| version 1.168, 2001/02/19 23:09:05 |
version 1.169, 2001/02/23 18:15:13 |
|
|
| Key **host_keys; /* all private host keys */ |
Key **host_keys; /* all private host keys */ |
| int have_ssh1_key; |
int have_ssh1_key; |
| int have_ssh2_key; |
int have_ssh2_key; |
| |
u_char ssh1_cookie[SSH_SESSION_KEY_LENGTH]; |
| } sensitive_data; |
} sensitive_data; |
| |
|
| /* |
/* |
|
|
| void |
void |
| generate_empheral_server_key(void) |
generate_empheral_server_key(void) |
| { |
{ |
| |
u_int32_t rand = 0; |
| |
int i; |
| |
|
| log("Generating %s%d bit RSA key.", sensitive_data.server_key ? "new " : "", |
log("Generating %s%d bit RSA key.", sensitive_data.server_key ? "new " : "", |
| options.server_key_bits); |
options.server_key_bits); |
| if (sensitive_data.server_key != NULL) |
if (sensitive_data.server_key != NULL) |
| key_free(sensitive_data.server_key); |
key_free(sensitive_data.server_key); |
| sensitive_data.server_key = key_generate(KEY_RSA1, options.server_key_bits); |
sensitive_data.server_key = key_generate(KEY_RSA1, options.server_key_bits); |
| arc4random_stir(); |
|
| log("RSA key generation complete."); |
log("RSA key generation complete."); |
| |
|
| |
for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) { |
| |
if (i % 4 == 0) |
| |
rand = arc4random(); |
| |
sensitive_data.ssh1_cookie[i] = rand & 0xff; |
| |
rand >>= 8; |
| |
} |
| |
arc4random_stir(); |
| } |
} |
| |
|
| void |
void |
|
|
| } |
} |
| } |
} |
| sensitive_data.ssh1_host_key = NULL; |
sensitive_data.ssh1_host_key = NULL; |
| |
memset(sensitive_data.ssh1_cookie, 0, SSH_SESSION_KEY_LENGTH); |
| } |
} |
| Key * |
Key * |
| load_private_key_autodetect(const char *filename) |
load_private_key_autodetect(const char *filename) |
|
|
| sensitive_data.server_key->rsa) < 0) |
sensitive_data.server_key->rsa) < 0) |
| rsafail++; |
rsafail++; |
| } |
} |
| |
|
| compute_session_id(session_id, cookie, |
|
| sensitive_data.ssh1_host_key->rsa->n, |
|
| sensitive_data.server_key->rsa->n); |
|
| |
|
| /* Destroy the private and public keys. They will no longer be needed. */ |
|
| destroy_sensitive_data(); |
|
| |
|
| /* |
/* |
| * Extract session key from the decrypted integer. The key is in the |
* Extract session key from the decrypted integer. The key is in the |
| * least significant 256 bits of the integer; the first byte of the |
* least significant 256 bits of the integer; the first byte of the |
|
|
| memset(session_key, 0, sizeof(session_key)); |
memset(session_key, 0, sizeof(session_key)); |
| BN_bn2bin(session_key_int, |
BN_bn2bin(session_key_int, |
| session_key + sizeof(session_key) - len); |
session_key + sizeof(session_key) - len); |
| |
|
| |
compute_session_id(session_id, cookie, |
| |
sensitive_data.ssh1_host_key->rsa->n, |
| |
sensitive_data.server_key->rsa->n); |
| |
/* |
| |
* Xor the first 16 bytes of the session key with the |
| |
* session id. |
| |
*/ |
| |
for (i = 0; i < 16; i++) |
| |
session_key[i] ^= session_id[i]; |
| } |
} |
| } |
} |
| if (rsafail) { |
if (rsafail) { |
| |
int bytes = BN_num_bytes(session_key_int); |
| |
char *buf = xmalloc(bytes); |
| |
MD5_CTX md; |
| |
|
| log("do_connection: generating a fake encryption key"); |
log("do_connection: generating a fake encryption key"); |
| for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) { |
BN_bn2bin(session_key_int, buf); |
| if (i % 4 == 0) |
MD5_Init(&md); |
| rand = arc4random(); |
MD5_Update(&md, buf, bytes); |
| session_key[i] = rand & 0xff; |
MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH); |
| rand >>= 8; |
MD5_Final(session_key, &md); |
| } |
MD5_Init(&md); |
| |
MD5_Update(&md, session_key, 16); |
| |
MD5_Update(&md, buf, bytes); |
| |
MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH); |
| |
MD5_Final(session_key + 16, &md); |
| |
memset(buf, 0, bytes); |
| |
xfree(buf); |
| } |
} |
| |
/* Destroy the private and public keys. They will no longer be needed. */ |
| |
destroy_sensitive_data(); |
| |
|
| /* Destroy the decrypted integer. It is no longer needed. */ |
/* Destroy the decrypted integer. It is no longer needed. */ |
| BN_clear_free(session_key_int); |
BN_clear_free(session_key_int); |
| |
|
| /* Xor the first 16 bytes of the session key with the session id. */ |
|
| for (i = 0; i < 16; i++) |
|
| session_key[i] ^= session_id[i]; |
|
| |
|
| /* Set the session key. From this on all communications will be encrypted. */ |
/* Set the session key. From this on all communications will be encrypted. */ |
| packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, cipher_type); |
packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, cipher_type); |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh