| kexdh.c (261320) | kexdh.c (294332) |
|---|---|
| 1/* $OpenBSD: kexdh.c,v 1.24 2014/01/09 23:20:00 djm Exp $ */ | 1/* $OpenBSD: kexdh.c,v 1.25 2015/01/19 20:16:15 markus Exp $ */ |
| 2/* 3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include "includes.h" 27 | 2/* 3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include "includes.h" 27 |
| 28#ifdef WITH_OPENSSL 29 |
|
| 28#include <sys/types.h> 29 30#include <signal.h> 31 32#include <openssl/evp.h> 33 | 30#include <sys/types.h> 31 32#include <signal.h> 33 34#include <openssl/evp.h> 35 |
| 34#include "buffer.h" | |
| 35#include "ssh2.h" | 36#include "ssh2.h" |
| 36#include "key.h" | 37#include "sshkey.h" |
| 37#include "cipher.h" 38#include "kex.h" | 38#include "cipher.h" 39#include "kex.h" |
| 40#include "ssherr.h" 41#include "sshbuf.h" |
|
| 39#include "digest.h" | 42#include "digest.h" |
| 40#include "log.h" | |
| 41 | 43 |
| 42void | 44int |
| 43kex_dh_hash( | 45kex_dh_hash( |
| 44 char *client_version_string, 45 char *server_version_string, 46 char *ckexinit, int ckexinitlen, 47 char *skexinit, int skexinitlen, 48 u_char *serverhostkeyblob, int sbloblen, 49 BIGNUM *client_dh_pub, 50 BIGNUM *server_dh_pub, 51 BIGNUM *shared_secret, 52 u_char **hash, u_int *hashlen) | 46 const char *client_version_string, 47 const char *server_version_string, 48 const u_char *ckexinit, size_t ckexinitlen, 49 const u_char *skexinit, size_t skexinitlen, 50 const u_char *serverhostkeyblob, size_t sbloblen, 51 const BIGNUM *client_dh_pub, 52 const BIGNUM *server_dh_pub, 53 const BIGNUM *shared_secret, 54 u_char *hash, size_t *hashlen) |
| 53{ | 55{ |
| 54 Buffer b; 55 static u_char digest[SSH_DIGEST_MAX_LENGTH]; | 56 struct sshbuf *b; 57 int r; |
| 56 | 58 |
| 57 buffer_init(&b); 58 buffer_put_cstring(&b, client_version_string); 59 buffer_put_cstring(&b, server_version_string); 60 61 /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ 62 buffer_put_int(&b, ckexinitlen+1); 63 buffer_put_char(&b, SSH2_MSG_KEXINIT); 64 buffer_append(&b, ckexinit, ckexinitlen); 65 buffer_put_int(&b, skexinitlen+1); 66 buffer_put_char(&b, SSH2_MSG_KEXINIT); 67 buffer_append(&b, skexinit, skexinitlen); 68 69 buffer_put_string(&b, serverhostkeyblob, sbloblen); 70 buffer_put_bignum2(&b, client_dh_pub); 71 buffer_put_bignum2(&b, server_dh_pub); 72 buffer_put_bignum2(&b, shared_secret); 73 | 59 if (*hashlen < ssh_digest_bytes(SSH_DIGEST_SHA1)) 60 return SSH_ERR_INVALID_ARGUMENT; 61 if ((b = sshbuf_new()) == NULL) 62 return SSH_ERR_ALLOC_FAIL; 63 if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 || 64 (r = sshbuf_put_cstring(b, server_version_string)) != 0 || 65 /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ 66 (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 || 67 (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || 68 (r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 || 69 (r = sshbuf_put_u32(b, skexinitlen+1)) != 0 || 70 (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || 71 (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 || 72 (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 || 73 (r = sshbuf_put_bignum2(b, client_dh_pub)) != 0 || 74 (r = sshbuf_put_bignum2(b, server_dh_pub)) != 0 || 75 (r = sshbuf_put_bignum2(b, shared_secret)) != 0) { 76 sshbuf_free(b); 77 return r; 78 } |
| 74#ifdef DEBUG_KEX | 79#ifdef DEBUG_KEX |
| 75 buffer_dump(&b); | 80 sshbuf_dump(b, stderr); |
| 76#endif | 81#endif |
| 77 if (ssh_digest_buffer(SSH_DIGEST_SHA1, &b, digest, sizeof(digest)) != 0) 78 fatal("%s: ssh_digest_buffer failed", __func__); 79 80 buffer_free(&b); 81 | 82 if (ssh_digest_buffer(SSH_DIGEST_SHA1, b, hash, *hashlen) != 0) { 83 sshbuf_free(b); 84 return SSH_ERR_LIBCRYPTO_ERROR; 85 } 86 sshbuf_free(b); 87 *hashlen = ssh_digest_bytes(SSH_DIGEST_SHA1); |
| 82#ifdef DEBUG_KEX | 88#ifdef DEBUG_KEX |
| 83 dump_digest("hash", digest, ssh_digest_bytes(SSH_DIGEST_SHA1)); | 89 dump_digest("hash", hash, *hashlen); |
| 84#endif | 90#endif |
| 85 *hash = digest; 86 *hashlen = ssh_digest_bytes(SSH_DIGEST_SHA1); | 91 return 0; |
| 87} | 92} |
| 93#endif /* WITH_OPENSSL */ |
|