summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog8
-rw-r--r--kex.c7
-rw-r--r--kex.h4
-rw-r--r--md-sha256.c71
-rw-r--r--monitor.c9
-rw-r--r--myproposal.h10
-rw-r--r--ssh-keyscan.c3
-rw-r--r--sshconnect2.c3
-rw-r--r--sshd.c1
9 files changed, 105 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog
index 3064b306..3cd994f2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -236,6 +236,12 @@
- markus@cvs.openbsd.org 2006/03/14 16:32:48
[ssh_config.5 sshd_config.5]
*AliveCountMax applies to protcol v2 only; ok dtucker, djm
+ - djm@cvs.openbsd.org 2006/03/07 09:07:40
+ [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
+ Implement the diffie-hellman-group-exchange-sha256 key exchange method
+ using the SHA256 code in libc (and wrapper to make it into an OpenSSL
+ EVP), interop tested against CVS PuTTY
+ NB. no portability bits committed yet
20060313
- (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@@ -4137,4 +4143,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.4206 2006/03/15 01:06:55 djm Exp $
+$Id: ChangeLog,v 1.4207 2006/03/15 01:08:28 djm Exp $
diff --git a/kex.c b/kex.c
index cd71be9c..175613b4 100644
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $");
+RCSID("$OpenBSD: kex.c,v 1.66 2006/03/07 09:07:40 djm Exp $");
#include <openssl/crypto.h>
@@ -44,6 +44,8 @@ RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $");
#define KEX_COOKIE_LEN 16
+extern const EVP_MD *evp_ssh_sha256(void);
+
/* prototype */
static void kex_kexinit_finish(Kex *);
static void kex_choose_conf(Kex *);
@@ -301,6 +303,9 @@ choose_kex(Kex *k, char *client, char *server)
} else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
k->kex_type = KEX_DH_GEX_SHA1;
k->evp_md = EVP_sha1();
+ } else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
+ k->kex_type = KEX_DH_GEX_SHA256;
+ k->evp_md = evp_ssh_sha256();
} else
fatal("bad kex alg %s", k->name);
}
diff --git a/kex.h b/kex.h
index bbd931e0..e2ba0a98 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.38 2005/11/04 05:15:59 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.39 2006/03/07 09:07:40 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -34,6 +34,7 @@
#define KEX_DH1 "diffie-hellman-group1-sha1"
#define KEX_DH14 "diffie-hellman-group14-sha1"
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
+#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
#define COMP_NONE 0
#define COMP_ZLIB 1
@@ -63,6 +64,7 @@ enum kex_exchange {
KEX_DH_GRP1_SHA1,
KEX_DH_GRP14_SHA1,
KEX_DH_GEX_SHA1,
+ KEX_DH_GEX_SHA256,
KEX_MAX
};
diff --git a/md-sha256.c b/md-sha256.c
new file mode 100644
index 00000000..08848f84
--- /dev/null
+++ b/md-sha256.c
@@ -0,0 +1,71 @@
+/*
+ * Copyright (c) 2005 Damien Miller <djm@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* EVP wrapper for SHA256 */
+
+#include "includes.h"
+#include <openssl/evp.h>
+#include <sha2.h>
+
+RCSID("$OpenBSD: md-sha256.c,v 1.1 2006/03/07 09:07:40 djm Exp $");
+
+const EVP_MD *evp_ssh_sha256(void);
+
+static int
+ssh_sha256_init(EVP_MD_CTX *ctxt)
+{
+ SHA256_Init(ctxt->md_data);
+ return (1);
+}
+
+static int
+ssh_sha256_update(EVP_MD_CTX *ctxt, const void *data, unsigned long len)
+{
+ SHA256_Update(ctxt->md_data, data, len);
+ return (1);
+}
+
+static int
+ssh_sha256_final(EVP_MD_CTX *ctxt, unsigned char *digest)
+{
+ SHA256_Final(digest, ctxt->md_data);
+ return (1);
+}
+
+static int
+ssh_sha256_cleanup(EVP_MD_CTX *ctxt)
