diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-01-21 10:35:09 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-01-21 23:13:03 +1100 |
commit | 71e67fff946396caa110a7964da23480757258ff (patch) | |
tree | 07cae7bce377241a7b61195d0810ec91d953685e /kexdh.c | |
parent | 4b83e2a2cc0c12e671a77eaba1c1245894f4e884 (diff) |
upstream: pass values used in KEX hash computation as sshbuf
rather than pointer+len
suggested by me; implemented by markus@ ok me
OpenBSD-Commit-ID: 994f33c464f4a9e0f1d21909fa3e379f5a0910f0
Diffstat (limited to 'kexdh.c')
-rw-r--r-- | kexdh.c | 16 |
1 files changed, 6 insertions, 10 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexdh.c,v 1.30 2019/01/21 10:28:01 djm Exp $ */ | 1 | /* $OpenBSD: kexdh.c,v 1.31 2019/01/21 10:35:09 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -136,7 +136,7 @@ kex_dh_keypair(struct kex *kex) | |||
136 | } | 136 | } |
137 | 137 | ||
138 | int | 138 | int |
139 | kex_dh_enc(struct kex *kex, const u_char *pkblob, size_t pklen, | 139 | kex_dh_enc(struct kex *kex, const struct sshbuf *client_blob, |
140 | struct sshbuf **server_blobp, struct sshbuf **shared_secretp) | 140 | struct sshbuf **server_blobp, struct sshbuf **shared_secretp) |
141 | { | 141 | { |
142 | const BIGNUM *pub_key; | 142 | const BIGNUM *pub_key; |
@@ -156,7 +156,7 @@ kex_dh_enc(struct kex *kex, const u_char *pkblob, size_t pklen, | |||
156 | if ((r = sshbuf_put_bignum2(server_blob, pub_key)) != 0 || | 156 | if ((r = sshbuf_put_bignum2(server_blob, pub_key)) != 0 || |
157 | (r = sshbuf_get_u32(server_blob, NULL)) != 0) | 157 | (r = sshbuf_get_u32(server_blob, NULL)) != 0) |
158 | goto out; | 158 | goto out; |
159 | if ((r = kex_dh_dec(kex, pkblob, pklen, shared_secretp)) != 0) | 159 | if ((r = kex_dh_dec(kex, client_blob, shared_secretp)) != 0) |
160 | goto out; | 160 | goto out; |
161 | *server_blobp = server_blob; | 161 | *server_blobp = server_blob; |
162 | server_blob = NULL; | 162 | server_blob = NULL; |
@@ -168,7 +168,7 @@ kex_dh_enc(struct kex *kex, const u_char *pkblob, size_t pklen, | |||
168 | } | 168 | } |
169 | 169 | ||
170 | int | 170 | int |
171 | kex_dh_dec(struct kex *kex, const u_char *pkblob, size_t pklen, | 171 | kex_dh_dec(struct kex *kex, const struct sshbuf *dh_blob, |
172 | struct sshbuf **shared_secretp) | 172 | struct sshbuf **shared_secretp) |
173 | { | 173 | { |
174 | struct sshbuf *buf = NULL; | 174 | struct sshbuf *buf = NULL; |
@@ -181,13 +181,9 @@ kex_dh_dec(struct kex *kex, const u_char *pkblob, size_t pklen, | |||
181 | r = SSH_ERR_ALLOC_FAIL; | 181 | r = SSH_ERR_ALLOC_FAIL; |
182 | goto out; | 182 | goto out; |
183 | } | 183 | } |
184 | if ((r = sshbuf_put_u32(buf, pklen)) != 0 || | 184 | if ((r = sshbuf_put_stringb(buf, dh_blob)) != 0 || |
185 | (r = sshbuf_put(buf, pkblob, pklen)) != 0) { | 185 | (r = sshbuf_get_bignum2(buf, &dh_pub)) != 0) |
186 | goto out; | 186 | goto out; |
187 | } | ||
188 | if ((r = sshbuf_get_bignum2(buf, &dh_pub)) != 0) { | ||
189 | goto out; | ||
190 | } | ||
191 | sshbuf_reset(buf); | 187 | sshbuf_reset(buf); |
192 | if ((r = kex_dh_compute_key(kex, dh_pub, buf)) != 0) | 188 | if ((r = kex_dh_compute_key(kex, dh_pub, buf)) != 0) |
193 | goto out; | 189 | goto out; |