Mercurial > dropbear
diff svr-kex.c @ 26:0969767bca0d
snapshot of stuff
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Mon, 26 Jul 2004 02:44:20 +0000 |
| parents | 469950e86d0f |
| children | e3adf4cf5465 |
line wrap: on
line diff
--- a/svr-kex.c Tue Jul 20 12:06:37 2004 +0000 +++ b/svr-kex.c Mon Jul 26 02:44:20 2004 +0000 @@ -70,87 +70,15 @@ * See the ietf-secsh-transport draft, section 6, for details */ static void send_msg_kexdh_reply(mp_int *dh_e) { - mp_int dh_p, dh_q, dh_g, dh_y, dh_f; - unsigned char randbuf[DH_P_LEN]; - int dh_q_len; - hash_state hs; + mp_int dh_y, dh_f; TRACE(("enter send_msg_kexdh_reply")); - m_mp_init_multi(&dh_g, &dh_p, &dh_q, &dh_y, &dh_f, NULL); - - /* read the prime and generator*/ - if (mp_read_unsigned_bin(&dh_p, (unsigned char*)dh_p_val, DH_P_LEN) - != MP_OKAY) { - dropbear_exit("Diffie-Hellman error"); - } - - if (mp_set_int(&dh_g, DH_G_VAL) != MP_OKAY) { - dropbear_exit("Diffie-Hellman error"); - } - - /* calculate q = (p-1)/2 */ - if (mp_sub_d(&dh_p, 1, &dh_y) != MP_OKAY) { /*dh_y is just a temp var here*/ - dropbear_exit("Diffie-Hellman error"); - } - if (mp_div_2(&dh_y, &dh_q) != MP_OKAY) { - dropbear_exit("Diffie-Hellman error"); - } - - dh_q_len = mp_unsigned_bin_size(&dh_q); - - /* calculate our random value dh_y */ - do { - assert((unsigned int)dh_q_len <= sizeof(randbuf)); - genrandom(randbuf, dh_q_len); - if (mp_read_unsigned_bin(&dh_y, randbuf, dh_q_len) != MP_OKAY) { - dropbear_exit("Diffie-Hellman error"); - } - } while (mp_cmp(&dh_y, &dh_q) == MP_GT || mp_cmp_d(&dh_y, 0) != MP_GT); - - /* f = g^y mod p */ - if (mp_exptmod(&dh_g, &dh_y, &dh_p, &dh_f) != MP_OKAY) { - dropbear_exit("Diffie-Hellman error"); - } - mp_clear(&dh_g); + gen_kexdh_vals(&dh_f, &dh_y); - /* K = e^y mod p */ - ses.dh_K = (mp_int*)m_malloc(sizeof(mp_int)); - m_mp_init(ses.dh_K); - if (mp_exptmod(dh_e, &dh_y, &dh_p, ses.dh_K) != MP_OKAY) { - dropbear_exit("Diffie-Hellman error"); - } - - /* clear no longer needed vars */ - mp_clear_multi(&dh_y, &dh_p, &dh_q, NULL); + kexdh_comb_key(&dh_f, &dh_y, dh_e, svr_opts.hostkey); + mp_clear(&dh_y); - /* Create the remainder of the hash buffer, to generate the exchange hash */ - /* K_S, the host key */ - buf_put_pub_key(ses.kexhashbuf, svr_opts.hostkey, - ses.newkeys->algo_hostkey); - /* e, exchange value sent by the client */ - buf_putmpint(ses.kexhashbuf, dh_e); - /* f, exchange value sent by the server */ - buf_putmpint(ses.kexhashbuf, &dh_f); - /* K, the shared secret */ - buf_putmpint(ses.kexhashbuf, ses.dh_K); - - /* calculate the hash H to sign */ - sha1_init(&hs); - buf_setpos(ses.kexhashbuf, 0); - sha1_process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len), - ses.kexhashbuf->len); - sha1_done(&hs, ses.hash); - buf_free(ses.kexhashbuf); - ses.kexhashbuf = NULL; - - /* first time around, we set the session_id to H */ - if (ses.session_id == NULL) { - /* create the session_id, this never needs freeing */ - ses.session_id = (unsigned