dropbear: ecdsa.c annotate

annotate ecdsa.c @ 1930:299f4f19ba19

Add /usr/sbin and /sbin to default root PATH When dropbear is used in a very restricted environment (such as in a initrd), the default user shell is often also very restricted and doesn't take care of setting the PATH so the user ends up with the PATH set by dropbear. Unfortunately, dropbear always sets "/usr/bin:/bin" as default PATH even for the root user which should have /usr/sbin and /sbin too. For a concrete instance of this problem, see the "Remote Unlocking" section in this tutorial: https://paxswill.com/blog/2013/11/04/encrypted-raspberry-pi/ It speaks of a bug in the initramfs script because it's written "blkid" instead of "/sbin/blkid"... this is just because the scripts from the initramfs do not expect to have a PATH without the sbin directories and because dropbear is not setting the PATH appropriately for the root user. I'm thus suggesting to use the attached patch to fix this misbehaviour (I did not test it, but it's easy enough). It might seem anecdotic but multiple Kali users have been bitten by this. From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903403

author	Raphael Hertzog <hertzog@debian.org>
date	Mon, 09 Jul 2018 16:27:53 +0200
parents	35d504d59c05
children

rev	line source
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 #include "includes.h"
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 #include "dbutil.h"
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 #include "crypto_desc.h"
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	4 #include "ecc.h"
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	5 #include "ecdsa.h"
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	6 #include "signkey.h"
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	8 #if DROPBEAR_ECDSA
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9
846 b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	10 int signkey_is_ecdsa(enum signkey_type type)
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	11 {
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	12 return type == DROPBEAR_SIGNKEY_ECDSA_NISTP256
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	13 \|\| type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	14 \|\| type == DROPBEAR_SIGNKEY_ECDSA_NISTP521;
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	15 }
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	16
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1295 diff changeset	17 enum signkey_type ecdsa_signkey_type(const ecc_key * key) {
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	18 #if DROPBEAR_ECC_256
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	19 if (key->dp == ecc_curve_nistp256.dp) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	20 return DROPBEAR_SIGNKEY_ECDSA_NISTP256;
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	21 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	22 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	23 #if DROPBEAR_ECC_384
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	24 if (key->dp == ecc_curve_nistp384.dp) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	25 return DROPBEAR_SIGNKEY_ECDSA_NISTP384;
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	26 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	27 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	28 #if DROPBEAR_ECC_521
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	29 if (key->dp == ecc_curve_nistp521.dp) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	30 return DROPBEAR_SIGNKEY_ECDSA_NISTP521;
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	31 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	32 #endif
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	33 return DROPBEAR_SIGNKEY_NONE;
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	34 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 794 diff changeset	35
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	36 ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) {
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	37 const ltc_ecc_set_type dp = NULL; / curve domain parameters */
855 04ede40a529a - Some fixes for old compilers like tru64 v4 from Daniel Richard G. Matt Johnston <matt@ucc.asn.au> parents: 852 diff changeset	38 ecc_key *new_key = NULL;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	39 switch (bit_size) {
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	40 #if DROPBEAR_ECC_256
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	41 case 256:
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	42 dp = ecc_curve_nistp256.dp;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	43 break;
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	44 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	45 #if DROPBEAR_ECC_384
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	46 case 384:
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	47 dp = ecc_curve_nistp384.dp;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	48 break;
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	49 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	50 #if DROPBEAR_ECC_521
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	51 case 521:
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	52 dp = ecc_curve_nistp521.dp;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	53 break;
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	54 #endif
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	55 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	56 if (!dp) {
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	57 dropbear_exit("Key size %d isn't valid. Try "
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	58 #if DROPBEAR_ECC_256
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	59 "256 "
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	60 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	61 #if DROPBEAR_ECC_384
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	62 "384 "
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	63 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	64 #if DROPBEAR_ECC_521
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	65 "521 "
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	66 #endif
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	67 , bit_size);
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	68 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	69
855 04ede40a529a - Some fixes for old compilers like tru64 v4 from Daniel Richard G. Matt Johnston <matt@ucc.asn.au> parents: 852 diff changeset	70 new_key = m_malloc(sizeof(*new_key));
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	71 if (ecc_make_key_ex(NULL, dropbear_ltc_prng, new_key, dp) != CRYPT_OK) {
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	72 dropbear_exit("ECC error");
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	73 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	74 return new_key;
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	75 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	76
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	77 ecc_key buf_get_ecdsa_pub_key(buffer buf) {
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	78 unsigned char key_ident = NULL, identifier = NULL;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	79 unsigned int key_ident_len, identifier_len;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	80 buffer *q_buf = NULL;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	81 struct dropbear_ecc_curve **curve;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	82 ecc_key *new_key = NULL;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	83
1855 35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	84 /* string "ecdsa-sha2-[identifier]" or "[email protected]" */
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	85 key_ident = (unsigned char*)buf_getstring(buf, &key_ident_len);
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	86 /* string "[identifier]" */
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	87 identifier = (unsigned char*)buf_getstring(buf, &identifier_len);
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	88
1855 35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	89 if (strcmp (key_ident, "[email protected]") == 0) {
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	90 if (strcmp (identifier, "nistp256") != 0) {
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	91 TRACE(("mismatching identifiers"))
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	92 goto out;
