diff options
Diffstat (limited to 'kexecdhc.c')
| -rw-r--r-- | kexecdhc.c | 13 |
1 files changed, 5 insertions, 8 deletions
diff --git a/kexecdhc.c b/kexecdhc.c index 115d4bf83..6193836c7 100644 --- a/kexecdhc.c +++ b/kexecdhc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kexecdhc.c,v 1.2 2010/09/22 05:01:29 djm Exp $ */ | 1 | /* $OpenBSD: kexecdhc.c,v 1.4 2013/05/17 00:13:13 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
| @@ -57,11 +57,8 @@ kexecdh_client(Kex *kex) | |||
| 57 | u_char *server_host_key_blob = NULL, *signature = NULL; | 57 | u_char *server_host_key_blob = NULL, *signature = NULL; |
| 58 | u_char *kbuf, *hash; | 58 | u_char *kbuf, *hash; |
| 59 | u_int klen, slen, sbloblen, hashlen; | 59 | u_int klen, slen, sbloblen, hashlen; |
| 60 | int curve_nid; | ||
| 61 | 60 | ||
| 62 | if ((curve_nid = kex_ecdh_name_to_nid(kex->name)) == -1) | 61 | if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) |
| 63 | fatal("%s: unsupported ECDH curve \"%s\"", __func__, kex->name); | ||
| 64 | if ((client_key = EC_KEY_new_by_curve_name(curve_nid)) == NULL) | ||
| 65 | fatal("%s: EC_KEY_new_by_curve_name failed", __func__); | 62 | fatal("%s: EC_KEY_new_by_curve_name failed", __func__); |
| 66 | if (EC_KEY_generate_key(client_key) != 1) | 63 | if (EC_KEY_generate_key(client_key) != 1) |
| 67 | fatal("%s: EC_KEY_generate_key failed", __func__); | 64 | fatal("%s: EC_KEY_generate_key failed", __func__); |
| @@ -123,7 +120,7 @@ kexecdh_client(Kex *kex) | |||
| 123 | if (BN_bin2bn(kbuf, klen, shared_secret) == NULL) | 120 | if (BN_bin2bn(kbuf, klen, shared_secret) == NULL) |
| 124 | fatal("%s: BN_bin2bn failed", __func__); | 121 | fatal("%s: BN_bin2bn failed", __func__); |
| 125 | memset(kbuf, 0, klen); | 122 | memset(kbuf, 0, klen); |
| 126 | xfree(kbuf); | 123 | free(kbuf); |
| 127 | 124 | ||
| 128 | /* calc and verify H */ | 125 | /* calc and verify H */ |
| 129 | kex_ecdh_hash( | 126 | kex_ecdh_hash( |
| @@ -139,14 +136,14 @@ kexecdh_client(Kex *kex) | |||
| 139 | shared_secret, | 136 | shared_secret, |
| 140 | &hash, &hashlen | 137 | &hash, &hashlen |
| 141 | ); | 138 | ); |
| 142 | xfree(server_host_key_blob); | 139 | free(server_host_key_blob); |
| 143 | EC_POINT_clear_free(server_public); | 140 | EC_POINT_clear_free(server_public); |
| 144 | EC_KEY_free(client_key); | 141 | EC_KEY_free(client_key); |
| 145 | 142 | ||
| 146 | if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1) | 143 | if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1) |
| 147 | fatal("key_verify failed for server_host_key"); | 144 | fatal("key_verify failed for server_host_key"); |
| 148 | key_free(server_host_key); | 145 | key_free(server_host_key); |
| 149 | xfree(signature); | 146 | free(signature); |
| 150 | 147 | ||
| 151 | /* save session id */ | 148 | /* save session id */ |
| 152 | if (kex->session_id == NULL) { | 149 | if (kex->session_id == NULL) { |