| version 1.94, 2014/01/09 23:20:00 |
version 1.95, 2014/01/12 08:13:13 |
|
|
| |
|
| static u_char * |
static u_char * |
| derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, |
derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, |
| BIGNUM *shared_secret) |
const u_char *shared_secret, u_int slen) |
| { |
{ |
| Buffer b; |
Buffer b; |
| struct ssh_digest_ctx *hashctx; |
struct ssh_digest_ctx *hashctx; |
|
|
| digest = xmalloc(roundup(need, mdsz)); |
digest = xmalloc(roundup(need, mdsz)); |
| |
|
| buffer_init(&b); |
buffer_init(&b); |
| buffer_put_bignum2(&b, shared_secret); |
buffer_append(&b, shared_secret, slen); |
| |
|
| /* K1 = HASH(K || H || "A" || session_id) */ |
/* K1 = HASH(K || H || "A" || session_id) */ |
| if ((hashctx = ssh_digest_start(kex->hash_alg)) == NULL) |
if ((hashctx = ssh_digest_start(kex->hash_alg)) == NULL) |
|
|
| |
|
| #define NKEYS 6 |
#define NKEYS 6 |
| void |
void |
| kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret) |
kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, |
| |
const u_char *shared_secret, u_int slen) |
| { |
{ |
| u_char *keys[NKEYS]; |
u_char *keys[NKEYS]; |
| u_int i, mode, ctos; |
u_int i, mode, ctos; |
| |
|
| for (i = 0; i < NKEYS; i++) { |
for (i = 0; i < NKEYS; i++) { |
| keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, hashlen, |
keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, hashlen, |
| shared_secret); |
shared_secret, slen); |
| } |
} |
| |
|
| debug2("kex_derive_keys"); |
debug2("kex_derive_keys"); |
|
|
| current_keys[mode]->enc.key = keys[ctos ? 2 : 3]; |
current_keys[mode]->enc.key = keys[ctos ? 2 : 3]; |
| current_keys[mode]->mac.key = keys[ctos ? 4 : 5]; |
current_keys[mode]->mac.key = keys[ctos ? 4 : 5]; |
| } |
} |
| |
} |
| |
|
| |
void |
| |
kex_derive_keys_bn(Kex *kex, u_char *hash, u_int hashlen, const BIGNUM *secret) |
| |
{ |
| |
Buffer shared_secret; |
| |
|
| |
buffer_init(&shared_secret); |
| |
buffer_put_bignum2(&shared_secret, secret); |
| |
kex_derive_keys(kex, hash, hashlen, |
| |
buffer_ptr(&shared_secret), buffer_len(&shared_secret)); |
| |
buffer_free(&shared_secret); |
| } |
} |
| |
|
| Newkeys * |
Newkeys * |
![[BACK]](/icons/back.gif){kind=icon}
Return to kex.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh