Use signature-verification code; correct exchange-hash-info block construction for servers.
This commit is contained in:
parent
8676d74702
commit
09eb765b65
|
@ -574,11 +574,6 @@
|
||||||
((memq (car client-list) server-list) (car client-list))
|
((memq (car client-list) server-list) (car client-list))
|
||||||
(else (loop (cdr client-list))))))
|
(else (loop (cdr client-list))))))
|
||||||
|
|
||||||
(define (check-host-key! host-key)
|
|
||||||
;; TODO: If we are *re*keying, worth checking here that the key hasn't *changed* either.
|
|
||||||
(write `(TODO check-host-key! ,(hex (bit-string->bytes host-key)))) (newline) (flush-output)
|
|
||||||
(void))
|
|
||||||
|
|
||||||
;; ExchangeHashInfo Bytes Natural Natural Natural -> Bytes
|
;; ExchangeHashInfo Bytes Natural Natural Natural -> Bytes
|
||||||
;; Computes the session ID as defined by SSH's DH key exchange method.
|
;; Computes the session ID as defined by SSH's DH key exchange method.
|
||||||
(define (dh-exchange-hash hash-info host-key e f k)
|
(define (dh-exchange-hash hash-info host-key e f k)
|
||||||
|
@ -657,17 +652,19 @@
|
||||||
(define f-as-bytes (integer->bit-string f (* 8 f-width) #t))
|
(define f-as-bytes (integer->bit-string f (* 8 f-width) #t))
|
||||||
(define shared-secret (compute-key private-key f-as-bytes))
|
(define shared-secret (compute-key private-key f-as-bytes))
|
||||||
(define hash-alg sha1)
|
(define hash-alg sha1)
|
||||||
|
(define host-key-bytes (ssh-msg-kexdh-reply-host-key message))
|
||||||
|
(define host-public-key
|
||||||
|
(pieces->public-key (ssh-host-key->pieces host-key-bytes)))
|
||||||
(define exchange-hash
|
(define exchange-hash
|
||||||
(dh-exchange-hash hash-info
|
(dh-exchange-hash hash-info
|
||||||
(ssh-msg-kexdh-reply-host-key message)
|
host-key-bytes
|
||||||
public-key-as-integer
|
public-key-as-integer
|
||||||
f
|
f
|
||||||
(bit-string->integer shared-secret #t #f)))
|
(bit-string->integer shared-secret #t #f)))
|
||||||
;; (pretty-print `((public-key ,(hex public-key))
|
(verify-host-key-signature! host-public-key
|
||||||
;; (f-as-bytes ,(hex f-as-bytes))
|
host-key-alg
|
||||||
;; (shared-secret ,(hex shared-secret))
|
exchange-hash
|
||||||
;; (exchange-hash ,(hex exchange-hash))))
|
(ssh-msg-kexdh-reply-h-signature message))
|
||||||
(check-host-key! (ssh-msg-kexdh-reply-host-key message))
|
|
||||||
(finish shared-secret exchange-hash hash-alg conn))))
|
(finish shared-secret exchange-hash hash-alg conn))))
|
||||||
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
||||||
"Bad key-exchange algorithm ~v" kex-alg))))
|
"Bad key-exchange algorithm ~v" kex-alg))))
|
||||||
|
@ -709,7 +706,7 @@
|
||||||
(define hmac ((supported-hmac-factory hmac-description)
|
(define hmac ((supported-hmac-factory hmac-description)
|
||||||
(derive-key (if c2s #"E" #"F") (supported-hmac-key-length hmac-description))))
|
(derive-key (if c2s #"E" #"F") (supported-hmac-key-length hmac-description))))
|
||||||
|
|
||||||
(pretty-print `(,is-server? ,(if c2s 'c2s 's2c) ,enc ,mac))
|
;;(pretty-print `(,is-server? ,(if c2s 'c2s 's2c) ,enc ,mac))
|
||||||
(struct-copy stream-state state
|
(struct-copy stream-state state
|
||||||
[cipher cipher]
|
[cipher cipher]
|
||||||
[cipher-description cipher-description]
|
[cipher-description cipher-description]
|
||||||
|
@ -770,12 +767,18 @@
|
||||||
(guess-matches? s2c-zip ssh-msg-kexinit-compression_algorithms_server_to_client)))))
|
(guess-matches? s2c-zip ssh-msg-kexinit-compression_algorithms_server_to_client)))))
|
||||||
|
|
||||||
(define (continue-after-discard conn)
|
(define (continue-after-discard conn)
|
||||||
(define hash-info (exchange-hash-info (connection-local-id conn)
|
((if is-server?
|
||||||
(connection-remote-id conn)
|
perform-server-key-exchange
|
||||||
encoded-local-algs
|
perform-client-key-exchange)
|
||||||
encoded-remote-algs))
|
(if is-server?
|
||||||
((if is-server? perform-server-key-exchange perform-client-key-exchange)
|
(exchange-hash-info (connection-remote-id conn)
|
||||||
hash-info
|
(connection-local-id conn)
|
||||||
|
encoded-remote-algs
|
||||||
|
encoded-local-algs)
|
||||||
|
(exchange-hash-info (connection-local-id conn)
|
||||||
|
(connection-remote-id conn)
|
||||||
|
encoded-local-algs
|
||||||
|
encoded-remote-algs))
|
||||||
kex-alg
|
kex-alg
|
||||||
host-key-alg
|
host-key-alg
|
||||||
conn
|
conn
|
||||||
|
@ -1004,5 +1007,6 @@
|
||||||
(let-values (((i o) (tcp-accept s)))
|
(let-values (((i o) (tcp-accept s)))
|
||||||
(ssh-session 'server i o))))
|
(ssh-session 'server i o))))
|
||||||
|
|
||||||
;;(t-client)
|
(if (getenv "servermode")
|
||||||
(t-server)
|
(t-server)
|
||||||
|
(t-client))
|
||||||
|
|
Loading…
Reference in New Issue