dropbear: ecdsa.c annotate

annotate ecdsa.c @ 1788:1fc0012b9c38

Fix handling of replies to global requests (#112) The current code assumes that all global requests want / need a reply. This isn't always true and the request itself indicates if it wants a reply or not. It causes a specific problem with [email protected] messages. These are sent by OpenSSH after authentication to inform the client of potential other host keys for the host. This can be used to add a new type of host key or to rotate host keys. The initial information message from the server is sent as a global request, but with want_reply set to false. This means that the server doesn't expect an answer to this message. Instead the client needs to send a prove request as a reply if it wants to receive proof of ownership for the host keys. The bug doesn't cause any current problems with due to how OpenSSH treats receiving the failure message. It instead treats it as a keepalive message and further ignores it. Arguably this is a protocol violation though of Dropbear and it is only accidental that it doesn't cause a problem with OpenSSH. The bug was found when adding host keys support to libssh, which is more strict protocol wise and treats the unexpected failure message an error, also see https://gitlab.com/libssh/libssh-mirror/-/merge_requests/145 for more information. The fix here is to honor the want_reply flag in the global request and to only send a reply if the other side expects a reply.

author	Dirkjan Bussink <d.bussink@gmail.com>
date	Thu, 10 Dec 2020 16:13:13 +0100
parents	d68d61e7056a
children	35d504d59c05

rev	line source
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 #include "includes.h"
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 #include "dbutil.h"
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 #include "crypto_desc.h"
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	4 #include "ecc.h"
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	5 #include "ecdsa.h"
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	6 #include "signkey.h"
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	8 #if DROPBEAR_ECDSA
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9
846 b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	10 int signkey_is_ecdsa(enum signkey_type type)
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	11 {
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	12 return type == DROPBEAR_SIGNKEY_ECDSA_NISTP256
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	13 \|\| type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	14 \|\| type == DROPBEAR_SIGNKEY_ECDSA_NISTP521;
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	15 }
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	16
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1295 diff changeset	17 enum signkey_type ecdsa_signkey_type(const ecc_key * key) {
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	18 #if DROPBEAR_ECC_256
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	19 if (key->dp == ecc_curve_nistp256.dp) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	20 return DROPBEAR_SIGNKEY_ECDSA_NISTP256;
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	21 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	22 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	23 #if DROPBEAR_ECC_384
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	24 if (key->dp == ecc_curve_nistp384.dp) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	25 return DROPBEAR_SIGNKEY_ECDSA_NISTP384;
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	26 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	27 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	28 #if DROPBEAR_ECC_521
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	29 if (key->dp == ecc_curve_nistp521.dp) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	30 return DROPBEAR_SIGNKEY_ECDSA_NISTP521;
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	31 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	32 #endif
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	33 return DROPBEAR_SIGNKEY_NONE;
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	34 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	35
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	36 ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) {
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	37 const ltc_ecc_set_type dp = NULL; / curve domain parameters */
855 04ede40a529a - Some fixes for old compilers like tru64 v4 from Daniel Richard G. Matt Johnston <matt@ucc.asn.au> parents: 852 diff changeset	38 ecc_key *new_key = NULL;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	39 switch (bit_size) {
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	40 #if DROPBEAR_ECC_256
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	41 case 256:
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	42 dp = ecc_curve_nistp256.dp;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	43 break;
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	44 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	45 #if DROPBEAR_ECC_384
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	46 case 384:
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	47 dp = ecc_curve_nistp384.dp;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	48 break;
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	49 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	50 #if DROPBEAR_ECC_521
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	51 case 521:
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	52 dp = ecc_curve_nistp521.dp;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	53 break;
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	54 #endif
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	55 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	56 if (!dp) {
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	57 dropbear_exit("Key size %d isn't valid. Try "
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	58 #if DROPBEAR_ECC_256
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	59 "256 "
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	60 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	61 #if DROPBEAR_ECC_384
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	62 "384 "
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	63 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	64 #if DROPBEAR_ECC_521
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	65 "521 "
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	66 #endif
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	67 , bit_size);
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	68 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	69
855 04ede40a529a - Some fixes for old compilers like tru64 v4 from Daniel Richard G. Matt Johnston <matt@ucc.asn.au> parents: 852 diff changeset	70 new_key = m_malloc(sizeof(*new_key));
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	71 if (ecc_make_key_ex(NULL, dropbear_ltc_prng, new_key, dp) != CRYPT_OK) {
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	72 dropbear_exit("ECC error");
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	73 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	74 return new_key;
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	75 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	76
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	77 ecc_key buf_get_ecdsa_pub_key(buffer buf) {
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	78 unsigned char key_ident = NULL, identifier = NULL;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	79 unsigned int key_ident_len, identifier_len;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	80 buffer *q_buf = NULL;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	81 struct dropbear_ecc_curve **curve;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	82 ecc_key *new_key = NULL;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	83
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	84 /* string "ecdsa-sha2-[identifier]" */
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	85 key_ident = (unsigned char*)buf_getstring(buf, &key_ident_len);
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	86 /* string "[identifier]" */
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	87 identifier = (unsigned char*)buf_getstring(buf, &identifier_len);
