- markus@cvs.openbsd.org 2001/03/05 17:17:21

[kex.c kex.h sshconnect2.c sshd.c] generate a 2*need size (~300 instead of 1024/2048) random private exponent during the DH key agreement. according to Niels (the great german advisor) this is safe since /etc/primes contains strong primes only. References: P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key agreement with short exponents, In Advances in Cryptology - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
author: Ben Lindstrom <mouring@eviladmin.org> 2001-03-06 01:09:20 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-03-06 01:09:20 +0000
commit: 4c4f05e09647ec68becba9664b6b84e643fc0578 (patch)
tree: b80be6bceb955898948ef10527b43fc4cf005d8e /sshd.c
parent: c78a187b1776cb45c07a4a138946f8370ed6e71d (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/sshd.c b/sshd.c
index 838ac0d73..fcb06e0d5 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.172 2001/03/04 17:42:28 millert Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.173 2001/03/05 17:17:21 markus Exp $");
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -1519,7 +1519,7 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
 /* KEXDH */
        /* generate DH key */
        dh = dh_new_group1();                   /* XXX depends on 'kex' */
-        dh_gen_key(dh);
+        dh_gen_key(dh, kex->we_need * 8);
        debug("Wait SSH2_MSG_KEXDH_INIT.");
        packet_read_expect(&payload_len, SSH2_MSG_KEXDH_INIT);
@@ -1662,7 +1662,7 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
        /* Compute our exchange value in parallel with the client */
-        dh_gen_key(dh);
+        dh_gen_key(dh, kex->we_need * 8);
        debug("Wait SSH2_MSG_KEX_DH_GEX_INIT.");
        packet_read_expect(&payload_len, SSH2_MSG_KEX_DH_GEX_INIT);
author	Ben Lindstrom <mouring@eviladmin.org>	2001-03-06 01:09:20 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-03-06 01:09:20 +0000
commit	4c4f05e09647ec68becba9664b6b84e643fc0578 (patch)
tree	b80be6bceb955898948ef10527b43fc4cf005d8e /sshd.c
parent	c78a187b1776cb45c07a4a138946f8370ed6e71d (diff)

diff --git a/sshd.c b/sshd.c index 838ac0d73..fcb06e0d5 100644 --- a/sshd.c +++ b/sshd.c
@@ -40,7 +40,7 @@
40	*/	40	*/
41		41
42	#include "includes.h"	42	#include "includes.h"
43	RCSID("$OpenBSD: sshd.c,v 1.172 2001/03/04 17:42:28 millert Exp $");	43	RCSID("$OpenBSD: sshd.c,v 1.173 2001/03/05 17:17:21 markus Exp $");
44		44
45	#include <openssl/dh.h>	45	#include <openssl/dh.h>
46	#include <openssl/bn.h>	46	#include <openssl/bn.h>
@@ -1519,7 +1519,7 @@ ssh_dh1_server(Kex kex, Buffer client_kexinit, Buffer *server_kexinit)
1519	/* KEXDH */	1519	/* KEXDH */
1520	/* generate DH key */	1520	/* generate DH key */
1521	dh = dh_new_group1(); /* XXX depends on 'kex' */	1521	dh = dh_new_group1(); /* XXX depends on 'kex' */
1522	dh_gen_key(dh);	1522	dh_gen_key(dh, kex->we_need * 8);
1523		1523
1524	debug("Wait SSH2_MSG_KEXDH_INIT.");	1524	debug("Wait SSH2_MSG_KEXDH_INIT.");
1525	packet_read_expect(&payload_len, SSH2_MSG_KEXDH_INIT);	1525	packet_read_expect(&payload_len, SSH2_MSG_KEXDH_INIT);
@@ -1662,7 +1662,7 @@ ssh_dhgex_server(Kex kex, Buffer client_kexinit, Buffer *server_kexinit)
1662		1662
1663	/* Compute our exchange value in parallel with the client */	1663	/* Compute our exchange value in parallel with the client */
1664		1664
1665	dh_gen_key(dh);	1665	dh_gen_key(dh, kex->we_need * 8);
1666		1666
1667	debug("Wait SSH2_MSG_KEX_DH_GEX_INIT.");	1667	debug("Wait SSH2_MSG_KEX_DH_GEX_INIT.");
1668	packet_read_expect(&payload_len, SSH2_MSG_KEX_DH_GEX_INIT);	1668	packet_read_expect(&payload_len, SSH2_MSG_KEX_DH_GEX_INIT);