diff --git a/markbase-core/src/ssh_server/crypto.rs b/markbase-core/src/ssh_server/crypto.rs index 495f1dd..672ecea 100644 --- a/markbase-core/src/ssh_server/crypto.rs +++ b/markbase-core/src/ssh_server/crypto.rs @@ -75,8 +75,10 @@ impl SessionKeys { let session_id = exchange_hash.to_vec(); info!("SessionKeys::derive() starting"); - info!(" shared_secret ({} bytes): {:?}", shared_secret.len(), &shared_secret[..8]); + info!(" shared_secret ({} bytes): {:?}", shared_secret.len(), &shared_secret[..std::cmp::min(8, shared_secret.len())]); info!(" shared_secret[0] = {} (>=0x80? {})", shared_secret[0], shared_secret[0] >= 0x80); + info!(" exchange_hash (H, {} bytes): {:?}", exchange_hash.len(), &exchange_hash[..8]); + info!(" session_id ({} bytes): {:?}", session_id.len(), &session_id[..8]); // RFC 4253密钥派生公式:HASH(K || H || X || session_id) // 其中K是shared_secret(需要mpint格式) @@ -92,6 +94,14 @@ impl SessionKeys { let iv_ctos = Self::derive_key_rfc4253(&shared_secret_mpint, exchange_hash, 'A', &session_id)?; let iv_stoc = Self::derive_key_rfc4253(&shared_secret_mpint, exchange_hash, 'B', &session_id)?; + info!("Derived keys summary:"); + info!(" encryption_key_ctos ({} bytes): {:?}", encryption_key_ctos.len(), &encryption_key_ctos[..std::cmp::min(16, encryption_key_ctos.len())]); + info!(" encryption_key_stoc ({} bytes): {:?}", encryption_key_stoc.len(), &encryption_key_stoc[..std::cmp::min(16, encryption_key_stoc.len())]); + info!(" iv_ctos ({} bytes): {:?}", iv_ctos.len(), &iv_ctos[..std::cmp::min(16, iv_ctos.len())]); + info!(" iv_stoc ({} bytes): {:?}", iv_stoc.len(), &iv_stoc[..std::cmp::min(16, iv_stoc.len())]); + info!(" mac_key_ctos ({} bytes): {:?}", mac_key_ctos.len(), &mac_key_ctos[..std::cmp::min(16, mac_key_ctos.len())]); + info!(" mac_key_stoc ({} bytes): {:?}", mac_key_stoc.len(), &mac_key_stoc[..std::cmp::min(16, mac_key_stoc.len())]); + Ok(Self { session_id, encryption_key_ctos,