CVE-2023-1667:kex: Factor out the kex mapping to internal enum

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

src/kex.c

@@ -779,6 +779,40 @@ static const char *ssh_find_aead_hmac(const char *cipher)
     return NULL;
 }
 
+static enum ssh_key_exchange_e
+kex_select_kex_type(const char *kex)
+{
+    if (strcmp(kex, "diffie-hellman-group1-sha1") == 0) {
+        return SSH_KEX_DH_GROUP1_SHA1;
+    } else if (strcmp(kex, "diffie-hellman-group14-sha1") == 0) {
+        return SSH_KEX_DH_GROUP14_SHA1;
+    } else if (strcmp(kex, "diffie-hellman-group14-sha256") == 0) {
+        return SSH_KEX_DH_GROUP14_SHA256;
+    } else if (strcmp(kex, "diffie-hellman-group16-sha512") == 0) {
+        return SSH_KEX_DH_GROUP16_SHA512;
+    } else if (strcmp(kex, "diffie-hellman-group18-sha512") == 0) {
+        return SSH_KEX_DH_GROUP18_SHA512;
+#ifdef WITH_GEX
+    } else if (strcmp(kex, "diffie-hellman-group-exchange-sha1") == 0) {
+        return SSH_KEX_DH_GEX_SHA1;
+    } else if (strcmp(kex, "diffie-hellman-group-exchange-sha256") == 0) {
+        return SSH_KEX_DH_GEX_SHA256;
+#endif /* WITH_GEX */
+    } else if (strcmp(kex, "ecdh-sha2-nistp256") == 0) {
+        return SSH_KEX_ECDH_SHA2_NISTP256;
+    } else if (strcmp(kex, "ecdh-sha2-nistp384") == 0) {
+        return SSH_KEX_ECDH_SHA2_NISTP384;
+    } else if (strcmp(kex, "ecdh-sha2-nistp521") == 0) {
+        return SSH_KEX_ECDH_SHA2_NISTP521;
+    } else if (strcmp(kex, "curve25519-sha256@libssh.org") == 0) {
+        return SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG;
+    } else if (strcmp(kex, "curve25519-sha256") == 0) {
+        return SSH_KEX_CURVE25519_SHA256;
+    }
+    /* should not happen. We should be getting only valid names at this stage */
+    return 0;
+}
+
 /** @brief Select the different methods on basis of client's and
  * server's kex messages, and watches out if a match is possible.
  */
@@ -820,34 +854,9 @@ int ssh_kex_select_methods (ssh_session session)
             crypto->kex_methods[i] = strdup("");
         }
     }
-    kex = session->next_crypto->kex_methods[SSH_KEX];
+    kex = crypto->kex_methods[SSH_KEX];
-    if (strcmp(kex, "diffie-hellman-group1-sha1") == 0) {
+    crypto->kex_type = kex_select_kex_type(kex);
-        session->next_crypto->kex_type = SSH_KEX_DH_GROUP1_SHA1;
+
-    } else if (strcmp(kex, "diffie-hellman-group14-sha1") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_DH_GROUP14_SHA1;
-    } else if (strcmp(kex, "diffie-hellman-group14-sha256") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_DH_GROUP14_SHA256;
-    } else if (strcmp(kex, "diffie-hellman-group16-sha512") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_DH_GROUP16_SHA512;
-    } else if (strcmp(kex, "diffie-hellman-group18-sha512") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_DH_GROUP18_SHA512;
-#ifdef WITH_GEX
-    } else if (strcmp(kex, "diffie-hellman-group-exchange-sha1") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_DH_GEX_SHA1;
-    } else if (strcmp(kex, "diffie-hellman-group-exchange-sha256") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_DH_GEX_SHA256;
-#endif /* WITH_GEX */
-    } else if (strcmp(kex, "ecdh-sha2-nistp256") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_ECDH_SHA2_NISTP256;
-    } else if (strcmp(kex, "ecdh-sha2-nistp384") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_ECDH_SHA2_NISTP384;
-    } else if (strcmp(kex, "ecdh-sha2-nistp521") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_ECDH_SHA2_NISTP521;
-    } else if (strcmp(kex, "curve25519-sha256@libssh.org") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG;
-    } else if (strcmp(kex, "curve25519-sha256") == 0) {
-        session->next_crypto->kex_type = SSH_KEX_CURVE25519_SHA256;
-    }
     SSH_LOG(SSH_LOG_DEBUG, "Negotiated %s,%s,%s,%s,%s,%s,%s,%s,%s,%s",
             session->next_crypto->kex_methods[SSH_KEX],
             session->next_crypto->kex_methods[SSH_HOSTKEYS],