Attachment #2768 for bug #2515




	return (dh_new_group_asc(gen, group14));
}

/* MODP group 15 from RFC3526. */
 * 4k bit fallback group used by DH-GEX if moduli file cannot be read.
 * Source: MODP group 16 from RFC3526.
 */
DH *
dh_new_group15(void)
{
	static char *gen = "2", *group15 =
	    "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
	    "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
	    "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
	    "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
	    "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
	    "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
	    "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
	    "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
	    "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
	    "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
	    "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64"
	    "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7"
	    "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B"
	    "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
	    "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31"
	    "43DB5BFC" "E0FD108E" "4B82D120" "A93AD2CA" "FFFFFFFF" "FFFFFFFF";

	return (dh_new_group_asc(gen, group15));
}

/* MODP group 16 from RFC3526. */
DH *
dh_new_group16(void)
{
	static char *gen = "2", *group16 =
	    "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"

	    "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199"
	    "FFFFFFFF" "FFFFFFFF";

	return (dh_new_group_asc(gen, group16));
}

/* Select fallback group used by DH-GEX if moduli file cannot be read. */
DH *
dh_new_group_fallback(int max)
{
	if (max < 4096) {
		debug3("requested max size %d, using 2k bit group 14", max);
		return dh_new_group14();
	}
	debug3("using 4k bit group 16");
	return dh_new_group16();
}

/*

Lines 37-42 DH dh_new_group_asc(const char , const char *); Link Here

(-)a/dh.h (+2 lines)
37	DH dh_new_group(BIGNUM , BIGNUM *);	37	DH dh_new_group(BIGNUM , BIGNUM *);
38	DH *dh_new_group1(void);	38	DH *dh_new_group1(void);
39	DH *dh_new_group14(void);	39	DH *dh_new_group14(void);
		40	DH *dh_new_group15(void);
		41	DH *dh_new_group16(void);
40	DH *dh_new_group_fallback(int);	42	DH *dh_new_group_fallback(int);
41		43
42	int dh_gen_key(DH *, int);	44	int dh_gen_key(DH *, int);

Lines 89-97 struct kexalg { Link Here

(-)a/kex.c (-1 / +4 lines)
89	static const struct kexalg kexalgs[] = {	89	static const struct kexalg kexalgs[] = {
90	#ifdef WITH_OPENSSL	90	#ifdef WITH_OPENSSL
91	{ KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },	91	{ KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
92	{ KEX_DH14, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },	92	{ KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },
93	{ KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 },	93	{ KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 },
94	#ifdef HAVE_EVP_SHA256	94	#ifdef HAVE_EVP_SHA256
		95	{ KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256 },
		96	{ KEX_DH15_SHA256, KEX_DH_GRP15_SHA256, 0, SSH_DIGEST_SHA256 },
		97	{ KEX_DH16_SHA256, KEX_DH_GRP16_SHA256, 0, SSH_DIGEST_SHA256 },
95	{ KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 },	98	{ KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 },
96	#endif /* HAVE_EVP_SHA256 */	99	#endif /* HAVE_EVP_SHA256 */
97	#ifdef OPENSSL_HAS_ECC	100	#ifdef OPENSSL_HAS_ECC

Lines 51-57 Link Here

(-)a/kex.h (-2 / +8 lines)
51	#define KEX_COOKIE_LEN 16	51	#define KEX_COOKIE_LEN 16
52		52
53	#define KEX_DH1 "diffie-hellman-group1-sha1"	53	#define KEX_DH1 "diffie-hellman-group1-sha1"
54	#define KEX_DH14 "diffie-hellman-group14-sha1"	54	#define KEX_DH14_SHA1 "diffie-hellman-group14-sha1"
		55	#define KEX_DH14_SHA256 "diffie-hellman-group14-sha256"
		56	#define KEX_DH15_SHA256 "diffie-hellman-group15-sha256"
		57	#define KEX_DH16_SHA256 "diffie-hellman-group16-sha256"
55	#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"	58	#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
56	#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"	59	#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
57	#define KEX_RESUME "resume@appgate.com"	60	#define KEX_RESUME "resume@appgate.com"
Lines 89-94 enum kex_modes { Link Here
89	enum kex_exchange {	92	enum kex_exchange {
90	KEX_DH_GRP1_SHA1,	93	KEX_DH_GRP1_SHA1,
91	KEX_DH_GRP14_SHA1,	94	KEX_DH_GRP14_SHA1,
		95	KEX_DH_GRP14_SHA256,
		96	KEX_DH_GRP15_SHA256,
		97	KEX_DH_GRP16_SHA256,
92	KEX_DH_GEX_SHA1,	98	KEX_DH_GEX_SHA1,
93	KEX_DH_GEX_SHA256,	99	KEX_DH_GEX_SHA256,
94	KEX_ECDH_SHA2,	100	KEX_ECDH_SHA2,
Lines 191-197 int kexecdh_server(struct ssh *); Link Here
191	int kexc25519_client(struct ssh *);	197	int kexc25519_client(struct ssh *);
192	int kexc25519_server(struct ssh *);	198	int kexc25519_server(struct ssh *);
193		199
194	int kex_dh_hash(const char , const char ,	200	int kex_dh_hash(int, const char , const char ,
195	const u_char , size_t, const u_char , size_t, const u_char *, size_t,	201	const u_char , size_t, const u_char , size_t, const u_char *, size_t,
196	const BIGNUM , const BIGNUM , const BIGNUM , u_char , size_t *);	202	const BIGNUM , const BIGNUM , const BIGNUM , u_char , size_t *);
197		203





