annotate svr-kex.c @ 1719:25b0ce1936c4

changelog for 2020.79
author Matt Johnston <matt@ucc.asn.au>
date Mon, 15 Jun 2020 23:36:14 +0800
parents 435cfb9ec96e
children 284c3837891c
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
2 * Dropbear - a SSH2 server
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 * Copyright (c) 2002,2003 Matt Johnston
74
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
5 * Copyright (c) 2004 by Mihnea Stoenescu
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 * All rights reserved.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 * of this software and associated documentation files (the "Software"), to deal
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 * in the Software without restriction, including without limitation the rights
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 * copies of the Software, and to permit persons to whom the Software is
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 * furnished to do so, subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 * The above copyright notice and this permission notice shall be included in
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16 * all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24 * SOFTWARE. */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 #include "includes.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 #include "dbutil.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 #include "algo.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 #include "buffer.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 #include "session.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 #include "kex.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32 #include "ssh.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 #include "packet.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 #include "bignum.h"
858
220f55d540ae rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents: 852
diff changeset
35 #include "dbrandom.h"
24
469950e86d0f switching to global vars
Matt Johnston <matt@ucc.asn.au>
parents: 22
diff changeset
36 #include "runopts.h"
761
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 759
diff changeset
37 #include "ecc.h"
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
38 #include "gensignkey.h"
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
39
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
40 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs);
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
41 #if DROPBEAR_EXT_INFO
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
42 static void send_msg_ext_info(void);
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
43 #endif
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
44
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
45 /* Handle a diffie-hellman key exchange initialisation. This involves
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
46 * calculating a session key reply value, and corresponding hash. These
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
47 * are carried out by send_msg_kexdh_reply(). recv_msg_kexdh_init() calls
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
48 * that function, then brings the new keys into use */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
49 void recv_msg_kexdh_init() {
84
29a5c7c62350 default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
50 DEF_MP_INT(dh_e);
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
51 buffer *ecdh_qs = NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
52
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 84
diff changeset
53 TRACE(("enter recv_msg_kexdh_init"))
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54 if (!ses.kexstate.recvkexinit) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
55 dropbear_exit("Premature kexdh_init message received");
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
56 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
57
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
58 switch (ses.newkeys->algo_kex->mode) {
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1260
diff changeset
59 #if DROPBEAR_NORMAL_DH
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
60 case DROPBEAR_KEX_NORMAL_DH:
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
61 m_mp_init(&dh_e);
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
62 if (buf_getmpint(ses.payload, &dh_e) != DROPBEAR_SUCCESS) {
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
63 dropbear_exit("Bad kex value");
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
64 }
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
65 break;
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1260
diff changeset
66 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
67 #if DROPBEAR_ECDH
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
68 case DROPBEAR_KEX_ECDH:
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1260
diff changeset
69 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
70 #if DROPBEAR_CURVE25519
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
71 case DROPBEAR_KEX_CURVE25519:
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1260
diff changeset
72 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
73 #if DROPBEAR_ECDH || DROPBEAR_CURVE25519
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
74 ecdh_qs = buf_getstringbuf(ses.payload);
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1260
diff changeset
75 break;
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
76 #endif
340
454a34b2dfd1 Fixes from Erik Hovland:
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
77 }
852
7540c0822374 Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents: 850
diff changeset
78 if (ses.payload->pos != ses.payload->len) {
7540c0822374 Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents: 850
diff changeset
79 dropbear_exit("Bad kex value");
7540c0822374 Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents: 850
diff changeset
80 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
81
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
82 send_msg_kexdh_reply(&dh_e, ecdh_qs);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
83
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
84 mp_clear(&dh_e);
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
85 if (ecdh_qs) {
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
86 buf_free(ecdh_qs);
852
7540c0822374 Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents: 850
diff changeset
87 ecdh_qs = NULL;
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
88 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
89
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
90 send_msg_newkeys();
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
91
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
92 #if DROPBEAR_EXT_INFO
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
93 /* Only send it following the first newkeys */
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
94 if (!ses.kexstate.donesecondkex && ses.allow_ext_info) {
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
95 send_msg_ext_info();
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
96 }
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
97 #endif
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
98
886
cbc73a5aefb0 requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents: 875
diff changeset
