Mercurial > dropbear
comparison cli-kex.c @ 1674:ba6fc7afe1c5
use sigtype where appropriate
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Mon, 06 Apr 2020 23:18:26 +0800 |
| parents | d32bcb5c557d |
| children | d5cdc60db08e |
comparison
equal
deleted
inserted
replaced
| 1668:49cb3cf4bd6f | 1674:ba6fc7afe1c5 |
|---|---|
| 92 | 92 |
| 93 /* Handle a diffie-hellman key exchange reply. */ | 93 /* Handle a diffie-hellman key exchange reply. */ |
| 94 void recv_msg_kexdh_reply() { | 94 void recv_msg_kexdh_reply() { |
| 95 | 95 |
| 96 sign_key *hostkey = NULL; | 96 sign_key *hostkey = NULL; |
| 97 unsigned int type, keybloblen; | 97 unsigned int keytype, keybloblen; |
| 98 unsigned char* keyblob = NULL; | 98 unsigned char* keyblob = NULL; |
| 99 | 99 |
| 100 TRACE(("enter recv_msg_kexdh_reply")) | 100 TRACE(("enter recv_msg_kexdh_reply")) |
| 101 | 101 |
| 102 if (cli_ses.kex_state != KEXDH_INIT_SENT) { | 102 if (cli_ses.kex_state != KEXDH_INIT_SENT) { |
| 103 dropbear_exit("Received out-of-order kexdhreply"); | 103 dropbear_exit("Received out-of-order kexdhreply"); |
| 104 } | 104 } |
| 105 type = ses.newkeys->algo_hostkey; | 105 keytype = ses.newkeys->algo_hostkey; |
| 106 TRACE(("type is %d", type)) | 106 TRACE(("keytype is %d", keytype)) |
| 107 | 107 |
| 108 hostkey = new_sign_key(); | 108 hostkey = new_sign_key(); |
| 109 keybloblen = buf_getint(ses.payload); | 109 keybloblen = buf_getint(ses.payload); |
| 110 | 110 |
| 111 keyblob = buf_getptr(ses.payload, keybloblen); | 111 keyblob = buf_getptr(ses.payload, keybloblen); |
| 112 if (!ses.kexstate.donefirstkex) { | 112 if (!ses.kexstate.donefirstkex) { |
| 113 /* Only makes sense the first time */ | 113 /* Only makes sense the first time */ |
| 114 checkhostkey(keyblob, keybloblen); | 114 checkhostkey(keyblob, keybloblen); |
| 115 } | 115 } |
| 116 | 116 |
| 117 if (buf_get_pub_key(ses.payload, hostkey, &type) != DROPBEAR_SUCCESS) { | 117 if (buf_get_pub_key(ses.payload, hostkey, &keytype) != DROPBEAR_SUCCESS) { |
| 118 TRACE(("failed getting pubkey")) | 118 TRACE(("failed getting pubkey")) |
| 119 dropbear_exit("Bad KEX packet"); | 119 dropbear_exit("Bad KEX packet"); |
| 120 } | 120 } |
| 121 | 121 |
| 122 switch (ses.newkeys->algo_kex->mode) { | 122 switch (ses.newkeys->algo_kex->mode) { |
| 171 cli_ses.curve25519_param = NULL; | 171 cli_ses.curve25519_param = NULL; |
| 172 } | 172 } |
| 173 #endif | 173 #endif |
| 174 | 174 |
| 175 cli_ses.param_kex_algo = NULL; | 175 cli_ses.param_kex_algo = NULL; |
| 176 if (buf_verify(ses.payload, hostkey, ses.hash) != DROPBEAR_SUCCESS) { | 176 if (buf_verify(ses.payload, hostkey, ses.newkeys->algo_signature, |
| 177 ses.hash) != DROPBEAR_SUCCESS) { | |
| 177 dropbear_exit("Bad hostkey signature"); | 178 dropbear_exit("Bad hostkey signature"); |
| 178 } | 179 } |
| 179 | 180 |
| 180 sign_key_free(hostkey); | 181 sign_key_free(hostkey); |
| 181 hostkey = NULL; | 182 hostkey = NULL; |