From a63128d1a8a4077bc992e09d00e2683d1592e500 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Wed, 15 Mar 2006 12:08:28 +1100
Subject:    - djm@cvs.openbsd.org 2006/03/07 09:07:40      [kex.c kex.h
 monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]      Implement the
 diffie-hellman-group-exchange-sha256 key exchange method      using the
 SHA256 code in libc (and wrapper to make it into an OpenSSL      EVP),
 interop tested against CVS PuTTY      NB. no portability bits committed yet

---
 kex.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'kex.c')

diff --git a/kex.c b/kex.c
index cd71be9c..175613b4 100644
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $");
+RCSID("$OpenBSD: kex.c,v 1.66 2006/03/07 09:07:40 djm Exp $");
 
 #include <openssl/crypto.h>
 
@@ -44,6 +44,8 @@ RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $");
 
 #define KEX_COOKIE_LEN	16
 
+extern const EVP_MD *evp_ssh_sha256(void);
+
 /* prototype */
 static void kex_kexinit_finish(Kex *);
 static void kex_choose_conf(Kex *);
@@ -301,6 +303,9 @@ choose_kex(Kex *k, char *client, char *server)
 	} else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
 		k->kex_type = KEX_DH_GEX_SHA1;
 		k->evp_md = EVP_sha1();
+	} else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
+		k->kex_type = KEX_DH_GEX_SHA256;
+		k->evp_md = evp_ssh_sha256();
 	} else
 		fatal("bad kex alg %s", k->name);
 }
-- 
cgit v1.2.3