svnno****@sourc*****
svnno****@sourc*****
2016年 1月 18日 (月) 18:24:33 JST
Tera TermRevision: 6263
http://sourceforge.jp/projects/ttssh2/scm/svn/commits/6263
Author: doda
Date: 2016-01-18 18:24:32 +0900 (Mon, 18 Jan 2016)
Log Message:
-----------
diffie-hellman-group{14,15,16}-sha256 鍵交換方式に対応
https://osdn.jp/ticket/browse.php?group_id=1412&tid=35921
Modified Paths:
--------------
trunk/ttssh2/ttxssh/kex.c
trunk/ttssh2/ttxssh/kex.h
trunk/ttssh2/ttxssh/ssh.c
trunk/ttssh2/ttxssh/ssh.h
trunk/ttssh2/ttxssh/ttxssh.c
-------------- next part --------------
Modified: trunk/ttssh2/ttxssh/kex.c
===================================================================
--- trunk/ttssh2/ttxssh/kex.c 2016-01-18 09:22:55 UTC (rev 6262)
+++ trunk/ttssh2/ttxssh/kex.c 2016-01-18 09:24:32 UTC (rev 6263)
@@ -91,7 +91,57 @@
return (dh_new_group_asc(gen, group14));
}
+DH *dh_new_group15(void)
+{
+ static char *gen = "2", *group15 =
+ "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
+ "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
+ "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
+ "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
+ "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
+ "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
+ "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
+ "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
+ "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
+ "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
+ "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64"
+ "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7"
+ "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B"
+ "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
+ "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31"
+ "43DB5BFC" "E0FD108E" "4B82D120" "A93AD2CA" "FFFFFFFF" "FFFFFFFF";
+ return (dh_new_group_asc(gen, group15));
+}
+DH *dh_new_group16(void)
+{
+ static char *gen = "2", *group16 =
+ "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
+ "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
+ "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
+ "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
+ "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
+ "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
+ "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
+ "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
+ "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
+ "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
+ "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64"
+ "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7"
+ "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B"
+ "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
+ "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31"
+ "43DB5BFC" "E0FD108E" "4B82D120" "A9210801" "1A723C12" "A787E6D7"
+ "88719A10" "BDBA5B26" "99C32718" "6AF4E23C" "1A946834" "B6150BDA"
+ "2583E9CA" "2AD44CE8" "DBBBC2DB" "04DE8EF9" "2E8EFC14" "1FBECAA6"
+ "287C5947" "4E6BC05D" "99B2964F" "A090C3A2" "233BA186" "515BE7ED"
+ "1F612970" "CEE2D7AF" "B81BDD76" "2170481C" "D0069127" "D5B05AA9"
+ "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199"
+ "FFFFFFFF" "FFFFFFFF";
+ return (dh_new_group_asc(gen, group16));
+}
+
+
// DH\x8C\xAE\x82\xAC\x82\xB7\x82\xE9
void dh_gen_key(PTInstVar pvar, DH *dh, int we_need /* bytes */ )
{
@@ -137,8 +187,9 @@
}
-// SHA-1(160bit)\x82\xF0\x8B\x81\x82߂\xE9
-unsigned char *kex_dh_hash(char *client_version_string,
+// shared secret \x82\xF0\x8Cv\x8EZ\x82\xB7\x82\xE9 (DH \x8CŒ\xE8\x83O\x83\x8B\x81[\x83v\x97p)
+unsigned char *kex_dh_hash(const EVP_MD *evp_md,
+ char *client_version_string,
char *server_version_string,
char *ckexinit, int ckexinitlen,
char *skexinit, int skexinitlen,
@@ -150,7 +201,6 @@
{
buffer_t *b;
static unsigned char digest[EVP_MAX_MD_SIZE];
- const EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