99 ses.requirenext = SSH_MSG_NEWKEYS;
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 84
diff changeset
100 TRACE(("leave recv_msg_kexdh_init"))
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
101 }
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
102
982
fd2e8bbb0333 Make sure hostkeys are flushed to disk to avoid empty files if the power
Matt Johnston <matt@ucc.asn.au>
parents: 886
diff changeset
103
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
104 #if DROPBEAR_DELAY_HOSTKEY
982
fd2e8bbb0333 Make sure hostkeys are flushed to disk to avoid empty files if the power
Matt Johnston <matt@ucc.asn.au>
parents: 886
diff changeset
105
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
106 static void svr_ensure_hostkey() {
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
107
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
108 const char* fn = NULL;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
109 enum signkey_type type = ses.newkeys->algo_hostkey;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
110 void **hostkey = signkey_key_ptr(svr_opts.hostkey, type);
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
111 int ret = DROPBEAR_FAILURE;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
112
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
113 if (hostkey && *hostkey) {
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
114 return;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
115 }
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
116
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
117 switch (type)
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
118 {
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
119 #if DROPBEAR_RSA
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
120 case DROPBEAR_SIGNKEY_RSA:
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
121 fn = RSA_PRIV_FILENAME;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
122 break;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
123 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
124 #if DROPBEAR_DSS
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
125 case DROPBEAR_SIGNKEY_DSS:
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
126 fn = DSS_PRIV_FILENAME;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
127 break;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
128 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
129 #if DROPBEAR_ECDSA
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
130 case DROPBEAR_SIGNKEY_ECDSA_NISTP256:
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
131 case DROPBEAR_SIGNKEY_ECDSA_NISTP384:
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
132 case DROPBEAR_SIGNKEY_ECDSA_NISTP521:
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
133 fn = ECDSA_PRIV_FILENAME;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
134 break;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
135 #endif
1659
d32bcb5c557d Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1558
diff changeset
136 #if DROPBEAR_ED25519
d32bcb5c557d Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1558
diff changeset
137 case DROPBEAR_SIGNKEY_ED25519:
d32bcb5c557d Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1558
diff changeset
138 fn = ED25519_PRIV_FILENAME;
d32bcb5c557d Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1558
diff changeset
139 break;
d32bcb5c557d Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1558
diff changeset
140 #endif
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
141 default:
1260
c8f52c19e949 assertion for case that shouldn't happen
Matt Johnston <matt@ucc.asn.au>
parents: 1122
diff changeset
142 dropbear_assert(0);
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
143 }
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
144
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
145 if (readhostkey(fn, svr_opts.hostkey, &type) == DROPBEAR_SUCCESS) {
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
146 return;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
147 }
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
148
1329
185c14fa504d Use atomic key generation in all cases
Matt Johnston <matt@ucc.asn.au>
parents: 1295
diff changeset
149 if (signkey_generate(type, 0, fn, 1) == DROPBEAR_FAILURE) {
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
150 goto out;
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
151 }
1329
185c14fa504d Use atomic key generation in all cases
Matt Johnston <matt@ucc.asn.au>
parents: 1295
diff changeset
152
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
153 ret = readhostkey(fn, svr_opts.hostkey, &type);
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
154
875
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
155 if (ret == DROPBEAR_SUCCESS) {
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
156 char *fp = NULL;
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
157 unsigned int len;
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
158 buffer *key_buf = buf_new(MAX_PUBKEY_SIZE);
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
159 buf_put_pub_key(key_buf, svr_opts.hostkey, type);
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
160 buf_setpos(key_buf, 4);
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
161 len = key_buf->len - key_buf->pos;
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
162 fp = sign_key_fingerprint(buf_getptr(key_buf, len), len);
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
163 dropbear_log(LOG_INFO, "Generated hostkey %s, fingerprint is %s",
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
164 fn, fp);
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
165 m_free(fp);
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
166 buf_free(key_buf);
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
167 }
6c7a15668d5a Log when generating a hostkey
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
168
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
169 out:
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
170 if (ret == DROPBEAR_FAILURE)
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
171 {
847
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
172 dropbear_exit("Couldn't read or generate hostkey %s", fn);
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
173 }
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
174 }
847
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
175 #endif
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
176
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
177 /* Generate our side of the diffie-hellman key exchange value (dh_f), and
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
178 * calculate the session key using the diffie-hellman algorithm. Following
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
179 * that, the session hash is calculated, and signed with RSA or DSS. The
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
180 * result is sent to the client.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
181 *
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
182 * See the transport RFC4253 section 8 for details
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
183 * or RFC5656 section 4 for elliptic curve variant. */
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
184 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 84
diff changeset
185 TRACE(("enter send_msg_kexdh_reply"))