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	88
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	89 if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) {
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	90 TRACE(("Bad identifier lengths"))
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	91 goto out;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	92 }
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	93 if (memcmp(&key_ident[strlen("ecdsa-sha2-")], identifier, identifier_len) != 0) {
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	94 TRACE(("mismatching identifiers"))
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	95 goto out;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	96 }
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	97
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	98 for (curve = dropbear_ecc_curves; *curve; curve++) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	99 if (memcmp(identifier, (char)(curve)->name, strlen((char)(curve)->name)) == 0) {
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	100 break;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	101 }
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	102 }
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	103 if (!*curve) {
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	104 TRACE(("couldn't match ecc curve"))
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	105 goto out;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	106 }
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	107
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	108 /* string Q */
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	109 q_buf = buf_getstringbuf(buf);
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	110 new_key = buf_get_ecc_raw_pubkey(q_buf, *curve);
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	111
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	112 out:
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	113 m_free(key_ident);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	114 m_free(identifier);
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	115 if (q_buf) {
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	116 buf_free(q_buf);
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	117 q_buf = NULL;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	118 }
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	119 TRACE(("leave buf_get_ecdsa_pub_key"))
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	120 return new_key;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	121 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	122
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	123 ecc_key buf_get_ecdsa_priv_key(buffer buf) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	124 ecc_key *new_key = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	125 TRACE(("enter buf_get_ecdsa_priv_key"))
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	126 new_key = buf_get_ecdsa_pub_key(buf);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	127 if (!new_key) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	128 return NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	129 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	130
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	131 if (buf_getmpint(buf, new_key->k) != DROPBEAR_SUCCESS) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	132 ecc_free(new_key);
1000 c0b1b7eb5c84 Fix memory leak of ecdsa structure, found by Coverity Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	133 m_free(new_key);
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	134 return NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	135 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	136
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	137 return new_key;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	138 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	139
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	140 void buf_put_ecdsa_pub_key(buffer buf, ecc_key key) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	141 struct dropbear_ecc_curve *curve = NULL;
1105 c339657c9758 Turn local key_indent variable into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1058 diff changeset	142 char key_ident[30];
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	143
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	144 curve = curve_for_dp(key->dp);
1105 c339657c9758 Turn local key_indent variable into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1058 diff changeset	145 snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	146 buf_putstring(buf, key_ident, strlen(key_ident));
aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	147 buf_putstring(buf, curve->name, strlen(curve->name));
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	148 buf_put_ecc_raw_pubkey_string(buf, key);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	149 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	150
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	151 void buf_put_ecdsa_priv_key(buffer buf, ecc_key key) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	152 buf_put_ecdsa_pub_key(buf, key);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	153 buf_putmpint(buf, key->k);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	154 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	155
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1295 diff changeset	156 void buf_put_ecdsa_sign(buffer buf, const ecc_key key, const buffer *data_buf) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	157 /* Based on libtomcrypt's ecc_sign_hash but without the asn1 */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	158 int err = DROPBEAR_FAILURE;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	159 struct dropbear_ecc_curve *curve = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	160 hash_state hs;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	161 unsigned char hash[64];
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	162 void e = NULL, p = NULL, s = NULL, r;
1105 c339657c9758 Turn local key_indent variable into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1058 diff changeset	163 char key_ident[30];
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	164 buffer *sigbuf = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	165
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	166 TRACE(("buf_put_ecdsa_sign"))
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	167 curve = curve_for_dp(key->dp);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	168
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	169 if (ltc_init_multi(&r, &s, &p, &e, NULL) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	170 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	171 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	172
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	173 curve->hash_desc->init(&hs);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	174 curve->hash_desc->process(&hs, data_buf->data, data_buf->len);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	175 curve->hash_desc->done(&hs, hash);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	176
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	177 if (ltc_mp.unsigned_read(e, hash, curve->hash_desc->hashsize) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	178 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	179 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	180
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	181 if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	182 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	183 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	184
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	185 for (;;) {
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	186 ecc_key R_key; /* ephemeral key */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	187 if (ecc_make_key_ex(NULL, dropbear_ltc_prng, &R_key, key->dp) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	188 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	189 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	190 if (ltc_mp.mpdiv(R_key.pubkey.x, p, NULL, r) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	191 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	192 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	193 if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ) {