int
kex_dh_hash(
    int hash_alg,
    const char *client_version_string,
    const char *server_version_string,
    const u_char *ckexinit, size_t ckexinitlen,

	struct sshbuf *b;
	int r;

	if (*hashlen < ssh_digest_bytes(hash_alg))
		return SSH_ERR_INVALID_ARGUMENT;
	if ((b = sshbuf_new()) == NULL)
		return SSH_ERR_ALLOC_FAIL;

#ifdef DEBUG_KEX
	sshbuf_dump(b, stderr);
#endif
	if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) {
		sshbuf_free(b);
		return SSH_ERR_LIBCRYPTO_ERROR;
	}
	sshbuf_free(b);
	*hashlen = ssh_digest_bytes(hash_alg);
#ifdef DEBUG_KEX
	dump_digest("hash", hash, *hashlen);
#endif

Lines 63-70 kexdh_client(struct ssh *ssh) Link Here

(-)a/kexdhc.c (+8 lines)
63	kex->dh = dh_new_group1();	63	kex->dh = dh_new_group1();
64	break;	64	break;
65	case KEX_DH_GRP14_SHA1:	65	case KEX_DH_GRP14_SHA1:
		66	case KEX_DH_GRP14_SHA256:
66	kex->dh = dh_new_group14();	67	kex->dh = dh_new_group14();
67	break;	68	break;
		69	case KEX_DH_GRP15_SHA256:
		70	kex->dh = dh_new_group15();
		71	break;
		72	case KEX_DH_GRP16_SHA256:
		73	kex->dh = dh_new_group16();
		74	break;
68	default:	75	default:
69	r = SSH_ERR_INVALID_ARGUMENT;	76	r = SSH_ERR_INVALID_ARGUMENT;
70	goto out;	77	goto out;
Lines 164-169 input_kex_dh(int type, u_int32_t seq, void *ctxt) Link Here
164	/* calc and verify H */	171	/* calc and verify H */
165	hashlen = sizeof(hash);	172	hashlen = sizeof(hash);
166	if ((r = kex_dh_hash(	173	if ((r = kex_dh_hash(
		174	kex->hash_alg,
167	kex->client_version_string,	175	kex->client_version_string,
168	kex->server_version_string,	176	kex->server_version_string,
169	sshbuf_ptr(kex->my), sshbuf_len(kex->my),	177	sshbuf_ptr(kex->my), sshbuf_len(kex->my),

Lines 63-70 kexdh_server(struct ssh *ssh) Link Here

(-)a/kexdhs.c (+8 lines)
63	kex->dh = dh_new_group1();	63	kex->dh = dh_new_group1();
64	break;	64	break;
65	case KEX_DH_GRP14_SHA1:	65	case KEX_DH_GRP14_SHA1:
		66	case KEX_DH_GRP14_SHA256:
66	kex->dh = dh_new_group14();	67	kex->dh = dh_new_group14();
67	break;	68	break;
		69	case KEX_DH_GRP15_SHA256:
		70	kex->dh = dh_new_group15();
		71	break;
		72	case KEX_DH_GRP16_SHA256:
		73	kex->dh = dh_new_group16();
		74	break;
68	default:	75	default:
69	r = SSH_ERR_INVALID_ARGUMENT;	76	r = SSH_ERR_INVALID_ARGUMENT;
70	goto out;	77	goto out;
Lines 158-163 input_kex_dh_init(int type, u_int32_t seq, void *ctxt) Link Here
158	/* calc H */	165	/* calc H */
159	hashlen = sizeof(hash);	166	hashlen = sizeof(hash);
160	if ((r = kex_dh_hash(	167	if ((r = kex_dh_hash(
		168	kex->hash_alg,
161	kex->client_version_string,	169	kex->client_version_string,
162	kex->server_version_string,	170	kex->server_version_string,
163	sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),	171	sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),

