diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 85 |
1 files changed, 47 insertions, 38 deletions
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: sshd.c,v 1.228 2002/02/27 21:23:13 stevesk Exp $"); | 43 | RCSID("$OpenBSD: sshd.c,v 1.229 2002/03/14 16:38:26 markus Exp $"); |
44 | 44 | ||
45 | #include <openssl/dh.h> | 45 | #include <openssl/dh.h> |
46 | #include <openssl/bn.h> | 46 | #include <openssl/bn.h> |
@@ -1252,6 +1252,50 @@ main(int ac, char **av) | |||
1252 | } | 1252 | } |
1253 | 1253 | ||
1254 | /* | 1254 | /* |
1255 | * Decrypt session_key_int using our private server key and private host key | ||
1256 | * (key with larger modulus first). | ||
1257 | */ | ||
1258 | static int | ||
1259 | ssh1_session_key(BIGNUM *session_key_int) | ||
1260 | { | ||
1261 | int rsafail = 0; | ||
1262 | |||
1263 | if (BN_cmp(sensitive_data.server_key->rsa->n, sensitive_data.ssh1_host_key->rsa->n) > 0) { | ||
1264 | /* Server key has bigger modulus. */ | ||
1265 | if (BN_num_bits(sensitive_data.server_key->rsa->n) < | ||
1266 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) { | ||
1267 | fatal("do_connection: %s: server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d", | ||
1268 | get_remote_ipaddr(), | ||
1269 | BN_num_bits(sensitive_data.server_key->rsa->n), | ||
1270 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n), | ||
1271 | SSH_KEY_BITS_RESERVED); | ||
1272 | } | ||
1273 | if (rsa_private_decrypt(session_key_int, session_key_int, | ||
1274 | sensitive_data.server_key->rsa) <= 0) | ||
1275 | rsafail++; | ||
1276 | if (rsa_private_decrypt(session_key_int, session_key_int, | ||
1277 | sensitive_data.ssh1_host_key->rsa) <= 0) | ||
1278 | rsafail++; | ||
1279 | } else { | ||
1280 | /* Host key has bigger modulus (or they are equal). */ | ||
1281 | if (BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) < | ||
1282 | BN_num_bits(sensitive_data.server_key->rsa->n) + SSH_KEY_BITS_RESERVED) { | ||
1283 | fatal("do_connection: %s: host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d", | ||
1284 | get_remote_ipaddr(), | ||
1285 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n), | ||
1286 | BN_num_bits(sensitive_data.server_key->rsa->n), | ||
1287 | SSH_KEY_BITS_RESERVED); | ||
1288 | } | ||
1289 | if (rsa_private_decrypt(session_key_int, session_key_int, | ||
1290 | sensitive_data.ssh1_host_key->rsa) < 0) | ||
1291 | rsafail++; | ||
1292 | if (rsa_private_decrypt(session_key_int, session_key_int, | ||
1293 | sensitive_data.server_key->rsa) < 0) | ||
1294 | rsafail++; | ||
1295 | } | ||
1296 | return (rsafail); | ||
1297 | } | ||
1298 | /* | ||
1255 | * SSH1 key exchange | 1299 | * SSH1 key exchange |
1256 | */ | 1300 | */ |
1257 | static void | 1301 | static void |
@@ -1366,43 +1410,8 @@ do_ssh1_kex(void) | |||
1366 | packet_set_protocol_flags(protocol_flags); | 1410 | packet_set_protocol_flags(protocol_flags); |
1367 | packet_check_eom(); | 1411 | packet_check_eom(); |
1368 | 1412 | ||
1369 | /* | 1413 | /* Decrypt session_key_int using host/server keys */ |
1370 | * Decrypt it using our private server key and private host key (key | 1414 | rsafail = ssh1_session_key(session_key_int); |
1371 | * with larger modulus first). | ||
1372 | */ | ||
1373 | if (BN_cmp(sensitive_data.server_key->rsa->n, sensitive_data.ssh1_host_key->rsa->n) > 0) { | ||
1374 | /* Server key has bigger modulus. */ | ||
1375 | if (BN_num_bits(sensitive_data.server_key->rsa->n) < | ||
1376 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) { | ||
1377 | fatal("do_connection: %s: server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d", | ||
1378 | get_remote_ipaddr(), | ||
1379 | BN_num_bits(sensitive_data.server_key->rsa->n), | ||
1380 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n), | ||
1381 | SSH_KEY_BITS_RESERVED); | ||
1382 | } | ||
1383 | if (rsa_private_decrypt(session_key_int, session_key_int, | ||
1384 | sensitive_data.server_key->rsa) <= 0) | ||
1385 | rsafail++; | ||
1386 | if (rsa_private_decrypt(session_key_int, session_key_int, | ||
1387 | sensitive_data.ssh1_host_key->rsa) <= 0) | ||
1388 | rsafail++; | ||
1389 | } else { | ||
1390 | /* Host key has bigger modulus (or they are equal). */ | ||
1391 | if (BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) < | ||
1392 | BN_num_bits(sensitive_data.server_key->rsa->n) + SSH_KEY_BITS_RESERVED) { | ||
1393 | fatal("do_connection: %s: host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d", | ||
1394 | get_remote_ipaddr(), | ||
1395 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n), | ||
1396 | BN_num_bits(sensitive_data.server_key->rsa->n), | ||
1397 | SSH_KEY_BITS_RESERVED); | ||
1398 | } | ||
1399 | if (rsa_private_decrypt(session_key_int, session_key_int, | ||
1400 | sensitive_data.ssh1_host_key->rsa) < 0) | ||
1401 | rsafail++; | ||
1402 | if (rsa_private_decrypt(session_key_int, session_key_int, | ||
1403 | sensitive_data.server_key->rsa) < 0) | ||
1404 | rsafail++; | ||
1405 | } | ||
1406 | /* | 1415 | /* |
1407 | * Extract session key from the decrypted integer. The key is in the | 1416 | * Extract session key from the decrypted integer. The key is in the |
1408 | * least significant 256 bits of the integer; the first byte of the | 1417 | * least significant 256 bits of the integer; the first byte of the |