| kexgexc.c (221420) | kexgexc.c (255767) |
|---|---|
| 1/* $OpenBSD: kexgexc.c,v 1.12 2010/11/10 01:33:07 djm Exp $ */ | 1/* $OpenBSD: kexgexc.c,v 1.13 2013/05/17 00:13:13 djm Exp $ */ |
| 2/* 3 * Copyright (c) 2000 Niels Provos. All rights reserved. 4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright --- 148 unchanged lines hidden (view full) --- 158#ifdef DEBUG_KEXDH 159 dump_digest("shared secret", kbuf, kout); 160#endif 161 if ((shared_secret = BN_new()) == NULL) 162 fatal("kexgex_client: BN_new failed"); 163 if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) 164 fatal("kexgex_client: BN_bin2bn failed"); 165 memset(kbuf, 0, klen); | 2/* 3 * Copyright (c) 2000 Niels Provos. All rights reserved. 4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright --- 148 unchanged lines hidden (view full) --- 158#ifdef DEBUG_KEXDH 159 dump_digest("shared secret", kbuf, kout); 160#endif 161 if ((shared_secret = BN_new()) == NULL) 162 fatal("kexgex_client: BN_new failed"); 163 if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) 164 fatal("kexgex_client: BN_bin2bn failed"); 165 memset(kbuf, 0, klen); |
| 166 xfree(kbuf); | 166 free(kbuf); |
| 167 168 if (datafellows & SSH_OLD_DHGEX) 169 min = max = -1; 170 171 /* calc and verify H */ 172 kexgex_hash( 173 kex->evp_md, 174 kex->client_version_string, --- 6 unchanged lines hidden (view full) --- 181 dh->pub_key, 182 dh_server_pub, 183 shared_secret, 184 &hash, &hashlen 185 ); 186 187 /* have keys, free DH */ 188 DH_free(dh); | 167 168 if (datafellows & SSH_OLD_DHGEX) 169 min = max = -1; 170 171 /* calc and verify H */ 172 kexgex_hash( 173 kex->evp_md, 174 kex->client_version_string, --- 6 unchanged lines hidden (view full) --- 181 dh->pub_key, 182 dh_server_pub, 183 shared_secret, 184 &hash, &hashlen 185 ); 186 187 /* have keys, free DH */ 188 DH_free(dh); |
| 189 xfree(server_host_key_blob); | 189 free(server_host_key_blob); |
| 190 BN_clear_free(dh_server_pub); 191 192 if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1) 193 fatal("key_verify failed for server_host_key"); 194 key_free(server_host_key); | 190 BN_clear_free(dh_server_pub); 191 192 if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1) 193 fatal("key_verify failed for server_host_key"); 194 key_free(server_host_key); |
| 195 xfree(signature); | 195 free(signature); |
| 196 197 /* save session id */ 198 if (kex->session_id == NULL) { 199 kex->session_id_len = hashlen; 200 kex->session_id = xmalloc(kex->session_id_len); 201 memcpy(kex->session_id, hash, kex->session_id_len); 202 } 203 kex_derive_keys(kex, hash, hashlen, shared_secret); 204 BN_clear_free(shared_secret); 205 206 kex_finish(kex); 207} | 196 197 /* save session id */ 198 if (kex->session_id == NULL) { 199 kex->session_id_len = hashlen; 200 kex->session_id = xmalloc(kex->session_id_len); 201 memcpy(kex->session_id, hash, kex->session_id_len); 202 } 203 kex_derive_keys(kex, hash, hashlen, shared_secret); 204 BN_clear_free(shared_secret); 205 206 kex_finish(kex); 207} |