summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog8
-rw-r--r--kex.c7
-rw-r--r--kex.h4
-rw-r--r--md-sha256.c71
-rw-r--r--monitor.c9
-rw-r--r--myproposal.h10
-rw-r--r--ssh-keyscan.c3
-rw-r--r--sshconnect2.c3
-rw-r--r--sshd.c1
9 files changed, 105 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog
index 3064b306d..3cd994f2c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -236,6 +236,12 @@
236 - markus@cvs.openbsd.org 2006/03/14 16:32:48 236 - markus@cvs.openbsd.org 2006/03/14 16:32:48
237 [ssh_config.5 sshd_config.5] 237 [ssh_config.5 sshd_config.5]
238 *AliveCountMax applies to protcol v2 only; ok dtucker, djm 238 *AliveCountMax applies to protcol v2 only; ok dtucker, djm
239 - djm@cvs.openbsd.org 2006/03/07 09:07:40
240 [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
241 Implement the diffie-hellman-group-exchange-sha256 key exchange method
242 using the SHA256 code in libc (and wrapper to make it into an OpenSSL
243 EVP), interop tested against CVS PuTTY
244 NB. no portability bits committed yet
239 245
24020060313 24620060313
241 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong) 247 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@@ -4137,4 +4143,4 @@
4137 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 4143 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
4138 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 4144 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
4139 4145
4140$Id: ChangeLog,v 1.4206 2006/03/15 01:06:55 djm Exp $ 4146$Id: ChangeLog,v 1.4207 2006/03/15 01:08:28 djm Exp $
diff --git a/kex.c b/kex.c
index cd71be9ca..175613b40 100644
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $"); 26RCSID("$OpenBSD: kex.c,v 1.66 2006/03/07 09:07:40 djm Exp $");
27 27
28#include <openssl/crypto.h> 28#include <openssl/crypto.h>
29 29
@@ -44,6 +44,8 @@ RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $");
44 44
45#define KEX_COOKIE_LEN 16 45#define KEX_COOKIE_LEN 16
46 46
47extern const EVP_MD *evp_ssh_sha256(void);
48
47/* prototype */ 49/* prototype */
48static void kex_kexinit_finish(Kex *); 50static void kex_kexinit_finish(Kex *);
49static void kex_choose_conf(Kex *); 51static void kex_choose_conf(Kex *);
@@ -301,6 +303,9 @@ choose_kex(Kex *k, char *client, char *server)
301 } else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) { 303 } else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
302 k->kex_type = KEX_DH_GEX_SHA1; 304 k->kex_type = KEX_DH_GEX_SHA1;
303 k->evp_md = EVP_sha1(); 305 k->evp_md = EVP_sha1();
306 } else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
307 k->kex_type = KEX_DH_GEX_SHA256;
308 k->evp_md = evp_ssh_sha256();
304 } else 309 } else
305 fatal("bad kex alg %s", k->name); 310 fatal("bad kex alg %s", k->name);
306} 311}
diff --git a/kex.h b/kex.h
index bbd931e04..e2ba0a98f 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.h,v 1.38 2005/11/04 05:15:59 djm Exp $ */ 1/* $OpenBSD: kex.h,v 1.39 2006/03/07 09:07:40 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -34,6 +34,7 @@
34#define KEX_DH1 "diffie-hellman-group1-sha1" 34#define KEX_DH1 "diffie-hellman-group1-sha1"
35#define KEX_DH14 "diffie-hellman-group14-sha1" 35#define KEX_DH14 "diffie-hellman-group14-sha1"
36#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" 36#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
37#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
37 38
38#define COMP_NONE 0 39#define COMP_NONE 0
39#define COMP_ZLIB 1 40#define COMP_ZLIB 1
@@ -63,6 +64,7 @@ enum kex_exchange {
63 KEX_DH_GRP1_SHA1, 64 KEX_DH_GRP1_SHA1,
64 KEX_DH_GRP14_SHA1, 65 KEX_DH_GRP14_SHA1,
65 KEX_DH_GEX_SHA1, 66 KEX_DH_GEX_SHA1,
67 KEX_DH_GEX_SHA256,
66 KEX_MAX 68 KEX_MAX
67}; 69};
68 70
diff --git a/md-sha256.c b/md-sha256.c
new file mode 100644
index 000000000..08848f841
--- /dev/null
+++ b/md-sha256.c
@@ -0,0 +1,71 @@
1/*
2 * Copyright (c) 2005 Damien Miller <djm@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17/* EVP wrapper for SHA256 */
18
19#include "includes.h"
20#include <openssl/evp.h>
21#include <sha2.h>
22
23RCSID("$OpenBSD: md-sha256.c,v 1.1 2006/03/07 09:07:40 djm Exp $");
24
25const EVP_MD *evp_ssh_sha256(void);
26
27static int
28ssh_sha256_init(EVP_MD_CTX *ctxt)
29{
30 SHA256_Init(ctxt->md_data);
31 return (1);
32}
33
34static int
35ssh_sha256_update(EVP_MD_CTX *ctxt, const void *data, unsigned long len)
36{
37 SHA256_Update(ctxt->md_data, data, len);
38 return (1);
39}
40
41static int
42ssh_sha256_final(EVP_MD_CTX *ctxt, unsigned char *digest)
43{
44 SHA256_Final(digest, ctxt->md_data);
45 return (1);
46}
47
48static int
49ssh_sha256_cleanup(EVP_MD_CTX *ctxt)
50{
51 memset(ctxt->md_data, 0, sizeof(SHA256_CTX));
52 return (1);
53}
54
55const EVP_MD *
56evp_ssh_sha256(void)
57{
58 static EVP_MD ssh_sha256;
59
60 memset(&ssh_sha256, 0, sizeof(ssh_sha256));
61 ssh_sha256.type = NID_undef;
62 ssh_sha256.md_size = SHA256_DIGEST_LENGTH;
63 ssh_sha256.init = ssh_sha256_init;
64 ssh_sha256.update = ssh_sha256_update;
65 ssh_sha256.final = ssh_sha256_final;
66 ssh_sha256.cleanup = ssh_sha256_cleanup;
67 ssh_sha256.block_size = SHA256_BLOCK_LENGTH;
68 ssh_sha256.ctx_size = sizeof(SHA256_CTX);
69
70 return (&ssh_sha256);
71}
diff --git a/monitor.c b/monitor.c
index 3260d473d..30849a371 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
25 */ 25 */
26 26
27#include "includes.h" 27#include "includes.h"
28RCSID("$OpenBSD: monitor.c,v 1.68 2006/02/20 17:02:44 stevesk Exp $"); 28RCSID("$OpenBSD: monitor.c,v 1.69 2006/03/07 09:07:40 djm Exp $");
