upstream: pass values used in KEX hash computation as sshbuf

rather than pointer+len suggested by me; implemented by markus@ ok me OpenBSD-Commit-ID: 994f33c464f4a9e0f1d21909fa3e379f5a0910f0
author: djm@openbsd.org <djm@openbsd.org> 2019-01-21 10:35:09 +0000
committer: Damien Miller <djm@mindrot.org> 2019-01-21 23:13:03 +1100
commit: 71e67fff946396caa110a7964da23480757258ff (patch)
tree: 07cae7bce377241a7b61195d0810ec91d953685e /kexecdh.c
parent: 4b83e2a2cc0c12e671a77eaba1c1245894f4e884 (diff)
1 files changed, 8 insertions, 10 deletions
diff --git a/kexecdh.c b/kexecdh.c
index 263f9fd87..ae9018773 100644
--- a/kexecdh.c
+++ b/kexecdh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexecdh.c,v 1.8 2019/01/21 10:29:56 djm Exp $ */
+/* $OpenBSD: kexecdh.c,v 1.9 2019/01/21 10:35:09 djm Exp $ */
 /*
 * Copyright (c) 2010 Damien Miller.  All rights reserved.
 * Copyright (c) 2019 Markus Friedl.  All rights reserved.
@@ -43,7 +43,7 @@
 #include "ssherr.h"
 static int
-kex_ecdh_dec_key_group(struct kex *, const u_char *, size_t, EC_KEY *key,
+kex_ecdh_dec_key_group(struct kex *, const struct sshbuf *, EC_KEY *key,
    const EC_GROUP *, struct sshbuf **);
 int
@@ -89,7 +89,7 @@ kex_ecdh_keypair(struct kex *kex)
 }
 int
-kex_ecdh_enc(struct kex *kex, const u_char *pkblob, size_t pklen,
+kex_ecdh_enc(struct kex *kex, const struct sshbuf *client_blob,
    struct sshbuf **server_blobp, struct sshbuf **shared_secretp)
 {
        const EC_GROUP *group;
@@ -123,7 +123,7 @@ kex_ecdh_enc(struct kex *kex, const u_char *pkblob, size_t pklen,
        if ((r = sshbuf_put_ec(server_blob, pub_key, group)) != 0 ||
            (r = sshbuf_get_u32(server_blob, NULL)) != 0)
                goto out;
-        if ((r = kex_ecdh_dec_key_group(kex, pkblob, pklen, server_key, group,
+        if ((r = kex_ecdh_dec_key_group(kex, client_blob, server_key, group,
            shared_secretp)) != 0)
                goto out;
        *server_blobp = server_blob;
@@ -135,7 +135,7 @@ kex_ecdh_enc(struct kex *kex, const u_char *pkblob, size_t pklen,
 }
 static int
-kex_ecdh_dec_key_group(struct kex *kex, const u_char *pkblob, size_t pklen,
+kex_ecdh_dec_key_group(struct kex *kex, const struct sshbuf *ec_blob,
    EC_KEY *key, const EC_GROUP *group, struct sshbuf **shared_secretp)
 {
        struct sshbuf *buf = NULL;
@@ -151,10 +151,8 @@ kex_ecdh_dec_key_group(struct kex *kex, const u_char *pkblob, size_t pklen,
                r = SSH_ERR_ALLOC_FAIL;
                goto out;
        }
-        if ((r = sshbuf_put_u32(buf, pklen)) != 0 ||
+        if ((r = sshbuf_put_stringb(buf, ec_blob)) != 0)
-            (r = sshbuf_put(buf, pkblob, pklen)) != 0) {
                goto out;
-        }
        if ((dh_pub = EC_POINT_new(group)) == NULL) {
                r = SSH_ERR_ALLOC_FAIL;
                goto out;
@@ -199,12 +197,12 @@ kex_ecdh_dec_key_group(struct kex *kex, const u_char *pkblob, size_t pklen,
 }
 int
-kex_ecdh_dec(struct kex *kex, const u_char *pkblob, size_t pklen,
+kex_ecdh_dec(struct kex *kex, const struct sshbuf *server_blob,
    struct sshbuf **shared_secretp)
 {
        int r;
-        r = kex_ecdh_dec_key_group(kex, pkblob, pklen, kex->ec_client_key,
+        r = kex_ecdh_dec_key_group(kex, server_blob, kex->ec_client_key,
            kex->ec_group, shared_secretp);
        EC_KEY_free(kex->ec_client_key);
        kex->ec_client_key = NULL;
author	djm@openbsd.org <djm@openbsd.org>	2019-01-21 10:35:09 +0000
committer	Damien Miller <djm@mindrot.org>	2019-01-21 23:13:03 +1100
commit	71e67fff946396caa110a7964da23480757258ff (patch)
tree	07cae7bce377241a7b61195d0810ec91d953685e /kexecdh.c
parent	4b83e2a2cc0c12e671a77eaba1c1245894f4e884 (diff)