aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJon Simons <jon@jonsimons.org>2018-05-25 03:39:21 -0700
committerAndreas Schneider <asn@cryptomilk.org>2018-06-27 21:25:28 +0200
commit448de134ac1439e1cbbed02ad344c37d9450d6d7 (patch)
tree7a69ecee062a581cce6e35cfe4c1bd5ba056019d
parentfd3d8d6496f3dbfa2aad0e5b821706c7d1f9e0b6 (diff)
downloadlibssh-448de134ac1439e1cbbed02ad344c37d9450d6d7.tar.gz
libssh-448de134ac1439e1cbbed02ad344c37d9450d6d7.tar.xz
libssh-448de134ac1439e1cbbed02ad344c37d9450d6d7.zip
ecdh: fix SSH_MSG_KEXDH_REPLY for mbedTLS
Ensure to provide the `ssh_string` pubkey blob to the buffer packing routine when computing the SSH_MSG_KEXDH_REPLY message, rather than the new `ssh_key` type. Introduced with 16217454d576511f37f39c3169963629f9d5082f. Testing done: with this change, the `pkd_hello` test is passing on a mbedTLS build for me. Previously it would segfault during pubkey exchange with "ecdh-sha2-nistp256". Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--src/ecdh_mbedcrypto.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c
index d4e7a774..aebc7bac 100644
--- a/src/ecdh_mbedcrypto.c
+++ b/src/ecdh_mbedcrypto.c
@@ -181,6 +181,7 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet)
mbedtls_ecp_group grp;
ssh_key privkey = NULL;
ssh_string sig_blob = NULL;
+ ssh_string pubkey_blob = NULL;
int rc;
mbedtls_ecp_group_id curve;
@@ -256,12 +257,21 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet)
goto out;
}
+ rc = ssh_dh_get_next_server_publickey_blob(session, &pubkey_blob);
+ if (rc != SSH_OK) {
+ ssh_set_error(session, SSH_FATAL, "Could not export server public key");
+ ssh_string_free(sig_blob);
+ goto out;
+ }
+
rc = ssh_buffer_pack(session->out_buffer, "bSSS",
- SSH2_MSG_KEXDH_REPLY, session->next_crypto->server_pubkey,
- q_s_string,
- sig_blob);
+ SSH2_MSG_KEXDH_REPLY,
+ pubkey_blob, /* host's pubkey */
+ q_s_string, /* ecdh public key */
+ sig_blob); /* signature blob */
ssh_string_free(sig_blob);
+ ssh_string_free(pubkey_blob);
if (rc != SSH_OK) {
ssh_set_error_oom(session);