Attachment #2766 for bug #2515




	return (dh_new_group_asc(gen, group14));
}

/* MODP group 15 from RFC3526. */
 * 4k bit fallback group used by DH-GEX if moduli file cannot be read.
 * Source: MODP group 16 from RFC3526.
 */
DH *
dh_new_group15(void)
{
	static char *gen = "2", *group15 =
	    "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
	    "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
	    "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
	    "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
	    "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
	    "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
	    "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
	    "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
	    "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
	    "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
	    "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64"
	    "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7"
	    "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B"
	    "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
	    "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31"
	    "43DB5BFC" "E0FD108E" "4B82D120" "A93AD2CA" "FFFFFFFF" "FFFFFFFF";

	return (dh_new_group_asc(gen, group15));
}

/* MODP group 16 from RFC3526. */
DH *
dh_new_group16(void)
{
	static char *gen = "2", *group16 =
	    "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"

	    "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199"
	    "FFFFFFFF" "FFFFFFFF";

	return (dh_new_group_asc(gen, group16));
}

/* Select fallback group used by DH-GEX if moduli file cannot be read. */
DH *
dh_new_group_fallback(int max)
{
	if (max < 4096) {
		debug3("requested max size %d, using 2k bit group 14", max);
		return dh_new_group14();
	}
	debug3("using 4k bit group 16");
	return dh_new_group16();
}

/*

Lines 37-42 DH dh_new_group_asc(const char , const char *); Link Here

(-)a/dh.h (+2 lines)
37	DH dh_new_group(BIGNUM , BIGNUM *);	37	DH dh_new_group(BIGNUM , BIGNUM *);
38	DH *dh_new_group1(void);	38	DH *dh_new_group1(void);
39	DH *dh_new_group14(void);	39	DH *dh_new_group14(void);
		40	DH *dh_new_group15(void);
		41	DH *dh_new_group16(void);
40	DH *dh_new_group_fallback(int);	42	DH *dh_new_group_fallback(int);
41		43
42	int dh_gen_key(DH *, int);	44	int dh_gen_key(DH *, int);

Lines 89-97 struct kexalg { Link Here

(-)a/kex.c (-1 / +4 lines)
89	static const struct kexalg kexalgs[] = {	89	static const struct kexalg kexalgs[] = {
90	#ifdef WITH_OPENSSL	90	#ifdef WITH_OPENSSL
91	{ KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },	91	{ KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
92	{ KEX_DH14, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },	92	{ KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },
93	{ KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 },	93	{ KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 },
94	#ifdef HAVE_EVP_SHA256	94	#ifdef HAVE_EVP_SHA256
		95	{ KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256 },
		96	{ KEX_DH15_SHA256, KEX_DH_GRP15_SHA256, 0, SSH_DIGEST_SHA256 },
		97	{ KEX_DH16_SHA256, KEX_DH_GRP16_SHA256, 0, SSH_DIGEST_SHA256 },
95	{ KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 },	98	{ KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 },
96	#endif /* HAVE_EVP_SHA256 */	99	#endif /* HAVE_EVP_SHA256 */
97	#ifdef OPENSSL_HAS_ECC	100	#ifdef OPENSSL_HAS_ECC

Lines 51-57 Link Here

(-)a/kex.h (-1 / +7 lines)
51	#define KEX_COOKIE_LEN 16	51	#define KEX_COOKIE_LEN 16
52		52
53	#define KEX_DH1 "diffie-hellman-group1-sha1"	53	#define KEX_DH1 "diffie-hellman-group1-sha1"
54	#define KEX_DH14 "diffie-hellman-group14-sha1"	54	#define KEX_DH14_SHA1 "diffie-hellman-group14-sha1"
		55	#define KEX_DH14_SHA256 "diffie-hellman-group14-sha256"
		56	#define KEX_DH15_SHA256 "diffie-hellman-group15-sha256"
		57	#define KEX_DH16_SHA256 "diffie-hellman-group16-sha256"
55	#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"	58	#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
56	#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"	59	#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
57	#define KEX_RESUME "resume@appgate.com"	60	#define KEX_RESUME "resume@appgate.com"
Lines 89-94 enum kex_modes { Link Here
89	enum kex_exchange {	92	enum kex_exchange {
90	KEX_DH_GRP1_SHA1,	93	KEX_DH_GRP1_SHA1,
91	KEX_DH_GRP14_SHA1,	94	KEX_DH_GRP14_SHA1,
		95	KEX_DH_GRP14_SHA256,
		96	KEX_DH_GRP15_SHA256,
		97	KEX_DH_GRP16_SHA256,
92	KEX_DH_GEX_SHA1,	98	KEX_DH_GEX_SHA1,
93	KEX_DH_GEX_SHA256,	99	KEX_DH_GEX_SHA256,
94	KEX_ECDH_SHA2,	100	KEX_ECDH_SHA2,

