version 1.24, 1999/10/27 16:37:46 |
version 1.25, 1999/11/02 19:42:36 |
|
|
/* Compute the response. */ |
/* Compute the response. */ |
/* The response is MD5 of decrypted challenge plus session id. */ |
/* The response is MD5 of decrypted challenge plus session id. */ |
len = BN_num_bytes(challenge); |
len = BN_num_bytes(challenge); |
assert(len <= sizeof(buf) && len); |
if (len <= 0 || len > sizeof(buf)) |
|
packet_disconnect("respond_to_rsa_challenge: bad challenge length %d", |
|
len); |
|
|
memset(buf, 0, sizeof(buf)); |
memset(buf, 0, sizeof(buf)); |
BN_bn2bin(challenge, buf + sizeof(buf) - len); |
BN_bn2bin(challenge, buf + sizeof(buf) - len); |
MD5_Init(&md); |
MD5_Init(&md); |
|
|
if (BN_cmp(public_key->n, host_key->n) < 0) |
if (BN_cmp(public_key->n, host_key->n) < 0) |
{ |
{ |
/* Public key has smaller modulus. */ |
/* Public key has smaller modulus. */ |
assert(BN_num_bits(host_key->n) >= |
if (BN_num_bits(host_key->n) < |
BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED); |
BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED) { |
|
fatal("respond_to_rsa_challenge: host_key %d < public_key %d + " |
|
"SSH_KEY_BITS_RESERVED %d", |
|
BN_num_bits(host_key->n), |
|
BN_num_bits(public_key->n), |
|
SSH_KEY_BITS_RESERVED); |
|
} |
|
|
rsa_public_encrypt(key, key, public_key); |
rsa_public_encrypt(key, key, public_key); |
rsa_public_encrypt(key, key, host_key); |
rsa_public_encrypt(key, key, host_key); |
|
|
else |
else |
{ |
{ |
/* Host key has smaller modulus (or they are equal). */ |
/* Host key has smaller modulus (or they are equal). */ |
assert(BN_num_bits(public_key->n) >= |
if (BN_num_bits(public_key->n) < |
BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED); |
BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED) { |
|
fatal("respond_to_rsa_challenge: public_key %d < host_key %d + " |
|
"SSH_KEY_BITS_RESERVED %d", |
|
BN_num_bits(public_key->n), |
|
BN_num_bits(host_key->n), |
|
SSH_KEY_BITS_RESERVED); |
|
} |
|
|
rsa_public_encrypt(key, key, host_key); |
rsa_public_encrypt(key, key, host_key); |
rsa_public_encrypt(key, key, public_key); |
rsa_public_encrypt(key, key, public_key); |