diff --git a/include/libssh/crypto.h b/include/libssh/crypto.h index 4cd0cecd..034b4f2e 100644 --- a/include/libssh/crypto.h +++ b/include/libssh/crypto.h @@ -45,6 +45,7 @@ #ifdef HAVE_OPENSSL_ECDH_H #include #endif +#include "libssh/dh.h" #include "libssh/ecdh.h" #include "libssh/kex.h" #include "libssh/curve25519.h" @@ -98,10 +99,11 @@ enum ssh_cipher_e { SSH_AEAD_CHACHA20_POLY1305 }; +struct dh_ctx; + struct ssh_crypto_struct { - bignum e,f,x,k,y; - bignum g, p; - int dh_group_is_mutable; /* do free group parameters */ + bignum shared_secret; + struct dh_ctx *dh_ctx; #ifdef WITH_GEX size_t dh_pmin; int dh_pn; int dh_pmax; /* preferred group parameters */ #endif /* WITH_GEX */ diff --git a/include/libssh/dh.h b/include/libssh/dh.h index 25aad47e..2a9be714 100644 --- a/include/libssh/dh.h +++ b/include/libssh/dh.h @@ -25,6 +25,18 @@ #include "libssh/crypto.h" +struct dh_keypair { + bignum priv_key; + bignum pub_key; +}; + +struct dh_ctx { + struct dh_keypair client; + struct dh_keypair server; + bignum generator; + bignum modulus; +}; + int ssh_dh_init(void); void ssh_dh_finalize(void); diff --git a/src/curve25519.c b/src/curve25519.c index 3a914a41..92f603dd 100644 --- a/src/curve25519.c +++ b/src/curve25519.c @@ -95,8 +95,8 @@ static int ssh_curve25519_build_k(ssh_session session) { crypto_scalarmult(k, session->next_crypto->curve25519_privkey, session->next_crypto->curve25519_server_pubkey); - bignum_bin2bn(k, CURVE25519_PUBKEY_SIZE, &session->next_crypto->k); - if (session->next_crypto->k == NULL) { + bignum_bin2bn(k, CURVE25519_PUBKEY_SIZE, &session->next_crypto->shared_secret); + if (session->next_crypto->shared_secret == NULL) { return SSH_ERROR; } @@ -105,7 +105,7 @@ static int ssh_curve25519_build_k(ssh_session session) { session->next_crypto->server_kex.cookie, 16); ssh_print_hexa("Session client cookie", session->next_crypto->client_kex.cookie, 16); - ssh_print_bignum("Shared secret key", session->next_crypto->k); + ssh_print_bignum("Shared secret key", session->next_crypto->shared_secret); #endif return 0; diff --git a/src/dh-gex.c b/src/dh-gex.c index cbe7e02c..02494bb2 100644 --- a/src/dh-gex.c +++ b/src/dh-gex.c @@ -128,11 +128,10 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_group) ssh_set_error_oom(session); goto error; } - session->next_crypto->dh_group_is_mutable = 1; rc = ssh_buffer_unpack(packet, "BB", - &session->next_crypto->p, - &session->next_crypto->g); + &session->next_crypto->dh_ctx->modulus, + &session->next_crypto->dh_ctx->generator); if (rc != SSH_OK) { ssh_set_error(session, SSH_FATAL, "Invalid DH_GEX_GROUP packet"); goto error; @@ -142,7 +141,7 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_group) if (rc != 1) { goto error; } - blen = bignum_num_bits(session->next_crypto->p); + blen = bignum_num_bits(session->next_crypto->dh_ctx->modulus); if (blen < DH_PMIN || blen > DH_PMAX) { ssh_set_error(session, SSH_FATAL, @@ -152,36 +151,31 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_group) DH_PMAX); goto error; } - if (bignum_cmp(session->next_crypto->p, one) <= 0) { + if (bignum_cmp(session->next_crypto->dh_ctx->modulus, one) <= 0) { /* p must be positive and preferably bigger than one */ ssh_set_error(session, SSH_FATAL, "Invalid dh group parameter p"); } - if (!bignum_is_bit_set(session->next_crypto->p, 0)) { + if (!bignum_is_bit_set(session->next_crypto->dh_ctx->modulus, 0)) { /* p must be a prime and therefore not divisible by 