version 1.5, 2014/01/09 23:20:00 |
version 1.6, 2015/01/19 20:16:15 |
|
|
#include <openssl/ec.h> |
#include <openssl/ec.h> |
#include <openssl/ecdh.h> |
#include <openssl/ecdh.h> |
|
|
#include "buffer.h" |
|
#include "ssh2.h" |
#include "ssh2.h" |
#include "key.h" |
#include "sshkey.h" |
#include "cipher.h" |
#include "cipher.h" |
#include "kex.h" |
#include "kex.h" |
#include "log.h" |
#include "sshbuf.h" |
#include "digest.h" |
#include "digest.h" |
|
#include "ssherr.h" |
|
|
void |
int |
kex_ecdh_hash( |
kex_ecdh_hash( |
int hash_alg, |
int hash_alg, |
const EC_GROUP *ec_group, |
const EC_GROUP *ec_group, |
char *client_version_string, |
const char *client_version_string, |
char *server_version_string, |
const char *server_version_string, |
char *ckexinit, int ckexinitlen, |
const u_char *ckexinit, size_t ckexinitlen, |
char *skexinit, int skexinitlen, |
const u_char *skexinit, size_t skexinitlen, |
u_char *serverhostkeyblob, int sbloblen, |
const u_char *serverhostkeyblob, size_t sbloblen, |
const EC_POINT *client_dh_pub, |
const EC_POINT *client_dh_pub, |
const EC_POINT *server_dh_pub, |
const EC_POINT *server_dh_pub, |
const BIGNUM *shared_secret, |
const BIGNUM *shared_secret, |
u_char **hash, u_int *hashlen) |
u_char *hash, size_t *hashlen) |
{ |
{ |
Buffer b; |
struct sshbuf *b; |
static u_char digest[SSH_DIGEST_MAX_LENGTH]; |
int r; |
|
|
buffer_init(&b); |
if (*hashlen < ssh_digest_bytes(hash_alg)) |
buffer_put_cstring(&b, client_version_string); |
return SSH_ERR_INVALID_ARGUMENT; |
buffer_put_cstring(&b, server_version_string); |
if ((b = sshbuf_new()) == NULL) |
|
return SSH_ERR_ALLOC_FAIL; |
/* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ |
if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 || |
buffer_put_int(&b, ckexinitlen+1); |
(r = sshbuf_put_cstring(b, server_version_string)) != 0 || |
buffer_put_char(&b, SSH2_MSG_KEXINIT); |
/* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ |
buffer_append(&b, ckexinit, ckexinitlen); |
(r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 || |
buffer_put_int(&b, skexinitlen+1); |
(r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || |
buffer_put_char(&b, SSH2_MSG_KEXINIT); |
(r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 || |
buffer_append(&b, skexinit, skexinitlen); |
(r = sshbuf_put_u32(b, skexinitlen+1)) != 0 || |
|
(r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || |
buffer_put_string(&b, serverhostkeyblob, sbloblen); |
(r = sshbuf_put(b, skexinit, skexinitlen)) != 0 || |
buffer_put_ecpoint(&b, ec_group, client_dh_pub); |
(r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 || |
buffer_put_ecpoint(&b, ec_group, server_dh_pub); |
(r = sshbuf_put_ec(b, client_dh_pub, ec_group)) != 0 || |
buffer_put_bignum2(&b, shared_secret); |
(r = sshbuf_put_ec(b, server_dh_pub, ec_group)) != 0 || |
|
(r = sshbuf_put_bignum2(b, shared_secret)) != 0) { |
|
sshbuf_free(b); |
|
return r; |
|
} |
#ifdef DEBUG_KEX |
#ifdef DEBUG_KEX |
buffer_dump(&b); |
sshbuf_dump(b, stderr); |
#endif |
#endif |
if (ssh_digest_buffer(hash_alg, &b, digest, sizeof(digest)) != 0) |
if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) { |
fatal("%s: ssh_digest_buffer failed", __func__); |
sshbuf_free(b); |
|
return SSH_ERR_LIBCRYPTO_ERROR; |
buffer_free(&b); |
} |
|
sshbuf_free(b); |
|
*hashlen = ssh_digest_bytes(hash_alg); |
#ifdef DEBUG_KEX |
#ifdef DEBUG_KEX |
dump_digest("hash", digest, ssh_digest_bytes(hash_alg)); |
dump_digest("hash", hash, *hashlen); |
#endif |
#endif |
*hash = digest; |
return 0; |
*hashlen = ssh_digest_bytes(hash_alg); |
|
} |
} |