|
Packit Service |
31306d |
/*
|
|
Packit Service |
31306d |
* dh-int.c - Diffie-Helman algorithm code against SSH 2
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* This file is part of the SSH Library
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* Copyright (c) 2003-2018 by Aris Adamantiadis
|
|
Packit Service |
31306d |
* Copyright (c) 2009-2013 by Andreas Schneider <asn@cryptomilk.org>
|
|
Packit Service |
31306d |
* Copyright (c) 2012 by Dmitriy Kuznetsov <dk@yandex.ru>
|
|
Packit Service |
31306d |
* Copyright (c) 2019 by Simo Sorce <simo@redhat.com>
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* The SSH Library is free software; you can redistribute it and/or modify
|
|
Packit Service |
31306d |
* it under the terms of the GNU Lesser General Public License as published by
|
|
Packit Service |
31306d |
* the Free Software Foundation; either version 2.1 of the License, or (at your
|
|
Packit Service |
31306d |
* option) any later version.
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* The SSH Library is distributed in the hope that it will be useful, but
|
|
Packit Service |
31306d |
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
Packit Service |
31306d |
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
|
|
Packit Service |
31306d |
* License for more details.
|
|
Packit Service |
31306d |
*
|
|
Packit Service |
31306d |
* You should have received a copy of the GNU Lesser General Public License
|
|
Packit Service |
31306d |
* along with the SSH Library; see the file COPYING. If not, write to
|
|
Packit Service |
31306d |
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
|
|
Packit Service |
31306d |
* MA 02111-1307, USA.
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#include "config.h"
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
#include "libssh/priv.h"
|
|
Packit Service |
31306d |
#include "libssh/crypto.h"
|
|
Packit Service |
31306d |
#include "libssh/buffer.h"
|
|
Packit Service |
31306d |
#include "libssh/session.h"
|
|
Packit Service |
31306d |
#include "libssh/misc.h"
|
|
Packit Service |
31306d |
#include "libssh/dh.h"
|
|
Packit Service |
31306d |
#include "libssh/ssh2.h"
|
|
Packit Service |
31306d |
#include "libssh/pki.h"
|
|
Packit Service |
31306d |
#include "libssh/bignum.h"
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
extern bignum ssh_dh_generator;
|
|
Packit Service |
31306d |
extern bignum ssh_dh_group1;
|
|
Packit Service |
31306d |
extern bignum ssh_dh_group14;
|
|
Packit Service |
31306d |
extern bignum ssh_dh_group16;
|
|
Packit Service |
31306d |
extern bignum ssh_dh_group18;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/*
|
|
Packit Service |
31306d |
* How many bits of security we want for fast DH. DH private key size must be
|
|
Packit Service |
31306d |
* twice that size.
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
#define DH_SECURITY_BITS 512
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
struct dh_keypair {
|
|
Packit Service |
31306d |
bignum priv_key;
|
|
Packit Service |
31306d |
bignum pub_key;
|
|
Packit Service |
31306d |
};
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
struct dh_ctx {
|
|
Packit Service |
31306d |
/* 0 is client, 1 is server */
|
|
Packit Service |
31306d |
struct dh_keypair keypair[2];
|
|
Packit Service |
31306d |
bignum generator;
|
|
Packit Service |
31306d |
bignum modulus;
|
|
Packit Service |
31306d |
};
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void ssh_dh_debug_crypto(struct ssh_crypto_struct *c)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
#ifdef DEBUG_CRYPTO
|
|
Packit Service |
31306d |
const_bignum x = NULL, y = NULL, e = NULL, f = NULL;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
ssh_dh_keypair_get_keys(c->dh_ctx, DH_CLIENT_KEYPAIR, &x, &e);
|
|
Packit Service |
31306d |
ssh_dh_keypair_get_keys(c->dh_ctx, DH_SERVER_KEYPAIR, &y, &f);
|
|
Packit Service |
31306d |
ssh_print_bignum("p", c->dh_ctx->modulus);
|
|
Packit Service |
31306d |
ssh_print_bignum("g", c->dh_ctx->generator);
|
|
Packit Service |
31306d |
ssh_print_bignum("x", x);
|
|
Packit Service |
31306d |
ssh_print_bignum("y", y);
|
|
Packit Service |
31306d |
ssh_print_bignum("e", e);
|
|
Packit Service |
31306d |
ssh_print_bignum("f", f);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
ssh_log_hexdump("Session server cookie", c->server_kex.cookie, 16);
