diff options
Diffstat (limited to 'kexgexc.c')
-rw-r--r-- | kexgexc.c | 20 |
1 files changed, 14 insertions, 6 deletions
@@ -37,6 +37,8 @@ | |||
37 | #include <string.h> | 37 | #include <string.h> |
38 | #include <signal.h> | 38 | #include <signal.h> |
39 | 39 | ||
40 | #include "openbsd-compat/openssl-compat.h" | ||
41 | |||
40 | #include "sshkey.h" | 42 | #include "sshkey.h" |
41 | #include "cipher.h" | 43 | #include "cipher.h" |
42 | #include "digest.h" | 44 | #include "digest.h" |
@@ -93,6 +95,7 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh) | |||
93 | { | 95 | { |
94 | struct kex *kex = ssh->kex; | 96 | struct kex *kex = ssh->kex; |
95 | BIGNUM *p = NULL, *g = NULL; | 97 | BIGNUM *p = NULL, *g = NULL; |
98 | const BIGNUM *pub_key; | ||
96 | int r, bits; | 99 | int r, bits; |
97 | 100 | ||
98 | debug("got SSH2_MSG_KEX_DH_GEX_GROUP"); | 101 | debug("got SSH2_MSG_KEX_DH_GEX_GROUP"); |
@@ -118,16 +121,18 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh) | |||
118 | p = g = NULL; /* belong to kex->dh now */ | 121 | p = g = NULL; /* belong to kex->dh now */ |
119 | 122 | ||
120 | /* generate and send 'e', client DH public key */ | 123 | /* generate and send 'e', client DH public key */ |
121 | if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 || | 124 | if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) |
122 | (r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 || | 125 | goto out; |
123 | (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || | 126 | DH_get0_key(kex->dh, &pub_key, NULL); |
127 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 || | ||
128 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || | ||
124 | (r = sshpkt_send(ssh)) != 0) | 129 | (r = sshpkt_send(ssh)) != 0) |
125 | goto out; | 130 | goto out; |
126 | debug("SSH2_MSG_KEX_DH_GEX_INIT sent"); | 131 | debug("SSH2_MSG_KEX_DH_GEX_INIT sent"); |
127 | #ifdef DEBUG_KEXDH | 132 | #ifdef DEBUG_KEXDH |
128 | DHparams_print_fp(stderr, kex->dh); | 133 | DHparams_print_fp(stderr, kex->dh); |
129 | fprintf(stderr, "pub= "); | 134 | fprintf(stderr, "pub= "); |
130 | BN_print_fp(stderr, kex->dh->pub_key); | 135 | BN_print_fp(stderr, pub_key); |
131 | fprintf(stderr, "\n"); | 136 | fprintf(stderr, "\n"); |
132 | #endif | 137 | #endif |
133 | ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_GROUP, NULL); | 138 | ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_GROUP, NULL); |
@@ -144,6 +149,7 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) | |||
144 | { | 149 | { |
145 | struct kex *kex = ssh->kex; | 150 | struct kex *kex = ssh->kex; |
146 | BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; | 151 | BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; |
152 | const BIGNUM *pub_key, *dh_p, *dh_g; | ||
147 | struct sshkey *server_host_key = NULL; | 153 | struct sshkey *server_host_key = NULL; |
148 | u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; | 154 | u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; |
149 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | 155 | u_char hash[SSH_DIGEST_MAX_LENGTH]; |
@@ -211,6 +217,8 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) | |||
211 | kex->min = kex->max = -1; | 217 | kex->min = kex->max = -1; |
212 | 218 | ||
213 | /* calc and verify H */ | 219 | /* calc and verify H */ |
220 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
221 | DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); | ||
214 | hashlen = sizeof(hash); | 222 | hashlen = sizeof(hash); |
215 | if ((r = kexgex_hash( | 223 | if ((r = kexgex_hash( |
216 | kex->hash_alg, | 224 | kex->hash_alg, |
@@ -220,8 +228,8 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) | |||
220 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | 228 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), |
221 | server_host_key_blob, sbloblen, | 229 | server_host_key_blob, sbloblen, |
222 | kex->min, kex->nbits, kex->max, | 230 | kex->min, kex->nbits, kex->max, |
223 | kex->dh->p, kex->dh->g, | 231 | dh_p, dh_g, |
224 | kex->dh->pub_key, | 232 | pub_key, |
225 | dh_server_pub, | 233 | dh_server_pub, |
226 | shared_secret, | 234 | shared_secret, |
227 | hash, &hashlen)) != 0) | 235 | hash, &hashlen)) != 0) |