- djm@cvs.openbsd.org 2004/06/13 12:53:24
[dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h]
[ssh-keyscan.c sshconnect2.c sshd.c]
implement diffie-hellman-group14-sha1 kex method (trivial extension to
existing diffie-hellman-group1-sha1); ok markus@
diff --git a/ChangeLog b/ChangeLog
index 3fb1d46..1d2563b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,11 @@
- pedro@cvs.openbsd.org 2004/06/03 12:22:20
[sftp-client.c sftp.c]
initialize pointers, ok markus@
+ - djm@cvs.openbsd.org 2004/06/13 12:53:24
+ [dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h]
+ [ssh-keyscan.c sshconnect2.c sshd.c]
+ implement diffie-hellman-group14-sha1 kex method (trivial extension to
+ existing diffie-hellman-group1-sha1); ok markus@
20040603
- (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions.
@@ -1199,4 +1204,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.3379 2004/06/15 00:28:56 djm Exp $
+$Id: ChangeLog,v 1.3380 2004/06/15 00:30:09 djm Exp $
diff --git a/dh.c b/dh.c
index afd1e05..176fb74 100644
--- a/dh.c
+++ b/dh.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: dh.c,v 1.29 2004/02/27 22:49:27 dtucker Exp $");
+RCSID("$OpenBSD: dh.c,v 1.30 2004/06/13 12:53:24 djm Exp $");
#include "xmalloc.h"
@@ -115,8 +115,9 @@
if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL &&
(f = fopen(_PATH_DH_PRIMES, "r")) == NULL) {
- logit("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI);
- return (dh_new_group1());
+ logit("WARNING: %s does not exist, using fixed modulus",
+ _PATH_DH_MODULI);
+ return (dh_new_group14());
}
linenum = 0;
@@ -169,7 +170,7 @@
return (dh_new_group(dhg.g, dhg.p));
}
-/* diffie-hellman-group1-sha1 */
+/* diffie-hellman-groupN-sha1 */
int
dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
@@ -272,6 +273,25 @@
return (dh_new_group_asc(gen, group1));
}
+DH *
+dh_new_group14(void)
+{
+ static char *gen = "2", *group14 =
+ "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
+ "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
+ "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
+ "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
+ "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
+ "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
+ "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
+ "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
+ "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
+ "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
+ "15728E5A" "8AACAA68" "FFFFFFFF" "FFFFFFFF";
+
+ return (dh_new_group_asc(gen, group14));
+}
+
/*
* Estimates the group order for a Diffie-Hellman group that has an
* attack complexity approximately the same as O(2**bits). Estimate
diff --git a/dh.h b/dh.h
index a0c97b2..723dd08 100644
--- a/dh.h
+++ b/dh.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */
+/* $OpenBSD: dh.h,v 1.8 2004/06/13 12:53:24 djm Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
@@ -36,6 +36,7 @@
DH *dh_new_group_asc(const char *, const char *);
DH *dh_new_group(BIGNUM *, BIGNUM *);
DH *dh_new_group1(void);
+DH *dh_new_group14(void);
void dh_gen_key(DH *, int);
int dh_pub_is_valid(DH *, BIGNUM *);
diff --git a/kex.c b/kex.c
index fa5de7e..cda8bf9 100644
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.58 2004/05/09 01:26:48 djm Exp $");
+RCSID("$OpenBSD: kex.c,v 1.59 2004/06/13 12:53:24 djm Exp $");
#include <openssl/crypto.h>
@@ -293,6 +293,8 @@
fatal("no kex alg");
if (strcmp(k->name, KEX_DH1) == 0) {
k->kex_type = KEX_DH_GRP1_SHA1;
+ } else if (strcmp(k->name, KEX_DH14) == 0) {
+ k->kex_type = KEX_DH_GRP14_SHA1;
} else if (strcmp(k->name, KEX_DHGEX) == 0) {
k->kex_type = KEX_DH_GEX_SHA1;
} else
diff --git a/kex.h b/kex.h
index 4377350..d9e9d65 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.34 2004/05/21 08:43:03 markus Exp $ */
+/* $OpenBSD: kex.h,v 1.35 2004/06/13 12:53:24 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -32,6 +32,7 @@
#include "key.h"
#define KEX_DH1 "diffie-hellman-group1-sha1"
+#define KEX_DH14 "diffie-hellman-group14-sha1"
#define KEX_DHGEX "diffie-hellman-group-exchange-sha1"
enum kex_init_proposals {
@@ -56,6 +57,7 @@