|
|
Packit Service |
31306d |
ssh_log_hexdump("Session client cookie", c->client_kex.cookie, 16);
|
|
Packit Service |
31306d |
ssh_print_bignum("k", c->shared_secret);
|
|
Packit Service |
31306d |
#else
|
|
Packit Service |
31306d |
(void)c; /* UNUSED_PARAM */
|
|
Packit Service |
31306d |
#endif
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static void ssh_dh_free_modulus(struct dh_ctx *ctx)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
if ((ctx->modulus != ssh_dh_group1) &&
|
|
Packit Service |
31306d |
(ctx->modulus != ssh_dh_group14) &&
|
|
Packit Service |
31306d |
(ctx->modulus != ssh_dh_group16) &&
|
|
Packit Service |
31306d |
(ctx->modulus != ssh_dh_group18)) {
|
|
Packit Service |
31306d |
bignum_safe_free(ctx->modulus);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
ctx->modulus = NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static void ssh_dh_free_generator(struct dh_ctx *ctx)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
if (ctx->generator != ssh_dh_generator) {
|
|
Packit Service |
31306d |
bignum_safe_free(ctx->generator);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static void ssh_dh_free_dh_keypair(struct dh_keypair *keypair)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
bignum_safe_free(keypair->priv_key);
|
|
Packit Service |
31306d |
bignum_safe_free(keypair->pub_key);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
static int ssh_dh_init_dh_keypair(struct dh_keypair *keypair)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
keypair->priv_key = bignum_new();
|
|
Packit Service |
31306d |
if (keypair->priv_key == NULL) {
|
|
Packit Service |
31306d |
rc = SSH_ERROR;
|
|
Packit Service |
31306d |
goto done;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
keypair->pub_key = bignum_new();
|
|
Packit Service |
31306d |
if (keypair->pub_key == NULL) {
|
|
Packit Service |
31306d |
rc = SSH_ERROR;
|
|
Packit Service |
31306d |
goto done;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
rc = SSH_OK;
|
|
Packit Service |
31306d |
done:
|
|
Packit Service |
31306d |
if (rc != SSH_OK) {
|
|
Packit Service |
31306d |
ssh_dh_free_dh_keypair(keypair);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return rc;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
int ssh_dh_keypair_get_keys(struct dh_ctx *ctx, int peer,
|
|
Packit Service |
31306d |
const_bignum *priv, const_bignum *pub)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
if (((peer != DH_CLIENT_KEYPAIR) && (peer != DH_SERVER_KEYPAIR)) ||
|
|
Packit Service |
31306d |
((priv == NULL) && (pub == NULL)) || (ctx == NULL)) {
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (priv) {
|
|
Packit Service |
31306d |
/* check that we have something in it */
|
|
Packit Service |
31306d |
if (bignum_num_bits(ctx->keypair[peer].priv_key)) {
|
|
Packit Service |
31306d |
*priv = ctx->keypair[peer].priv_key;
|
|
Packit Service |
31306d |
} else {
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (pub) {
|
|
Packit Service |
31306d |
/* check that we have something in it */
|
|
Packit Service |
31306d |
if (bignum_num_bits(ctx->keypair[peer].pub_key)) {
|
|
Packit Service |
31306d |
*pub = ctx->keypair[peer].pub_key;
|
|
Packit Service |
31306d |
} else {
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
int ssh_dh_keypair_set_keys(struct dh_ctx *ctx, int peer,
|
|
Packit Service |
31306d |
bignum priv, bignum pub)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
if (((peer != DH_CLIENT_KEYPAIR) && (peer != DH_SERVER_KEYPAIR)) ||
|
|
Packit Service |
31306d |
((priv == NULL) && (pub == NULL)) || (ctx == NULL)) {
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (priv) {
|
|
Packit Service |
31306d |
bignum_safe_free(ctx->keypair[peer].priv_key);
|
|
Packit Service |
31306d |
ctx->keypair[peer].priv_key = priv;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
if (pub) {
|
|
Packit Service |
31306d |
bignum_safe_free(ctx->keypair[peer].pub_key);
|
|
Packit Service |
31306d |
ctx->keypair[peer].pub_key = pub;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
int ssh_dh_get_parameters(struct dh_ctx *ctx,
|
|
Packit Service |
31306d |
const_bignum *modulus, const_bignum *generator)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
if (ctx == NULL) {
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
if (modulus) {
|
|
Packit Service |
