src - OpenBSD base system

diff options


context:
space:
mode:

author	Damien Miller <djm@cvs.openbsd.org>	2004-06-13 12:53:25 +0000
committer	Damien Miller <djm@cvs.openbsd.org>	2004-06-13 12:53:25 +0000
commit	455e6209d3559a2ee5d7b59c649c0805540a3591 (patch)
tree	08941dbdb41c6b48f7bc4b05c505af786c148904 /usr.bin/ssh
parent	0fbac0108c25d248520ed15ba6befac349f0a689 (diff)

implement diffie-hellman-group14-sha1 kex method (trivial extension to

existing diffie-hellman-group1-sha1); ok markus@

Diffstat (limited to 'usr.bin/ssh')

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

usr.bin/ssh/monitor.c

-rw-r--r--

usr.bin/ssh/myproposal.h

-rw-r--r--

usr.bin/ssh/ssh-keyscan.c

-rw-r--r--

usr.bin/ssh/sshconnect2.c

-rw-r--r--

usr.bin/ssh/sshd.c

11 files changed, 66 insertions, 17 deletions

diff --git a/usr.bin/ssh/dh.c b/usr.bin/ssh/dh.c
index afd1e05d001..176fb74696f 100644
--- a/usr.bin/ssh/dh.c
+++ b/usr.bin/ssh/dh.c

@@ -23,7 +23,7 @@

#include "includes.h"

-RCSID("$OpenBSD: dh.c,v 1.29 2004/02/27 22:49:27 dtucker Exp $");

+RCSID("$OpenBSD: dh.c,v 1.30 2004/06/13 12:53:24 djm Exp $");

#include "xmalloc.h"

@@ -115,8 +115,9 @@ choose_dh(int min, int wantbits, int max)

if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL &&

(f = fopen(_PATH_DH_PRIMES, "r")) == NULL) {

- logit("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI);

- return (dh_new_group1());

+ logit("WARNING: %s does not exist, using fixed modulus",

+ _PATH_DH_MODULI);

+ return (dh_new_group14());

}

linenum = 0;

@@ -169,7 +170,7 @@ choose_dh(int min, int wantbits, int max)

return (dh_new_group(dhg.g, dhg.p));

}

-/* diffie-hellman-group1-sha1 */

+/* diffie-hellman-groupN-sha1 */

int

dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)

@@ -272,6 +273,25 @@ dh_new_group1(void)

return (dh_new_group_asc(gen, group1));

}

+DH *

+dh_new_group14(void)

+ static char *gen = "2", *group14 =

+ "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"

+ "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"

+ "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"

+ "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"

+ "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"

+ "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"

+ "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"

+ "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"

+ "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"

+ "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"

+ "15728E5A" "8AACAA68" "FFFFFFFF" "FFFFFFFF";

+ return (dh_new_group_asc(gen, group14));

* Estimates the group order for a Diffie-Hellman group that has an

* attack complexity approximately the same as O(2**bits). Estimate

diff --git a/usr.bin/ssh/dh.h b/usr.bin/ssh/dh.h
index a0c97b2ff22..723dd08e4f5 100644
--- a/usr.bin/ssh/dh.h
+++ b/usr.bin/ssh/dh.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: dh.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */

+/* $OpenBSD: dh.h,v 1.8 2004/06/13 12:53:24 djm Exp $ */

@@ -36,6 +36,7 @@ DH *choose_dh(int, int, int);

DH *dh_new_group_asc(const char *, const char *);

DH *dh_new_group(BIGNUM *, BIGNUM *);

DH *dh_new_group1(void);

+DH *dh_new_group14(void);

void dh_gen_key(DH *, int);

int dh_pub_is_valid(DH *, BIGNUM *);

diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c
index fa5de7ed8be..cda8bf9b7bc 100644
--- a/usr.bin/ssh/kex.c
+++ b/usr.bin/ssh/kex.c

@@ -23,7 +23,7 @@

#include "includes.h"

-RCSID("$OpenBSD: kex.c,v 1.58 2004/05/09 01:26:48 djm Exp $");