b = buffer_init();
@@ -187,7 +237,7 @@
}
-// SHA-1(160bit)/SHA-256(256bit)\x82\xF0\x8B\x81\x82߂\xE9
+// shared secret \x82\xF0\x8Cv\x8EZ\x82\xB7\x82\xE9 (DH GEX\x97p)
unsigned char *kex_dh_gex_hash(const EVP_MD *evp_md,
char *client_version_string,
char *server_version_string,
Modified: trunk/ttssh2/ttxssh/kex.h
===================================================================
--- trunk/ttssh2/ttxssh/kex.h 2016-01-18 09:22:55 UTC (rev 6262)
+++ trunk/ttssh2/ttxssh/kex.h 2016-01-18 09:24:32 UTC (rev 6263)
@@ -33,10 +33,13 @@
DH *dh_new_group1(void);
DH *dh_new_group14(void);
+DH *dh_new_group15(void);
+DH *dh_new_group16(void);
void dh_gen_key(PTInstVar pvar, DH *dh, int we_need /* bytes */ );
int dh_estimate(int bits);
-unsigned char *kex_dh_hash(char *client_version_string,
+unsigned char *kex_dh_hash(const EVP_MD *evp_md,
+ char *client_version_string,
char *server_version_string,
char *ckexinit, int ckexinitlen,
char *skexinit, int skexinitlen,
Modified: trunk/ttssh2/ttxssh/ssh.c
===================================================================
--- trunk/ttssh2/ttxssh/ssh.c 2016-01-18 09:22:55 UTC (rev 6262)
+++ trunk/ttssh2/ttxssh/ssh.c 2016-01-18 09:24:32 UTC (rev 6263)
@@ -5125,6 +5125,9 @@
switch (pvar->kex_type) {
case KEX_DH_GRP1_SHA1:
case KEX_DH_GRP14_SHA1:
+ case KEX_DH_GRP14_SHA256:
+ case KEX_DH_GRP15_SHA256:
+ case KEX_DH_GRP16_SHA256:
SSH2_dh_kex_init(pvar);
break;
case KEX_DH_GEX_SHA1:
@@ -5164,11 +5167,21 @@
int len;
// Diffie-Hellman key agreement
- if (pvar->kex_type == KEX_DH_GRP1_SHA1) {
+ switch (pvar->kex_type) {
+ case KEX_DH_GRP1_SHA1:
dh = dh_new_group1();
- } else if (pvar->kex_type == KEX_DH_GRP14_SHA1) {
+ break;
+ case KEX_DH_GRP14_SHA1:
+ case KEX_DH_GRP14_SHA256:
dh = dh_new_group14();
- } else {
+ break;
+ case KEX_DH_GRP15_SHA256:
+ dh = dh_new_group15();
+ break;
+ case KEX_DH_GRP16_SHA256:
+ dh = dh_new_group16();
+ break;
+ default:
goto error;
}
@@ -5625,7 +5638,8 @@
// \x83n\x83b\x83V\x83\x85\x82̌v\x8EZ
/* calc and verify H */
- hash = kex_dh_hash(pvar->client_version_string,
+ hash = kex_dh_hash(get_kex_algorithm_EVP_MD(pvar->kex_type),
+ pvar->client_version_string,
pvar->server_version_string,
buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex),
buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex),
@@ -6237,6 +6251,9 @@
switch (pvar->kex_type) {
case KEX_DH_GRP1_SHA1:
case KEX_DH_GRP14_SHA1:
+ case KEX_DH_GRP14_SHA256:
+ case KEX_DH_GRP15_SHA256:
+ case KEX_DH_GRP16_SHA256:
handle_SSH2_dh_kex_reply(pvar);
break;
case KEX_DH_GEX_SHA1:
Modified: trunk/ttssh2/ttxssh/ssh.h
===================================================================
--- trunk/ttssh2/ttxssh/ssh.h 2016-01-18 09:22:55 UTC (rev 6262)
+++ trunk/ttssh2/ttxssh/ssh.h 2016-01-18 09:24:32 UTC (rev 6263)
@@ -390,6 +390,9 @@
KEX_ECDH_SHA2_256,
KEX_ECDH_SHA2_384,
KEX_ECDH_SHA2_521,
+ KEX_DH_GRP14_SHA256,
+ KEX_DH_GRP15_SHA256,
+ KEX_DH_GRP16_SHA256,
KEX_DH_UNKNOWN,
KEX_DH_MAX = KEX_DH_UNKNOWN,
} kex_algorithm;
@@ -408,6 +411,9 @@
{KEX_ECDH_SHA2_256, "ecdh-sha2-nistp256", EVP_sha256}, // RFC5656
{KEX_ECDH_SHA2_384, "ecdh-sha2-nistp384", EVP_sha384}, // RFC5656
{KEX_ECDH_SHA2_521, "ecdh-sha2-nistp521", EVP_sha512}, // RFC5656
+ {KEX_DH_GRP14_SHA256, "diffie-hellman-group14-sha256", EVP_sha256}, // draft-baushke-ssh-dh-group-sha2-01
+ {KEX_DH_GRP15_SHA256, "diffie-hellman-group15-sha256", EVP_sha256}, // draft-baushke-ssh-dh-group-sha2-01
+ {KEX_DH_GRP16_SHA256, "diffie-hellman-group16-sha256", EVP_sha256}, // draft-baushke-ssh-dh-group-sha2-01
{KEX_DH_NONE , NULL, NULL},
};
Modified: trunk/ttssh2/ttxssh/ttxssh.c
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.c 2016-01-18 09:22:55 UTC (rev 6262)
+++ trunk/ttssh2/ttxssh/ttxssh.c 2016-01-18 09:24:32 UTC (rev 6263)
@@ -305,6 +305,9 @@
KEX_ECDH_SHA2_256,
KEX_ECDH_SHA2_384,
KEX_ECDH_SHA2_521,
+ KEX_DH_GRP16_SHA256,
+ KEX_DH_GRP15_SHA256,
+ KEX_DH_GRP14_SHA256,
KEX_DH_GEX_SHA256,
KEX_DH_GEX_SHA1,
KEX_DH_GRP14_SHA1,