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	194 /* try again */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	195 ecc_free(&R_key);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	196 continue;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	197 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	198 /* k = 1/k */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	199 if (ltc_mp.invmod(R_key.k, p, R_key.k) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	200 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	201 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	202 /* s = xr */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	203 if (ltc_mp.mulmod(key->k, r, p, s) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	204 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	205 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	206 /* s = e + xr */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	207 if (ltc_mp.add(e, s, s) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	208 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	209 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	210 if (ltc_mp.mpdiv(s, p, NULL, s) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	211 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	212 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	213 /* s = (e + xr)/k */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	214 if (ltc_mp.mulmod(s, R_key.k, p, s) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	215 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	216 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	217 ecc_free(&R_key);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	218
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	219 if (ltc_mp.compare_d(s, 0) != LTC_MP_EQ) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	220 break;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	221 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	222 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	223
1105 c339657c9758 Turn local key_indent variable into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1058 diff changeset	224 snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	225 buf_putstring(buf, key_ident, strlen(key_ident));
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	226 /* enough for nistp521 */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	227 sigbuf = buf_new(200);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	228 buf_putmpint(sigbuf, (mp_int*)r);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	229 buf_putmpint(sigbuf, (mp_int*)s);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	230 buf_putbufstring(buf, sigbuf);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	231
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	232 err = DROPBEAR_SUCCESS;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	233
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	234 out:
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	235 if (r && s && p && e) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	236 ltc_deinit_multi(r, s, p, e, NULL);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	237 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	238
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	239 if (sigbuf) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	240 buf_free(sigbuf);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	241 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	242
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	243 if (err == DROPBEAR_FAILURE) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	244 dropbear_exit("ECC error");
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	245 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	246 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	247
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	248 /* returns values in s and r
c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	249 returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	250 static int buf_get_ecdsa_verify_params(buffer *buf,
7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	251 void r, void s) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	252 int ret = DROPBEAR_FAILURE;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	253 unsigned int sig_len;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	254 unsigned int sig_pos;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	255
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	256 sig_len = buf_getint(buf);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	257 sig_pos = buf->pos;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	258 if (buf_getmpint(buf, r) != DROPBEAR_SUCCESS) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	259 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	260 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	261 if (buf_getmpint(buf, s) != DROPBEAR_SUCCESS) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	262 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	263 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	264 if (buf->pos - sig_pos != sig_len) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	265 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	266 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	267 ret = DROPBEAR_SUCCESS;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	268
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	269 out:
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	270 return ret;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	271 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	272
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	273
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1295 diff changeset	274 int buf_ecdsa_verify(buffer buf, const ecc_key key, const buffer *data_buf) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	275 /* Based on libtomcrypt's ecc_verify_hash but without the asn1 */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	276 int ret = DROPBEAR_FAILURE;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	277 hash_state hs;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	278 struct dropbear_ecc_curve *curve = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	279 unsigned char hash[64];
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	280 ecc_point mG = NULL, mQ = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	281 void r = NULL, s = NULL, v = NULL, w = NULL, u1 = NULL, u2 = NULL,
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	282 e = NULL, p = NULL, *m = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	283 void *mp = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	284
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	285 /* verify
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	286 *
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	287 * w = s^-1 mod n
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	288 * u1 = xw
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	289 * u2 = rw
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	290 * X = u1G + u2Q
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	291 * v = X_x1 mod n
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	292 * accept if v == r
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	293 */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	294
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	295 TRACE(("buf_ecdsa_verify"))
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	296 curve = curve_for_dp(key->dp);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	297
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	298 mG = ltc_ecc_new_point();
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	299 mQ = ltc_ecc_new_point();
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	300 if (ltc_init_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL) != CRYPT_OK
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	301 \|\| !mG
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	302 \|\| !mQ) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	303 dropbear_exit("ECC error");
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	304 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	305
