Lines Matching refs:kex
1 /* $OpenBSD: kex.c,v 1.86 2010/09/22 05:01:29 djm Exp $ */
45 #include "kex.h"
62 static void kex_kexinit_finish(Kex *);
63 static void kex_choose_conf(Kex *);
65 /* Validate KEX method name list */
83 error("Unsupported KEX algorithm \"%.100s\"", p);
88 debug3("kex names ok: [%s]", names);
127 /* extract kex init proposal strings */
132 /* first kex follows / reserved */
157 error("Hm, kex protocol error: type %d seq %u", type, seq);
169 kex_finish(Kex *kex)
183 kex->done = 1;
184 buffer_clear(&kex->peer);
185 /* buffer_clear(&kex->my); */
186 kex->flags &= ~KEX_INIT_SENT;
187 xfree(kex->name);
188 kex->name = NULL;
192 kex_send_kexinit(Kex *kex)
198 if (kex == NULL) {
199 error("kex_send_kexinit: no kex, cannot rekey");
202 if (kex->flags & KEX_INIT_SENT) {
206 kex->done = 0;
209 if (buffer_len(&kex->my) < KEX_COOKIE_LEN)
210 fatal("kex_send_kexinit: kex proposal too short");
211 cookie = buffer_ptr(&kex->my);
219 packet_put_raw(buffer_ptr(&kex->my), buffer_len(&kex->my));
222 kex->flags |= KEX_INIT_SENT;
231 Kex *kex = (Kex *)ctxt;
234 if (kex == NULL)
235 fatal("kex_input_kexinit: no kex, cannot rekey");
238 buffer_append(&kex->peer, ptr, dlen);
249 kex_kexinit_finish(kex);
252 Kex *
255 Kex *kex;
257 kex = xcalloc(1, sizeof(*kex));
258 buffer_init(&kex->peer);
259 buffer_init(&kex->my);
260 kex_prop2buf(&kex->my, proposal);
261 kex->done = 0;
263 kex_send_kexinit(kex); /* we start */
266 return kex;
270 kex_kexinit_finish(Kex *kex)
272 if (!(kex->flags & KEX_INIT_SENT))
273 kex_send_kexinit(kex);
275 kex_choose_conf(kex);
277 if (kex->kex_type >= 0 && kex->kex_type < KEX_MAX &&
278 kex->kex[kex->kex_type] != NULL) {
279 (kex->kex[kex->kex_type])(kex);
281 fatal("Unsupported key exchange %d", kex->kex_type);
338 choose_kex(Kex *k, char *client, char *server)
362 fatal("bad kex alg %s", k->name);
366 choose_hostkeyalg(Kex *k, char *client, char *server)
402 kex_choose_conf(Kex *kex)
411 my = kex_buf2prop(&kex->my, NULL);
412 peer = kex_buf2prop(&kex->peer, &first_kex_follows);
414 if (kex->server) {
423 if (!kex->server) {
427 kex->roaming = 1;
435 kex->newkeys[mode] = newkeys;
436 ctos = (!kex->server && mode == MODE_OUT) ||
437 (kex->server && mode == MODE_IN);
444 debug("kex: %s %s %s %s",
450 choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]);
451 choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS],
455 newkeys = kex->newkeys[mode];
464 kex->we_need = need;
478 derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen,
488 if ((mdsz = EVP_MD_size(kex->evp_md)) <= 0)
489 fatal("bad kex md size %d", mdsz);
496 EVP_DigestInit(&md, kex->evp_md);
501 EVP_DigestUpdate(&md, kex->session_id, kex->session_id_len);
510 EVP_DigestInit(&md, kex->evp_md);
529 kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret)
535 keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, hashlen,
541 current_keys[mode] = kex->newkeys[mode];
542 kex->newkeys[mode] = NULL;
543 ctos = (!kex->server && mode == MODE_OUT) ||
544 (kex->server && mode == MODE_IN);