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
186
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
187 /* we can start creating the kexdh_reply packet */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
188 CHECKCLEARTOWRITE();
847
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
189
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
190 #if DROPBEAR_DELAY_HOSTKEY
847
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
191 if (svr_opts.delay_hostkey)
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
192 {
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
193 svr_ensure_hostkey();
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
194 }
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
195 #endif
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
196
1558
2f64cb3d3007 - #if not #ifdef for DROPBEAR_FUZZ
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
197 #if DROPBEAR_FUZZ
1456
a90fdd2d2ed8 add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents: 1343
diff changeset
198 if (fuzz.fuzzing && fuzz.skip_kexmaths) {
a90fdd2d2ed8 add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents: 1343
diff changeset
199 fuzz_fake_send_kexdh_reply();
a90fdd2d2ed8 add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents: 1343
diff changeset
200 return;
a90fdd2d2ed8 add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents: 1343
diff changeset
201 }
a90fdd2d2ed8 add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents: 1343
diff changeset
202 #endif
a90fdd2d2ed8 add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents: 1343
diff changeset
203
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
204 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_REPLY);
24
469950e86d0f switching to global vars
Matt Johnston <matt@ucc.asn.au>
parents: 22
diff changeset
205 buf_put_pub_key(ses.writepayload, svr_opts.hostkey,
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
206 ses.newkeys->algo_hostkey);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
207
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
208 switch (ses.newkeys->algo_kex->mode) {
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
209 #if DROPBEAR_NORMAL_DH
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
210 case DROPBEAR_KEX_NORMAL_DH:
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
211 {
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
212 struct kex_dh_param * dh_param = gen_kexdh_param();
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
213 kexdh_comb_key(dh_param, dh_e, svr_opts.hostkey);
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
214
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
215 /* put f */
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
216 buf_putmpint(ses.writepayload, &dh_param->pub);
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
217 free_kexdh_param(dh_param);
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
218 }
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
219 break;
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1260
diff changeset
220 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
221 #if DROPBEAR_ECDH
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
222 case DROPBEAR_KEX_ECDH:
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
223 {
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
224 struct kex_ecdh_param *ecdh_param = gen_kexecdh_param();
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
225 kexecdh_comb_key(ecdh_param, ecdh_qs, svr_opts.hostkey);
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
226
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
227 buf_put_ecc_raw_pubkey_string(ses.writepayload, &ecdh_param->key);
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
228 free_kexecdh_param(ecdh_param);
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
229 }
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1260
diff changeset
230 break;
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
231 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
232 #if DROPBEAR_CURVE25519
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
233 case DROPBEAR_KEX_CURVE25519:
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
234 {
849
Matt Johnston <matt@ucc.asn.au>
parents: 848 847
diff changeset
235 struct kex_curve25519_param *param = gen_kexcurve25519_param();
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
236 kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey);
1659
d32bcb5c557d Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1558
diff changeset
237
d32bcb5c557d Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1558
diff changeset
238 buf_putstring(ses.writepayload, param->pub, CURVE25519_LEN);
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
239 free_kexcurve25519_param(param);
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
240 }
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1260
diff changeset
241 break;
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
242 #endif
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 603
diff changeset
243 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
244
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
245 /* calc the signature */
24
469950e86d0f switching to global vars
Matt Johnston <matt@ucc.asn.au>
parents: 22
diff changeset
246 buf_put_sign(ses.writepayload, svr_opts.hostkey,
1674
ba6fc7afe1c5 use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents: 1659
diff changeset
247 ses.newkeys->algo_signature, ses.hash);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
248
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
249 /* the SSH_MSG_KEXDH_REPLY is done */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
250 encrypt_packet();
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
251
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 84
diff changeset
252 TRACE(("leave send_msg_kexdh_reply"))
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
253 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
254
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
255 #if DROPBEAR_EXT_INFO
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
256 /* Only used for server-sig-algs on the server side */
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
257 static void send_msg_ext_info(void) {
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
258 TRACE(("enter send_msg_ext_info"))
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
259
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
260 buf_putbyte(ses.writepayload, SSH_MSG_EXT_INFO);
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
261 /* nr-extensions */
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
262 buf_putint(ses.writepayload, 1);
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
263
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
264 buf_putstring(ses.writepayload, SSH_SERVER_SIG_ALGS, strlen(SSH_SERVER_SIG_ALGS));
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
265 buf_put_algolist_all(ses.writepayload, sigalgs, 1);
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
266
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
267 encrypt_packet();
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
268
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
269 TRACE(("leave send_msg_ext_info"))
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
270 }
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
271 #endif