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	306 if (buf_get_ecdsa_verify_params(buf, r, s) != DROPBEAR_SUCCESS) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	307 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	308 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	309
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	310 curve->hash_desc->init(&hs);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	311 curve->hash_desc->process(&hs, data_buf->data, data_buf->len);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	312 curve->hash_desc->done(&hs, hash);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	313
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	314 if (ltc_mp.unsigned_read(e, hash, curve->hash_desc->hashsize) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	315 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	316 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	317
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	318 /* get the order */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	319 if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	320 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	321 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	322
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	323 /* get the modulus */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	324 if (ltc_mp.read_radix(m, (char *)key->dp->prime, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	325 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	326 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	327
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	328 /* check for zero */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	329 if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	330 \|\| ltc_mp.compare_d(s, 0) == LTC_MP_EQ
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	331 \|\| ltc_mp.compare(r, p) != LTC_MP_LT
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	332 \|\| ltc_mp.compare(s, p) != LTC_MP_LT) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	333 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	334 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	335
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	336 /* w = s^-1 mod n */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	337 if (ltc_mp.invmod(s, p, w) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	338 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	339 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	340
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	341 /* u1 = ew */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	342 if (ltc_mp.mulmod(e, w, p, u1) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	343 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	344 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	345
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	346 /* u2 = rw */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	347 if (ltc_mp.mulmod(r, w, p, u2) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	348 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	349 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	350
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	351 /* find mG and mQ */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	352 if (ltc_mp.read_radix(mG->x, (char *)key->dp->Gx, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	353 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	354 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	355 if (ltc_mp.read_radix(mG->y, (char *)key->dp->Gy, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	356 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	357 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	358 if (ltc_mp.set_int(mG->z, 1) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	359 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	360 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	361
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	362 if (ltc_mp.copy(key->pubkey.x, mQ->x) != CRYPT_OK
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	363 \|\| ltc_mp.copy(key->pubkey.y, mQ->y) != CRYPT_OK
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	364 \|\| ltc_mp.copy(key->pubkey.z, mQ->z) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	365 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	366 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	367
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	368 /* compute u1mG + u2mQ = mG */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	369 if (ltc_mp.ecc_mul2add == NULL) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	370 if (ltc_mp.ecc_ptmul(u1, mG, mG, m, 0) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	371 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	372 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	373 if (ltc_mp.ecc_ptmul(u2, mQ, mQ, m, 0) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	374 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	375 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	376
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	377 /* find the montgomery mp */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	378 if (ltc_mp.montgomery_setup(m, &mp) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	379 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	380 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	381
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	382 /* add them */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	383 if (ltc_mp.ecc_ptadd(mQ, mG, mG, m, mp) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	384 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	385 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	386
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1122 diff changeset	387 /* reduce */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	388 if (ltc_mp.ecc_map(mG, m, mp) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	389 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	390 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	391 } else {
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1122 diff changeset	392 /* use Shamir's trick to compute u1mG + u2mQ using half of the doubles */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	393 if (ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, m) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	394 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	395 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	396 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	397
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	398 /* v = X_x1 mod n */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	399 if (ltc_mp.mpdiv(mG->x, p, NULL, v) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	400 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	401 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	402
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	403 /* does v == r */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	404 if (ltc_mp.compare(v, r) == LTC_MP_EQ) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	405 ret = DROPBEAR_SUCCESS;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	406 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	407
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	408 out:
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	409 ltc_ecc_del_point(mG);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	410 ltc_ecc_del_point(mQ);
1058 063c38ea622b Fix some memory leaks in ecc code Matt Johnston <matt@ucc.asn.au> parents: 1000 diff changeset	411 ltc_deinit_multi(r, s, v, w, u1, u2, p, e, m, NULL);
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	412 if (mp != NULL) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	413 ltc_mp.montgomery_deinit(mp);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	414 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	415 return ret;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	416 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	417
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	418
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	419
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	420 #endif /* DROPBEAR_ECDSA */

Mercurial > dropbear

annotate ecdsa.c @ 1788:1fc0012b9c38