2 */ ssh_set_error(session, SSH_FATAL, "Invalid dh group parameter p"); goto error; } - bignum_sub(pmin1, session->next_crypto->p, one); - if (bignum_cmp(session->next_crypto->g, one) <= 0 || - bignum_cmp(session->next_crypto->g, pmin1) > 0) { + bignum_sub(pmin1, session->next_crypto->dh_ctx->modulus, one); + if (bignum_cmp(session->next_crypto->dh_ctx->generator, one) <= 0 || + bignum_cmp(session->next_crypto->dh_ctx->generator, pmin1) > 0) { /* generator must be at least 2 and smaller than p-1*/ ssh_set_error(session, SSH_FATAL, "Invalid dh group parameter g"); goto error; } /* compute and send DH public parameter */ - rc = ssh_dh_generate_secret(session, session->next_crypto->x); + rc = ssh_dh_generate_secret(session, session->next_crypto->dh_ctx->client.priv_key); if (rc == SSH_ERROR) { goto error; } - session->next_crypto->e = bignum_new(); - if (session->next_crypto->e == NULL) { - ssh_set_error_oom(session); - goto error; - } - rc = bignum_mod_exp(session->next_crypto->e, - session->next_crypto->g, - session->next_crypto->x, - session->next_crypto->p, + rc = bignum_mod_exp(session->next_crypto->dh_ctx->client.pub_key, + session->next_crypto->dh_ctx->generator, + session->next_crypto->dh_ctx->client.priv_key, + session->next_crypto->dh_ctx->modulus, ctx); if (rc != 1) { goto error; @@ -193,7 +187,7 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_group) rc = ssh_buffer_pack(session->out_buffer, "bB", SSH2_MSG_KEX_DH_GEX_INIT, - session->next_crypto->e); + session->next_crypto->dh_ctx->client.pub_key); if (rc != SSH_OK) { goto error; } @@ -229,7 +223,7 @@ static SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_reply) ssh_packet_remove_callbacks(session, &ssh_dhgex_client_callbacks); rc = ssh_buffer_unpack(packet, "SBS", - &pubkey_blob, &crypto->f, + &pubkey_blob, &crypto->dh_ctx->server.pub_key, &crypto->dh_server_signature); if (rc == SSH_ERROR) { @@ -584,8 +578,8 @@ static SSH_PACKET_CALLBACK(ssh_packet_server_dhgex_request) pn, pmax, &size, - &session->next_crypto->p, - &session->next_crypto->g); + &session->next_crypto->dh_ctx->modulus, + &session->next_crypto->dh_ctx->generator); if (rc == SSH_ERROR) { ssh_set_error(session, SSH_FATAL, @@ -595,12 +589,11 @@ static SSH_PACKET_CALLBACK(ssh_packet_server_dhgex_request) pmax); goto error; } - session->next_crypto->dh_group_is_mutable = 1; rc = ssh_buffer_pack(session->out_buffer, "bBB", SSH2_MSG_KEX_DH_GEX_GROUP, - session->next_crypto->p, - session->next_crypto->g); + session->next_crypto->dh_ctx->modulus, + session->next_crypto->dh_ctx->generator); if (rc != SSH_OK) { ssh_set_error_invalid(session); goto error; diff --git a/src/dh.c b/src/dh.c index 5bfa8b35..e997d583 100644 --- a/src/dh.c +++ b/src/dh.c @@ -294,65 +294,120 @@ void ssh_dh_finalize(void) dh_crypto_initialized = 0; } +static void ssh_dh_free_dh_keypair(struct dh_keypair *keypair) +{ + bignum_safe_free(keypair->priv_key); + bignum_safe_free(keypair->pub_key); +} + +static int ssh_dh_init_dh_keypair(struct dh_keypair *keypair) +{ + int rc; + + keypair->priv_key = bignum_new(); + if (keypair->priv_key == NULL) { + rc = SSH_ERROR; + goto done; + } + keypair->pub_key = bignum_new(); + if (keypair->pub_key == NULL) { + rc = SSH_ERROR; + goto done; + } + + rc = SSH_OK; +done: + if (rc != SSH_OK) { + ssh_dh_free_dh_keypair(keypair); + } + return rc; +} + /** * @internal * @brief allocate and initialize ephemeral values used in dh kex */ -int