Lines 1855-1860 monitor_apply_keystate(struct monitor *pmonitor) Link Here

(-)a/monitor.c (+3 lines)
1855	#ifdef WITH_OPENSSL	1855	#ifdef WITH_OPENSSL
1856	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;	1856	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
1857	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;	1857	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
		1858	kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
		1859	kex->kex[KEX_DH_GRP15_SHA256] = kexdh_server;
		1860	kex->kex[KEX_DH_GRP16_SHA256] = kexdh_server;
1858	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;	1861	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
1859	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;	1862	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
1860	# ifdef OPENSSL_HAS_ECC	1863	# ifdef OPENSSL_HAS_ECC

Lines 68-74 Link Here

(-)a/myproposal.h (-1 / +4 lines)
68		68
69	#ifdef HAVE_EVP_SHA256	69	#ifdef HAVE_EVP_SHA256
70	# define KEX_SHA256_METHODS \	70	# define KEX_SHA256_METHODS \
71	"diffie-hellman-group-exchange-sha256,"	71	"diffie-hellman-group-exchange-sha256," \
		72	"diffie-hellman-group16-sha256," \
		73	"diffie-hellman-group15-sha256," \
		74	"diffie-hellman-group14-sha256,"
72	#define SHA2_HMAC_MODES \	75	#define SHA2_HMAC_MODES \
73	"hmac-sha2-256," \	76	"hmac-sha2-256," \
74	"hmac-sha2-512,"	77	"hmac-sha2-512,"

Lines 302-307 keygrab_ssh2(con *c) Link Here

(-)a/ssh-keyscan.c (+3 lines)
302	#ifdef WITH_OPENSSL	302	#ifdef WITH_OPENSSL
303	c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;	303	c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
304	c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;	304	c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
		305	c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client;
		306	c->c_ssh->kex->kex[KEX_DH_GRP15_SHA256] = kexdh_client;
		307	c->c_ssh->kex->kex[KEX_DH_GRP16_SHA256] = kexdh_client;
305	c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;	308	c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
306	c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;	309	c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
307	# ifdef OPENSSL_HAS_ECC	310	# ifdef OPENSSL_HAS_ECC

Lines 103-108 ssh_init(struct ssh *sshp, int is_server, struct kex_params kex_params) Link Here

(-)a/ssh_api.c (+6 lines)
103	#ifdef WITH_OPENSSL	103	#ifdef WITH_OPENSSL
104	ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;	104	ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
105	ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;	105	ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
		106	ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
		107	ssh->kex->kex[KEX_DH_GRP15_SHA256] = kexdh_server;
		108	ssh->kex->kex[KEX_DH_GRP16_SHA256] = kexdh_server;
106	ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;	109	ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
107	ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;	110	ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
108	# ifdef OPENSSL_HAS_ECC	111	# ifdef OPENSSL_HAS_ECC
Lines 117-122 ssh_init(struct ssh *sshp, int is_server, struct kex_params kex_params) Link Here
117	#ifdef WITH_OPENSSL	120	#ifdef WITH_OPENSSL
118	ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;	121	ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
119	ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;	122	ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
		123	ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client;
		124	ssh->kex->kex[KEX_DH_GRP15_SHA256] = kexdh_client;
		125	ssh->kex->kex[KEX_DH_GRP16_SHA256] = kexdh_client;
120	ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;	126	ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
121	ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;	127	ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
122	# ifdef OPENSSL_HAS_ECC	128	# ifdef OPENSSL_HAS_ECC

Lines 206-211 ssh_kex2(char host, struct sockaddr hostaddr, u_short port) Link Here

(-)a/sshconnect2.c (+3 lines)
206	#ifdef WITH_OPENSSL	206	#ifdef WITH_OPENSSL
207	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;	207	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
208	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;	208	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
		209	kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client;
		210	kex->kex[KEX_DH_GRP15_SHA256] = kexdh_client;
		211	kex->kex[KEX_DH_GRP16_SHA256] = kexdh_client;
209	kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;	212	kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
210	kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;	213	kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
211	# ifdef OPENSSL_HAS_ECC	214	# ifdef OPENSSL_HAS_ECC

Lines 2577-2582 do_ssh2_kex(void) Link Here

(-)a/sshd.c (+3 lines)
2577	#ifdef WITH_OPENSSL	2577	#ifdef WITH_OPENSSL
2578	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;	2578	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
2579	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;	2579	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
		2580	kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
		2581	kex->kex[KEX_DH_GRP15_SHA256] = kexdh_server;
		2582	kex->kex[KEX_DH_GRP16_SHA256] = kexdh_server;
2580	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;	2583	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
2581	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;	2584	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
2582	# ifdef OPENSSL_HAS_ECC	2585	# ifdef OPENSSL_HAS_ECC

