;
@ -264,11 +264,11 @@ int pel_send_msg(int sockfd, unsigned char *msg, int length)
 	sha1_update(&sha1_ctx, digest, 20);
 	sha1_finish(&sha1_ctx, &buffer[blk_len]);
-	/* increment the packet counter */
+	/* 增加数据包计数器 */
 	send_ctx.p_cntr++;
-	/* transmit ciphertext and message authentication code */
+	/* 传输密文和消息认证码 */
 	ret = pel_send_all(sockfd, buffer, blk_len + 20, 0);
@ -280,7 +280,7 @@ int pel_send_msg(int sockfd, unsigned char *msg, int length)
 	return (PEL_SUCCESS);
 }
-/* receive and decrypt a message */
+/* 接收并解密消息 */
 int pel_recv_msg(int sockfd, unsigned char *msg, int *length)
 {
@ -290,14 +290,14 @@ int pel_recv_msg(int sockfd, unsigned char *msg, int *length)
 	struct sha1_context sha1_ctx;
 	int i, j, ret, blk_len;
-	/* receive the first encrypted block */
+	/* 接收第一个加密块 */
 	ret = pel_recv_all(sockfd, buffer, 16, 0);
 	if (ret != PEL_SUCCESS)
 		return (PEL_FAILURE);
-	/* decrypt this block and extract the message length */
+	/* 解密该块并提取消息长度 */
 	memcpy(temp, buffer, 16);
@ -309,11 +309,11 @@ int pel_recv_msg(int sockfd, unsigned char *msg, int *length)
 	*length = (((int)buffer[0]) << 8) + (int)buffer[1];
-	/* restore the ciphertext */
+	/* 恢复密文 */
 	memcpy(buffer, temp, 16);
-	/* verify the message length */
+	/* 验证消息长度 */
 	if (*length <= 0 || *length > BUFSIZE) {
 		pel_errno = PEL_BAD_MSG_LENGTH;
@ -321,7 +321,7 @@ int pel_recv_msg(int sockfd, unsigned char *msg, int *length)
 		return (PEL_FAILURE);
 	}
-	/* round up to AES block length (16 bytes) */
+	/* 向上取整到 AES 块长度 (16 字节) */
 	blk_len = 2 + *length;
@ -329,7 +329,7 @@ int pel_recv_msg(int sockfd, unsigned char *msg, int *length)
 		blk_len += 16 - (blk_len & 0x0F);
 	}
-	/* receive the remaining ciphertext and the mac */
+	/* 接收剩余的密文和 mac */
 	ret = pel_recv_all(sockfd, &buffer[16], blk_len - 16 + 20, 0);
@ -338,7 +338,7 @@ int pel_recv_msg(int sockfd, unsigned char *msg, int *length)
 	memcpy(hmac, &buffer[blk_len], 20);
-	/* verify the ciphertext integrity */
+	/* 验证密文完整性 */
 	buffer[blk_len] = (recv_ctx.p_cntr << 24) & 0xFF;
 	buffer[blk_len + 1] = (recv_ctx.p_cntr << 16) & 0xFF;
@ -361,11 +361,11 @@ int pel_recv_msg(int sockfd, unsigned char *msg, int *length)
 		return (PEL_FAILURE);
 	}
-	/* increment the packet counter */
+	/* 增加数据包计数器 */
 	recv_ctx.p_cntr++;
-	/* finally, decrypt and copy the message */
+	/* 最后，解密并复制消息 */
 	for (i = 0; i < blk_len; i += 16) {
 		memcpy(temp, &buffer[i], 16);
@ -386,7 +386,7 @@ int pel_recv_msg(int sockfd, unsigned char *msg, int *length)
 	return (PEL_SUCCESS);
 }
-/* send/recv wrappers to handle fragmented TCP packets */
+/* 发送/接收包装器以处理分段的 TCP 数据包 */
 int pel_send_all(int s, void *buf, size_t len, int flags)
 {