version 1.22, 2018/02/07 02:06:51 |
version 1.23, 2018/09/13 02:08:33 |
|
|
{ |
{ |
struct kex *kex = ssh->kex; |
struct kex *kex = ssh->kex; |
int r; |
int r; |
|
const BIGNUM *pub_key; |
|
|
/* generate and send 'e', client DH public key */ |
/* generate and send 'e', client DH public key */ |
switch (kex->kex_type) { |
switch (kex->kex_type) { |
|
|
goto out; |
goto out; |
} |
} |
debug("sending SSH2_MSG_KEXDH_INIT"); |
debug("sending SSH2_MSG_KEXDH_INIT"); |
if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 || |
if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) |
(r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 || |
goto out; |
(r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || |
DH_get0_key(kex->dh, &pub_key, NULL); |
|
if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 || |
|
(r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || |
(r = sshpkt_send(ssh)) != 0) |
(r = sshpkt_send(ssh)) != 0) |
goto out; |
goto out; |
#ifdef DEBUG_KEXDH |
#ifdef DEBUG_KEXDH |
DHparams_print_fp(stderr, kex->dh); |
DHparams_print_fp(stderr, kex->dh); |
fprintf(stderr, "pub= "); |
fprintf(stderr, "pub= "); |
BN_print_fp(stderr, kex->dh->pub_key); |
BN_print_fp(stderr, pub_key); |
fprintf(stderr, "\n"); |
fprintf(stderr, "\n"); |
#endif |
#endif |
debug("expecting SSH2_MSG_KEXDH_REPLY"); |
debug("expecting SSH2_MSG_KEXDH_REPLY"); |
|
|
{ |
{ |
struct kex *kex = ssh->kex; |
struct kex *kex = ssh->kex; |
BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; |
BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; |
|
const BIGNUM *pub_key; |
struct sshkey *server_host_key = NULL; |
struct sshkey *server_host_key = NULL; |
u_char *kbuf = NULL, *server_host_key_blob = NULL, *signature = NULL; |
u_char *kbuf = NULL, *server_host_key_blob = NULL, *signature = NULL; |
u_char hash[SSH_DIGEST_MAX_LENGTH]; |
u_char hash[SSH_DIGEST_MAX_LENGTH]; |
|
|
#endif |
#endif |
|
|
/* calc and verify H */ |
/* calc and verify H */ |
|
DH_get0_key(kex->dh, &pub_key, NULL); |
hashlen = sizeof(hash); |
hashlen = sizeof(hash); |
if ((r = kex_dh_hash( |
if ((r = kex_dh_hash( |
kex->hash_alg, |
kex->hash_alg, |
|
|
sshbuf_ptr(kex->my), sshbuf_len(kex->my), |
sshbuf_ptr(kex->my), sshbuf_len(kex->my), |
sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), |
sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), |
server_host_key_blob, sbloblen, |
server_host_key_blob, sbloblen, |
kex->dh->pub_key, |
pub_key, |
dh_server_pub, |
dh_server_pub, |
shared_secret, |
shared_secret, |
hash, &hashlen)) != 0) |
hash, &hashlen)) != 0) |