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	93 }
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	94 } else {
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	95 if (key_ident_len != identifier_len + strlen ("ecdsa-sha2-")) {
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	96 TRACE(("Bad identifier lengths"))
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	97 goto out;
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	98 }
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	99 if (memcmp(&key_ident[strlen ("ecdsa-sha2-")], identifier, identifier_len) != 0) {
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	100 TRACE(("mismatching identifiers"))
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	101 goto out;
35d504d59c05 Implement server-side support for sk-ecdsa U2F-backed keys (#142) egor-duda <egor-duda@users.noreply.github.com> parents: 1515 diff changeset	102 }
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	103 }
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	104
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	105 for (curve = dropbear_ecc_curves; *curve; curve++) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	106 if (memcmp(identifier, (char)(curve)->name, strlen((char)(curve)->name)) == 0) {
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	107 break;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	108 }
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	109 }
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	110 if (!*curve) {
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	111 TRACE(("couldn't match ecc curve"))
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	112 goto out;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	113 }
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	114
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	115 /* string Q */
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	116 q_buf = buf_getstringbuf(buf);
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	117 new_key = buf_get_ecc_raw_pubkey(q_buf, *curve);
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	118
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	119 out:
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	120 m_free(key_ident);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	121 m_free(identifier);
767 e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	122 if (q_buf) {
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	123 buf_free(q_buf);
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	124 q_buf = NULL;
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	125 }
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	126 TRACE(("leave buf_get_ecdsa_pub_key"))
e465ed10c51d Be safer with how we handle ltc_ecc_sets[] (particularly with Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	127 return new_key;
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	128 }
d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	129
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	130 ecc_key buf_get_ecdsa_priv_key(buffer buf) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	131 ecc_key *new_key = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	132 TRACE(("enter buf_get_ecdsa_priv_key"))
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	133 new_key = buf_get_ecdsa_pub_key(buf);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	134 if (!new_key) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	135 return NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	136 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	137
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	138 if (buf_getmpint(buf, new_key->k) != DROPBEAR_SUCCESS) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	139 ecc_free(new_key);
1000 c0b1b7eb5c84 Fix memory leak of ecdsa structure, found by Coverity Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	140 m_free(new_key);
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	141 return NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	142 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	143
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	144 return new_key;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	145 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	146
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	147 void buf_put_ecdsa_pub_key(buffer buf, ecc_key key) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	148 struct dropbear_ecc_curve *curve = NULL;
1105 c339657c9758 Turn local key_indent variable into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1058 diff changeset	149 char key_ident[30];
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	150
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	151 curve = curve_for_dp(key->dp);
1105 c339657c9758 Turn local key_indent variable into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1058 diff changeset	152 snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	153 buf_putstring(buf, key_ident, strlen(key_ident));
aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	154 buf_putstring(buf, curve->name, strlen(curve->name));
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	155 buf_put_ecc_raw_pubkey_string(buf, key);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	156 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	157
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	158 void buf_put_ecdsa_priv_key(buffer buf, ecc_key key) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	159 buf_put_ecdsa_pub_key(buf, key);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	160 buf_putmpint(buf, key->k);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	161 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	162
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1295 diff changeset	163 void buf_put_ecdsa_sign(buffer buf, const ecc_key key, const buffer *data_buf) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	164 /* Based on libtomcrypt's ecc_sign_hash but without the asn1 */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	165 int err = DROPBEAR_FAILURE;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	166 struct dropbear_ecc_curve *curve = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	167 hash_state hs;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	168 unsigned char hash[64];
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	169 void e = NULL, p = NULL, s = NULL, r;
1105 c339657c9758 Turn local key_indent variable into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1058 diff changeset	170 char key_ident[30];
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	171 buffer *sigbuf = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	172
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	173 TRACE(("buf_put_ecdsa_sign"))
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	174 curve = curve_for_dp(key->dp);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	175
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	176 if (ltc_init_multi(&r, &s, &p, &e, NULL) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	177 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	178 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	179
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	180 curve->hash_desc->init(&hs);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	181 curve->hash_desc->process(&hs, data_buf->data, data_buf->len);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	182 curve->hash_desc->done(&hs, hash);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	183
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	184 if (ltc_mp.unsigned_read(e, hash, curve->hash_desc->hashsize) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	185 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	186 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	187
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	188 if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	189 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	190 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	191
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	192 for (;;) {
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	193 ecc_key R_key; /* ephemeral key */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	194 if (ecc_make_key_ex(NULL, dropbear_ltc_prng, &R_key, key->dp) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	195 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	196 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	197 if (ltc_mp.mpdiv(R_key.pubkey.x, p, NULL, r) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	198 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	199 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	200 if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ) {
