1 files changed, 1 insertions, 109 deletions
diff --git a/kex.c b/kex.c
index 38c813d8b..576d4b56e 100644
--- a/kex.c
+++ b/kex.c
@@ -23,12 +23,11 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.24 2001/03/28 21:59:40 provos Exp $");
+RCSID("$OpenBSD: kex.c,v 1.25 2001/03/29 21:17:39 markus Exp $");
 #include <openssl/crypto.h>
 #include <openssl/bio.h>
 #include <openssl/bn.h>
-#include <openssl/dh.h>
 #include <openssl/pem.h>
 #include "ssh2.h"
@@ -113,113 +112,6 @@ kex_exchange_kexinit(
        debug("done");
 }
-/* diffie-hellman-group1-sha1 */
-int
-dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
-{
-        int i;
-        int n = BN_num_bits(dh_pub);
-        int bits_set = 0;
-        if (dh_pub->neg) {
-                log("invalid public DH value: negativ");
-                return 0;
-        }
-        for (i = 0; i <= n; i++)
-                if (BN_is_bit_set(dh_pub, i))
-                        bits_set++;
-        debug("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
-        /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
-        if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1))
-                return 1;
-        log("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
-        return 0;
-}
-void
-dh_gen_key(DH *dh, int need)
-{
-        int i, bits_set = 0, tries = 0;
-        if (dh->p == NULL)
-                fatal("dh_gen_key: dh->p == NULL");
-        if (2*need >= BN_num_bits(dh->p))
-                fatal("dh_gen_key: group too small: %d (2*need %d)",
-                    BN_num_bits(dh->p), 2*need);
-        do {
-                if (dh->priv_key != NULL)
-                        BN_free(dh->priv_key);
-                dh->priv_key = BN_new();
-                if (dh->priv_key == NULL)
-                        fatal("dh_gen_key: BN_new failed");
-                /* generate a 2*need bits random private exponent */
-                if (!BN_rand(dh->priv_key, 2*need, 0, 0))
-                        fatal("dh_gen_key: BN_rand failed");
-                if (DH_generate_key(dh) == 0)
-                        fatal("DH_generate_key");
-                for (i = 0; i <= BN_num_bits(dh->priv_key); i++)
-                        if (BN_is_bit_set(dh->priv_key, i))
-                                bits_set++;
-                debug("dh_gen_key: priv key bits set: %d/%d",
-                    bits_set, BN_num_bits(dh->priv_key));
-                if (tries++ > 10)
-                        fatal("dh_gen_key: too many bad keys: giving up");
-        } while (!dh_pub_is_valid(dh, dh->pub_key));
-}
-DH *
-dh_new_group_asc(const char *gen, const char *modulus)
-{
-        DH *dh;
-        int ret;
-        dh = DH_new();
-        if (dh == NULL)
-                fatal("DH_new");
-        if ((ret = BN_hex2bn(&dh->p, modulus)) < 0)
-                fatal("BN_hex2bn p");
-        if ((ret = BN_hex2bn(&dh->g, gen)) < 0)
-                fatal("BN_hex2bn g");
-        return (dh);
-}
-/*
- * This just returns the group, we still need to generate the exchange
- * value.
