*/
#include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.12 2000/10/11 20:27:23 markus Exp $");
+RCSID("$OpenBSD: kex.c,v 1.17 2001/01/08 21:48:17 markus Exp $");
#include "ssh.h"
#include "ssh2.h"
#include <openssl/pem.h>
#include "kex.h"
+#include "key.h"
#define KEX_COOKIE_LEN 16
kex_init(char *myproposal[PROPOSAL_MAX])
{
int first_kex_packet_follows = 0;
- unsigned char cookie[KEX_COOKIE_LEN];
+ u_char cookie[KEX_COOKIE_LEN];
u_int32_t rand = 0;
int i;
Buffer *ki = xmalloc(sizeof(*ki));
return 0;
}
-DH *
+void
dh_gen_key(DH *dh)
{
int tries = 0;
if (tries++ > 10)
fatal("dh_new_group1: too many bad keys: giving up");
} while (!dh_pub_is_valid(dh, dh->pub_key));
- return dh;
}
DH *
if ((ret = BN_hex2bn(&dh->g, gen)) < 0)
fatal("BN_hex2bn g");
- return (dh_gen_key(dh));
+ return (dh);
}
+/*
+ * This just returns the group, we still need to generate the exchange
+ * value.
+ */
+
DH *
dh_new_group(BIGNUM *gen, BIGNUM *modulus)
{
dh->p = modulus;
dh->g = gen;
- return (dh_gen_key(dh));
+ return (dh);
}
DH *
-dh_new_group1()
+dh_new_group1(void)
{
static char *gen = "2", *group1 =
"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
}
void
-dump_digest(unsigned char *digest, int len)
+dump_digest(u_char *digest, int len)
{
int i;
for (i = 0; i< len; i++){
fprintf(stderr, "\n");
}
-unsigned char *
+u_char *
kex_hash(
char *client_version_string,
char *server_version_string,
BIGNUM *shared_secret)
{
Buffer b;
- static unsigned char digest[EVP_MAX_MD_SIZE];
+ static u_char digest[EVP_MAX_MD_SIZE];
EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
return digest;
}
-unsigned char *
+u_char *
kex_hash_gex(
char *client_version_string,
char *server_version_string,
BIGNUM *shared_secret)
{
Buffer b;
- static unsigned char digest[EVP_MAX_MD_SIZE];
+ static u_char digest[EVP_MAX_MD_SIZE];
EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
return digest;
}
-unsigned char *
-derive_key(int id, int need, char unsigned *hash, BIGNUM *shared_secret)
+u_char *
+derive_key(int id, int need, u_char *hash, BIGNUM *shared_secret)
{
Buffer b;
EVP_MD *evp_md = EVP_sha1();
char c = id;
int have;
int mdsz = evp_md->md_size;
- unsigned char *digest = xmalloc(((need+mdsz-1)/mdsz)*mdsz);
+ u_char *digest = xmalloc(((need+mdsz-1)/mdsz)*mdsz);
buffer_init(&b);
buffer_put_bignum2(&b, shared_secret);
void
choose_hostkeyalg(Kex *k, char *client, char *server)
{
- k->hostkeyalg = get_match(client, server);
- if (k->hostkeyalg == NULL)
+ char *hostkeyalg = get_match(client, server);
+ if (hostkeyalg == NULL)
fatal("no hostkey alg");
- if (strcmp(k->hostkeyalg, KEX_DSS) != 0)
- fatal("bad hostkey alg %s", k->hostkeyalg);
+ k->hostkey_type = key_type_from_name(hostkeyalg);
+ if (k->hostkey_type == KEY_UNSPEC)
+ fatal("bad hostkey alg '%s'", hostkeyalg);
+ xfree(hostkeyalg);
}
Kex *
}
int
-kex_derive_keys(Kex *k, unsigned char *hash, BIGNUM *shared_secret)
+kex_derive_keys(Kex *k, u_char *hash, BIGNUM *shared_secret)
{
int i;
int mode;
int ctos;
- unsigned char *keys[NKEYS];
+ u_char *keys[NKEYS];
for (i = 0; i < NKEYS; i++)
keys[i] = derive_key('A'+i, k->we_need, hash, shared_secret);