+RCSID("$OpenBSD: kex.c,v 1.59 2004/06/13 12:53:24 djm Exp $");

#include <openssl/crypto.h>

@@ -293,6 +293,8 @@ choose_kex(Kex *k, char *client, char *server)

fatal("no kex alg");

if (strcmp(k->name, KEX_DH1) == 0) {

k->kex_type = KEX_DH_GRP1_SHA1;

+ } else if (strcmp(k->name, KEX_DH14) == 0) {

+ k->kex_type = KEX_DH_GRP14_SHA1;

} else if (strcmp(k->name, KEX_DHGEX) == 0) {

k->kex_type = KEX_DH_GEX_SHA1;

} else

diff --git a/usr.bin/ssh/kex.h b/usr.bin/ssh/kex.h
index 43773504730..d9e9d6522f5 100644
--- a/usr.bin/ssh/kex.h
+++ b/usr.bin/ssh/kex.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: kex.h,v 1.34 2004/05/21 08:43:03 markus Exp $ */

+/* $OpenBSD: kex.h,v 1.35 2004/06/13 12:53:24 djm Exp $ */

@@ -32,6 +32,7 @@

#include "key.h"

#define KEX_DH1 "diffie-hellman-group1-sha1"

+#define KEX_DH14 "diffie-hellman-group14-sha1"

#define KEX_DHGEX "diffie-hellman-group-exchange-sha1"

enum kex_init_proposals {

@@ -56,6 +57,7 @@ enum kex_modes {

enum kex_exchange {

KEX_DH_GRP1_SHA1,

+ KEX_DH_GRP14_SHA1,

KEX_DH_GEX_SHA1,

KEX_MAX

};

diff --git a/usr.bin/ssh/kexdhc.c b/usr.bin/ssh/kexdhc.c
index fe6dc53f859..f48bd46785b 100644
--- a/usr.bin/ssh/kexdhc.c
+++ b/usr.bin/ssh/kexdhc.c

@@ -23,7 +23,7 @@

#include "includes.h"

-RCSID("$OpenBSD: kexdhc.c,v 1.1 2003/02/16 17:09:57 markus Exp $");

+RCSID("$OpenBSD: kexdhc.c,v 1.2 2004/06/13 12:53:24 djm Exp $");

#include "xmalloc.h"

#include "key.h"

@@ -44,7 +44,16 @@ kexdh_client(Kex *kex)

u_int klen, kout, slen, sbloblen;

/* generate and send 'e', client DH public key */

- dh = dh_new_group1();

+ switch (kex->kex_type) {

+ case KEX_DH_GRP1_SHA1:

+ dh = dh_new_group1();

+ break;

+ case KEX_DH_GRP14_SHA1:

+ dh = dh_new_group14();

+ break;

+ default:

+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);

+ }

dh_gen_key(dh, kex->we_need * 8);

packet_start(SSH2_MSG_KEXDH_INIT);

packet_put_bignum2(dh->pub_key);

diff --git a/usr.bin/ssh/kexdhs.c b/usr.bin/ssh/kexdhs.c
index f04bce8255c..225e655926c 100644
--- a/usr.bin/ssh/kexdhs.c
+++ b/usr.bin/ssh/kexdhs.c

@@ -23,7 +23,7 @@

#include "includes.h"

-RCSID("$OpenBSD: kexdhs.c,v 1.1 2003/02/16 17:09:57 markus Exp $");

+RCSID("$OpenBSD: kexdhs.c,v 1.2 2004/06/13 12:53:24 djm Exp $");

#include "xmalloc.h"

#include "key.h"

@@ -45,7 +45,16 @@ kexdh_server(Kex *kex)

u_int slen;

/* generate server DH public key */

- dh = dh_new_group1();

+ switch (kex->kex_type) {

+ case KEX_DH_GRP1_SHA1:

+ dh = dh_new_group1();

+ break;

+ case KEX_DH_GRP14_SHA1:

+ dh = dh_new_group14();

+ break;