Return to bug 2515

Lines 338-349 dh_new_group14(void) Link Here

(-)a/dh.c (-6 / +35 lines)
338	return (dh_new_group_asc(gen, group14));	338	return (dh_new_group_asc(gen, group14));
339	}	339	}
340		340
341	/*	341	/* MODP group 15 from RFC3526. */
342	* 4k bit fallback group used by DH-GEX if moduli file cannot be read.
343	* Source: MODP group 16 from RFC3526.
344	*/
345	DH *	342	DH *
346	dh_new_group_fallback(int max)	343	dh_new_group15(void)
		344	{
		345	static char gen = "2", group15 =
		346	"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
		347	"29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
		348	"EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
		349	"E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
		350	"EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D"
		351	"C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F"
		352	"83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D"
		353	"670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B"
		354	"E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9"
		355	"DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510"
		356	"15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64"
		357	"ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7"
		358	"ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B"
		359	"F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C"
		360	"BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31"
		361	"43DB5BFC" "E0FD108E" "4B82D120" "A93AD2CA" "FFFFFFFF" "FFFFFFFF";
		362
		363	return (dh_new_group_asc(gen, group15));
		364	}
		365
		366	/* MODP group 16 from RFC3526. */
		367	DH *
		368	dh_new_group16(void)
347	{	369	{
348	static char gen = "2", group16 =	370	static char gen = "2", group16 =
349	"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"	371	"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
Lines 369-380 dh_new_group_fallback(int max) Link Here
369	"93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199"	391	"93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199"
370	"FFFFFFFF" "FFFFFFFF";	392	"FFFFFFFF" "FFFFFFFF";
371		393
		394	return (dh_new_group_asc(gen, group16));
		395	}
		396
		397	/* Select fallback group used by DH-GEX if moduli file cannot be read. */
		398	DH *
		399	dh_new_group_fallback(int max)
		400	{
372	if (max < 4096) {	401	if (max < 4096) {
373	debug3("requested max size %d, using 2k bit group 14", max);	402	debug3("requested max size %d, using 2k bit group 14", max);
374	return dh_new_group14();	403	return dh_new_group14();
375	}	404	}
376	debug3("using 4k bit group 16");	405	debug3("using 4k bit group 16");
377	return (dh_new_group_asc(gen, group16));	406	return dh_new_group16();
378	}	407	}
379		408
380	/*	409	/*

Lines 43-48 Link Here

(-)a/kexdh.c (-3 / +4 lines)
43		43
44	int	44	int
45	kex_dh_hash(	45	kex_dh_hash(
		46	int hash_alg,
46	const char *client_version_string,	47	const char *client_version_string,
47	const char *server_version_string,	48	const char *server_version_string,
48	const u_char *ckexinit, size_t ckexinitlen,	49	const u_char *ckexinit, size_t ckexinitlen,
Lines 56-62 kex_dh_hash( Link Here
56	struct sshbuf *b;	57	struct sshbuf *b;
57	int r;	58	int r;
58		59
59	if (*hashlen < ssh_digest_bytes(SSH_DIGEST_SHA1))	60	if (*hashlen < ssh_digest_bytes(hash_alg))
60	return SSH_ERR_INVALID_ARGUMENT;	61	return SSH_ERR_INVALID_ARGUMENT;
61	if ((b = sshbuf_new()) == NULL)	62	if ((b = sshbuf_new()) == NULL)
62	return SSH_ERR_ALLOC_FAIL;	63	return SSH_ERR_ALLOC_FAIL;
Lines 79-90 kex_dh_hash( Link Here
79	#ifdef DEBUG_KEX	80	#ifdef DEBUG_KEX
80	sshbuf_dump(b, stderr);	81	sshbuf_dump(b, stderr);
81	#endif	82	#endif
82	if (ssh_digest_buffer(SSH_DIGEST_SHA1, b, hash, *hashlen) != 0) {	83	if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) {
83	sshbuf_free(b);	84	sshbuf_free(b);
84	return SSH_ERR_LIBCRYPTO_ERROR;	85	return SSH_ERR_LIBCRYPTO_ERROR;
85	}	86	}
86	sshbuf_free(b);	87	sshbuf_free(b);
87	*hashlen = ssh_digest_bytes(SSH_DIGEST_SHA1);	88	*hashlen = ssh_digest_bytes(hash_alg);
88	#ifdef DEBUG_KEX	89	#ifdef DEBUG_KEX
89	dump_digest("hash", hash, *hashlen);	90	dump_digest("hash", hash, *hashlen);
90	#endif	91	#endif