+
+ /*
+ * FIXME: verify signature of exchange hash.
+ */
+
+ /*
+ * Send SSH2_MSG_NEWKEYS. Expect it from server.
+ */
+ ssh2_pkt_init(SSH2_MSG_NEWKEYS);
+ ssh2_pkt_send();
+ crWaitUntil(ispkt);
+ if (pktin.type != SSH2_MSG_NEWKEYS)
+ fatalbox("expected new-keys packet from server");
+
+ /*
+ * Create and initialise session keys.
+ */
+ cscipher = cscipher_tobe;
+ sccipher = sccipher_tobe;
+ csmac = csmac_tobe;
+ scmac = scmac_tobe;
+ cscomp = cscomp_tobe;
+ sccomp = sccomp_tobe;
+ /*
+ * Set IVs after keys.
+ */
+ ssh2_mkkey(K, exchange_hash, 'C', keyspace); cscipher->setcskey(keyspace);
+ ssh2_mkkey(K, exchange_hash, 'D', keyspace); cscipher->setsckey(keyspace);
+ ssh2_mkkey(K, exchange_hash, 'A', keyspace); cscipher->setcsiv(keyspace);
+ ssh2_mkkey(K, exchange_hash, 'B', keyspace); sccipher->setsciv(keyspace);
+ ssh2_mkkey(K, exchange_hash, 'E', keyspace); csmac->setcskey(keyspace);
+ ssh2_mkkey(K, exchange_hash, 'F', keyspace); scmac->setsckey(keyspace);
+