enum kex_exchange {
KEX_DH_GRP1_SHA1,
+ KEX_DH_GRP14_SHA1,
KEX_DH_GEX_SHA1,
KEX_MAX
};
diff --git a/kexdhc.c b/kexdhc.c
index fe6dc53..f48bd46 100644
--- a/kexdhc.c
+++ b/kexdhc.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: kexdhc.c,v 1.1 2003/02/16 17:09:57 markus Exp $");
+RCSID("$OpenBSD: kexdhc.c,v 1.2 2004/06/13 12:53:24 djm Exp $");
#include "xmalloc.h"
#include "key.h"
@@ -44,7 +44,16 @@
u_int klen, kout, slen, sbloblen;
/* generate and send 'e', client DH public key */
- dh = dh_new_group1();
+ switch (kex->kex_type) {
+ case KEX_DH_GRP1_SHA1:
+ dh = dh_new_group1();
+ break;
+ case KEX_DH_GRP14_SHA1:
+ dh = dh_new_group14();
+ break;
+ default:
+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
+ }
dh_gen_key(dh, kex->we_need * 8);
packet_start(SSH2_MSG_KEXDH_INIT);
packet_put_bignum2(dh->pub_key);
diff --git a/kexdhs.c b/kexdhs.c
index f04bce8..225e655 100644
--- a/kexdhs.c
+++ b/kexdhs.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: kexdhs.c,v 1.1 2003/02/16 17:09:57 markus Exp $");
+RCSID("$OpenBSD: kexdhs.c,v 1.2 2004/06/13 12:53:24 djm Exp $");
#include "xmalloc.h"
#include "key.h"
@@ -45,7 +45,16 @@
u_int slen;
/* generate server DH public key */
- dh = dh_new_group1();
+ switch (kex->kex_type) {
+ case KEX_DH_GRP1_SHA1:
+ dh = dh_new_group1();
+ break;
+ case KEX_DH_GRP14_SHA1:
+ dh = dh_new_group14();
+ break;
+ default:
+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
+ }
dh_gen_key(dh, kex->we_need * 8);
debug("expecting SSH2_MSG_KEXDH_INIT");
diff --git a/monitor.c b/monitor.c
index 2200eb0..c287a2d 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.57 2004/05/11 19:01:43 deraadt Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.58 2004/06/13 12:53:24 djm Exp $");
#include <openssl/dh.h>
@@ -1546,6 +1546,7 @@
fatal("mm_get_get: internal error: bad session id");
kex->we_need = buffer_get_int(m);
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
+ kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->server = 1;
kex->hostkey_type = buffer_get_int(m);
diff --git a/myproposal.h b/myproposal.h
index 8b431d9..228ed68 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.15 2003/05/17 04:27:52 markus Exp $ */
+/* $OpenBSD: myproposal.h,v 1.16 2004/06/13 12:53:24 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -23,7 +23,9 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1"
+#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1," \
+ "diffie-hellman-group14-sha1," \
+ "diffie-hellman-group1-sha1"
#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"
#define KEX_DEFAULT_ENCRYPT \
"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 266b23c..c4a2414 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -7,7 +7,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-keyscan.c,v 1.47 2004/03/08 09:38:05 djm Exp $");
+RCSID("$OpenBSD: ssh-keyscan.c,v 1.48 2004/06/13 12:53:24 djm Exp $");
#include "openbsd-compat/sys-queue.h"
@@ -349,6 +349,7 @@
"ssh-dss": "ssh-rsa";
c->c_kex = kex_setup(myproposal);
c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
+ c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
c->c_kex->verify_host_key = hostjump;
diff --git a/sshconnect2.c b/sshconnect2.c
index 06d8842..68d56d0 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.137 2004/05/08 00:21:31 djm Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.138 2004/06/13 12:53:24 djm Exp $");
#include "openbsd-compat/sys-queue.h"
@@ -120,6 +120,7 @@
/* start key exchange */
kex = kex_setup(myproposal);
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
+ kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;
diff --git a/sshd.c b/sshd.c
index 332a189..5f38781 100644
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.291 2004/05/09 01:19:28 djm Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.292 2004/06/13 12:53:24 djm Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
@@ -1774,6 +1774,7 @@
/* start key exchange */
kex = kex_setup(myproposal);
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
+ kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->server = 1;
kex->client_version_string=client_version_string;