Mercurial > dropbear
comparison svr-kex.c @ 1683:41bf8f216644
merge rsa-sha256
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 26 May 2020 00:24:02 +0800 |
parents | 435cfb9ec96e |
children | 284c3837891c |
comparison
equal
deleted
inserted
replaced
1673:e0871128e61f | 1683:41bf8f216644 |
---|---|
36 #include "runopts.h" | 36 #include "runopts.h" |
37 #include "ecc.h" | 37 #include "ecc.h" |
38 #include "gensignkey.h" | 38 #include "gensignkey.h" |
39 | 39 |
40 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs); | 40 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs); |
41 #if DROPBEAR_EXT_INFO | |
42 static void send_msg_ext_info(void); | |
43 #endif | |
41 | 44 |
42 /* Handle a diffie-hellman key exchange initialisation. This involves | 45 /* Handle a diffie-hellman key exchange initialisation. This involves |
43 * calculating a session key reply value, and corresponding hash. These | 46 * calculating a session key reply value, and corresponding hash. These |
44 * are carried out by send_msg_kexdh_reply(). recv_msg_kexdh_init() calls | 47 * are carried out by send_msg_kexdh_reply(). recv_msg_kexdh_init() calls |
45 * that function, then brings the new keys into use */ | 48 * that function, then brings the new keys into use */ |
46 void recv_msg_kexdh_init() { | 49 void recv_msg_kexdh_init() { |
47 | |
48 DEF_MP_INT(dh_e); | 50 DEF_MP_INT(dh_e); |
49 buffer *ecdh_qs = NULL; | 51 buffer *ecdh_qs = NULL; |
50 | 52 |
51 TRACE(("enter recv_msg_kexdh_init")) | 53 TRACE(("enter recv_msg_kexdh_init")) |
52 if (!ses.kexstate.recvkexinit) { | 54 if (!ses.kexstate.recvkexinit) { |
84 buf_free(ecdh_qs); | 86 buf_free(ecdh_qs); |
85 ecdh_qs = NULL; | 87 ecdh_qs = NULL; |
86 } | 88 } |
87 | 89 |
88 send_msg_newkeys(); | 90 send_msg_newkeys(); |
91 | |
92 #if DROPBEAR_EXT_INFO | |
93 /* Only send it following the first newkeys */ | |
94 if (!ses.kexstate.donesecondkex && ses.allow_ext_info) { | |
95 send_msg_ext_info(); | |
96 } | |
97 #endif | |
98 | |
89 ses.requirenext = SSH_MSG_NEWKEYS; | 99 ses.requirenext = SSH_MSG_NEWKEYS; |
90 TRACE(("leave recv_msg_kexdh_init")) | 100 TRACE(("leave recv_msg_kexdh_init")) |
91 } | 101 } |
92 | 102 |
93 | 103 |
232 #endif | 242 #endif |
233 } | 243 } |
234 | 244 |
235 /* calc the signature */ | 245 /* calc the signature */ |
236 buf_put_sign(ses.writepayload, svr_opts.hostkey, | 246 buf_put_sign(ses.writepayload, svr_opts.hostkey, |
237 ses.newkeys->algo_hostkey, ses.hash); | 247 ses.newkeys->algo_signature, ses.hash); |
238 | 248 |
239 /* the SSH_MSG_KEXDH_REPLY is done */ | 249 /* the SSH_MSG_KEXDH_REPLY is done */ |
240 encrypt_packet(); | 250 encrypt_packet(); |
241 | 251 |
242 TRACE(("leave send_msg_kexdh_reply")) | 252 TRACE(("leave send_msg_kexdh_reply")) |
243 } | 253 } |
244 | 254 |
255 #if DROPBEAR_EXT_INFO | |
256 /* Only used for server-sig-algs on the server side */ | |
257 static void send_msg_ext_info(void) { | |
258 TRACE(("enter send_msg_ext_info")) | |
259 | |
260 buf_putbyte(ses.writepayload, SSH_MSG_EXT_INFO); | |
261 /* nr-extensions */ | |
262 buf_putint(ses.writepayload, 1); | |
263 | |
264 buf_putstring(ses.writepayload, SSH_SERVER_SIG_ALGS, strlen(SSH_SERVER_SIG_ALGS)); | |
265 buf_put_algolist_all(ses.writepayload, sigalgs, 1); | |
266 | |
267 encrypt_packet(); | |
268 | |
269 TRACE(("leave send_msg_ext_info")) | |
270 } | |
271 #endif |