/* Bring the new keys into use after a key exchange */ void recv_msg_newkeys() { TRACE(("enter recv_msg_newkeys")); /* simply check if we've sent SSH_MSG_NEWKEYS, and if so, * switch to the new keys */ if (ses.kexstate.sentnewkeys) { gen_new_keys(); kexinitialise(); /* we've finished with this kex */ } else { ses.kexstate.recvnewkeys = 1; } ses.dataallowed = 1; /* we can send other packets again now */ TRACE(("leave recv_msg_newkeys")); }
/* Bring new keys into use after a key exchange, and let the client know*/ void send_msg_newkeys() { TRACE(("enter send_msg_newkeys")); /* generate the kexinit request */ CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_NEWKEYS); encrypt_packet(); /* set up our state */ if (ses.kexstate.recvnewkeys) { gen_new_keys(); kexinitialise(); /* we've finished with this kex */ } else { ses.kexstate.sentnewkeys = 1; } TRACE(("leave send_msg_newkeys")); }
NaCl::NaCl() { gen_new_nonce(); gen_new_keys(); gen_new_secret(); }