Example #1
0
void
kex_free(struct kex *kex)
{
	u_int mode;

	if (kex->peer != NULL)
		sshbuf_free(kex->peer);
	if (kex->my != NULL)
		sshbuf_free(kex->my);
	if (kex->dh)
		DH_free(kex->dh);
	if (kex->ec_client_key)
		EC_KEY_free(kex->ec_client_key);
	for (mode = 0; mode < MODE_MAX; mode++) {
		kex_free_newkeys(kex->newkeys[mode]);
		kex->newkeys[mode] = NULL;
	}
	if (kex->session_id)
		free(kex->session_id);
	if (kex->client_version_string)
		free(kex->client_version_string);
	if (kex->server_version_string)
		free(kex->server_version_string);
	free(kex);
}
Example #2
0
void
kex_free(struct kex *kex)
{
	u_int mode;

#ifdef WITH_OPENSSL
	if (kex->dh)
		DH_free(kex->dh);
#ifdef OPENSSL_HAS_ECC
	if (kex->ec_client_key)
		EC_KEY_free(kex->ec_client_key);
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
	for (mode = 0; mode < MODE_MAX; mode++) {
		kex_free_newkeys(kex->newkeys[mode]);
		kex->newkeys[mode] = NULL;
	}
	sshbuf_free(kex->peer);
	sshbuf_free(kex->my);
	free(kex->session_id);
	free(kex->client_version_string);
	free(kex->server_version_string);
	free(kex->failed_choice);
	free(kex->hostkey_alg);
	free(kex->name);
	free(kex);
}
Example #3
0
int
kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen,
    BIGNUM *shared_secret)
{
	Kex *kex = ssh->kex;
	u_char *keys[NKEYS];
	u_int i, j, mode, ctos;
	int r;

	for (i = 0; i < NKEYS; i++) {
		if ((r = derive_key(ssh, 'A'+i, kex->we_need, hash, hashlen,
		    shared_secret, &keys[i])) != 0) {
			for (j = 0; j < i; j++)
				free(keys[j]);
			return r;
		}
	}
	for (mode = 0; mode < MODE_MAX; mode++) {
		kex_free_newkeys(ssh->current_keys[mode]);
		ssh->current_keys[mode] = kex->newkeys[mode];
		kex->newkeys[mode] = NULL;
		ctos = (!kex->server && mode == MODE_OUT) ||
		    (kex->server && mode == MODE_IN);
		ssh->current_keys[mode]->enc.iv  = keys[ctos ? 0 : 1];
		ssh->current_keys[mode]->enc.key = keys[ctos ? 2 : 3];
		ssh->current_keys[mode]->mac.key = keys[ctos ? 4 : 5];
	}
	return 0;
}
Example #4
0
void
kex_free(struct kex *kex)
{
	u_int mode;

#ifdef WITH_OPENSSL
	if (kex->dh)
		DH_free(kex->dh);
	if (kex->ec_client_key)
		EC_KEY_free(kex->ec_client_key);
#endif
	for (mode = 0; mode < MODE_MAX; mode++) {
		kex_free_newkeys(kex->newkeys[mode]);
		kex->newkeys[mode] = NULL;
	}
	sshbuf_free(kex->peer);
	sshbuf_free(kex->my);
	free(kex->session_id);
	free(kex->client_version_string);
	free(kex->server_version_string);
	free(kex);
}