diff options
Diffstat (limited to 'kexdhs.c')
| -rw-r--r-- | kexdhs.c | 13 |
1 files changed, 7 insertions, 6 deletions
| @@ -35,6 +35,8 @@ | |||
| 35 | 35 | ||
| 36 | #include <openssl/dh.h> | 36 | #include <openssl/dh.h> |
| 37 | 37 | ||
| 38 | #include "openbsd-compat/openssl-compat.h" | ||
| 39 | |||
| 38 | #include "sshkey.h" | 40 | #include "sshkey.h" |
| 39 | #include "cipher.h" | 41 | #include "cipher.h" |
| 40 | #include "digest.h" | 42 | #include "digest.h" |
| @@ -95,6 +97,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
| 95 | { | 97 | { |
| 96 | struct kex *kex = ssh->kex; | 98 | struct kex *kex = ssh->kex; |
| 97 | BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; | 99 | BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; |
| 100 | const BIGNUM *pub_key; | ||
| 98 | struct sshkey *server_host_public, *server_host_private; | 101 | struct sshkey *server_host_public, *server_host_private; |
| 99 | u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; | 102 | u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; |
| 100 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | 103 | u_char hash[SSH_DIGEST_MAX_LENGTH]; |
| @@ -121,6 +124,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
| 121 | r = SSH_ERR_ALLOC_FAIL; | 124 | r = SSH_ERR_ALLOC_FAIL; |
| 122 | goto out; | 125 | goto out; |
| 123 | } | 126 | } |
| 127 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
| 124 | if ((r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0 || | 128 | if ((r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0 || |
| 125 | (r = sshpkt_get_end(ssh)) != 0) | 129 | (r = sshpkt_get_end(ssh)) != 0) |
| 126 | goto out; | 130 | goto out; |
| @@ -130,12 +134,9 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
| 130 | BN_print_fp(stderr, dh_client_pub); | 134 | BN_print_fp(stderr, dh_client_pub); |
| 131 | fprintf(stderr, "\n"); | 135 | fprintf(stderr, "\n"); |
| 132 | debug("bits %d", BN_num_bits(dh_client_pub)); | 136 | debug("bits %d", BN_num_bits(dh_client_pub)); |
| 133 | #endif | ||
| 134 | |||
| 135 | #ifdef DEBUG_KEXDH | ||
| 136 | DHparams_print_fp(stderr, kex->dh); | 137 | DHparams_print_fp(stderr, kex->dh); |
| 137 | fprintf(stderr, "pub= "); | 138 | fprintf(stderr, "pub= "); |
| 138 | BN_print_fp(stderr, kex->dh->pub_key); | 139 | BN_print_fp(stderr, pub_key); |
| 139 | fprintf(stderr, "\n"); | 140 | fprintf(stderr, "\n"); |
| 140 | #endif | 141 | #endif |
| 141 | if (!dh_pub_is_valid(kex->dh, dh_client_pub)) { | 142 | if (!dh_pub_is_valid(kex->dh, dh_client_pub)) { |
| @@ -171,7 +172,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
| 171 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | 172 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), |
| 172 | server_host_key_blob, sbloblen, | 173 | server_host_key_blob, sbloblen, |
| 173 | dh_client_pub, | 174 | dh_client_pub, |
| 174 | kex->dh->pub_key, | 175 | pub_key, |
| 175 | shared_secret, | 176 | shared_secret, |
| 176 | hash, &hashlen)) != 0) | 177 | hash, &hashlen)) != 0) |
| 177 | goto out; | 178 | goto out; |
| @@ -197,7 +198,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
| 197 | /* send server hostkey, DH pubkey 'f' and signed H */ | 198 | /* send server hostkey, DH pubkey 'f' and signed H */ |
| 198 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 || | 199 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 || |
| 199 | (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || | 200 | (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || |
| 200 | (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ | 201 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */ |
| 201 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || | 202 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || |
| 202 | (r = sshpkt_send(ssh)) != 0) | 203 | (r = sshpkt_send(ssh)) != 0) |
| 203 | goto out; | 204 | goto out; |