diff options
author | Damien Miller <djm@mindrot.org> | 2014-01-12 19:21:22 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-01-12 19:21:22 +1100 |
commit | 91b580e4bec55118bf96ab3cdbe5a50839e75d0a (patch) | |
tree | 32e4083c5a8cd285e1b0b13f9b77992db535cba4 /kex.c | |
parent | af5d4481f4c7c8c3c746e68b961bb85ef907800e (diff) |
- djm@cvs.openbsd.org 2014/01/12 08:13:13
[bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c]
[kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c]
avoid use of OpenSSL BIGNUM type and functions for KEX with
Curve25519 by adding a buffer_put_bignum2_from_string() that stores
a string using the bignum encoding rules. Will make it easier to
build a reduced-feature OpenSSH without OpenSSL in the future;
ok markus@
Diffstat (limited to 'kex.c')
-rw-r--r-- | kex.c | 23 |
1 files changed, 18 insertions, 5 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.94 2014/01/09 23:20:00 djm Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.95 2014/01/12 08:13:13 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -534,7 +534,7 @@ kex_choose_conf(Kex *kex) | |||
534 | 534 | ||
535 | static u_char * | 535 | static u_char * |
536 | derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, | 536 | derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, |
537 | BIGNUM *shared_secret) | 537 | const u_char *shared_secret, u_int slen) |
538 | { | 538 | { |
539 | Buffer b; | 539 | Buffer b; |
540 | struct ssh_digest_ctx *hashctx; | 540 | struct ssh_digest_ctx *hashctx; |
@@ -548,7 +548,7 @@ derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, | |||
548 | digest = xmalloc(roundup(need, mdsz)); | 548 | digest = xmalloc(roundup(need, mdsz)); |
549 | 549 | ||
550 | buffer_init(&b); | 550 | buffer_init(&b); |
551 | buffer_put_bignum2(&b, shared_secret); | 551 | buffer_append(&b, shared_secret, slen); |
552 | 552 | ||
553 | /* K1 = HASH(K || H || "A" || session_id) */ | 553 | /* K1 = HASH(K || H || "A" || session_id) */ |
554 | if ((hashctx = ssh_digest_start(kex->hash_alg)) == NULL) | 554 | if ((hashctx = ssh_digest_start(kex->hash_alg)) == NULL) |
@@ -591,14 +591,15 @@ Newkeys *current_keys[MODE_MAX]; | |||
591 | 591 | ||
592 | #define NKEYS 6 | 592 | #define NKEYS 6 |
593 | void | 593 | void |
594 | kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret) | 594 | kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, |
595 | const u_char *shared_secret, u_int slen) | ||
595 | { | 596 | { |
596 | u_char *keys[NKEYS]; | 597 | u_char *keys[NKEYS]; |
597 | u_int i, mode, ctos; | 598 | u_int i, mode, ctos; |
598 | 599 | ||
599 | for (i = 0; i < NKEYS; i++) { | 600 | for (i = 0; i < NKEYS; i++) { |
600 | keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, hashlen, | 601 | keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, hashlen, |
601 | shared_secret); | 602 | shared_secret, slen); |
602 | } | 603 | } |
603 | 604 | ||
604 | debug2("kex_derive_keys"); | 605 | debug2("kex_derive_keys"); |
@@ -613,6 +614,18 @@ kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret) | |||
613 | } | 614 | } |
614 | } | 615 | } |
615 | 616 | ||
617 | void | ||
618 | kex_derive_keys_bn(Kex *kex, u_char *hash, u_int hashlen, const BIGNUM *secret) | ||
619 | { | ||
620 | Buffer shared_secret; | ||
621 | |||
622 | buffer_init(&shared_secret); | ||
623 | buffer_put_bignum2(&shared_secret, secret); | ||
624 | kex_derive_keys(kex, hash, hashlen, | ||
625 | buffer_ptr(&shared_secret), buffer_len(&shared_secret)); | ||
626 | buffer_free(&shared_secret); | ||
627 | } | ||
628 | |||
616 | Newkeys * | 629 | Newkeys * |
617 | kex_get_newkeys(int mode) | 630 | kex_get_newkeys(int mode) |
618 | { | 631 | { |