ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-07 13:21:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ecdh works against OpenSSH

Browse Source 
--HG--
branch : ecc
This commit is contained in:
Matt Johnston 2013-04-08 23:12:20 +08:00
parent c797c1750c
commit 48c83aa9d0
2 changed files with 8 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
common-kex.c
View File

@ -304,7 +304,7 @@ void gen_new_keys() {
hash_process_mp(hashdesc, &hs, ses.dh_K); hash_process_mp(hashdesc, &hs, ses.dh_K);
mp_clear(ses.dh_K); mp_clear(ses.dh_K);
m_free(ses.dh_K); m_free(ses.dh_K);
sha1_process(&hs, ses.hash->data, ses.hash->len); hashdesc->process(&hs, ses.hash->data, ses.hash->len);
buf_burn(ses.hash); buf_burn(ses.hash);
buf_free(ses.hash); buf_free(ses.hash);
ses.hash = NULL; ses.hash = NULL;
@ -659,11 +659,9 @@ void free_kexecdh_param(struct kex_ecdh_param *param) {
void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them, void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
sign_key *hostkey) { sign_key *hostkey) {
const struct dropbear_kex *algo_kex = ses.newkeys->algo_kex; const struct dropbear_kex *algo_kex = ses.newkeys->algo_kex;
hash_state hs;
// public keys from client and server // public keys from client and server
ecc_key *Q_C, *Q_S, *Q_them; ecc_key *Q_C, *Q_S, *Q_them;
// XXX load Q_them
Q_them = buf_get_ecc_pubkey(pub_them, algo_kex->ecc_curve); Q_them = buf_get_ecc_pubkey(pub_them, algo_kex->ecc_curve);
ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key); ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key);
@ -688,12 +686,6 @@ void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
/* K, the shared secret */ /* K, the shared secret */
buf_putmpint(ses.kexhashbuf, ses.dh_K); buf_putmpint(ses.kexhashbuf, ses.dh_K);
/* calculate the hash H to sign */
algo_kex->hashdesc->init(&hs);
buf_setpos(ses.kexhashbuf, 0);
algo_kex->hashdesc->process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len),
ses.kexhashbuf->len);
/* calculate the hash H to sign */ /* calculate the hash H to sign */
finish_kexhashbuf(); finish_kexhashbuf();
} }

20
ecc.c
View File

@ -181,17 +181,6 @@ mp_int * dropbear_ecc_shared_secret(ecc_key *public_key, ecc_key *private_key)
goto done; goto done;
} }
#if 0
// XXX - possibly not neccessary tests?
if (ltc_ecc_is_valid_idx(private_key->idx) == 0 || ltc_ecc_is_valid_idx(public_key->idx) == 0) {
goto done;
}
if (XSTRCMP(private_key->dp->name, public_key->dp->name) != 0) {
goto done;
}
#endif
/* make new point */ /* make new point */
result = ltc_ecc_new_point(); result = ltc_ecc_new_point();
if (result == NULL) { if (result == NULL) {
@ -211,20 +200,23 @@ mp_int * dropbear_ecc_shared_secret(ecc_key *public_key, ecc_key *private_key)
err = DROPBEAR_SUCCESS; err = DROPBEAR_SUCCESS;
done: done:
if (err == DROPBEAR_SUCCESS) { if (err == DROPBEAR_SUCCESS) {
shared_secret = prime; shared_secret = m_malloc(sizeof(*shared_secret));
prime = NULL; m_mp_init(shared_secret);
mp_copy(result->x, shared_secret);
} }
if (prime) { if (prime) {
mp_clear(prime); mp_clear(prime);
m_free(prime); m_free(prime);
} }
if (result)
{
ltc_ecc_del_point(result); ltc_ecc_del_point(result);
}
if (err == DROPBEAR_FAILURE) { if (err == DROPBEAR_FAILURE) {
dropbear_exit("ECC error"); dropbear_exit("ECC error");
} }
return shared_secret; return shared_secret;
} }