version 1.2, 2004/06/13 12:53:24 |
version 1.2.6.2, 2006/10/06 03:19:32 |
|
|
|
/* $OpenBSD$ */ |
/* |
/* |
* Copyright (c) 2001 Markus Friedl. All rights reserved. |
* Copyright (c) 2001 Markus Friedl. All rights reserved. |
* |
* |
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
*/ |
*/ |
|
|
#include "includes.h" |
#include <sys/types.h> |
RCSID("$OpenBSD$"); |
|
|
|
|
#include <stdio.h> |
|
#include <string.h> |
|
#include <signal.h> |
|
|
#include "xmalloc.h" |
#include "xmalloc.h" |
|
#include "buffer.h" |
#include "key.h" |
#include "key.h" |
|
#include "cipher.h" |
#include "kex.h" |
#include "kex.h" |
#include "log.h" |
#include "log.h" |
#include "packet.h" |
#include "packet.h" |
|
|
Key *server_host_key; |
Key *server_host_key; |
u_char *server_host_key_blob = NULL, *signature = NULL; |
u_char *server_host_key_blob = NULL, *signature = NULL; |
u_char *kbuf, *hash; |
u_char *kbuf, *hash; |
u_int klen, kout, slen, sbloblen; |
u_int klen, kout, slen, sbloblen, hashlen; |
|
|
/* generate and send 'e', client DH public key */ |
/* generate and send 'e', client DH public key */ |
switch (kex->kex_type) { |
switch (kex->kex_type) { |
|
|
if (kex->verify_host_key(server_host_key) == -1) |
if (kex->verify_host_key(server_host_key) == -1) |
fatal("server_host_key verification failed"); |
fatal("server_host_key verification failed"); |
|
|
/* DH paramter f, server public DH key */ |
/* DH parameter f, server public DH key */ |
if ((dh_server_pub = BN_new()) == NULL) |
if ((dh_server_pub = BN_new()) == NULL) |
fatal("dh_server_pub == NULL"); |
fatal("dh_server_pub == NULL"); |
packet_get_bignum2(dh_server_pub); |
packet_get_bignum2(dh_server_pub); |
|
|
xfree(kbuf); |
xfree(kbuf); |
|
|
/* calc and verify H */ |
/* calc and verify H */ |
hash = kex_dh_hash( |
kex_dh_hash( |
kex->client_version_string, |
kex->client_version_string, |
kex->server_version_string, |
kex->server_version_string, |
buffer_ptr(&kex->my), buffer_len(&kex->my), |
buffer_ptr(&kex->my), buffer_len(&kex->my), |
|
|
server_host_key_blob, sbloblen, |
server_host_key_blob, sbloblen, |
dh->pub_key, |
dh->pub_key, |
dh_server_pub, |
dh_server_pub, |
shared_secret |
shared_secret, |
|
&hash, &hashlen |
); |
); |
xfree(server_host_key_blob); |
xfree(server_host_key_blob); |
BN_clear_free(dh_server_pub); |
BN_clear_free(dh_server_pub); |
DH_free(dh); |
DH_free(dh); |
|
|
if (key_verify(server_host_key, signature, slen, hash, 20) != 1) |
if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1) |
fatal("key_verify failed for server_host_key"); |
fatal("key_verify failed for server_host_key"); |
key_free(server_host_key); |
key_free(server_host_key); |
xfree(signature); |
xfree(signature); |
|
|
/* save session id */ |
/* save session id */ |
if (kex->session_id == NULL) { |
if (kex->session_id == NULL) { |
kex->session_id_len = 20; |
kex->session_id_len = hashlen; |
kex->session_id = xmalloc(kex->session_id_len); |
kex->session_id = xmalloc(kex->session_id_len); |
memcpy(kex->session_id, hash, kex->session_id_len); |
memcpy(kex->session_id, hash, kex->session_id_len); |
} |
} |
|
|
kex_derive_keys(kex, hash, shared_secret); |
kex_derive_keys(kex, hash, hashlen, shared_secret); |
BN_clear_free(shared_secret); |
BN_clear_free(shared_secret); |
kex_finish(kex); |
kex_finish(kex); |
} |
} |