version 1.5.2.2, 2002/03/09 00:20:44 |
version 1.5.2.3, 2002/06/02 22:56:10 |
|
|
#include "dh.h" |
#include "dh.h" |
#include "ssh2.h" |
#include "ssh2.h" |
#include "compat.h" |
#include "compat.h" |
|
#include "monitor_wrap.h" |
|
|
static u_char * |
static u_char * |
kexgex_hash( |
kexgex_hash( |
|
|
{ |
{ |
BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; |
BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; |
Key *server_host_key; |
Key *server_host_key; |
DH *dh = dh; |
DH *dh; |
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; |
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; |
u_int sbloblen, klen, kout, slen; |
u_int sbloblen, klen, kout, slen; |
int min = -1, max = -1, nbits = -1, type; |
int min = -1, max = -1, nbits = -1, type; |
|
|
fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d", |
fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d", |
min, nbits, max); |
min, nbits, max); |
|
|
dh = choose_dh(min, nbits, max); |
/* Contact privileged parent */ |
|
dh = PRIVSEP(choose_dh(min, nbits, max)); |
if (dh == NULL) |
if (dh == NULL) |
packet_disconnect("Protocol error: no matching DH grp found"); |
packet_disconnect("Protocol error: no matching DH grp found"); |
|
|
|
|
|
|
/* sign H */ |
/* sign H */ |
/* XXX hashlen depends on KEX */ |
/* XXX hashlen depends on KEX */ |
key_sign(server_host_key, &signature, &slen, hash, 20); |
PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20)); |
|
|
/* destroy_sensitive_data(); */ |
/* destroy_sensitive_data(); */ |
|
|
|
|
packet_put_bignum2(dh->pub_key); /* f */ |
packet_put_bignum2(dh->pub_key); /* f */ |
packet_put_string(signature, slen); |
packet_put_string(signature, slen); |
packet_send(); |
packet_send(); |
|
|
xfree(signature); |
xfree(signature); |
xfree(server_host_key_blob); |
xfree(server_host_key_blob); |
/* have keys, free DH */ |
/* have keys, free DH */ |