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	201 /* try again */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	202 ecc_free(&R_key);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	203 continue;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	204 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	205 /* k = 1/k */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	206 if (ltc_mp.invmod(R_key.k, p, R_key.k) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	207 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	208 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	209 /* s = xr */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	210 if (ltc_mp.mulmod(key->k, r, p, s) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	211 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	212 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	213 /* s = e + xr */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	214 if (ltc_mp.add(e, s, s) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	215 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	216 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	217 if (ltc_mp.mpdiv(s, p, NULL, s) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	218 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	219 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	220 /* s = (e + xr)/k */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	221 if (ltc_mp.mulmod(s, R_key.k, p, s) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	222 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	223 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	224 ecc_free(&R_key);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	225
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	226 if (ltc_mp.compare_d(s, 0) != LTC_MP_EQ) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	227 break;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	228 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	229 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	230
1105 c339657c9758 Turn local key_indent variable into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1058 diff changeset	231 snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1107 diff changeset	232 buf_putstring(buf, key_ident, strlen(key_ident));
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	233 /* enough for nistp521 */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	234 sigbuf = buf_new(200);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	235 buf_putmpint(sigbuf, (mp_int*)r);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	236 buf_putmpint(sigbuf, (mp_int*)s);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	237 buf_putbufstring(buf, sigbuf);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	238
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	239 err = DROPBEAR_SUCCESS;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	240
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	241 out:
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	242 if (r && s && p && e) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	243 ltc_deinit_multi(r, s, p, e, NULL);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	244 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	245
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	246 if (sigbuf) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	247 buf_free(sigbuf);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	248 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	249
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	250 if (err == DROPBEAR_FAILURE) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	251 dropbear_exit("ECC error");
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	252 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	253 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	254
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	255 /* returns values in s and r
c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	256 returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	257 static int buf_get_ecdsa_verify_params(buffer *buf,
7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	258 void r, void s) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	259 int ret = DROPBEAR_FAILURE;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	260 unsigned int sig_len;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	261 unsigned int sig_pos;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	262
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	263 sig_len = buf_getint(buf);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	264 sig_pos = buf->pos;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	265 if (buf_getmpint(buf, r) != DROPBEAR_SUCCESS) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	266 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	267 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	268 if (buf_getmpint(buf, s) != DROPBEAR_SUCCESS) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	269 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	270 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	271 if (buf->pos - sig_pos != sig_len) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	272 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	273 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	274 ret = DROPBEAR_SUCCESS;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	275
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	276 out:
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	277 return ret;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	278 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	279
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	280
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1295 diff changeset	281 int buf_ecdsa_verify(buffer buf, const ecc_key key, const buffer *data_buf) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	282 /* Based on libtomcrypt's ecc_verify_hash but without the asn1 */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	283 int ret = DROPBEAR_FAILURE;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	284 hash_state hs;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	285 struct dropbear_ecc_curve *curve = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	286 unsigned char hash[64];
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	287 ecc_point mG = NULL, mQ = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	288 void r = NULL, s = NULL, v = NULL, w = NULL, u1 = NULL, u2 = NULL,
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	289 e = NULL, p = NULL, *m = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	290 void *mp = NULL;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	291
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	292 /* verify
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	293 *
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	294 * w = s^-1 mod n
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	295 * u1 = xw
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	296 * u2 = rw
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	297 * X = u1G + u2Q
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	298 * v = X_x1 mod n
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	299 * accept if v == r
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	300 */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	301
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	302 TRACE(("buf_ecdsa_verify"))
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	303 curve = curve_for_dp(key->dp);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	304
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	305 mG = ltc_ecc_new_point();
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	306 mQ = ltc_ecc_new_point();
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	307 if (ltc_init_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL) != CRYPT_OK
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	308 \|\| !mG
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	309 \|\| !mQ) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	310 dropbear_exit("ECC error");
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	311 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	312