ssh_dh_init_common(ssh_session session){ - struct ssh_crypto_struct *crypto=session->next_crypto; - crypto->x = bignum_new(); - crypto->y = bignum_new(); - crypto->e = NULL; - crypto->f = NULL; - crypto->k = bignum_new(); - crypto->g = NULL; - crypto->p = NULL; - crypto->dh_group_is_mutable = 0; - switch(session->next_crypto->kex_type) { - case SSH_KEX_DH_GROUP1_SHA1: - session->next_crypto->p = p_group1; - session->next_crypto->g = g; - session->next_crypto->dh_group_is_mutable = 0; - break; - case SSH_KEX_DH_GROUP14_SHA1: - session->next_crypto->p = p_group14; - session->next_crypto->g = g; - session->next_crypto->dh_group_is_mutable = 0; - break; - case SSH_KEX_DH_GROUP16_SHA512: - session->next_crypto->p = p_group16; - session->next_crypto->g = g; - session->next_crypto->dh_group_is_mutable = 0; - break; - case SSH_KEX_DH_GROUP18_SHA512: - session->next_crypto->p = p_group18; - session->next_crypto->g = g; - session->next_crypto->dh_group_is_mutable = 0; - break; - default: - /* fall through */ - break; - } - if (crypto->x == NULL || crypto->y == NULL || crypto->k == NULL){ - bignum_safe_free(crypto->k); - bignum_safe_free(crypto->y); - bignum_safe_free(crypto->x); - ssh_set_error_oom(session); +int ssh_dh_init_common(ssh_session session) +{ + struct ssh_crypto_struct *crypto = session->next_crypto; + struct dh_ctx *ctx = NULL; + int rc; + + ctx = calloc(1, sizeof(*ctx)); + if (ctx == NULL) { return SSH_ERROR; - } else { - return SSH_OK; } + + switch (crypto->kex_type) { + case SSH_KEX_DH_GROUP1_SHA1: + ctx->generator = g; + ctx->modulus = p_group1; + break; + case SSH_KEX_DH_GROUP14_SHA1: + ctx->generator = g; + ctx->modulus = p_group14; + break; + case SSH_KEX_DH_GROUP16_SHA512: + ctx->generator = g; + ctx->modulus = p_group16; + break; + case SSH_KEX_DH_GROUP18_SHA512: + ctx->generator = g; + ctx->modulus = p_group18; + break; + default: + break; + } + + rc = ssh_dh_init_dh_keypair(&ctx->client); + if (rc != SSH_OK) { + goto done; + } + + rc = ssh_dh_init_dh_keypair(&ctx->server); + if (rc != SSH_OK) { + goto done; + } + + crypto->shared_secret = bignum_new(); + if (crypto->shared_secret == NULL) { + goto done; + } + + crypto->dh_ctx = ctx; + rc = SSH_OK; +done: + if (rc != SSH_OK) { + ssh_dh_free_dh_keypair(&ctx->client); + ssh_dh_free_dh_keypair(&ctx->server); + free(ctx); + ssh_set_error_oom(session); + } + return rc; } -void ssh_dh_cleanup(struct ssh_crypto_struct *crypto){ - bignum_safe_free(crypto->x); - bignum_safe_free(crypto->y); - bignum_safe_free(crypto->e); - bignum_safe_free(crypto->f); - if (crypto->dh_group_is_mutable){ - bignum_safe_free(crypto->p); - bignum_safe_free(crypto->g); +void ssh_dh_cleanup(struct ssh_crypto_struct *crypto) +{ + struct dh_ctx *ctx = crypto->dh_ctx; + + if (ctx == NULL) { + return; } + + ssh_dh_free_dh_keypair(&ctx->client); + ssh_dh_free_dh_keypair(&ctx->server); + + if ((ctx->modulus != p_group1) && + (ctx->modulus != p_group14) && + (ctx->modulus != p_group16) && + (ctx->modulus != p_group18)) { + bignum_safe_free(ctx->modulus); + } + if (ctx->generator != g) { + bignum_safe_free(ctx->generator); + } + free(ctx); + crypto->dh_ctx = NULL; } int ssh_dh_import_next_pubkey_blob(ssh_session session, ssh_string pubkey_blob) @@ -365,18 +420,18 @@ int ssh_dh_import_next_pubkey_blob(ssh_session session, ssh_string pubkey_blob) #ifdef DEBUG_CRYPTO static void ssh_dh_debug(ssh_session