1 files changed, 0 insertions, 170 deletions
diff --git a/kexkemc.c b/kexkemc.c
deleted file mode 100644
index 942be5746..000000000
--- a/kexkemc.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/* $OpenBSD: kexkemc.c,v 1.5 2019/01/21 10:35:09 djm Exp $ */
-/*
- * Copyright (c) 2019 Markus Friedl.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-#include <sys/types.h>
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
-#include "sshkey.h"
-#include "kex.h"
-#include "log.h"
-#include "packet.h"
-#include "ssh2.h"
-#include "sshbuf.h"
-#include "digest.h"
-#include "ssherr.h"
-static int
-input_kex_kem_reply(int type, u_int32_t seq, struct ssh *ssh);
-int
-kex_kem_client(struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        int r;
-        switch (kex->kex_type) {
-        case KEX_DH_GRP1_SHA1:
-        case KEX_DH_GRP14_SHA1:
-        case KEX_DH_GRP14_SHA256:
-        case KEX_DH_GRP16_SHA512:
-        case KEX_DH_GRP18_SHA512:
-                r = kex_dh_keypair(kex);
-                break;
-        case KEX_ECDH_SHA2:
-                r = kex_ecdh_keypair(kex);
-                break;
-        case KEX_C25519_SHA256:
-                r = kex_c25519_keypair(kex);
-                break;
-        case KEX_KEM_SNTRUP4591761X25519_SHA512:
-                r = kex_kem_sntrup4591761x25519_keypair(kex);
-                break;
-        default:
-                r = SSH_ERR_INVALID_ARGUMENT;
-                break;
-        }
-        if (r != 0)
-                return r;
-        if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_INIT)) != 0 ||
-            (r = sshpkt_put_stringb(ssh, kex->kem_client_pub)) != 0 ||
-            (r = sshpkt_send(ssh)) != 0)
-                return r;
-        debug("expecting SSH2_MSG_KEX_ECDH_REPLY");
-        ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &input_kex_kem_reply);
-        return 0;
-}
-static int
-input_kex_kem_reply(int type, u_int32_t seq, struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        struct sshkey *server_host_key = NULL;
-        struct sshbuf *shared_secret = NULL;
-        struct sshbuf *server_blob = NULL;
-        u_char *server_host_key_blob = NULL, *signature = NULL;
-        u_char hash[SSH_DIGEST_MAX_LENGTH];
-        size_t slen, sbloblen, hashlen;
-        int r;
-        /* hostkey */
-        if ((r = sshpkt_get_string(ssh, &server_host_key_blob,
-            &sbloblen)) != 0 ||
-            (r = sshkey_from_blob(server_host_key_blob, sbloblen,
-            &server_host_key)) != 0)
-                goto out;
-        if ((r = kex_verify_host_key(ssh, server_host_key)) != 0)
-                goto out;
-        /* Q_S, server public key */
-        /* signed H */
-        if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 ||
-            (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 ||
-            (r = sshpkt_get_end(ssh)) != 0)
-                goto out;
-        /* compute shared secret */
-        switch (kex->kex_type) {
-        case KEX_DH_GRP1_SHA1:
-        case KEX_DH_GRP14_SHA1:
-        case KEX_DH_GRP14_SHA256:
-        case KEX_DH_GRP16_SHA512:
-        case KEX_DH_GRP18_SHA512:
-                r = kex_dh_dec(kex, server_blob, &shared_secret);
-                break;
-        case KEX_ECDH_SHA2:
-                r = kex_ecdh_dec(kex, server_blob, &shared_secret);
-                break;
-        case KEX_C25519_SHA256:
-                r = kex_c25519_dec(kex, server_blob, &shared_secret);
-                break;
-        case KEX_KEM_SNTRUP4591761X25519_SHA512:
-                r = kex_kem_sntrup4591761x25519_dec(kex, server_blob,
-                    &shared_secret);
-                break;
-        default:
-                r = SSH_ERR_INVALID_ARGUMENT;
-                break;
-        }
-        if (r !=0 )
-                goto out;
-        /* calc and verify H */
-        hashlen = sizeof(hash);
-        if ((r = kex_c25519_hash(
-            kex->hash_alg,
-            kex->client_version,
-            kex->server_version,
-            sshbuf_ptr(kex->my), sshbuf_len(kex->my),
-            sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
-            server_host_key_blob, sbloblen,
-            kex->kem_client_pub,
-            server_blob,
-            shared_secret,
-            hash, &hashlen)) != 0)
-                goto out;
-        if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
-            kex->hostkey_alg, ssh->compat)) != 0)
-                goto out;
-        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
-                r = kex_send_newkeys(ssh);
-out:
-        explicit_bzero(hash, sizeof(hash));
-        explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key));
-        explicit_bzero(kex->sntrup4591761_client_key,
-            sizeof(kex->sntrup4591761_client_key));
-        free(server_host_key_blob);
-        free(signature);
-        sshkey_free(server_host_key);
-        sshbuf_free(server_blob);
-        sshbuf_free(shared_secret);
-        sshbuf_free(kex->kem_client_pub);
-        kex->kem_client_pub = NULL;
-        return r;
-}

diff --git a/kexkemc.c b/kexkemc.c deleted file mode 100644 index 942be5746..000000000 --- a/kexkemc.c +++ /dev/null
@@ -1,170 +0,0 @@
1	/* $OpenBSD: kexkemc.c,v 1.5 2019/01/21 10:35:09 djm Exp $ */
2	/*
3	* Copyright (c) 2019 Markus Friedl. All rights reserved.
