summaryrefslogtreecommitdiff
path: root/kex.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2005-01-04 13:07:27 +0000
committerColin Watson <cjwatson@debian.org>2005-01-04 13:07:27 +0000
commitfd0f611b70a83d80fe8793af785542ee5541b7cd (patch)
treebededd22bb7eeec52e20083237ab7e4113445a16 /kex.c
parentc44fe9a5b9d3db96a7249b04d915f17e4a3a3b04 (diff)
parentebd2ce335af5861020c79fddb1ae35c03bf036cf (diff)
Merge 3.9p1 to the trunk.
Diffstat (limited to 'kex.c')
-rw-r--r--kex.c45
1 files changed, 40 insertions, 5 deletions
diff --git a/kex.c b/kex.c
index 5a952c9c2..a668346c3 100644
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: kex.c,v 1.56 2003/11/21 11:57:03 djm Exp $"); 26RCSID("$OpenBSD: kex.c,v 1.60 2004/06/21 17:36:31 avsm Exp $");
27 27
28#include <openssl/crypto.h> 28#include <openssl/crypto.h>
29 29
@@ -148,7 +148,7 @@ kex_finish(Kex *kex)
148void 148void
149kex_send_kexinit(Kex *kex) 149kex_send_kexinit(Kex *kex)
150{ 150{
151 u_int32_t rand = 0; 151 u_int32_t rnd = 0;
152 u_char *cookie; 152 u_char *cookie;
153 int i; 153 int i;
154 154
@@ -168,9 +168,9 @@ kex_send_kexinit(Kex *kex)
168 cookie = buffer_ptr(&kex->my); 168 cookie = buffer_ptr(&kex->my);
169 for (i = 0; i < KEX_COOKIE_LEN; i++) { 169 for (i = 0; i < KEX_COOKIE_LEN; i++) {
170 if (i % 4 == 0) 170 if (i % 4 == 0)
171 rand = arc4random(); 171 rnd = arc4random();
172 cookie[i] = rand; 172 cookie[i] = rnd;
173 rand >>= 8; 173 rnd >>= 8;
174 } 174 }
175 packet_start(SSH2_MSG_KEXINIT); 175 packet_start(SSH2_MSG_KEXINIT);
176 packet_put_raw(buffer_ptr(&kex->my), buffer_len(&kex->my)); 176 packet_put_raw(buffer_ptr(&kex->my), buffer_len(&kex->my));
@@ -293,6 +293,8 @@ choose_kex(Kex *k, char *client, char *server)
293 fatal("no kex alg"); 293 fatal("no kex alg");
294 if (strcmp(k->name, KEX_DH1) == 0) { 294 if (strcmp(k->name, KEX_DH1) == 0) {
295 k->kex_type = KEX_DH_GRP1_SHA1; 295 k->kex_type = KEX_DH_GRP1_SHA1;
296 } else if (strcmp(k->name, KEX_DH14) == 0) {
297 k->kex_type = KEX_DH_GRP14_SHA1;
296 } else if (strcmp(k->name, KEX_DHGEX) == 0) { 298 } else if (strcmp(k->name, KEX_DHGEX) == 0) {
297 k->kex_type = KEX_DH_GEX_SHA1; 299 k->kex_type = KEX_DH_GEX_SHA1;
298 } else 300 } else
@@ -479,6 +481,39 @@ kex_get_newkeys(int mode)
479 return ret; 481 return ret;
480} 482}
481 483
484void
485derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus,
486 u_int8_t cookie[8], u_int8_t id[16])
487{
488 const EVP_MD *evp_md = EVP_md5();
489 EVP_MD_CTX md;
490 u_int8_t nbuf[2048], obuf[EVP_MAX_MD_SIZE];
491 int len;
492
493 EVP_DigestInit(&md, evp_md);
494
495 len = BN_num_bytes(host_modulus);
496 if (len < (512 / 8) || len > sizeof(nbuf))
497 fatal("%s: bad host modulus (len %d)", __func__, len);
498 BN_bn2bin(host_modulus, nbuf);
499 EVP_DigestUpdate(&md, nbuf, len);
500
501 len = BN_num_bytes(server_modulus);
502 if (len < (512 / 8) || len > sizeof(nbuf))
503 fatal("%s: bad server modulus (len %d)", __func__, len);
504 BN_bn2bin(server_modulus, nbuf);
505 EVP_DigestUpdate(&md, nbuf, len);
506
507 EVP_DigestUpdate(&md, cookie, 8);
508
509 EVP_DigestFinal(&md, obuf, NULL);
510 memcpy(id, obuf, 16);
511
512 memset(nbuf, 0, sizeof(nbuf));
513 memset(obuf, 0, sizeof(obuf));
514 memset(&md, 0, sizeof(md));
515}
516
482#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) 517#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH)
483void 518void
484dump_digest(char *msg, u_char *digest, int len) 519dump_digest(char *msg, u_char *digest, int len)
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-18 05:45:09 +0000