ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-06-26 18:17:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow DH to be completely disabled (#97)

Browse Source 
Reduces binary size by ~2kB by default and by 21kB with no other
libtommath functions users, ex. with curve25519 kex and ed25519
key only.
This commit is contained in:
Vladislav Grishenko 2020-05-28 20:01:48 +05:00 committed by GitHub
parent 3b359050b4
commit 413eaf1ba1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cli-kex.c
View File

@ -155,10 +155,12 @@ void recv_msg_kexdh_reply() {
#endif #endif
} }
#if DROPBEAR_NORMAL_DH
if (cli_ses.dh_param) { if (cli_ses.dh_param) {
free_kexdh_param(cli_ses.dh_param); free_kexdh_param(cli_ses.dh_param);
cli_ses.dh_param = NULL; cli_ses.dh_param = NULL;
} }
#endif
#if DROPBEAR_ECDH #if DROPBEAR_ECDH
if (cli_ses.ecdh_param) { if (cli_ses.ecdh_param) {
free_kexecdh_param(cli_ses.ecdh_param); free_kexecdh_param(cli_ses.ecdh_param);

2
common-kex.c
View File

@ -548,6 +548,7 @@ void recv_msg_kexinit() {
TRACE(("leave recv_msg_kexinit")) TRACE(("leave recv_msg_kexinit"))
} }
#if DROPBEAR_NORMAL_DH
static void load_dh_p(mp_int * dh_p) static void load_dh_p(mp_int * dh_p)
{ {
bytes_to_mp(dh_p, ses.newkeys->algo_kex->dh_p_bytes, bytes_to_mp(dh_p, ses.newkeys->algo_kex->dh_p_bytes,
@ -656,6 +657,7 @@ void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them,
/* calculate the hash H to sign */ /* calculate the hash H to sign */
finish_kexhashbuf(); finish_kexhashbuf();
} }
#endif
#if DROPBEAR_ECDH #if DROPBEAR_ECDH
struct kex_ecdh_param *gen_kexecdh_param() { struct kex_ecdh_param *gen_kexecdh_param() {

3
dh_groups.c
View File

@ -1,6 +1,8 @@
#include "options.h" #include "options.h"
#include "dh_groups.h" #include "dh_groups.h"
#if DROPBEAR_DH_NORMAL
#if DROPBEAR_DH_GROUP1 #if DROPBEAR_DH_GROUP1
/* diffie-hellman-group1-sha1 value for p */ /* diffie-hellman-group1-sha1 value for p */
const unsigned char dh_p_1[DH_P_1_LEN] = { const unsigned char dh_p_1[DH_P_1_LEN] = {
@ -92,3 +94,4 @@ const unsigned char dh_p_16[DH_P_16_LEN] = {
/* Same for all groups */ /* Same for all groups */
const int DH_G_VAL = 2; const int DH_G_VAL = 2;
#endif

4
dh_groups.h
View File

@ -2,6 +2,8 @@
#define DROPBEAR_DH_GROUPS_H #define DROPBEAR_DH_GROUPS_H
#include "options.h" #include "options.h"
#if DROPBEAR_DH_NORMAL
#if DROPBEAR_DH_GROUP1 #if DROPBEAR_DH_GROUP1
#define DH_P_1_LEN 128 #define DH_P_1_LEN 128
extern const unsigned char dh_p_1[DH_P_1_LEN]; extern const unsigned char dh_p_1[DH_P_1_LEN];
@ -17,8 +19,8 @@ extern const unsigned char dh_p_14[DH_P_14_LEN];
extern const unsigned char dh_p_16[DH_P_16_LEN]; extern const unsigned char dh_p_16[DH_P_16_LEN];
#endif #endif
extern const int DH_G_VAL; extern const int DH_G_VAL;
#endif
#endif #endif

7
kex.h
View File

@ -36,10 +36,12 @@ void recv_msg_newkeys(void);
void kexfirstinitialise(void); void kexfirstinitialise(void);
void finish_kexhashbuf(void); void finish_kexhashbuf(void);
#if DROPBEAR_NORMAL_DH
struct kex_dh_param *gen_kexdh_param(void); struct kex_dh_param *gen_kexdh_param(void);
void free_kexdh_param(struct kex_dh_param *param); void free_kexdh_param(struct kex_dh_param *param);
void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them, void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them,
sign_key *hostkey); sign_key *hostkey);
#endif
#if DROPBEAR_ECDH #if DROPBEAR_ECDH
struct kex_ecdh_param *gen_kexecdh_param(void); struct kex_ecdh_param *gen_kexecdh_param(void);
@ -87,10 +89,12 @@ struct KEXState {
}; };
#if DROPBEAR_NORMAL_DH
struct kex_dh_param { struct kex_dh_param {
mp_int pub; /* e */ mp_int pub; /* e */
mp_int priv; /* x */ mp_int priv; /* x */
}; };
#endif
#if DROPBEAR_ECDH #if DROPBEAR_ECDH
struct kex_ecdh_param { struct kex_ecdh_param {
@ -104,9 +108,6 @@ struct kex_curve25519_param {
unsigned char priv[CURVE25519_LEN]; unsigned char priv[CURVE25519_LEN];
unsigned char pub[CURVE25519_LEN]; unsigned char pub[CURVE25519_LEN];
}; };
/* No header file for curve25519_donna */
int curve25519_donna(unsigned char *out, const unsigned char *secret, const unsigned char *other);
#endif #endif
#endif /* DROPBEAR_KEX_H_ */ #endif /* DROPBEAR_KEX_H_ */