version 1.10, 2009/06/21 07:37:15 |
version 1.11, 2010/02/26 20:29:54 |
|
|
{ |
{ |
BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; |
BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; |
DH *dh; |
DH *dh; |
Key *server_host_key; |
Key *server_host_public, *server_host_private; |
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; |
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; |
u_int sbloblen, klen, hashlen, slen; |
u_int sbloblen, klen, hashlen, slen; |
int kout; |
int kout; |
|
|
debug("expecting SSH2_MSG_KEXDH_INIT"); |
debug("expecting SSH2_MSG_KEXDH_INIT"); |
packet_read_expect(SSH2_MSG_KEXDH_INIT); |
packet_read_expect(SSH2_MSG_KEXDH_INIT); |
|
|
if (kex->load_host_key == NULL) |
if (kex->load_host_public_key == NULL || |
|
kex->load_host_private_key == NULL) |
fatal("Cannot load hostkey"); |
fatal("Cannot load hostkey"); |
server_host_key = kex->load_host_key(kex->hostkey_type); |
server_host_public = kex->load_host_public_key(kex->hostkey_type); |
if (server_host_key == NULL) |
if (server_host_public == NULL) |
fatal("Unsupported hostkey type %d", kex->hostkey_type); |
fatal("Unsupported hostkey type %d", kex->hostkey_type); |
|
server_host_private = kex->load_host_private_key(kex->hostkey_type); |
|
if (server_host_private == NULL) |
|
fatal("Missing private key for hostkey type %d", |
|
kex->hostkey_type); |
|
|
/* key, cert */ |
/* key, cert */ |
if ((dh_client_pub = BN_new()) == NULL) |
if ((dh_client_pub = BN_new()) == NULL) |
|
|
memset(kbuf, 0, klen); |
memset(kbuf, 0, klen); |
xfree(kbuf); |
xfree(kbuf); |
|
|
key_to_blob(server_host_key, &server_host_key_blob, &sbloblen); |
key_to_blob(server_host_public, &server_host_key_blob, &sbloblen); |
|
|
/* calc H */ |
/* calc H */ |
kex_dh_hash( |
kex_dh_hash( |
|
|
} |
} |
|
|
/* sign H */ |
/* sign H */ |
if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, |
if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash, |
hashlen)) < 0) |
hashlen)) < 0) |
fatal("kexdh_server: key_sign failed"); |
fatal("kexdh_server: key_sign failed"); |
|
|