- markus@cvs.openbsd.org 2002/03/14 16:38:26
[sshd.c] split out ssh1 session key decryption; ok provos@
This commit is contained in:
parent
5c15958230
commit
abcb145b38
|
@ -12,6 +12,9 @@
|
|||
- markus@cvs.openbsd.org 2002/03/14 15:24:27
|
||||
[sshconnect1.c]
|
||||
don't trust size sent by (rogue) server; noted by s.esser@e-matters.de
|
||||
- markus@cvs.openbsd.org 2002/03/14 16:38:26
|
||||
[sshd.c]
|
||||
split out ssh1 session key decryption; ok provos@
|
||||
|
||||
20020317
|
||||
- (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
|
||||
|
@ -7858,4 +7861,4 @@
|
|||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.1927 2002/03/22 01:08:07 mouring Exp $
|
||||
$Id: ChangeLog,v 1.1928 2002/03/22 01:10:21 mouring Exp $
|
||||
|
|
85
sshd.c
85
sshd.c
|
@ -40,7 +40,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: sshd.c,v 1.228 2002/02/27 21:23:13 stevesk Exp $");
|
||||
RCSID("$OpenBSD: sshd.c,v 1.229 2002/03/14 16:38:26 markus Exp $");
|
||||
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/bn.h>
|
||||
|
@ -1251,6 +1251,50 @@ main(int ac, char **av)
|
|||
exit(0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Decrypt session_key_int using our private server key and private host key
|
||||
* (key with larger modulus first).
|
||||
*/
|
||||
static int
|
||||
ssh1_session_key(BIGNUM *session_key_int)
|
||||
{
|
||||
int rsafail = 0;
|
||||
|
||||
if (BN_cmp(sensitive_data.server_key->rsa->n, sensitive_data.ssh1_host_key->rsa->n) > 0) {
|
||||
/* Server key has bigger modulus. */
|
||||
if (BN_num_bits(sensitive_data.server_key->rsa->n) <
|
||||
BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
|
||||
fatal("do_connection: %s: server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",
|
||||
get_remote_ipaddr(),
|
||||
BN_num_bits(sensitive_data.server_key->rsa->n),
|
||||
BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),
|
||||
SSH_KEY_BITS_RESERVED);
|
||||
}
|
||||
if (rsa_private_decrypt(session_key_int, session_key_int,
|
||||
sensitive_data.server_key->rsa) <= 0)
|
||||
rsafail++;
|
||||
if (rsa_private_decrypt(session_key_int, session_key_int,
|
||||
sensitive_data.ssh1_host_key->rsa) <= 0)
|
||||
rsafail++;
|
||||
} else {
|
||||
/* Host key has bigger modulus (or they are equal). */
|
||||
if (BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) <
|
||||
BN_num_bits(sensitive_data.server_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
|
||||
fatal("do_connection: %s: host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d",
|
||||
get_remote_ipaddr(),
|
||||
BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),
|
||||
BN_num_bits(sensitive_data.server_key->rsa->n),
|
||||
SSH_KEY_BITS_RESERVED);
|
||||
}
|
||||
if (rsa_private_decrypt(session_key_int, session_key_int,
|
||||
sensitive_data.ssh1_host_key->rsa) < 0)
|
||||
rsafail++;
|
||||
if (rsa_private_decrypt(session_key_int, session_key_int,
|
||||
sensitive_data.server_key->rsa) < 0)
|
||||
rsafail++;
|
||||
}
|
||||
return (rsafail);
|
||||
}
|
||||
/*
|
||||
* SSH1 key exchange
|
||||
*/
|
||||
|
@ -1366,43 +1410,8 @@ do_ssh1_kex(void)
|
|||
packet_set_protocol_flags(protocol_flags);
|
||||
packet_check_eom();
|
||||
|
||||
/*
|
||||
* Decrypt it using our private server key and private host key (key
|
||||
* with larger modulus first).
|
||||
*/
|
||||
if (BN_cmp(sensitive_data.server_key->rsa->n, sensitive_data.ssh1_host_key->rsa->n) > 0) {
|
||||
/* Server key has bigger modulus. */
|
||||
if (BN_num_bits(sensitive_data.server_key->rsa->n) <
|
||||
BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
|
||||
fatal("do_connection: %s: server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",
|
||||
get_remote_ipaddr(),
|
||||
BN_num_bits(sensitive_data.server_key->rsa->n),
|
||||
BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),
|
||||
SSH_KEY_BITS_RESERVED);
|
||||
}
|
||||
if (rsa_private_decrypt(session_key_int, session_key_int,
|
||||
sensitive_data.server_key->rsa) <= 0)
|
||||
rsafail++;
|
||||
if (rsa_private_decrypt(session_key_int, session_key_int,
|
||||
sensitive_data.ssh1_host_key->rsa) <= 0)
|
||||
rsafail++;
|
||||
} else {
|
||||
/* Host key has bigger modulus (or they are equal). */
|
||||
if (BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) <
|
||||
BN_num_bits(sensitive_data.server_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
|
||||
fatal("do_connection: %s: host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d",
|
||||
get_remote_ipaddr(),
|
||||
BN_num_bits(sensitive_data.ssh1_host_key->rsa->n),
|
||||
BN_num_bits(sensitive_data.server_key->rsa->n),
|
||||
SSH_KEY_BITS_RESERVED);
|
||||
}
|
||||
if (rsa_private_decrypt(session_key_int, session_key_int,
|
||||
sensitive_data.ssh1_host_key->rsa) < 0)
|
||||
rsafail++;
|
||||
if (rsa_private_decrypt(session_key_int, session_key_int,
|
||||
sensitive_data.server_key->rsa) < 0)
|
||||
rsafail++;
|
||||
}
|
||||
/* Decrypt session_key_int using host/server keys */
|
||||
rsafail = ssh1_session_key(session_key_int);
|
||||
/*
|
||||
* Extract session key from the decrypted integer. The key is in the
|
||||
* least significant 256 bits of the integer; the first byte of the
|
||||
|
|
Loading…
Reference in New Issue