1262566Sdes/* $OpenBSD: kexdh.c,v 1.24 2014/01/09 23:20:00 djm Exp $ */ 276259Sgreen/* 376259Sgreen * Copyright (c) 2001 Markus Friedl. All rights reserved. 476259Sgreen * 576259Sgreen * Redistribution and use in source and binary forms, with or without 676259Sgreen * modification, are permitted provided that the following conditions 776259Sgreen * are met: 876259Sgreen * 1. Redistributions of source code must retain the above copyright 976259Sgreen * notice, this list of conditions and the following disclaimer. 1076259Sgreen * 2. Redistributions in binary form must reproduce the above copyright 1176259Sgreen * notice, this list of conditions and the following disclaimer in the 1276259Sgreen * documentation and/or other materials provided with the distribution. 1376259Sgreen * 1476259Sgreen * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 1576259Sgreen * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 1676259Sgreen * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 1776259Sgreen * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 1876259Sgreen * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 1976259Sgreen * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 2076259Sgreen * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 2176259Sgreen * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 2276259Sgreen * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 2376259Sgreen * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2476259Sgreen */ 2576259Sgreen 2676259Sgreen#include "includes.h" 2776259Sgreen 28162852Sdes#include <sys/types.h> 29162852Sdes 30162852Sdes#include <signal.h> 31162852Sdes 32113908Sdes#include <openssl/evp.h> 3376259Sgreen 3476259Sgreen#include "buffer.h" 35113908Sdes#include "ssh2.h" 36162852Sdes#include "key.h" 37162852Sdes#include "cipher.h" 3876259Sgreen#include "kex.h" 39262566Sdes#include "digest.h" 40262566Sdes#include "log.h" 4176259Sgreen 42157016Sdesvoid 4376259Sgreenkex_dh_hash( 4476259Sgreen char *client_version_string, 4576259Sgreen char *server_version_string, 4676259Sgreen char *ckexinit, int ckexinitlen, 4776259Sgreen char *skexinit, int skexinitlen, 4892555Sdes u_char *serverhostkeyblob, int sbloblen, 4976259Sgreen BIGNUM *client_dh_pub, 5076259Sgreen BIGNUM *server_dh_pub, 51157016Sdes BIGNUM *shared_secret, 52157016Sdes u_char **hash, u_int *hashlen) 5376259Sgreen{ 5476259Sgreen Buffer b; 55262566Sdes static u_char digest[SSH_DIGEST_MAX_LENGTH]; 5676259Sgreen 5776259Sgreen buffer_init(&b); 5892555Sdes buffer_put_cstring(&b, client_version_string); 5992555Sdes buffer_put_cstring(&b, server_version_string); 6076259Sgreen 6176259Sgreen /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ 6276259Sgreen buffer_put_int(&b, ckexinitlen+1); 6376259Sgreen buffer_put_char(&b, SSH2_MSG_KEXINIT); 6476259Sgreen buffer_append(&b, ckexinit, ckexinitlen); 6576259Sgreen buffer_put_int(&b, skexinitlen+1); 6676259Sgreen buffer_put_char(&b, SSH2_MSG_KEXINIT); 6776259Sgreen buffer_append(&b, skexinit, skexinitlen); 6876259Sgreen 6976259Sgreen buffer_put_string(&b, serverhostkeyblob, sbloblen); 7076259Sgreen buffer_put_bignum2(&b, client_dh_pub); 7176259Sgreen buffer_put_bignum2(&b, server_dh_pub); 7276259Sgreen buffer_put_bignum2(&b, shared_secret); 7376259Sgreen 7476259Sgreen#ifdef DEBUG_KEX 7576259Sgreen buffer_dump(&b); 7676259Sgreen#endif 77262566Sdes if (ssh_digest_buffer(SSH_DIGEST_SHA1, &b, digest, sizeof(digest)) != 0) 78262566Sdes fatal("%s: ssh_digest_buffer failed", __func__); 7976259Sgreen 8076259Sgreen buffer_free(&b); 8176259Sgreen 8276259Sgreen#ifdef DEBUG_KEX 83262566Sdes dump_digest("hash", digest, ssh_digest_bytes(SSH_DIGEST_SHA1)); 8476259Sgreen#endif 85157016Sdes *hash = digest; 86262566Sdes *hashlen = ssh_digest_bytes(SSH_DIGEST_SHA1); 8776259Sgreen} 88