31306d |
*modulus = ctx->modulus;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
if (generator) {
|
|
Packit Service |
31306d |
*generator = ctx->generator;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
int ssh_dh_set_parameters(struct dh_ctx *ctx,
|
|
Packit Service |
31306d |
bignum modulus, bignum generator)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if ((ctx == NULL) || ((modulus == NULL) && (generator == NULL))) {
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
/* when setting modulus or generator,
|
|
Packit Service |
31306d |
* make sure to invalidate existing keys */
|
|
Packit Service |
31306d |
ssh_dh_free_dh_keypair(&ctx->keypair[DH_CLIENT_KEYPAIR]);
|
|
Packit Service |
31306d |
ssh_dh_free_dh_keypair(&ctx->keypair[DH_SERVER_KEYPAIR]);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
rc = ssh_dh_init_dh_keypair(&ctx->keypair[DH_CLIENT_KEYPAIR]);
|
|
Packit Service |
31306d |
if (rc != SSH_OK) {
|
|
Packit Service |
31306d |
goto done;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
rc = ssh_dh_init_dh_keypair(&ctx->keypair[DH_SERVER_KEYPAIR]);
|
|
Packit Service |
31306d |
if (rc != SSH_OK) {
|
|
Packit Service |
31306d |
goto done;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (modulus) {
|
|
Packit Service |
31306d |
ssh_dh_free_modulus(ctx);
|
|
Packit Service |
31306d |
ctx->modulus = modulus;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
if (generator) {
|
|
Packit Service |
31306d |
ssh_dh_free_generator(ctx);
|
|
Packit Service |
31306d |
ctx->generator = generator;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
done:
|
|
Packit Service |
31306d |
return rc;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/**
|
|
Packit Service |
31306d |
* @internal
|
|
Packit Service |
31306d |
* @brief allocate and initialize ephemeral values used in dh kex
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
int ssh_dh_init_common(struct ssh_crypto_struct *crypto)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
struct dh_ctx *ctx = NULL;
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
ctx = calloc(1, sizeof(*ctx));
|
|
Packit Service |
31306d |
if (ctx == NULL) {
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
switch (crypto->kex_type) {
|
|
Packit Service |
31306d |
case SSH_KEX_DH_GROUP1_SHA1:
|
|
Packit Service |
31306d |
rc = ssh_dh_set_parameters(ctx, ssh_dh_group1, ssh_dh_generator);
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_KEX_DH_GROUP14_SHA1:
|
|
Packit Service |
31306d |
case SSH_KEX_DH_GROUP14_SHA256:
|
|
Packit Service |
31306d |
rc = ssh_dh_set_parameters(ctx, ssh_dh_group14, ssh_dh_generator);
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_KEX_DH_GROUP16_SHA512:
|
|
Packit Service |
31306d |
rc = ssh_dh_set_parameters(ctx, ssh_dh_group16, ssh_dh_generator);
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
case SSH_KEX_DH_GROUP18_SHA512:
|
|
Packit Service |
31306d |
rc = ssh_dh_set_parameters(ctx, ssh_dh_group18, ssh_dh_generator);
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
default:
|
|
Packit Service |
31306d |
rc = SSH_OK;
|
|
Packit Service |
31306d |
break;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
crypto->dh_ctx = ctx;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (rc != SSH_OK) {
|
|
Packit Service |
31306d |
ssh_dh_cleanup(crypto);
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return rc;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
void ssh_dh_cleanup(struct ssh_crypto_struct *crypto)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
struct dh_ctx *ctx = crypto->dh_ctx;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (ctx == NULL) {
|
|
Packit Service |
31306d |
return;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
ssh_dh_free_dh_keypair(&ctx->keypair[DH_CLIENT_KEYPAIR]);
|
|
Packit Service |
31306d |
ssh_dh_free_dh_keypair(&ctx->keypair[DH_SERVER_KEYPAIR]);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
ssh_dh_free_modulus(ctx);
|
|
Packit Service |
31306d |
ssh_dh_free_generator(ctx);
|
|
Packit Service |
31306d |
free(ctx);
|
|
Packit Service |
31306d |
crypto->dh_ctx = NULL;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/** @internal
|
|
Packit Service |
31306d |
* @brief generates a secret DH parameter of at least DH_SECURITY_BITS
|
|
Packit Service |
31306d |
* security as well as the corresponding public key.
