diff options
Diffstat (limited to 'kexgen.c')
-rw-r--r-- | kexgen.c | 26 |
1 files changed, 16 insertions, 10 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: kexgen.c,v 1.4 2019/11/25 00:51:37 djm Exp $ */ +/* $OpenBSD: kexgen.c,v 1.7 2021/04/03 06:18:40 djm Exp $ */ /* * Copyright (c) 2019 Markus Friedl. All rights reserved. * @@ -117,8 +117,8 @@ kex_gen_client(struct ssh *ssh) case KEX_C25519_SHA256: r = kex_c25519_keypair(kex); break; - case KEX_KEM_SNTRUP4591761X25519_SHA512: - r = kex_kem_sntrup4591761x25519_keypair(kex); + case KEX_KEM_SNTRUP761X25519_SHA512: + r = kex_kem_sntrup761x25519_keypair(kex); break; default: r = SSH_ERR_INVALID_ARGUMENT; @@ -148,6 +148,9 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) size_t slen, hashlen; int r; + debug("SSH2_MSG_KEX_ECDH_REPLY received"); + ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &kex_protocol_error); + /* hostkey */ if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) goto out; @@ -185,8 +188,8 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) case KEX_C25519_SHA256: r = kex_c25519_dec(kex, server_blob, &shared_secret); break; - case KEX_KEM_SNTRUP4591761X25519_SHA512: - r = kex_kem_sntrup4591761x25519_dec(kex, server_blob, + case KEX_KEM_SNTRUP761X25519_SHA512: + r = kex_kem_sntrup761x25519_dec(kex, server_blob, &shared_secret); break; default: @@ -220,8 +223,8 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) out: explicit_bzero(hash, sizeof(hash)); explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); - explicit_bzero(kex->sntrup4591761_client_key, - sizeof(kex->sntrup4591761_client_key)); + explicit_bzero(kex->sntrup761_client_key, + sizeof(kex->sntrup761_client_key)); sshbuf_free(server_host_key_blob); free(signature); sshbuf_free(tmp); @@ -254,6 +257,9 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) size_t slen, hashlen; int r; + debug("SSH2_MSG_KEX_ECDH_INIT received"); + ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_INIT, &kex_protocol_error); + if ((r = kex_load_hostkey(ssh, &server_host_private, &server_host_public)) != 0) goto out; @@ -282,8 +288,8 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, &shared_secret); break; - case KEX_KEM_SNTRUP4591761X25519_SHA512: - r = kex_kem_sntrup4591761x25519_enc(kex, client_pubkey, + case KEX_KEM_SNTRUP761X25519_SHA512: + r = kex_kem_sntrup761x25519_enc(kex, client_pubkey, &server_pubkey, &shared_secret); break; default: @@ -316,7 +322,7 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) /* sign H */ if ((r = kex->sign(ssh, server_host_private, server_host_public, - &signature, &slen, hash, hashlen, kex->hostkey_alg)) != 0) + &signature, &slen, hash, hashlen, kex->hostkey_alg)) != 0) goto out; /* send server hostkey, ECDH pubkey 'Q_S' and signed H */ |