+{
+ memset(ctxt->md_data, 0, sizeof(SHA256_CTX));
+ return (1);
+}
+
+const EVP_MD *
+evp_ssh_sha256(void)
+{
+ static EVP_MD ssh_sha256;
+
+ memset(&ssh_sha256, 0, sizeof(ssh_sha256));
+ ssh_sha256.type = NID_undef;
+ ssh_sha256.md_size = SHA256_DIGEST_LENGTH;
+ ssh_sha256.init = ssh_sha256_init;
+ ssh_sha256.update = ssh_sha256_update;
+ ssh_sha256.final = ssh_sha256_final;
+ ssh_sha256.cleanup = ssh_sha256_cleanup;
+ ssh_sha256.block_size = SHA256_BLOCK_LENGTH;
+ ssh_sha256.ctx_size = sizeof(SHA256_CTX);
+
+ return (&ssh_sha256);
+}
diff --git a/monitor.c b/monitor.c
index 3260d473..30849a37 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.68 2006/02/20 17:02:44 stevesk Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.69 2006/03/07 09:07:40 djm Exp $");
#include <sys/types.h>
#include <sys/wait.h>
@@ -543,7 +543,11 @@ mm_answer_sign(int sock, Buffer *m)
keyid = buffer_get_int(m);
p = buffer_get_string(m, &datlen);
- if (datlen != 20)
+ /*
+ * Supported KEX types will only return SHA1 (20 byte) or
+ * SHA256 (32 byte) hashes
+ */
+ if (datlen != 20 && datlen != 32)
fatal("%s: data length incorrect: %u", __func__, datlen);
/* save session id, it will be passed on the first call */
@@ -1627,6 +1631,7 @@ mm_get_kex(Buffer *m)
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
+ kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
kex->hostkey_type = buffer_get_int(m);
kex->kex_type = buffer_get_int(m);
diff --git a/myproposal.h b/myproposal.h
index d8cba1ca..cc94a8ed 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.18 2005/07/25 11:59:39 markus Exp $ */
+/* $OpenBSD: myproposal.h,v 1.19 2006/03/07 09:07:40 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -23,9 +23,11 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1," \
- "diffie-hellman-group14-sha1," \
- "diffie-hellman-group1-sha1"
+#define KEX_DEFAULT_KEX \
+ "diffie-hellman-group-exchange-sha256," \
+ "diffie-hellman-group-exchange-sha1," \
+ "diffie-hellman-group14-sha1," \
+ "diffie-hellman-group1-sha1"
#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"
#define KEX_DEFAULT_ENCRYPT \
"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 13e7c721..f05c4697 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -7,7 +7,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-keyscan.c,v 1.59 2006/02/08 14:31:30 stevesk Exp $");
+RCSID("$OpenBSD: ssh-keyscan.c,v 1.60 2006/03/07 09:07:40 djm Exp $");
#include "openbsd-compat/sys-queue.h"
#include <sys/resource.h>
@@ -351,6 +351,7 @@ keygrab_ssh2(con *c)
c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
+ c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
c->c_kex->verify_host_key = hostjump;
if (!(j = setjmp(kexjmp))) {
diff --git a/sshconnect2.c b/sshconnect2.c
index f2776edb..b01a3ca5 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.146 2006/02/20 17:19:54 stevesk Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.147 2006/03/07 09:07:40 djm Exp $");
#include <sys/types.h>
#include <sys/wait.h>
@@ -127,6 +127,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
+ kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;
kex->verify_host_key=&verify_host_key_callback;
diff --git a/sshd.c b/sshd.c
index 19c2d96a..6f458eb3 100644
--- a/sshd.c
+++ b/sshd.c
@@ -2042,6 +2042,7 @@ do_ssh2_kex(void)
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
+ kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;