Lines 63-70 kexdh_client(struct ssh *ssh) Link Here

(-)a/kexdhc.c (+7 lines)
63	kex->dh = dh_new_group1();	63	kex->dh = dh_new_group1();
64	break;	64	break;
65	case KEX_DH_GRP14_SHA1:	65	case KEX_DH_GRP14_SHA1:
		66	case KEX_DH_GRP14_SHA256:
66	kex->dh = dh_new_group14();	67	kex->dh = dh_new_group14();
67	break;	68	break;
		69	case KEX_DH_GRP15_SHA256:
		70	kex->dh = dh_new_group15();
		71	break;
		72	case KEX_DH_GRP16_SHA256:
		73	kex->dh = dh_new_group16();
		74	break;
68	default:	75	default:
69	r = SSH_ERR_INVALID_ARGUMENT;	76	r = SSH_ERR_INVALID_ARGUMENT;
70	goto out;	77	goto out;

Lines 63-70 kexdh_server(struct ssh *ssh) Link Here

(-)a/kexdhs.c (+7 lines)
63	kex->dh = dh_new_group1();	63	kex->dh = dh_new_group1();
64	break;	64	break;
65	case KEX_DH_GRP14_SHA1:	65	case KEX_DH_GRP14_SHA1:
		66	case KEX_DH_GRP14_SHA256:
66	kex->dh = dh_new_group14();	67	kex->dh = dh_new_group14();
67	break;	68	break;
		69	case KEX_DH_GRP15_SHA256:
		70	kex->dh = dh_new_group15();
		71	break;
		72	case KEX_DH_GRP16_SHA256:
		73	kex->dh = dh_new_group16();
		74	break;
68	default:	75	default:
69	r = SSH_ERR_INVALID_ARGUMENT;	76	r = SSH_ERR_INVALID_ARGUMENT;
70	goto out;	77	goto out;

Lines 1855-1860 monitor_apply_keystate(struct monitor *pmonitor) Link Here

(-)a/monitor.c (+3 lines)
1855	#ifdef WITH_OPENSSL	1855	#ifdef WITH_OPENSSL
1856	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;	1856	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
1857	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;	1857	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
		1858	kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
		1859	kex->kex[KEX_DH_GRP15_SHA256] = kexdh_server;
		1860	kex->kex[KEX_DH_GRP16_SHA256] = kexdh_server;
1858	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;	1861	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
1859	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;	1862	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
1860	# ifdef OPENSSL_HAS_ECC	1863	# ifdef OPENSSL_HAS_ECC

Lines 68-74 Link Here

(-)a/myproposal.h (-1 / +4 lines)
68		68
69	#ifdef HAVE_EVP_SHA256	69	#ifdef HAVE_EVP_SHA256
70	# define KEX_SHA256_METHODS \	70	# define KEX_SHA256_METHODS \
71	"diffie-hellman-group-exchange-sha256,"	71	"diffie-hellman-group-exchange-sha256," \
		72	"diffie-hellman-group16-sha256," \
		73	"diffie-hellman-group15-sha256," \
		74	"diffie-hellman-group14-sha256,"
72	#define SHA2_HMAC_MODES \	75	#define SHA2_HMAC_MODES \
73	"hmac-sha2-256," \	76	"hmac-sha2-256," \
74	"hmac-sha2-512,"	77	"hmac-sha2-512,"

Lines 302-307 keygrab_ssh2(con *c) Link Here

(-)a/ssh-keyscan.c (+3 lines)
302	#ifdef WITH_OPENSSL	302	#ifdef WITH_OPENSSL
303	c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;	303	c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
304	c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;	304	c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
		305	c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client;
		306	c->c_ssh->kex->kex[KEX_DH_GRP15_SHA256] = kexdh_client;
		307	c->c_ssh->kex->kex[KEX_DH_GRP16_SHA256] = kexdh_client;
305	c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;	308	c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
306	c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;	309	c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
307	# ifdef OPENSSL_HAS_ECC	310	# ifdef OPENSSL_HAS_ECC

