/* * Attempt J-PAKE authentication. */ static int userauth_jpake(Authctxt *authctxt) { int authenticated = 0; packet_check_eom(); debug("[email protected] requested"); if (authctxt->user != NULL) { if (authctxt->jpake_ctx == NULL) authctxt->jpake_ctx = jpake_new(); if (options.zero_knowledge_password_authentication) authenticated = auth2_jpake_start(authctxt); } return authenticated; }
int mm_answer_jpake_step1(int sock, Buffer *m) { struct jpake_ctx *pctx; u_char *x3_proof, *x4_proof; u_int x3_proof_len, x4_proof_len; if (!options.zero_knowledge_password_authentication) fatal("zero_knowledge_password_authentication disabled"); if (authctxt->jpake_ctx != NULL) fatal("%s: authctxt->jpake_ctx already set (%p)", __func__, authctxt->jpake_ctx); authctxt->jpake_ctx = pctx = jpake_new(); jpake_step1(pctx->grp, &pctx->server_id, &pctx->server_id_len, &pctx->x3, &pctx->x4, &pctx->g_x3, &pctx->g_x4, &x3_proof, &x3_proof_len, &x4_proof, &x4_proof_len); JPAKE_DEBUG_CTX((pctx, "step1 done in %s", __func__)); buffer_clear(m); buffer_put_string(m, pctx->server_id, pctx->server_id_len); buffer_put_bignum2(m, pctx->g_x3); buffer_put_bignum2(m, pctx->g_x4); buffer_put_string(m, x3_proof, x3_proof_len); buffer_put_string(m, x4_proof, x4_proof_len); debug3("%s: sending step1", __func__); mm_request_send(sock, MONITOR_ANS_JPAKE_STEP1, m); bzero(x3_proof, x3_proof_len); bzero(x4_proof, x4_proof_len); xfree(x3_proof); xfree(x4_proof); monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_GET_PWDATA, 1); monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 0); return 0; }
/* * Attempt J-PAKE authentication. */ static int userauth_jpake(struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; int r, authenticated = 0; if ((r = sshpkt_get_end(ssh)) != 0) fatal("%s: %s", __func__, ssh_err(r)); debug("[email protected] requested"); if (authctxt->user != NULL) { if (authctxt->jpake_ctx == NULL) authctxt->jpake_ctx = jpake_new(); if (options.zero_knowledge_password_authentication) authenticated = auth2_jpake_start(ssh); } return authenticated; }