version 1.12.2.4, 2001/05/07 21:09:30 |
version 1.12.2.5, 2001/09/27 00:15:42 |
|
|
/* |
/* |
* Copyright (c) 2000 Markus Friedl. All rights reserved. |
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
* |
* |
* Redistribution and use in source and binary forms, with or without |
* Redistribution and use in source and binary forms, with or without |
* modification, are permitted provided that the following conditions |
* modification, are permitted provided that the following conditions |
|
|
|
|
#define KEX_COOKIE_LEN 16 |
#define KEX_COOKIE_LEN 16 |
|
|
void kex_kexinit_finish(Kex *kex); |
/* prototype */ |
void kex_choose_conf(Kex *k); |
static void kex_kexinit_finish(Kex *); |
|
static void kex_choose_conf(Kex *); |
|
|
/* put algorithm proposal into buffer */ |
/* put algorithm proposal into buffer */ |
void |
static void |
kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) |
kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) |
{ |
{ |
u_int32_t rand = 0; |
u_int32_t rand = 0; |
|
|
} |
} |
|
|
/* parse buffer and return algorithm proposal */ |
/* parse buffer and return algorithm proposal */ |
char ** |
static char ** |
kex_buf2prop(Buffer *raw) |
kex_buf2prop(Buffer *raw) |
{ |
{ |
Buffer b; |
Buffer b; |
|
|
return proposal; |
return proposal; |
} |
} |
|
|
void |
static void |
kex_prop_free(char **proposal) |
kex_prop_free(char **proposal) |
{ |
{ |
int i; |
int i; |
|
|
xfree(proposal); |
xfree(proposal); |
} |
} |
|
|
void |
static void |
kex_protocol_error(int type, int plen, void *ctxt) |
kex_protocol_error(int type, int plen, void *ctxt) |
{ |
{ |
error("Hm, kex protocol error: type %d plen %d", type, plen); |
error("Hm, kex protocol error: type %d plen %d", type, plen); |
} |
} |
|
|
void |
static void |
kex_clear_dispatch(void) |
kex_clear_dispatch(void) |
{ |
{ |
int i; |
int i; |
|
|
return kex; |
return kex; |
} |
} |
|
|
void |
static void |
kex_kexinit_finish(Kex *kex) |
kex_kexinit_finish(Kex *kex) |
{ |
{ |
if (!(kex->flags & KEX_INIT_SENT)) |
if (!(kex->flags & KEX_INIT_SENT)) |
|
|
} |
} |
} |
} |
|
|
void |
static void |
choose_enc(Enc *enc, char *client, char *server) |
choose_enc(Enc *enc, char *client, char *server) |
{ |
{ |
char *name = match_list(client, server, NULL); |
char *name = match_list(client, server, NULL); |
|
|
enc->iv = NULL; |
enc->iv = NULL; |
enc->key = NULL; |
enc->key = NULL; |
} |
} |
void |
static void |
choose_mac(Mac *mac, char *client, char *server) |
choose_mac(Mac *mac, char *client, char *server) |
{ |
{ |
char *name = match_list(client, server, NULL); |
char *name = match_list(client, server, NULL); |
|
|
mac->key = NULL; |
mac->key = NULL; |
mac->enabled = 0; |
mac->enabled = 0; |
} |
} |
void |
static void |
choose_comp(Comp *comp, char *client, char *server) |
choose_comp(Comp *comp, char *client, char *server) |
{ |
{ |
char *name = match_list(client, server, NULL); |
char *name = match_list(client, server, NULL); |
|
|
} |
} |
comp->name = name; |
comp->name = name; |
} |
} |
void |
static void |
choose_kex(Kex *k, char *client, char *server) |
choose_kex(Kex *k, char *client, char *server) |
{ |
{ |
k->name = match_list(client, server, NULL); |
k->name = match_list(client, server, NULL); |
|
|
} else |
} else |
fatal("bad kex alg %s", k->name); |
fatal("bad kex alg %s", k->name); |
} |
} |
void |
static void |
choose_hostkeyalg(Kex *k, char *client, char *server) |
choose_hostkeyalg(Kex *k, char *client, char *server) |
{ |
{ |
char *hostkeyalg = match_list(client, server, NULL); |
char *hostkeyalg = match_list(client, server, NULL); |
|
|
xfree(hostkeyalg); |
xfree(hostkeyalg); |
} |
} |
|
|
void |
static void |
kex_choose_conf(Kex *kex) |
kex_choose_conf(Kex *kex) |
{ |
{ |
Newkeys *newkeys; |
Newkeys *newkeys; |
|
|
kex_prop_free(peer); |
kex_prop_free(peer); |
} |
} |
|
|
u_char * |
static u_char * |
derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) |
derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) |
{ |
{ |
Buffer b; |
Buffer b; |
|
|
|
|
/* K1 = HASH(K || H || "A" || session_id) */ |
/* K1 = HASH(K || H || "A" || session_id) */ |
EVP_DigestInit(&md, evp_md); |
EVP_DigestInit(&md, evp_md); |
EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); |
if (!(datafellows & SSH_BUG_DERIVEKEY)) |
|
EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); |
EVP_DigestUpdate(&md, hash, mdsz); |
EVP_DigestUpdate(&md, hash, mdsz); |
EVP_DigestUpdate(&md, &c, 1); |
EVP_DigestUpdate(&md, &c, 1); |
EVP_DigestUpdate(&md, kex->session_id, kex->session_id_len); |
EVP_DigestUpdate(&md, kex->session_id, kex->session_id_len); |
|
|
*/ |
*/ |
for (have = mdsz; need > have; have += mdsz) { |
for (have = mdsz; need > have; have += mdsz) { |
EVP_DigestInit(&md, evp_md); |
EVP_DigestInit(&md, evp_md); |
EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); |
if (!(datafellows & SSH_BUG_DERIVEKEY)) |
|
EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); |
EVP_DigestUpdate(&md, hash, mdsz); |
EVP_DigestUpdate(&md, hash, mdsz); |
EVP_DigestUpdate(&md, digest, have); |
EVP_DigestUpdate(&md, digest, have); |
EVP_DigestFinal(&md, digest + have, NULL); |
EVP_DigestFinal(&md, digest + have, NULL); |