- djm@cvs.openbsd.org 2005/11/04 05:15:59

[kex.c kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c] remove hardcoded hash lengths in key exchange code, allowing implementation of KEX methods with different hashes (e.g. SHA-256); ok markus@ dtucker@ stevesk@
author: Damien Miller <djm@mindrot.org> 2005-11-05 15:19:35 +1100
committer: Damien Miller <djm@mindrot.org> 2005-11-05 15:19:35 +1100
commit: 19bb3a57f88adc789d61964fcb8f50165026b322 (patch)
tree: ba18e185c014c1da12ce4422a7e7bad9e71725f5 /kexgex.c
parent: 24ecf612614d83622d9777349b4ecd21ee22bb2a (diff)
1 files changed, 9 insertions, 7 deletions
diff --git a/kexgex.c b/kexgex.c
index b0c39c8cb..705484a47 100644
--- a/kexgex.c
+++ b/kexgex.c
@@ -24,7 +24,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: kexgex.c,v 1.23 2003/02/16 17:09:57 markus Exp $");
+RCSID("$OpenBSD: kexgex.c,v 1.24 2005/11/04 05:15:59 djm Exp $");
 #include <openssl/evp.h>
@@ -33,8 +33,9 @@ RCSID("$OpenBSD: kexgex.c,v 1.23 2003/02/16 17:09:57 markus Exp $");
 #include "kex.h"
 #include "ssh2.h"
-u_char *
+void
 kexgex_hash(
+    const EVP_MD *evp_md,
    char *client_version_string,
    char *server_version_string,
    char *ckexinit, int ckexinitlen,
@@ -43,11 +44,11 @@ kexgex_hash(
    int min, int wantbits, int max, BIGNUM *prime, BIGNUM *gen,
    BIGNUM *client_dh_pub,
    BIGNUM *server_dh_pub,
-    BIGNUM *shared_secret)
+    BIGNUM *shared_secret,
+    u_char **hash, u_int *hashlen)
 {
        Buffer b;
        static u_char digest[EVP_MAX_MD_SIZE];
-        const EVP_MD *evp_md = EVP_sha1();
        EVP_MD_CTX md;
        buffer_init(&b);
@@ -79,14 +80,15 @@ kexgex_hash(
 #ifdef DEBUG_KEXDH
        buffer_dump(&b);
 #endif
        EVP_DigestInit(&md, evp_md);
        EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
        EVP_DigestFinal(&md, digest, NULL);
        buffer_free(&b);
+        *hash = digest;
+        *hashlen = EVP_MD_size(evp_md);
 #ifdef DEBUG_KEXDH
-        dump_digest("hash", digest, EVP_MD_size(evp_md));
+        dump_digest("hash", digest, *hashlen);
 #endif
-        return digest;
 }
author	Damien Miller <djm@mindrot.org>	2005-11-05 15:19:35 +1100
committer	Damien Miller <djm@mindrot.org>	2005-11-05 15:19:35 +1100
commit	19bb3a57f88adc789d61964fcb8f50165026b322 (patch)
tree	ba18e185c014c1da12ce4422a7e7bad9e71725f5 /kexgex.c
parent	24ecf612614d83622d9777349b4ecd21ee22bb2a (diff)

diff --git a/kexgex.c b/kexgex.c index b0c39c8cb..705484a47 100644 --- a/kexgex.c +++ b/kexgex.c
@@ -24,7 +24,7 @@
24	*/	24	*/
25		25
26	#include "includes.h"	26	#include "includes.h"
27	RCSID("$OpenBSD: kexgex.c,v 1.23 2003/02/16 17:09:57 markus Exp $");	27	RCSID("$OpenBSD: kexgex.c,v 1.24 2005/11/04 05:15:59 djm Exp $");
28		28
29	#include <openssl/evp.h>	29	#include <openssl/evp.h>
30		30
@@ -33,8 +33,9 @@ RCSID("$OpenBSD: kexgex.c,v 1.23 2003/02/16 17:09:57 markus Exp $");
33	#include "kex.h"	33	#include "kex.h"
34	#include "ssh2.h"	34	#include "ssh2.h"
35		35
36	u_char *	36	void
37	kexgex_hash(	37	kexgex_hash(
		38	const EVP_MD *evp_md,
38	char *client_version_string,	39	char *client_version_string,
39	char *server_version_string,	40	char *server_version_string,
40	char *ckexinit, int ckexinitlen,	41	char *ckexinit, int ckexinitlen,
@@ -43,11 +44,11 @@ kexgex_hash(
43	int min, int wantbits, int max, BIGNUM prime, BIGNUM gen,	44	int min, int wantbits, int max, BIGNUM prime, BIGNUM gen,
44	BIGNUM *client_dh_pub,	45	BIGNUM *client_dh_pub,
45	BIGNUM *server_dh_pub,	46	BIGNUM *server_dh_pub,
46	BIGNUM *shared_secret)	47	BIGNUM *shared_secret,
		48	u_char *hash, u_int hashlen)
47	{	49	{
48	Buffer b;	50	Buffer b;
49	static u_char digest[EVP_MAX_MD_SIZE];	51	static u_char digest[EVP_MAX_MD_SIZE];
50	const EVP_MD *evp_md = EVP_sha1();
51	EVP_MD_CTX md;	52	EVP_MD_CTX md;
52		53
53	buffer_init(&b);	54	buffer_init(&b);
@@ -79,14 +80,15 @@ kexgex_hash(
79	#ifdef DEBUG_KEXDH	80	#ifdef DEBUG_KEXDH
80	buffer_dump(&b);	81	buffer_dump(&b);
81	#endif	82	#endif
		83
82	EVP_DigestInit(&md, evp_md);	84	EVP_DigestInit(&md, evp_md);
83	EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));	85	EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
84	EVP_DigestFinal(&md, digest, NULL);	86	EVP_DigestFinal(&md, digest, NULL);
85		87
86	buffer_free(&b);	88	buffer_free(&b);
87		89	*hash = digest;
		90	*hashlen = EVP_MD_size(evp_md);
88	#ifdef DEBUG_KEXDH	91	#ifdef DEBUG_KEXDH
89	dump_digest("hash", digest, EVP_MD_size(evp_md));	92	dump_digest("hash", digest, *hashlen);
90	#endif	93	#endif
91	return digest;
92	}	94	}