char*)m_malloc(SHA1_HASH_SIZE); - memcpy(ses.session_id, ses.hash, SHA1_HASH_SIZE); - } - /* we can start creating the kexdh_reply packet */ CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_REPLY); @@ -171,105 +99,3 @@ TRACE(("leave send_msg_kexdh_reply")); } -/* read the client's choice of algorithms */ -void svr_read_kex() { - - algo_type * algo; - char * erralgo = NULL; - - int goodguess = 0; - int allgood = 1; /* we AND this with each goodguess and see if its still - true after */ - - buf_incrpos(ses.payload, 16); /* start after the cookie */ - - ses.newkeys = (struct key_context*)m_malloc(sizeof(struct key_context)); - - /* kex_algorithms */ - algo = svr_buf_match_algo(ses.payload, sshkex, &goodguess); - allgood &= goodguess; - if (algo == NULL) { - erralgo = "kex"; - goto error; - } - ses.newkeys->algo_kex = algo->val; - - /* server_host_key_algorithms */ - algo = svr_buf_match_algo(ses.payload, sshhostkey, &goodguess); - allgood &= goodguess; - if (algo == NULL) { - erralgo = "hostkey"; - goto error; - } - ses.newkeys->algo_hostkey = algo->val; - - /* encryption_algorithms_client_to_server */ - algo = svr_buf_match_algo(ses.payload, sshciphers, &goodguess); - if (algo == NULL) { - erralgo = "enc c->s"; - goto error; - } - ses.newkeys->recv_algo_crypt = (struct dropbear_cipher*)algo->data; - - /* encryption_algorithms_server_to_client */ - algo = svr_buf_match_algo(ses.payload, sshciphers, &goodguess); - if (algo == NULL) { - erralgo = "enc s->c"; - goto error; - } - ses.newkeys->trans_algo_crypt = (struct dropbear_cipher*)algo->data; - - /* mac_algorithms_client_to_server */ - algo = svr_buf_match_algo(ses.payload, sshhashes, &goodguess); - if (algo == NULL) { - erralgo = "mac c->s"; - goto error; - } - ses.newkeys->recv_algo_mac = (struct dropbear_hash*)algo->data; - - /* mac_algorithms_server_to_client */ - algo = svr_buf_match_algo(ses.payload, sshhashes, &goodguess); - if (algo == NULL) { - erralgo = "mac s->c"; - goto error; - } - ses.newkeys->trans_algo_mac = (struct dropbear_hash*)algo->data; - - /* compression_algorithms_client_to_server */ - algo = svr_buf_match_algo(ses.payload, sshcompress, &goodguess); - if (algo == NULL) { - erralgo = "comp c->s"; - goto error; - } - ses.newkeys->recv_algo_comp = algo->val; - - /* compression_algorithms_server_to_client */ - algo = svr_buf_match_algo(ses.payload, sshcompress, &goodguess); - if (algo == NULL) { - erralgo = "comp s->c"; - goto error; - } - ses.newkeys->trans_algo_comp = algo->val; - - /* languages_client_to_server */ - buf_eatstring(ses.payload); - - /* languages_server_to_client */ - buf_eatstring(ses.payload); - - /* first_kex_packet_follows */ - if (buf_getbyte(ses.payload)) { - ses.kexstate.firstfollows = 1; - /* if the guess wasn't good, we ignore the packet sent */ - if (!allgood) { - ses.ignorenext = 1; - } - } - - /* reserved for future extensions */ - buf_getint(ses.payload); - return; - -error: - dropbear_exit("no matching algo %s", erralgo); -}