4	*
5	* Redistribution and use in source and binary forms, with or without
6	* modification, are permitted provided that the following conditions
7	* are met:
8	* 1. Redistributions of source code must retain the above copyright
9	* notice, this list of conditions and the following disclaimer.
10	* 2. Redistributions in binary form must reproduce the above copyright
11	* notice, this list of conditions and the following disclaimer in the
12	* documentation and/or other materials provided with the distribution.
13	*
14	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24	*/
25
26	#include <sys/types.h>
27
28	#include <stdio.h>
29	#include <string.h>
30	#include <signal.h>
31
32	#include "sshkey.h"
33	#include "kex.h"
34	#include "log.h"
35	#include "packet.h"
36	#include "ssh2.h"
37	#include "sshbuf.h"
38	#include "digest.h"
39	#include "ssherr.h"
40
41	static int
42	input_kex_kem_reply(int type, u_int32_t seq, struct ssh *ssh);
43
44	int
45	kex_kem_client(struct ssh *ssh)
46	{
47	struct kex *kex = ssh->kex;
48	int r;
49
50	switch (kex->kex_type) {
51	case KEX_DH_GRP1_SHA1:
52	case KEX_DH_GRP14_SHA1:
53	case KEX_DH_GRP14_SHA256:
54	case KEX_DH_GRP16_SHA512:
55	case KEX_DH_GRP18_SHA512:
56	r = kex_dh_keypair(kex);
57	break;
58	case KEX_ECDH_SHA2:
59	r = kex_ecdh_keypair(kex);
60	break;
61	case KEX_C25519_SHA256:
62	r = kex_c25519_keypair(kex);
63	break;
64	case KEX_KEM_SNTRUP4591761X25519_SHA512:
65	r = kex_kem_sntrup4591761x25519_keypair(kex);
66	break;
67	default:
68	r = SSH_ERR_INVALID_ARGUMENT;
69	break;
70	}
71	if (r != 0)
72	return r;
73	if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_INIT)) != 0 \|\|
74	(r = sshpkt_put_stringb(ssh, kex->kem_client_pub)) != 0 \|\|
75	(r = sshpkt_send(ssh)) != 0)
76	return r;
77	debug("expecting SSH2_MSG_KEX_ECDH_REPLY");
78	ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &input_kex_kem_reply);
79	return 0;
80	}
81
82	static int
83	input_kex_kem_reply(int type, u_int32_t seq, struct ssh *ssh)
84	{
85	struct kex *kex = ssh->kex;
86	struct sshkey *server_host_key = NULL;
87	struct sshbuf *shared_secret = NULL;
88	struct sshbuf *server_blob = NULL;
89	u_char server_host_key_blob = NULL, signature = NULL;
90	u_char hash[SSH_DIGEST_MAX_LENGTH];
91	size_t slen, sbloblen, hashlen;
92	int r;
93
94	/* hostkey */
95	if ((r = sshpkt_get_string(ssh, &server_host_key_blob,
96	&sbloblen)) != 0 \|\|
97	(r = sshkey_from_blob(server_host_key_blob, sbloblen,
98	&server_host_key)) != 0)
99	goto out;
100	if ((r = kex_verify_host_key(ssh, server_host_key)) != 0)
101	goto out;
102
103	/* Q_S, server public key */
104	/* signed H */
105	if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 \|\|
106	(r = sshpkt_get_string(ssh, &signature, &slen)) != 0 \|\|
107	(r = sshpkt_get_end(ssh)) != 0)
108	goto out;
109
110	/* compute shared secret */
111	switch (kex->kex_type) {
112	case KEX_DH_GRP1_SHA1:
113	case KEX_DH_GRP14_SHA1:
114	case KEX_DH_GRP14_SHA256:
115	case KEX_DH_GRP16_SHA512:
116	case KEX_DH_GRP18_SHA512:
117	r = kex_dh_dec(kex, server_blob, &shared_secret);
118	break;
119	case KEX_ECDH_SHA2:
120	r = kex_ecdh_dec(kex, server_blob, &shared_secret);
121	break;
122	case KEX_C25519_SHA256:
123	r = kex_c25519_dec(kex, server_blob, &shared_secret);
124	break;
125	case KEX_KEM_SNTRUP4591761X25519_SHA512:
126	r = kex_kem_sntrup4591761x25519_dec(kex, server_blob,
127	&shared_secret);
128	break;
129	default:
130	r = SSH_ERR_INVALID_ARGUMENT;
131	break;
132	}
133	if (r !=0 )
134	goto out;
135
136	/* calc and verify H */
137	hashlen = sizeof(hash);
138	if ((r = kex_c25519_hash(
139	kex->hash_alg,
140	kex->client_version,
141	kex->server_version,
142	sshbuf_ptr(kex->my), sshbuf_len(kex->my),
143	sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
144	server_host_key_blob, sbloblen,
145	kex->kem_client_pub,
146	server_blob,
147	shared_secret,
148	hash, &hashlen)) != 0)
149	goto out;
150
151	if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
152	kex->hostkey_alg, ssh->compat)) != 0)
153	goto out;
154
155	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
156	r = kex_send_newkeys(ssh);
157	out:
158	explicit_bzero(hash, sizeof(hash));
159	explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key));
160	explicit_bzero(kex->sntrup4591761_client_key,
161	sizeof(kex->sntrup4591761_client_key));
162	free(server_host_key_blob);
163	free(signature);
164	sshkey_free(server_host_key);
165	sshbuf_free(server_blob);
166	sshbuf_free(shared_secret);
167	sshbuf_free(kex->kem_client_pub);
168	kex->kem_client_pub = NULL;
169	return r;
170	}