diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2019-01-21 10:35:09 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-01-21 23:13:03 +1100 |
| commit | 71e67fff946396caa110a7964da23480757258ff (patch) | |
| tree | 07cae7bce377241a7b61195d0810ec91d953685e /kexdh.c | |
| parent | 4b83e2a2cc0c12e671a77eaba1c1245894f4e884 (diff) | |
upstream: pass values used in KEX hash computation as sshbuf
rather than pointer+len
suggested by me; implemented by markus@ ok me
OpenBSD-Commit-ID: 994f33c464f4a9e0f1d21909fa3e379f5a0910f0
Diffstat (limited to 'kexdh.c')
| -rw-r--r-- | kexdh.c | 16 |
1 files changed, 6 insertions, 10 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kexdh.c,v 1.30 2019/01/21 10:28:01 djm Exp $ */ | 1 | /* $OpenBSD: kexdh.c,v 1.31 2019/01/21 10:35:09 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -136,7 +136,7 @@ kex_dh_keypair(struct kex *kex) | |||
| 136 | } | 136 | } |
| 137 | 137 | ||
| 138 | int | 138 | int |
| 139 | kex_dh_enc(struct kex *kex, const u_char *pkblob, size_t pklen, | 139 | kex_dh_enc(struct kex *kex, const struct sshbuf *client_blob, |
| 140 | struct sshbuf **server_blobp, struct sshbuf **shared_secretp) | 140 | struct sshbuf **server_blobp, struct sshbuf **shared_secretp) |
| 141 | { | 141 | { |
| 142 | const BIGNUM *pub_key; | 142 | const BIGNUM *pub_key; |
| @@ -156,7 +156,7 @@ kex_dh_enc(struct kex *kex, const u_char *pkblob, size_t pklen, | |||
| 156 | if ((r = sshbuf_put_bignum2(server_blob, pub_key)) != 0 || | 156 | if ((r = sshbuf_put_bignum2(server_blob, pub_key)) != 0 || |
| 157 | (r = sshbuf_get_u32(server_blob, NULL)) != 0) | 157 | (r = sshbuf_get_u32(server_blob, NULL)) != 0) |
| 158 | goto out; | 158 | goto out; |
| 159 | if ((r = kex_dh_dec(kex, pkblob, pklen, shared_secretp)) != 0) | 159 | if ((r = kex_dh_dec(kex, client_blob, shared_secretp)) != 0) |
| 160 | goto out; | 160 | goto out; |
| 161 | *server_blobp = server_blob; | 161 | *server_blobp = server_blob; |
| 162 | server_blob = NULL; | 162 | server_blob = NULL; |
| @@ -168,7 +168,7 @@ kex_dh_enc(struct kex *kex, const u_char *pkblob, size_t pklen, | |||
| 168 | } | 168 | } |
| 169 | 169 | ||
| 170 | int | 170 | int |
| 171 | kex_dh_dec(struct kex *kex, const u_char *pkblob, size_t pklen, | 171 | kex_dh_dec(struct kex *kex, const struct sshbuf *dh_blob, |
| 172 | struct sshbuf **shared_secretp) | 172 | struct sshbuf **shared_secretp) |
| 173 | { | 173 | { |
| 174 | struct sshbuf *buf = NULL; | 174 | struct sshbuf *buf = NULL; |
| @@ -181,13 +181,9 @@ kex_dh_dec(struct kex *kex, const u_char *pkblob, size_t pklen, | |||
| 181 | r = SSH_ERR_ALLOC_FAIL; | 181 | r = SSH_ERR_ALLOC_FAIL; |
| 182 | goto out; | 182 | goto out; |
| 183 | } | 183 | } |
| 184 | if ((r = sshbuf_put_u32(buf, pklen)) != 0 || | 184 | if ((r = sshbuf_put_stringb(buf, dh_blob)) != 0 || |
| 185 | (r = sshbuf_put(buf, pkblob, pklen)) != 0) { | 185 | (r = sshbuf_get_bignum2(buf, &dh_pub)) != 0) |
| 186 | goto out; | 186 | goto out; |
| 187 | } | ||
| 188 | if ((r = sshbuf_get_bignum2(buf, &dh_pub)) != 0) { | ||
| 189 | goto out; | ||
| 190 | } | ||
| 191 | sshbuf_reset(buf); | 187 | sshbuf_reset(buf); |
| 192 | if ((r = kex_dh_compute_key(kex, dh_pub, buf)) != 0) | 188 | if ((r = kex_dh_compute_key(kex, dh_pub, buf)) != 0) |
| 193 | goto out; | 189 | goto out; |