Mercurial > dropbear
annotate ecdsa.c @ 1672:3a97f14c0235
Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
* Add Chacha20-Poly1305 authenticated encryption
* Add general AEAD approach.
* Add [email protected] algo using LibTomCrypt chacha and
poly1305 routines.
Chacha20-Poly1305 is generally faster than AES256 on CPU w/o dedicated
AES instructions, having the same key size.
Compiling in will add ~5,5kB to binary size on x86-64.
function old new delta
chacha_crypt - 1397 +1397
_poly1305_block - 608 +608
poly1305_done - 595 +595
dropbear_chachapoly_crypt - 457 +457
.rodata 26976 27392 +416
poly1305_process - 290 +290
poly1305_init - 221 +221
chacha_setup - 218 +218
encrypt_packet 1068 1270 +202
dropbear_chachapoly_getlength - 147 +147
decrypt_packet 756 897 +141
chacha_ivctr64 - 137 +137
read_packet 543 637 +94
dropbear_chachapoly_start - 94 +94
read_kex_algos 792 880 +88
chacha_keystream - 69 +69
dropbear_mode_chachapoly - 48 +48
sshciphers 280 320 +40
dropbear_mode_none 24 48 +24
dropbear_mode_ctr 24 48 +24
dropbear_mode_cbc 24 48 +24
dropbear_chachapoly_mac - 24 +24
dropbear_chachapoly - 24 +24
gen_new_keys 848 854 +6
------------------------------------------------------------------------------
(add/remove: 14/0 grow/shrink: 10/0 up/down: 5388/0) Total: 5388 bytes
* Add AES128-GCM and AES256-GCM authenticated encryption
* Add general AES-GCM mode.
* Add [email protected] and [email protected] algo using
LibTomCrypt gcm routines.
AES-GCM is combination of AES CTR mode and GHASH, slower than AES-CTR on
CPU w/o dedicated AES/GHASH instructions therefore disabled by default.
Compiling in will add ~6kB to binary size on x86-64.
function old new delta
gcm_process - 1060 +1060
.rodata 26976 27808 +832
gcm_gf_mult - 820 +820
gcm_add_aad - 660 +660
gcm_shift_table - 512 +512
gcm_done - 471 +471
gcm_add_iv - 384 +384
gcm_init - 347 +347
dropbear_gcm_crypt - 309 +309
encrypt_packet 1068 1270 +202
decrypt_packet 756 897 +141
gcm_reset - 118 +118
read_packet 543 637 +94
read_kex_algos 792 880 +88
sshciphers 280 360 +80
gcm_mult_h - 80 +80
dropbear_gcm_start - 62 +62
dropbear_mode_gcm - 48 +48
dropbear_mode_none 24 48 +24
dropbear_mode_ctr 24 48 +24
dropbear_mode_cbc 24 48 +24
dropbear_ghash - 24 +24
dropbear_gcm_getlength - 24 +24
gen_new_keys 848 854 +6
------------------------------------------------------------------------------
(add/remove: 14/0 grow/shrink: 10/0 up/down: 6434/0) Total: 6434 bytes
author | Vladislav Grishenko <themiron@users.noreply.github.com> |
---|---|
date | Mon, 25 May 2020 20:50:25 +0500 |
parents | d68d61e7056a |
children | 35d504d59c05 |
rev | line source |
---|---|
766 | 1 #include "includes.h" |
2 #include "dbutil.h" | |
3 #include "crypto_desc.h" | |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
4 #include "ecc.h" |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
5 #include "ecdsa.h" |
795 | 6 #include "signkey.h" |
766 | 7 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
8 #if DROPBEAR_ECDSA |
766 | 9 |
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
10 int signkey_is_ecdsa(enum signkey_type type) |
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
11 { |
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
12 return type == DROPBEAR_SIGNKEY_ECDSA_NISTP256 |
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
13 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP384 |
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
14 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP521; |
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
15 } |
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
16 |
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
17 enum signkey_type ecdsa_signkey_type(const ecc_key * key) { |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
18 #if DROPBEAR_ECC_256 |
795 | 19 if (key->dp == ecc_curve_nistp256.dp) { |
20 return DROPBEAR_SIGNKEY_ECDSA_NISTP256; | |
21 } | |
22 #endif | |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
23 #if DROPBEAR_ECC_384 |
795 | 24 if (key->dp == ecc_curve_nistp384.dp) { |
25 return DROPBEAR_SIGNKEY_ECDSA_NISTP384; | |
26 } | |
27 #endif | |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
28 #if DROPBEAR_ECC_521 |
795 | 29 if (key->dp == ecc_curve_nistp521.dp) { |
30 return DROPBEAR_SIGNKEY_ECDSA_NISTP521; | |
31 } | |
32 #endif | |
33 return DROPBEAR_SIGNKEY_NONE; | |
34 } | |
35 | |
766 | 36 ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) { |
857 | 37 const ltc_ecc_set_type *dp = NULL; /* curve domain parameters */ |
855
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
38 ecc_key *new_key = NULL; |
766 | 39 switch (bit_size) { |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
40 #if DROPBEAR_ECC_256 |
766 | 41 case 256: |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
42 dp = ecc_curve_nistp256.dp; |
766 | 43 break; |
44 #endif | |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
45 #if DROPBEAR_ECC_384 |
766 | 46 case 384: |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
47 dp = ecc_curve_nistp384.dp; |
766 | 48 break; |
49 #endif | |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
50 #if DROPBEAR_ECC_521 |
766 | 51 case 521: |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
52 dp = ecc_curve_nistp521.dp; |
766 | 53 break; |
54 #endif | |
55 } | |
56 if (!dp) { | |
57 dropbear_exit("Key size %d isn't valid. Try " | |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
58 #if DROPBEAR_ECC_256 |
766 | 59 "256 " |
60 #endif | |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
