1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00

Add more verbose logging during DH key exchange.

The event log messages generated during DH key exchange now include both the
modulus size and hash algorithm used as well as whether the DH parameters
are from one of the standardized groups or were supplied by the server
during Group Exchange.
This commit is contained in:
Mark Tolley 2018-11-18 13:39:46 +00:00 committed by Simon Tatham
parent 4262ce45ca
commit 86e44d3988
3 changed files with 17 additions and 3 deletions

1
ssh.h
View File

@ -1086,6 +1086,7 @@ bool dh_is_gex(const struct ssh_kex *kex);
struct dh_ctx;
struct dh_ctx *dh_setup_group(const struct ssh_kex *kex);
struct dh_ctx *dh_setup_gex(Bignum pval, Bignum gval);
int dh_modulus_bit_size(const struct dh_ctx *ctx);
void dh_cleanup(struct dh_ctx *);
Bignum dh_create_e(struct dh_ctx *, int nbits);
const char *dh_validate_f(struct dh_ctx *, Bignum f);

View File

@ -87,17 +87,22 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s)
s->dh_ctx = dh_setup_gex(s->p, s->g);
s->kex_init_value = SSH2_MSG_KEX_DH_GEX_INIT;
s->kex_reply_value = SSH2_MSG_KEX_DH_GEX_REPLY;
ppl_logevent(("Doing Diffie-Hellman key exchange using %d bit modulus and hash %s with a server supplied group",
dh_modulus_bit_size(s->dh_ctx),
s->kex_alg->hash->text_name));
} else {
s->ppl.bpp->pls->kctx = SSH2_PKTCTX_DHGROUP;
s->dh_ctx = dh_setup_group(s->kex_alg);
s->kex_init_value = SSH2_MSG_KEXDH_INIT;
s->kex_reply_value = SSH2_MSG_KEXDH_REPLY;
ppl_logevent(("Using Diffie-Hellman with standard group \"%s\"",
ppl_logevent(("Doing Diffie-Hellman key exchange using %d bit modulus and hash %s with standard group \"%s\"",
dh_modulus_bit_size(s->dh_ctx),
s->kex_alg->hash->text_name,
s->kex_alg->groupname));
}
ppl_logevent(("Doing Diffie-Hellman key exchange with hash %s",
s->kex_alg->hash->text_name));
/*
* Now generate and send e for Diffie-Hellman.
*/

View File

@ -209,6 +209,14 @@ struct dh_ctx *dh_setup_gex(Bignum pval, Bignum gval)
return ctx;
}
/*
* Return size of DH modulus p.
*/
int dh_modulus_bit_size(const struct dh_ctx *ctx)
{
return bignum_bitcount(ctx->p);
}
/*
* Clean up and free a context.
*/