version 1.94, 2014/01/09 23:20:00 |
version 1.95, 2014/01/12 08:13:13 |
|
|
|
|
static u_char * |
static u_char * |
derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, |
derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, |
BIGNUM *shared_secret) |
const u_char *shared_secret, u_int slen) |
{ |
{ |
Buffer b; |
Buffer b; |
struct ssh_digest_ctx *hashctx; |
struct ssh_digest_ctx *hashctx; |
|
|
digest = xmalloc(roundup(need, mdsz)); |
digest = xmalloc(roundup(need, mdsz)); |
|
|
buffer_init(&b); |
buffer_init(&b); |
buffer_put_bignum2(&b, shared_secret); |
buffer_append(&b, shared_secret, slen); |
|
|
/* K1 = HASH(K || H || "A" || session_id) */ |
/* K1 = HASH(K || H || "A" || session_id) */ |
if ((hashctx = ssh_digest_start(kex->hash_alg)) == NULL) |
if ((hashctx = ssh_digest_start(kex->hash_alg)) == NULL) |
|
|
|
|
#define NKEYS 6 |
#define NKEYS 6 |
void |
void |
kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret) |
kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, |
|
const u_char *shared_secret, u_int slen) |
{ |
{ |
u_char *keys[NKEYS]; |
u_char *keys[NKEYS]; |
u_int i, mode, ctos; |
u_int i, mode, ctos; |
|
|
for (i = 0; i < NKEYS; i++) { |
for (i = 0; i < NKEYS; i++) { |
keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, hashlen, |
keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, hashlen, |
shared_secret); |
shared_secret, slen); |
} |
} |
|
|
debug2("kex_derive_keys"); |
debug2("kex_derive_keys"); |
|
|
current_keys[mode]->enc.key = keys[ctos ? 2 : 3]; |
current_keys[mode]->enc.key = keys[ctos ? 2 : 3]; |
current_keys[mode]->mac.key = keys[ctos ? 4 : 5]; |
current_keys[mode]->mac.key = keys[ctos ? 4 : 5]; |
} |
} |
|
} |
|
|
|
void |
|
kex_derive_keys_bn(Kex *kex, u_char *hash, u_int hashlen, const BIGNUM *secret) |
|
{ |
|
Buffer shared_secret; |
|
|
|
buffer_init(&shared_secret); |
|
buffer_put_bignum2(&shared_secret, secret); |
|
kex_derive_keys(kex, hash, hashlen, |
|
buffer_ptr(&shared_secret), buffer_len(&shared_secret)); |
|
buffer_free(&shared_secret); |
} |
} |
|
|
Newkeys * |
Newkeys * |