session) { - ssh_print_bignum("p", session->next_crypto->p); - ssh_print_bignum("g", session->next_crypto->g); - ssh_print_bignum("x", session->next_crypto->x); - ssh_print_bignum("y", session->next_crypto->y); - ssh_print_bignum("e", session->next_crypto->e); - ssh_print_bignum("f", session->next_crypto->f); + ssh_print_bignum("p", session->next_crypto->dh_ctx->modulus); + ssh_print_bignum("g", session->next_crypto->dh_ctx->generator); + ssh_print_bignum("x", session->next_crypto->dh_ctx->client.priv_key); + ssh_print_bignum("y", session->next_crypto->dh_ctx->server.priv_key); + ssh_print_bignum("e", session->next_crypto->dh_ctx->client.pub_key); + ssh_print_bignum("f", session->next_crypto->dh_ctx->server.pub_key); ssh_print_hexa("Session server cookie", session->next_crypto->server_kex.cookie, 16); ssh_print_hexa("Session client cookie", session->next_crypto->client_kex.cookie, 16); - ssh_print_bignum("k", session->next_crypto->k); + ssh_print_bignum("k", session->next_crypto->shared_secret); } #else #define ssh_dh_debug(session) @@ -404,7 +459,7 @@ int ssh_dh_generate_secret(ssh_session session, bignum dest) if (tmp == NULL) { goto error; } - p_bits = bignum_num_bits(session->next_crypto->p); + p_bits = bignum_num_bits(session->next_crypto->dh_ctx->modulus); /* we need at most DH_SECURITY_BITS */ bits = MIN(DH_SECURITY_BITS * 2, p_bits); /* ensure we're not too close of p so rnd()%p stays uniform */ @@ -415,7 +470,7 @@ int ssh_dh_generate_secret(ssh_session session, bignum dest) if (rc != 1) { goto error; } - rc = bignum_mod(dest, tmp, session->next_crypto->p, ctx); + rc = bignum_mod(dest, tmp, session->next_crypto->dh_ctx->modulus, ctx); if (rc != 1) { goto error; } @@ -439,16 +494,16 @@ int ssh_dh_build_k(ssh_session session) /* the server and clients don't use the same numbers */ if (session->client) { - rc = bignum_mod_exp(session->next_crypto->k, - session->next_crypto->f, - session->next_crypto->x, - session->next_crypto->p, + rc = bignum_mod_exp(session->next_crypto->shared_secret, + session->next_crypto->dh_ctx->server.pub_key, + session->next_crypto->dh_ctx->client.priv_key, + session->next_crypto->dh_ctx->modulus, ctx); } else { - rc = bignum_mod_exp(session->next_crypto->k, - session->next_crypto->e, - session->next_crypto->y, - session->next_crypto->p, + rc = bignum_mod_exp(session->next_crypto->shared_secret, + session->next_crypto->dh_ctx->client.pub_key, + session->next_crypto->dh_ctx->server.priv_key, + session->next_crypto->dh_ctx->modulus, ctx); } @@ -488,22 +543,18 @@ int ssh_client_dh_init(ssh_session session){ goto error; } - rc = ssh_dh_generate_secret(session, session->next_crypto->x); + rc = ssh_dh_generate_secret(session, session->next_crypto->dh_ctx->client.priv_key); if (rc == SSH_ERROR){ goto error; } - session->next_crypto->e = bignum_new(); - if (session->next_crypto->e == NULL){ - goto error; - } - rc = bignum_mod_exp(session->next_crypto->e, session->next_crypto->g, session->next_crypto->x, - session->next_crypto->p, ctx); + rc = bignum_mod_exp(session->next_crypto->dh_ctx->client.pub_key, session->next_crypto->dh_ctx->generator, session->next_crypto->dh_ctx->client.priv_key, + session->next_crypto->dh_ctx->modulus, ctx); bignum_ctx_free(ctx); if (rc != 1) { goto error; } - rc = ssh_buffer_pack(session->out_buffer, "bB", SSH2_MSG_KEXDH_INIT, session->next_crypto->e); + rc = ssh_buffer_pack(session->out_buffer, "bB", SSH2_MSG_KEXDH_INIT, session->next_crypto->dh_ctx->client.pub_key); if (rc != SSH_OK) { goto error; } @@ -529,7 +580,7 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dh_reply){ ssh_packet_remove_callbacks(session, &ssh_dh_client_callbacks); - rc = ssh_buffer_unpack(packet, "SBS", &pubkey_blob, &crypto->f, + rc = ssh_buffer_unpack(packet, "SBS", &pubkey_blob, &crypto->dh_ctx->server.pub_key, &crypto->dh_server_signature); if (rc == SSH_ERROR) { goto error; @@ -606,25 +657,21 @@ int ssh_server_dh_process_init(ssh_session session, ssh_buffer packet) if (bignum_ctx_invalid(ctx)) { goto error; } - rc = ssh_buffer_unpack(packet, "B", &session->next_crypto->e); + rc = ssh_buffer_unpack(packet, "B", &session->next_crypto->dh_ctx->client.pub_key); if (rc == SSH_ERROR) { ssh_set_error(session, SSH_FATAL, "No e number in client request"); goto error; } - rc = ssh_dh_generate_secret(session, session->next_crypto->y); + rc = ssh_dh_generate_secret(session, session->next_crypto->dh_ctx->server.priv_key); if (rc == SSH_ERROR){ goto error; } - session->next_crypto->f = bignum_new(); - if (session->next_crypto->f == NULL){ - goto error; - } - rc = bignum_mod_exp(session->next_crypto->f, - session->next_crypto->g, - session->next_crypto->y, - session->next_crypto->p, ctx); + rc = bignum_mod_exp(session->next_crypto->dh_ctx->server.pub_key, + session->next_crypto->dh_ctx->generator, + session->next_crypto->dh_ctx->server.priv_key, + session->next_crypto->dh_ctx->modulus, ctx); bignum_ctx_free(ctx); ctx = NULL; if (rc != 1) { @@ -677,7 +724,7 @@ int ssh_server_dh_process_init(ssh_session session, ssh_buffer packet) "bSBS", packet_type, pubkey_blob, - session->next_crypto->f, + session->next_crypto->dh_ctx->server.pub_key, sig_blob); SSH_STRING_FREE(sig_blob); SSH_STRING_FREE(pubkey_blob); diff --git a/src/ecdh_crypto.c b/src/ecdh_crypto.c index 0078712e..86e4551c 100644 --- a/src/ecdh_crypto.c +++ b/src/ecdh_crypto.c @@ -170,9 +170,9 @@ int ecdh_build_k(ssh_session session) { return -1; } - bignum_bin2bn(buffer, len, &session->next_crypto->k); + bignum_bin2bn(buffer, len, &session->next_crypto->shared_secret); free(buffer); - if (session->next_crypto->k == NULL) { + if (session->next_crypto->shared_secret == NULL) { EC_KEY_free(session->next_crypto->ecdh_privkey); session->next_crypto->ecdh_privkey = NULL; return -1; @@ -185,7 +185,7 @@ int ecdh_build_k(ssh_session session) { session->next_crypto->server_kex.cookie, 16); ssh_print_hexa("Session client cookie", session->next_crypto->client_kex.cookie, 16); - ssh_print_bignum("Shared secret key", session->next_crypto->k); + ssh_print_bignum("Shared secret key", session->next_crypto->shared_secret); #endif return 0; diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c index 913855c0..473846b8 100644 --- a/src/ecdh_gcrypt.c +++ b/src/ecdh_gcrypt.c @@ -198,8 +198,9 @@ int ecdh_build_k(ssh_session session) goto out; } - session->next_crypto->k = gcry_mpi_new(0); - gcry_mpi_point_snatch_get(session->next_crypto->k, NULL, NULL, point); + session->next_crypto->shared_secret = gcry_mpi_new(0); + gcry_mpi_point_snatch_get(session->next_crypto->shared_secret, + NULL, NULL, point); #else s = ssh_sexp_extract_mpi(result, "s", GCRYMPI_FMT_USG, GCRYMPI_FMT_USG); if (s == NULL) { @@ -224,7 +225,7 @@ int ecdh_build_k(ssh_session session) goto out; } - err = gcry_mpi_scan(&session->next_crypto->k, + err = gcry_mpi_scan(&session->next_crypto->shared_secret, GCRYMPI_FMT_USG, (const char *)ssh_string_data(s) + 1, k_len / 2, @@ -245,7 +246,7 @@ int ecdh_build_k(ssh_session