- */
-DH *
-dh_new_group(BIGNUM *gen, BIGNUM *modulus)
-{
-        DH *dh;
-        dh = DH_new();
-        if (dh == NULL)
-                fatal("DH_new");
-        dh->p = modulus;
-        dh->g = gen;
-        return (dh);
-}
-DH *
-dh_new_group1(void)
-{
-        static char *gen = "2", *group1 =
-            "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
-            "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
-            "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
-            "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
-            "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381"
-            "FFFFFFFF" "FFFFFFFF";
-        return (dh_new_group_asc(gen, group1));
-}
 #ifdef DEBUG_KEX
 void
 dump_digest(u_char *digest, int len)

diff --git a/kex.c b/kex.c index 38c813d8b..576d4b56e 100644 --- a/kex.c +++ b/kex.c
@@ -23,12 +23,11 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: kex.c,v 1.24 2001/03/28 21:59:40 provos Exp $");	26	RCSID("$OpenBSD: kex.c,v 1.25 2001/03/29 21:17:39 markus Exp $");
27		27
28	#include <openssl/crypto.h>	28	#include <openssl/crypto.h>
29	#include <openssl/bio.h>	29	#include <openssl/bio.h>
30	#include <openssl/bn.h>	30	#include <openssl/bn.h>
31	#include <openssl/dh.h>
32	#include <openssl/pem.h>	31	#include <openssl/pem.h>
33		32
34	#include "ssh2.h"	33	#include "ssh2.h"
@@ -113,113 +112,6 @@ kex_exchange_kexinit(
113	debug("done");	112	debug("done");
114	}	113	}
115		114
116	/* diffie-hellman-group1-sha1 */
117
118	int
119	dh_pub_is_valid(DH dh, BIGNUM dh_pub)
120	{
121	int i;
122	int n = BN_num_bits(dh_pub);
123	int bits_set = 0;
124
125	if (dh_pub->neg) {
126	log("invalid public DH value: negativ");
127	return 0;
128	}
129	for (i = 0; i <= n; i++)
130	if (BN_is_bit_set(dh_pub, i))
131	bits_set++;
132	debug("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
133
134	/* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
135	if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1))
136	return 1;
137	log("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
138	return 0;
139	}
140
141	void
142	dh_gen_key(DH *dh, int need)
143	{
144	int i, bits_set = 0, tries = 0;
145
146	if (dh->p == NULL)
147	fatal("dh_gen_key: dh->p == NULL");
148	if (2*need >= BN_num_bits(dh->p))
149	fatal("dh_gen_key: group too small: %d (2*need %d)",
150	BN_num_bits(dh->p), 2*need);
151	do {
152	if (dh->priv_key != NULL)
153	BN_free(dh->priv_key);
154	dh->priv_key = BN_new();
155	if (dh->priv_key == NULL)
156	fatal("dh_gen_key: BN_new failed");
157	/* generate a 2need bits random private exponent /
158	if (!BN_rand(dh->priv_key, 2*need, 0, 0))
159	fatal("dh_gen_key: BN_rand failed");
160	if (DH_generate_key(dh) == 0)
161	fatal("DH_generate_key");
162	for (i = 0; i <= BN_num_bits(dh->priv_key); i++)
163	if (BN_is_bit_set(dh->priv_key, i))
164	bits_set++;
165	debug("dh_gen_key: priv key bits set: %d/%d",
166	bits_set, BN_num_bits(dh->priv_key));
167	if (tries++ > 10)
168	fatal("dh_gen_key: too many bad keys: giving up");
169	} while (!dh_pub_is_valid(dh, dh->pub_key));
170	}
171
172	DH *
173	dh_new_group_asc(const char gen, const char modulus)
174	{
175	DH *dh;
176	int ret;
177
178	dh = DH_new();
179	if (dh == NULL)
180	fatal("DH_new");
181
182	if ((ret = BN_hex2bn(&dh->p, modulus)) < 0)
183	fatal("BN_hex2bn p");
184	if ((ret = BN_hex2bn(&dh->g, gen)) < 0)
185	fatal("BN_hex2bn g");
186
187	return (dh);
188	}
189
190	/*
191	* This just returns the group, we still need to generate the exchange
192	* value.
193	*/
194
195	DH *
196	dh_new_group(BIGNUM gen, BIGNUM modulus)
197	{
198	DH *dh;
199
200	dh = DH_new();
201	if (dh == NULL)
202	fatal("DH_new");
203	dh->p = modulus;
204	dh->g = gen;
205
206	return (dh);
207	}
208
209	DH *
210	dh_new_group1(void)
211	{
212	static char gen = "2", group1 =
213	"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
214	"29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
215	"EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
216	"E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
217	"EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381"
218	"FFFFFFFF" "FFFFFFFF";
219
220	return (dh_new_group_asc(gen, group1));
221	}
222
223	#ifdef DEBUG_KEX	115	#ifdef DEBUG_KEX
224	void	116	void
225	dump_digest(u_char *digest, int len)	117	dump_digest(u_char *digest, int len)