diff options
Diffstat (limited to 'kexdhc.c')
-rw-r--r-- | kexdhc.c | 17 |
1 files changed, 12 insertions, 5 deletions
@@ -36,6 +36,8 @@ | |||
36 | #include <string.h> | 36 | #include <string.h> |
37 | #include <signal.h> | 37 | #include <signal.h> |
38 | 38 | ||
39 | #include "openbsd-compat/openssl-compat.h" | ||
40 | |||
39 | #include "sshkey.h" | 41 | #include "sshkey.h" |
40 | #include "cipher.h" | 42 | #include "cipher.h" |
41 | #include "digest.h" | 43 | #include "digest.h" |
@@ -56,6 +58,7 @@ kexdh_client(struct ssh *ssh) | |||
56 | { | 58 | { |
57 | struct kex *kex = ssh->kex; | 59 | struct kex *kex = ssh->kex; |
58 | int r; | 60 | int r; |
61 | const BIGNUM *pub_key; | ||
59 | 62 | ||
60 | /* generate and send 'e', client DH public key */ | 63 | /* generate and send 'e', client DH public key */ |
61 | switch (kex->kex_type) { | 64 | switch (kex->kex_type) { |
@@ -81,15 +84,17 @@ kexdh_client(struct ssh *ssh) | |||
81 | goto out; | 84 | goto out; |
82 | } | 85 | } |
83 | debug("sending SSH2_MSG_KEXDH_INIT"); | 86 | debug("sending SSH2_MSG_KEXDH_INIT"); |
84 | if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 || | 87 | if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) |
85 | (r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 || | 88 | goto out; |
86 | (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || | 89 | DH_get0_key(kex->dh, &pub_key, NULL); |
90 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 || | ||
91 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || | ||
87 | (r = sshpkt_send(ssh)) != 0) | 92 | (r = sshpkt_send(ssh)) != 0) |
88 | goto out; | 93 | goto out; |
89 | #ifdef DEBUG_KEXDH | 94 | #ifdef DEBUG_KEXDH |
90 | DHparams_print_fp(stderr, kex->dh); | 95 | DHparams_print_fp(stderr, kex->dh); |
91 | fprintf(stderr, "pub= "); | 96 | fprintf(stderr, "pub= "); |
92 | BN_print_fp(stderr, kex->dh->pub_key); | 97 | BN_print_fp(stderr, pub_key); |
93 | fprintf(stderr, "\n"); | 98 | fprintf(stderr, "\n"); |
94 | #endif | 99 | #endif |
95 | debug("expecting SSH2_MSG_KEXDH_REPLY"); | 100 | debug("expecting SSH2_MSG_KEXDH_REPLY"); |
@@ -104,6 +109,7 @@ input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) | |||
104 | { | 109 | { |
105 | struct kex *kex = ssh->kex; | 110 | struct kex *kex = ssh->kex; |
106 | BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; | 111 | BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; |
112 | const BIGNUM *pub_key; | ||
107 | struct sshkey *server_host_key = NULL; | 113 | struct sshkey *server_host_key = NULL; |
108 | u_char *kbuf = NULL, *server_host_key_blob = NULL, *signature = NULL; | 114 | u_char *kbuf = NULL, *server_host_key_blob = NULL, *signature = NULL; |
109 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | 115 | u_char hash[SSH_DIGEST_MAX_LENGTH]; |
@@ -168,6 +174,7 @@ input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) | |||
168 | #endif | 174 | #endif |
169 | 175 | ||
170 | /* calc and verify H */ | 176 | /* calc and verify H */ |
177 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
171 | hashlen = sizeof(hash); | 178 | hashlen = sizeof(hash); |
172 | if ((r = kex_dh_hash( | 179 | if ((r = kex_dh_hash( |
173 | kex->hash_alg, | 180 | kex->hash_alg, |
@@ -176,7 +183,7 @@ input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) | |||
176 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | 183 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), |
177 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | 184 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), |
178 | server_host_key_blob, sbloblen, | 185 | server_host_key_blob, sbloblen, |
179 | kex->dh->pub_key, | 186 | pub_key, |
180 | dh_server_pub, | 187 | dh_server_pub, |
181 | shared_secret, | 188 | shared_secret, |
182 | hash, &hashlen)) != 0) | 189 | hash, &hashlen)) != 0) |