summaryrefslogtreecommitdiffhomepage
path: root/common-kex.c
diff options
context:
space:
mode:
Diffstat (limited to 'common-kex.c')
-rw-r--r--common-kex.c35
1 files changed, 16 insertions, 19 deletions
diff --git a/common-kex.c b/common-kex.c
index 5db8e52..e9c655d 100644
--- a/common-kex.c
+++ b/common-kex.c
@@ -188,8 +188,6 @@ void kexfirstinitialise() {
/* Reset the kex state, ready for a new negotiation */
static void kexinitialise() {
- struct timeval tv;
-
TRACE(("kexinitialise()"))
/* sent/recv'd MSG_KEXINIT */
@@ -206,10 +204,7 @@ static void kexinitialise() {
ses.kexstate.datatrans = 0;
ses.kexstate.datarecv = 0;
- if (gettimeofday(&tv, 0) < 0) {
- dropbear_exit("Error getting time");
- }
- ses.kexstate.lastkextime = tv.tv_sec;
+ ses.kexstate.lastkextime = time(NULL);
}
@@ -217,12 +212,10 @@ static void kexinitialise() {
* already initialised hash_state hs, which should already have processed
* the dh_K and hash, since these are common. X is the letter 'A', 'B' etc.
* out must have at least min(SHA1_HASH_SIZE, outlen) bytes allocated.
- * The output will only be expanded once, since that is all that is required
- * (for 3DES and SHA, with 24 and 20 bytes respectively).
+ * The output will only be expanded once, as we are assured that
+ * outlen <= 2*SHA1_HASH_SIZE for all known hashes.
*
- * See Section 5.2 of the IETF secsh Transport Draft for details */
-
-/* Duplicated verbatim from kex.c --mihnea */
+ * See Section 7.2 of rfc4253 (ssh transport) for details */
static void hashkeys(unsigned char *out, int outlen,
const hash_state * hs, const unsigned char X) {
@@ -262,6 +255,7 @@ void gen_new_keys() {
hash_state hs;
unsigned int C2S_keysize, S2C_keysize;
char mactransletter, macrecvletter; /* Client or server specific */
+ int recv_cipher = 0, trans_cipher = 0;
TRACE(("enter gen_new_keys"))
/* the dh_K and hash are the start of all hashes, we make use of that */
@@ -298,17 +292,20 @@ void gen_new_keys() {
hashkeys(C2S_key, C2S_keysize, &hs, 'C');
hashkeys(S2C_key, S2C_keysize, &hs, 'D');
- if (cbc_start(
- find_cipher(ses.newkeys->recv_algo_crypt->cipherdesc->name),
- recv_IV, recv_key,
+ recv_cipher = find_cipher(ses.newkeys->recv_algo_crypt->cipherdesc->name);
+ if (recv_cipher < 0)
+ dropbear_exit("crypto error");
+
+ if (cbc_start(recv_cipher, recv_IV, recv_key,
ses.newkeys->recv_algo_crypt->keysize, 0,
&ses.newkeys->recv_symmetric_struct) != CRYPT_OK) {
dropbear_exit("crypto error");
}
-
- if (cbc_start(
- find_cipher(ses.newkeys->trans_algo_crypt->cipherdesc->name),
- trans_IV, trans_key,
+ trans_cipher = find_cipher(ses.newkeys->trans_algo_crypt->cipherdesc->name);
+ if (trans_cipher < 0)
+ dropbear_exit("crypto error");
+
+ if (cbc_start(trans_cipher, trans_IV, trans_key,
ses.newkeys->trans_algo_crypt->keysize, 0,
&ses.newkeys->trans_symmetric_struct) != CRYPT_OK) {
dropbear_exit("crypto error");
@@ -517,7 +514,7 @@ void kexdh_comb_key(mp_int *dh_pub_us, mp_int *dh_priv, mp_int *dh_pub_them,
hash_state hs;
/* read the prime and generator*/
- mp_init(&dh_p);
+ m_mp_init(&dh_p);
bytes_to_mp(&dh_p, dh_p_val, DH_P_LEN);
/* Check that dh_pub_them (dh_e or dh_f) is in the range [1, p-1] */
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-18 19:15:41 +0000