summaryrefslogtreecommitdiff
path: root/kexgexc.c
diff options
context:
space:
mode:
Diffstat (limited to 'kexgexc.c')
-rw-r--r--kexgexc.c20
1 files changed, 14 insertions, 6 deletions
diff --git a/kexgexc.c b/kexgexc.c
index 762a9a322..0d07f73c7 100644
--- a/kexgexc.c
+++ b/kexgexc.c
@@ -37,6 +37,8 @@
37#include <string.h> 37#include <string.h>
38#include <signal.h> 38#include <signal.h>
39 39
40#include "openbsd-compat/openssl-compat.h"
41
40#include "sshkey.h" 42#include "sshkey.h"
41#include "cipher.h" 43#include "cipher.h"
42#include "digest.h" 44#include "digest.h"
@@ -93,6 +95,7 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh)
93{ 95{
94 struct kex *kex = ssh->kex; 96 struct kex *kex = ssh->kex;
95 BIGNUM *p = NULL, *g = NULL; 97 BIGNUM *p = NULL, *g = NULL;
98 const BIGNUM *pub_key;
96 int r, bits; 99 int r, bits;
97 100
98 debug("got SSH2_MSG_KEX_DH_GEX_GROUP"); 101 debug("got SSH2_MSG_KEX_DH_GEX_GROUP");
@@ -118,16 +121,18 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh)
118 p = g = NULL; /* belong to kex->dh now */ 121 p = g = NULL; /* belong to kex->dh now */
119 122
120 /* generate and send 'e', client DH public key */ 123 /* generate and send 'e', client DH public key */
121 if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 || 124 if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
122 (r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 || 125 goto out;
123 (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || 126 DH_get0_key(kex->dh, &pub_key, NULL);
127 if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 ||
128 (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||
124 (r = sshpkt_send(ssh)) != 0) 129 (r = sshpkt_send(ssh)) != 0)
125 goto out; 130 goto out;
126 debug("SSH2_MSG_KEX_DH_GEX_INIT sent"); 131 debug("SSH2_MSG_KEX_DH_GEX_INIT sent");
127#ifdef DEBUG_KEXDH 132#ifdef DEBUG_KEXDH
128 DHparams_print_fp(stderr, kex->dh); 133 DHparams_print_fp(stderr, kex->dh);
129 fprintf(stderr, "pub= "); 134 fprintf(stderr, "pub= ");
130 BN_print_fp(stderr, kex->dh->pub_key); 135 BN_print_fp(stderr, pub_key);
131 fprintf(stderr, "\n"); 136 fprintf(stderr, "\n");
132#endif 137#endif
133 ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_GROUP, NULL); 138 ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_GROUP, NULL);
@@ -144,6 +149,7 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh)
144{ 149{
145 struct kex *kex = ssh->kex; 150 struct kex *kex = ssh->kex;
146 BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; 151 BIGNUM *dh_server_pub = NULL, *shared_secret = NULL;
152 const BIGNUM *pub_key, *dh_p, *dh_g;
147 struct sshkey *server_host_key = NULL; 153 struct sshkey *server_host_key = NULL;
148 u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; 154 u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL;
149 u_char hash[SSH_DIGEST_MAX_LENGTH]; 155 u_char hash[SSH_DIGEST_MAX_LENGTH];
@@ -211,6 +217,8 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh)
211 kex->min = kex->max = -1; 217 kex->min = kex->max = -1;
212 218
213 /* calc and verify H */ 219 /* calc and verify H */
220 DH_get0_key(kex->dh, &pub_key, NULL);
221 DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
214 hashlen = sizeof(hash); 222 hashlen = sizeof(hash);
215 if ((r = kexgex_hash( 223 if ((r = kexgex_hash(
216 kex->hash_alg, 224 kex->hash_alg,
@@ -220,8 +228,8 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh)
220 sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), 228 sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
221 server_host_key_blob, sbloblen, 229 server_host_key_blob, sbloblen,
222 kex->min, kex->nbits, kex->max, 230 kex->min, kex->nbits, kex->max,
223 kex->dh->p, kex->dh->g, 231 dh_p, dh_g,
224 kex->dh->pub_key, 232 pub_key,
225 dh_server_pub, 233 dh_server_pub,
226 shared_secret, 234 shared_secret,
227 hash, &hashlen)) != 0) 235 hash, &hashlen)) != 0)
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 05:27:09 +0000