session) session->next_crypto->server_kex.cookie, 16); ssh_print_hexa("Session client cookie", session->next_crypto->client_kex.cookie, 16); - ssh_print_bignum("Shared secret key", session->next_crypto->k); + ssh_print_bignum("Shared secret key", session->next_crypto->shared_secret); #endif out: diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c index 68033f7d..2c165aaa 100644 --- a/src/ecdh_mbedcrypto.c +++ b/src/ecdh_mbedcrypto.c @@ -154,16 +154,16 @@ int ecdh_build_k(ssh_session session) goto out; } - session->next_crypto->k = malloc(sizeof(mbedtls_mpi)); - if (session->next_crypto->k == NULL) { + session->next_crypto->shared_secret = malloc(sizeof(mbedtls_mpi)); + if (session->next_crypto->shared_secret == NULL) { rc = SSH_ERROR; goto out; } - mbedtls_mpi_init(session->next_crypto->k); + mbedtls_mpi_init(session->next_crypto->shared_secret); rc = mbedtls_ecdh_compute_shared(&grp, - session->next_crypto->k, + session->next_crypto->shared_secret, &pubkey, &session->next_crypto->ecdh_privkey->d, mbedtls_ctr_drbg_random, diff --git a/src/kex.c b/src/kex.c index 750996b3..618ec88e 100644 --- a/src/kex.c +++ b/src/kex.c @@ -1123,8 +1123,8 @@ int ssh_make_sessionid(ssh_session session) case SSH_KEX_DH_GROUP18_SHA512: rc = ssh_buffer_pack(buf, "BB", - session->next_crypto->e, - session->next_crypto->f); + session->next_crypto->dh_ctx->client.pub_key, + session->next_crypto->dh_ctx->server.pub_key); if (rc != SSH_OK) { goto error; } @@ -1137,10 +1137,10 @@ int ssh_make_sessionid(ssh_session session) session->next_crypto->dh_pmin, session->next_crypto->dh_pn, session->next_crypto->dh_pmax, - session->next_crypto->p, - session->next_crypto->g, - session->next_crypto->e, - session->next_crypto->f); + session->next_crypto->dh_ctx->modulus, + session->next_crypto->dh_ctx->generator, + session->next_crypto->dh_ctx->client.pub_key, + session->next_crypto->dh_ctx->server.pub_key); if (rc != SSH_OK) { goto error; } @@ -1180,7 +1180,7 @@ int ssh_make_sessionid(ssh_session session) break; #endif } - rc = ssh_buffer_pack(buf, "B", session->next_crypto->k); + rc = ssh_buffer_pack(buf, "B", session->next_crypto->shared_secret); if (rc != SSH_OK) { goto error; } @@ -1365,7 +1365,7 @@ int ssh_generate_session_keys(ssh_session session) size_t intkey_srv_to_cli_len = 0; int rc = -1; - k_string = ssh_make_bignum_string(crypto->k); + k_string = ssh_make_bignum_string(crypto->shared_secret); if (k_string == NULL) { ssh_set_error_oom(session); goto error; diff --git a/src/wrapper.c b/src/wrapper.c index ca04f5b2..299d4f3f 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -169,7 +169,7 @@ void crypto_free(struct ssh_crypto_struct *crypto) ssh_key_free(crypto->server_pubkey); ssh_dh_cleanup(crypto); - bignum_safe_free(crypto->k); + bignum_safe_free(crypto->shared_secret); #ifdef HAVE_ECDH SAFE_FREE(crypto->ecdh_client_pubkey); SAFE_FREE(crypto->ecdh_server_pubkey); diff --git a/tests/unittests/torture_session_keys.c b/tests/unittests/torture_session_keys.c index 2a21e63b..e7ef2e44 100644 --- a/tests/unittests/torture_session_keys.c +++ b/tests/unittests/torture_session_keys.c @@ -69,7 +69,7 @@ static void torture_session_keys(UNUSED_PARAM(void **state)) k_string = ssh_string_new(32); ssh_string_fill(k_string, key, 32); - test_crypto.k = ssh_make_string_bn(k_string); + test_crypto.shared_secret = ssh_make_string_bn(k_string); rc = ssh_generate_session_keys(&session); assert_int_equal(rc, 0);