|
|
Packit Service |
31306d |
* @param[out] parms a dh_kex paramters structure with preallocated bignum
|
|
Packit Service |
31306d |
* where to store the parameters
|
|
Packit Service |
31306d |
* @return SSH_OK on success, SSH_ERROR on error
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
int ssh_dh_keypair_gen_keys(struct dh_ctx *dh_ctx, int peer)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
bignum tmp = NULL;
|
|
Packit Service |
31306d |
bignum_CTX ctx = NULL;
|
|
Packit Service |
31306d |
int rc = 0;
|
|
Packit Service |
31306d |
int bits = 0;
|
|
Packit Service |
31306d |
int p_bits = 0;
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
ctx = bignum_ctx_new();
|
|
Packit Service |
31306d |
if (bignum_ctx_invalid(ctx)){
|
|
Packit Service |
31306d |
goto error;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
tmp = bignum_new();
|
|
Packit Service |
31306d |
if (tmp == NULL) {
|
|
Packit Service |
31306d |
goto error;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
p_bits = bignum_num_bits(dh_ctx->modulus);
|
|
Packit Service |
31306d |
/* we need at most DH_SECURITY_BITS */
|
|
Packit Service |
31306d |
bits = MIN(DH_SECURITY_BITS * 2, p_bits);
|
|
Packit Service |
31306d |
/* ensure we're not too close of p so rnd()%p stays uniform */
|
|
Packit Service |
31306d |
if (bits <= p_bits && bits + 64 > p_bits) {
|
|
Packit Service |
31306d |
bits += 64;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
rc = bignum_rand(tmp, bits);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
goto error;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
rc = bignum_mod(dh_ctx->keypair[peer].priv_key, tmp, dh_ctx->modulus, ctx);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
goto error;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
/* Now compute the corresponding public key */
|
|
Packit Service |
31306d |
rc = bignum_mod_exp(dh_ctx->keypair[peer].pub_key, dh_ctx->generator,
|
|
Packit Service |
31306d |
dh_ctx->keypair[peer].priv_key, dh_ctx->modulus, ctx);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
goto error;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
bignum_safe_free(tmp);
|
|
Packit Service |
31306d |
bignum_ctx_free(ctx);
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
error:
|
|
Packit Service |
31306d |
bignum_safe_free(tmp);
|
|
Packit Service |
31306d |
bignum_ctx_free(ctx);
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
/** @internal
|
|
Packit Service |
31306d |
* @brief generates a shared secret between the local peer and the remote peer
|
|
Packit Service |
31306d |
* @param[in] local peer identifier
|
|
Packit Service |
31306d |
* @param[in] remote peer identifier
|
|
Packit Service |
31306d |
* @param[out] dest a preallocated bignum where to store parameter
|
|
Packit Service |
31306d |
* @return SSH_OK on success, SSH_ERROR on error
|
|
Packit Service |
31306d |
*/
|
|
Packit Service |
31306d |
int ssh_dh_compute_shared_secret(struct dh_ctx *dh_ctx, int local, int remote,
|
|
Packit Service |
31306d |
bignum *dest)
|
|
Packit Service |
31306d |
{
|
|
Packit Service |
31306d |
int rc;
|
|
Packit Service |
31306d |
bignum_CTX ctx = bignum_ctx_new();
|
|
Packit Service |
31306d |
if (bignum_ctx_invalid(ctx)) {
|
|
Packit Service |
31306d |
return -1;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
if (*dest == NULL) {
|
|
Packit Service |
31306d |
*dest = bignum_new();
|
|
Packit Service |
31306d |
if (*dest == NULL) {
|
|
Packit Service |
31306d |
rc = 0;
|
|
Packit Service |
31306d |
goto done;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
rc = bignum_mod_exp(*dest, dh_ctx->keypair[remote].pub_key,
|
|
Packit Service |
31306d |
dh_ctx->keypair[local].priv_key,
|
|
Packit Service |
31306d |
dh_ctx->modulus, ctx);
|
|
Packit Service |
31306d |
|
|
Packit Service |
31306d |
done:
|
|
Packit Service |
31306d |
bignum_ctx_free(ctx);
|
|
Packit Service |
31306d |
if (rc != 1) {
|
|
Packit Service |
31306d |
return SSH_ERROR;
|
|
Packit Service |
31306d |
}
|
|
Packit Service |
31306d |
return SSH_OK;
|
|
Packit Service |
31306d |
}
|