29 29
30#include <sys/types.h> 30#include <sys/types.h>
31#include <sys/wait.h> 31#include <sys/wait.h>
@@ -543,7 +543,11 @@ mm_answer_sign(int sock, Buffer *m)
543 keyid = buffer_get_int(m); 543 keyid = buffer_get_int(m);
544 p = buffer_get_string(m, &datlen); 544 p = buffer_get_string(m, &datlen);
545 545
546 if (datlen != 20) 546 /*
547 * Supported KEX types will only return SHA1 (20 byte) or
548 * SHA256 (32 byte) hashes
549 */
550 if (datlen != 20 && datlen != 32)
547 fatal("%s: data length incorrect: %u", __func__, datlen); 551 fatal("%s: data length incorrect: %u", __func__, datlen);
548 552
549 /* save session id, it will be passed on the first call */ 553 /* save session id, it will be passed on the first call */
@@ -1627,6 +1631,7 @@ mm_get_kex(Buffer *m)
1627 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 1631 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
1628 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; 1632 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
1629 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; 1633 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
1634 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
1630 kex->server = 1; 1635 kex->server = 1;
1631 kex->hostkey_type = buffer_get_int(m); 1636 kex->hostkey_type = buffer_get_int(m);
1632 kex->kex_type = buffer_get_int(m); 1637 kex->kex_type = buffer_get_int(m);
diff --git a/myproposal.h b/myproposal.h
index d8cba1caf..cc94a8ed2 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: myproposal.h,v 1.18 2005/07/25 11:59:39 markus Exp $ */ 1/* $OpenBSD: myproposal.h,v 1.19 2006/03/07 09:07:40 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -23,9 +23,11 @@
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */ 25 */
26#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1," \ 26#define KEX_DEFAULT_KEX \
27 "diffie-hellman-group14-sha1," \ 27 "diffie-hellman-group-exchange-sha256," \
28 "diffie-hellman-group1-sha1" 28 "diffie-hellman-group-exchange-sha1," \
29 "diffie-hellman-group14-sha1," \
30 "diffie-hellman-group1-sha1"
29#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" 31#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"
30#define KEX_DEFAULT_ENCRYPT \ 32#define KEX_DEFAULT_ENCRYPT \
31 "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ 33 "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 13e7c721c..f05c4697c 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -7,7 +7,7 @@
7 */ 7 */
8 8
9#include "includes.h" 9#include "includes.h"
10RCSID("$OpenBSD: ssh-keyscan.c,v 1.59 2006/02/08 14:31:30 stevesk Exp $"); 10RCSID("$OpenBSD: ssh-keyscan.c,v 1.60 2006/03/07 09:07:40 djm Exp $");
11 11
12#include "openbsd-compat/sys-queue.h" 12#include "openbsd-compat/sys-queue.h"
13#include <sys/resource.h> 13#include <sys/resource.h>
@@ -351,6 +351,7 @@ keygrab_ssh2(con *c)
351 c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; 351 c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
352 c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; 352 c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
353 c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; 353 c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
354 c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
354 c->c_kex->verify_host_key = hostjump; 355 c->c_kex->verify_host_key = hostjump;
355 356
356 if (!(j = setjmp(kexjmp))) { 357 if (!(j = setjmp(kexjmp))) {
diff --git a/sshconnect2.c b/sshconnect2.c
index f2776edb7..b01a3ca5b 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: sshconnect2.c,v 1.146 2006/02/20 17:19:54 stevesk Exp $"); 26RCSID("$OpenBSD: sshconnect2.c,v 1.147 2006/03/07 09:07:40 djm Exp $");
27 27
28#include <sys/types.h> 28#include <sys/types.h>
29#include <sys/wait.h> 29#include <sys/wait.h>
@@ -127,6 +127,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
127 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; 127 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
128 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; 128 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
129 kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; 129 kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
130 kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
130 kex->client_version_string=client_version_string; 131 kex->client_version_string=client_version_string;
131 kex->server_version_string=server_version_string; 132 kex->server_version_string=server_version_string;
132 kex->verify_host_key=&verify_host_key_callback; 133 kex->verify_host_key=&verify_host_key_callback;
diff --git a/sshd.c b/sshd.c
index 19c2d96ad..6f458eb3b 100644
--- a/sshd.c
+++ b/sshd.c
@@ -2042,6 +2042,7 @@ do_ssh2_kex(void)
2042 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 2042 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
2043 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; 2043 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
2044 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; 2044 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
2045 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
2045 kex->server = 1; 2046 kex->server = 1;
2046 kex->client_version_string=client_version_string; 2047 kex->client_version_string=client_version_string;
2047 kex->server_version_string=server_version_string; 2048 kex->server_version_string=server_version_string;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 02:13:50 +0000