summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
diff options
context:
space:
mode:
authorNiels Provos <provos@cvs.openbsd.org>1999-10-18 01:54:19 +0000
committerNiels Provos <provos@cvs.openbsd.org>1999-10-18 01:54:19 +0000
commit5bc6af3d5152c91ad404c92e1e6ac18f0bab5387 (patch)
treec7c8afca9826fdd2af5d64bcbc5ca11e75863222 /usr.bin/ssh
parent27334e90900bb982f9ce8b1928d3b5bb92b1eedc (diff)
the session key is only the least significant 256-bits, mask the rest away
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r--usr.bin/ssh/auth-rsa.c4
-rw-r--r--usr.bin/ssh/sshd.c3
2 files changed, 4 insertions, 3 deletions
diff --git a/usr.bin/ssh/auth-rsa.c b/usr.bin/ssh/auth-rsa.c
index b3f2a0ac688..23fb0555a1c 100644
--- a/usr.bin/ssh/auth-rsa.c
+++ b/usr.bin/ssh/auth-rsa.c
@@ -16,7 +16,7 @@ validity of the host key.
*/
#include "includes.h"
-RCSID("$Id: auth-rsa.c,v 1.4 1999/10/11 20:00:35 markus Exp $");
+RCSID("$Id: auth-rsa.c,v 1.5 1999/10/18 01:54:18 provos Exp $");
#include "rsa.h"
#include "packet.h"
@@ -90,7 +90,7 @@ auth_rsa_challenge_dialog(unsigned int bits, BIGNUM *e, BIGNUM *n)
packet_write_wait();
/* The response is MD5 of decrypted challenge plus session id. */
- len = (BN_num_bits(challenge) + 7) / 8;
+ len = BN_num_bytes(challenge);
assert(len <= 32 && len);
memset(buf, 0, 32);
BN_bn2bin(challenge, buf + 32 - len);
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index b7abd939fcc..7ae3208e07d 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -18,7 +18,7 @@ agent connections.
*/
#include "includes.h"
-RCSID("$Id: sshd.c,v 1.38 1999/10/17 23:11:24 dugsong Exp $");
+RCSID("$Id: sshd.c,v 1.39 1999/10/18 01:54:18 provos Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -853,6 +853,7 @@ void do_connection(int privileged_port)
/* Extract session key from the decrypted integer. The key is in the
least significant 256 bits of the integer; the first byte of the
key is in the highest bits. */
+ BN_mask_bits(session_key_int, sizeof(session_key) * 8);
assert(BN_num_bytes(session_key_int) == sizeof(session_key));
BN_bn2bin(session_key_int, session_key);