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	313 if (buf_get_ecdsa_verify_params(buf, r, s) != DROPBEAR_SUCCESS) {
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	314 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	315 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	316
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	317 curve->hash_desc->init(&hs);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	318 curve->hash_desc->process(&hs, data_buf->data, data_buf->len);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	319 curve->hash_desc->done(&hs, hash);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	320
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	321 if (ltc_mp.unsigned_read(e, hash, curve->hash_desc->hashsize) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	322 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	323 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	324
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	325 /* get the order */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	326 if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	327 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	328 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	329
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	330 /* get the modulus */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	331 if (ltc_mp.read_radix(m, (char *)key->dp->prime, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	332 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	333 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	334
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	335 /* check for zero */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	336 if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	337 \|\| ltc_mp.compare_d(s, 0) == LTC_MP_EQ
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	338 \|\| ltc_mp.compare(r, p) != LTC_MP_LT
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	339 \|\| ltc_mp.compare(s, p) != LTC_MP_LT) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	340 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	341 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	342
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	343 /* w = s^-1 mod n */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	344 if (ltc_mp.invmod(s, p, w) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	345 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	346 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	347
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	348 /* u1 = ew */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	349 if (ltc_mp.mulmod(e, w, p, u1) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	350 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	351 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	352
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	353 /* u2 = rw */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	354 if (ltc_mp.mulmod(r, w, p, u2) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	355 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	356 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	357
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	358 /* find mG and mQ */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	359 if (ltc_mp.read_radix(mG->x, (char *)key->dp->Gx, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	360 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	361 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	362 if (ltc_mp.read_radix(mG->y, (char *)key->dp->Gy, 16) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	363 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	364 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	365 if (ltc_mp.set_int(mG->z, 1) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	366 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	367 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	368
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	369 if (ltc_mp.copy(key->pubkey.x, mQ->x) != CRYPT_OK
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	370 \|\| ltc_mp.copy(key->pubkey.y, mQ->y) != CRYPT_OK
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	371 \|\| ltc_mp.copy(key->pubkey.z, mQ->z) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	372 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	373 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	374
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	375 /* compute u1mG + u2mQ = mG */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	376 if (ltc_mp.ecc_mul2add == NULL) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	377 if (ltc_mp.ecc_ptmul(u1, mG, mG, m, 0) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	378 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	379 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	380 if (ltc_mp.ecc_ptmul(u2, mQ, mQ, m, 0) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	381 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	382 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	383
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	384 /* find the montgomery mp */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	385 if (ltc_mp.montgomery_setup(m, &mp) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	386 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	387 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	388
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	389 /* add them */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	390 if (ltc_mp.ecc_ptadd(mQ, mG, mG, m, mp) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	391 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	392 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	393
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1122 diff changeset	394 /* reduce */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	395 if (ltc_mp.ecc_map(mG, m, mp) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	396 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	397 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	398 } else {
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1122 diff changeset	399 /* use Shamir's trick to compute u1mG + u2mQ using half of the doubles */
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	400 if (ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, m) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	401 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	402 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	403 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	404
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	405 /* v = X_x1 mod n */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	406 if (ltc_mp.mpdiv(mG->x, p, NULL, v) != CRYPT_OK) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	407 goto out;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	408 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	409
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	410 /* does v == r */
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	411 if (ltc_mp.compare(v, r) == LTC_MP_EQ) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	412 ret = DROPBEAR_SUCCESS;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	413 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	414
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	415 out:
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	416 ltc_ecc_del_point(mG);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	417 ltc_ecc_del_point(mQ);
1058 063c38ea622b Fix some memory leaks in ecc code Matt Johnston <matt@ucc.asn.au> parents: 1000 diff changeset	418 ltc_deinit_multi(r, s, v, w, u1, u2, p, e, m, NULL);
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	419 if (mp != NULL) {
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	420 ltc_mp.montgomery_deinit(mp);
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	421 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	422 return ret;
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	423 }
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	424
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 767 diff changeset	425
766 d1575fdc29a6 start on ecdsa keys Matt Johnston <matt@ucc.asn.au> parents: diff changeset	426
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 855 diff changeset	427 #endif /* DROPBEAR_ECDSA */

Mercurial > dropbear

annotate ecdsa.c @ 1930:299f4f19ba19