Lines 103-108 ssh_init(struct ssh *sshp, int is_server, struct kex_params kex_params) Link Here

(-)a/ssh_api.c (+3 lines)
103	#ifdef WITH_OPENSSL	103	#ifdef WITH_OPENSSL
104	ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;	104	ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
105	ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;	105	ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
		106	ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
		107	ssh->kex->kex[KEX_DH_GRP15_SHA256] = kexdh_server;
		108	ssh->kex->kex[KEX_DH_GRP16_SHA256] = kexdh_server;
106	ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;	109	ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
107	ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;	110	ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
108	# ifdef OPENSSL_HAS_ECC	111	# ifdef OPENSSL_HAS_ECC

Lines 206-211 ssh_kex2(char host, struct sockaddr hostaddr, u_short port) Link Here

(-)a/sshconnect2.c (+3 lines)
206	#ifdef WITH_OPENSSL	206	#ifdef WITH_OPENSSL
207	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;	207	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
208	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;	208	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
		209	kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client;
		210	kex->kex[KEX_DH_GRP15_SHA256] = kexdh_client;
		211	kex->kex[KEX_DH_GRP16_SHA256] = kexdh_client;
209	kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;	212	kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
210	kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;	213	kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
211	# ifdef OPENSSL_HAS_ECC	214	# ifdef OPENSSL_HAS_ECC

Lines 2577-2582 do_ssh2_kex(void) Link Here

(-)a/sshd.c (+3 lines)
2577	#ifdef WITH_OPENSSL	2577	#ifdef WITH_OPENSSL
2578	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;	2578	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
2579	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;	2579	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
		2580	kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
		2581	kex->kex[KEX_DH_GRP15_SHA256] = kexdh_server;
		2582	kex->kex[KEX_DH_GRP16_SHA256] = kexdh_server;
2580	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;	2583	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
2581	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;	2584	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
2582	# ifdef OPENSSL_HAS_ECC	2585	# ifdef OPENSSL_HAS_ECC

Return to bug 2515

Lines 338-349 dh_new_group14(void) Link Here

(-)a/dh.c (-6 / +35 lines)
338	return (dh_new_group_asc(gen, group14));	338	return (dh_new_group_asc(gen, group14));
339	}	339	}
340		340
341	/*	341	/* MODP group 15 from RFC3526. */
342	* 4k bit fallback group used by DH-GEX if moduli file cannot be read.
343	* Source: MODP group 16 from RFC3526.
344	*/
345	DH *	342	DH *
346	dh_new_group_fallback(int max)	343	dh_new_group15(void)
		344	{
		345	static char gen = "2", group15 =
		346	"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
		347	"29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
		348	"EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
		349	"E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
		350	"EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
		351	"C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
		352	"83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
		353	"670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
		354	"E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
		355	"DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
		356	"15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64"
		357	"ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7"
		358	"ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B"
		359	"F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
		360	"BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31"
		361	"43DB5BFC" "E0FD108E" "4B82D120" "A93AD2CA" "FFFFFFFF" "FFFFFFFF";
		362
		363	return (dh_new_group_asc(gen, group15));
		364	}
		365
		366	/* MODP group 16 from RFC3526. */
		367	DH *
		368	dh_new_group16(void)
347	{	369	{
348	static char gen = "2", group16 =	370	static char gen = "2", group16 =
349	"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"	371	"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
Lines 369-380 dh_new_group_fallback(int max) Link Here
369	"93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199"	391	"93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199"
370	"FFFFFFFF" "FFFFFFFF";	392	"FFFFFFFF" "FFFFFFFF";
371		393
		394	return (dh_new_group_asc(gen, group16));
		395	}
		396
		397	/* Select fallback group used by DH-GEX if moduli file cannot be read. */
		398	DH *
		399	dh_new_group_fallback(int max)
		400	{
372	if (max < 4096) {	401	if (max < 4096) {
373	debug3("requested max size %d, using 2k bit group 14", max);	402	debug3("requested max size %d, using 2k bit group 14", max);
374	return dh_new_group14();	403	return dh_new_group14();
375	}	404	}
376	debug3("using 4k bit group 16");	405	debug3("using 4k bit group 16");
377	return (dh_new_group_asc(gen, group16));	406	return dh_new_group16();
378	}	407	}
379		408
380	/*	409	/*