Annotation of src/usr.bin/ssh/kexdh.c, Revision 1.18.4.1
1.1 markus 1: /*
2: * Copyright (c) 2001 Markus Friedl. All rights reserved.
3: *
4: * Redistribution and use in source and binary forms, with or without
5: * modification, are permitted provided that the following conditions
6: * are met:
7: * 1. Redistributions of source code must retain the above copyright
8: * notice, this list of conditions and the following disclaimer.
9: * 2. Redistributions in binary form must reproduce the above copyright
10: * notice, this list of conditions and the following disclaimer in the
11: * documentation and/or other materials provided with the distribution.
12: *
13: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23: */
24:
25: #include "includes.h"
1.18.4.1! margarid 26: RCSID("$OpenBSD: kexdh.c,v 1.19 2003/02/16 17:09:57 markus Exp $");
1.1 markus 27:
1.18.4.1! margarid 28: #include <openssl/evp.h>
1.1 markus 29:
30: #include "buffer.h"
31: #include "bufaux.h"
32: #include "ssh2.h"
1.18.4.1! margarid 33: #include "kex.h"
1.1 markus 34:
1.18.4.1! margarid 35: u_char *
1.1 markus 36: kex_dh_hash(
37: char *client_version_string,
38: char *server_version_string,
39: char *ckexinit, int ckexinitlen,
40: char *skexinit, int skexinitlen,
1.7 stevesk 41: u_char *serverhostkeyblob, int sbloblen,
1.1 markus 42: BIGNUM *client_dh_pub,
43: BIGNUM *server_dh_pub,
44: BIGNUM *shared_secret)
45: {
46: Buffer b;
47: static u_char digest[EVP_MAX_MD_SIZE];
1.17 markus 48: const EVP_MD *evp_md = EVP_sha1();
1.1 markus 49: EVP_MD_CTX md;
50:
51: buffer_init(&b);
1.4 markus 52: buffer_put_cstring(&b, client_version_string);
53: buffer_put_cstring(&b, server_version_string);
1.1 markus 54:
55: /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
56: buffer_put_int(&b, ckexinitlen+1);
57: buffer_put_char(&b, SSH2_MSG_KEXINIT);
58: buffer_append(&b, ckexinit, ckexinitlen);
59: buffer_put_int(&b, skexinitlen+1);
60: buffer_put_char(&b, SSH2_MSG_KEXINIT);
61: buffer_append(&b, skexinit, skexinitlen);
62:
63: buffer_put_string(&b, serverhostkeyblob, sbloblen);
64: buffer_put_bignum2(&b, client_dh_pub);
65: buffer_put_bignum2(&b, server_dh_pub);
66: buffer_put_bignum2(&b, shared_secret);
67:
68: #ifdef DEBUG_KEX
69: buffer_dump(&b);
70: #endif
71: EVP_DigestInit(&md, evp_md);
72: EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
73: EVP_DigestFinal(&md, digest, NULL);
74:
75: buffer_free(&b);
76:
77: #ifdef DEBUG_KEX
1.13 markus 78: dump_digest("hash", digest, EVP_MD_size(evp_md));
1.1 markus 79: #endif
80: return digest;
81: }