xref: /titanic_50/usr/src/cmd/ssh/libssh/common/kexgex.c (revision 3895f3e681d42b8122c8084f114c0d2f88dd7979)
1 /*
2  * Copyright (c) 2000 Niels Provos.  All rights reserved.
3  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  */
25 
26 #include "includes.h"
27 RCSID("$OpenBSD: kexgex.c,v 1.22 2002/03/24 17:27:03 stevesk Exp $");
28 
29 #pragma ident	"%Z%%M%	%I%	%E% SMI"
30 
31 #include <openssl/bn.h>
32 
33 #include "xmalloc.h"
34 #include "buffer.h"
35 #include "bufaux.h"
36 #include "key.h"
37 #include "kex.h"
38 #include "log.h"
39 #include "packet.h"
40 #include "dh.h"
41 #include "ssh2.h"
42 #include "compat.h"
43 #include "monitor_wrap.h"
44 
45 u_char *
46 kexgex_hash(
47     char *client_version_string,
48     char *server_version_string,
49     char *ckexinit, int ckexinitlen,
50     char *skexinit, int skexinitlen,
51     u_char *serverhostkeyblob, int sbloblen,
52     int min, int wantbits, int max, BIGNUM *prime, BIGNUM *gen,
53     BIGNUM *client_dh_pub,
54     BIGNUM *server_dh_pub,
55     BIGNUM *shared_secret)
56 {
57 	Buffer b;
58 	static u_char digest[EVP_MAX_MD_SIZE];
59 	const EVP_MD *evp_md = EVP_sha1();
60 	EVP_MD_CTX md;
61 
62 	buffer_init(&b);
63 	buffer_put_cstring(&b, client_version_string);
64 	buffer_put_cstring(&b, server_version_string);
65 
66 	/* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
67 	buffer_put_int(&b, ckexinitlen+1);
68 	buffer_put_char(&b, SSH2_MSG_KEXINIT);
69 	buffer_append(&b, ckexinit, ckexinitlen);
70 	buffer_put_int(&b, skexinitlen+1);
71 	buffer_put_char(&b, SSH2_MSG_KEXINIT);
72 	buffer_append(&b, skexinit, skexinitlen);
73 
74 	buffer_put_string(&b, serverhostkeyblob, sbloblen);
75 	if (min == -1 || max == -1)
76 		buffer_put_int(&b, wantbits);
77 	else {
78 		buffer_put_int(&b, min);
79 		buffer_put_int(&b, wantbits);
80 		buffer_put_int(&b, max);
81 	}
82 	buffer_put_bignum2(&b, prime);
83 	buffer_put_bignum2(&b, gen);
84 	buffer_put_bignum2(&b, client_dh_pub);
85 	buffer_put_bignum2(&b, server_dh_pub);
86 	buffer_put_bignum2(&b, shared_secret);
87 
88 #ifdef DEBUG_KEXDH
89 	buffer_dump(&b);
90 #endif
91 	EVP_DigestInit(&md, evp_md);
92 	EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
93 	EVP_DigestFinal(&md, digest, NULL);
94 
95 	buffer_free(&b);
96 
97 #ifdef DEBUG_KEXDH
98 	dump_digest("hash", digest, EVP_MD_size(evp_md));
99 #endif
100 	return digest;
101 }
102