+ default:

+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);

+ }

dh_gen_key(dh, kex->we_need * 8);

debug("expecting SSH2_MSG_KEXDH_INIT");

diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c
index 23ab6f24960..356ada6d022 100644
--- a/usr.bin/ssh/monitor.c
+++ b/usr.bin/ssh/monitor.c

@@ -25,7 +25,7 @@

#include "includes.h"

-RCSID("$OpenBSD: monitor.c,v 1.57 2004/05/11 19:01:43 deraadt Exp $");

+RCSID("$OpenBSD: monitor.c,v 1.58 2004/06/13 12:53:24 djm Exp $");

#include <openssl/dh.h>

@@ -1367,6 +1367,7 @@ mm_get_kex(Buffer *m)

fatal("mm_get_get: internal error: bad session id");

kex->we_need = buffer_get_int(m);

kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;

+ kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;

kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;

kex->server = 1;

kex->hostkey_type = buffer_get_int(m);

diff --git a/usr.bin/ssh/myproposal.h b/usr.bin/ssh/myproposal.h
index 8b431d9d277..228ed68828d 100644
--- a/usr.bin/ssh/myproposal.h
+++ b/usr.bin/ssh/myproposal.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: myproposal.h,v 1.15 2003/05/17 04:27:52 markus Exp $ */

+/* $OpenBSD: myproposal.h,v 1.16 2004/06/13 12:53:24 djm Exp $ */

@@ -23,7 +23,9 @@

* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

-#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1"

+#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1," \

+ "diffie-hellman-group14-sha1," \

+ "diffie-hellman-group1-sha1"

#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"

#define KEX_DEFAULT_ENCRYPT \

"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \

diff --git a/usr.bin/ssh/ssh-keyscan.c b/usr.bin/ssh/ssh-keyscan.c
index c83b7a49bcc..61107050797 100644
--- a/usr.bin/ssh/ssh-keyscan.c
+++ b/usr.bin/ssh/ssh-keyscan.c

@@ -7,7 +7,7 @@

#include "includes.h"

-RCSID("$OpenBSD: ssh-keyscan.c,v 1.47 2004/03/08 09:38:05 djm Exp $");

+RCSID("$OpenBSD: ssh-keyscan.c,v 1.48 2004/06/13 12:53:24 djm Exp $");

#include <sys/queue.h>

#include <errno.h>

@@ -336,6 +336,7 @@ keygrab_ssh2(con *c)

"ssh-dss": "ssh-rsa";

c->c_kex = kex_setup(myproposal);

c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;

+ c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;

c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;

c->c_kex->verify_host_key = hostjump;

diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c
index c84dfeb5c33..b1cad71edb5 100644
--- a/usr.bin/ssh/sshconnect2.c
+++ b/usr.bin/ssh/sshconnect2.c

@@ -23,7 +23,7 @@

#include "includes.h"

-RCSID("$OpenBSD: sshconnect2.c,v 1.137 2004/05/08 00:21:31 djm Exp $");

+RCSID("$OpenBSD: sshconnect2.c,v 1.138 2004/06/13 12:53:24 djm Exp $");

#include "ssh.h"

#include "ssh2.h"

@@ -118,6 +118,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)

/* start key exchange */

kex = kex_setup(myproposal);

kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;

+ kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;

kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;

kex->client_version_string=client_version_string;

kex->server_version_string=server_version_string;

diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index b822f55c5bc..3d718295b9e 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c

@@ -42,7 +42,7 @@

#include "includes.h"

-RCSID("$OpenBSD: sshd.c,v 1.291 2004/05/09 01:19:28 djm Exp $");

+RCSID("$OpenBSD: sshd.c,v 1.292 2004/06/13 12:53:24 djm Exp $");

#include <openssl/dh.h>

#include <openssl/bn.h>

@@ -1688,6 +1688,7 @@ do_ssh2_kex(void)

/* start key exchange */

kex = kex_setup(myproposal);

kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;

+ kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;

kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;

kex->server = 1;

kex->client_version_string=client_version_string;