61 #if DROPBEAR_ECC_384 |
766 | 62 "384 " |
63 #endif | |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1250
diff
changeset
|
64 #if DROPBEAR_ECC_521 |
766 | 65 "521 " |
66 #endif | |
67 , bit_size); | |
68 } | |
69 | |
855
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
70 new_key = m_malloc(sizeof(*new_key)); |
766 | 71 if (ecc_make_key_ex(NULL, dropbear_ltc_prng, new_key, dp) != CRYPT_OK) { |
72 dropbear_exit("ECC error"); | |
73 } | |
74 return new_key; | |
75 } | |
76 | |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
77 ecc_key *buf_get_ecdsa_pub_key(buffer* buf) { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
78 unsigned char *key_ident = NULL, *identifier = NULL; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
79 unsigned int key_ident_len, identifier_len; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
80 buffer *q_buf = NULL; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
81 struct dropbear_ecc_curve **curve; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
82 ecc_key *new_key = NULL; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
83 |
857 | 84 /* string "ecdsa-sha2-[identifier]" */ |
1122
aaf576b27a10
Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents:
1107
diff
changeset
|
85 key_ident = (unsigned char*)buf_getstring(buf, &key_ident_len); |
857 | 86 /* string "[identifier]" */ |
1122
aaf576b27a10
Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents:
1107
diff
changeset
|
87 identifier = (unsigned char*)buf_getstring(buf, &identifier_len); |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
88 |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
89 if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
90 TRACE(("Bad identifier lengths")) |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
91 goto out; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
92 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
93 if (memcmp(&key_ident[strlen("ecdsa-sha2-")], identifier, identifier_len) != 0) { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
94 TRACE(("mismatching identifiers")) |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
95 goto out; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
96 } |
766 | 97 |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
98 for (curve = dropbear_ecc_curves; *curve; curve++) { |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
99 if (memcmp(identifier, (char*)(*curve)->name, strlen((char*)(*curve)->name)) == 0) { |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
100 break; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
101 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
102 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
103 if (!*curve) { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
104 TRACE(("couldn't match ecc curve")) |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
105 goto out; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
106 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
107 |
857 | 108 /* string Q */ |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
109 q_buf = buf_getstringbuf(buf); |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
110 new_key = buf_get_ecc_raw_pubkey(q_buf, *curve); |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
111 |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
112 out: |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
113 m_free(key_ident); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
114 m_free(identifier); |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
115 if (q_buf) { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
116 buf_free(q_buf); |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
117 q_buf = NULL; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
118 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
119 TRACE(("leave buf_get_ecdsa_pub_key")) |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
120 return new_key; |
766 | 121 } |
122 | |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
123 ecc_key *buf_get_ecdsa_priv_key(buffer *buf) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
124 ecc_key *new_key = NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
125 TRACE(("enter buf_get_ecdsa_priv_key")) |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
126 new_key = buf_get_ecdsa_pub_key(buf); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
127 if (!new_key) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
128 return NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
129 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
130 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
131 if (buf_getmpint(buf, new_key->k) != DROPBEAR_SUCCESS) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
132 ecc_free(new_key); |
1000
c0b1b7eb5c84
Fix memory leak of ecdsa structure, found by Coverity
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
133 m_free(new_key); |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
134 return NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
135 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
136 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
137 return new_key; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
138 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
139 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
140 void buf_put_ecdsa_pub_key(buffer *buf, ecc_key *key) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
141 struct dropbear_ecc_curve *curve = NULL; |
1105
c339657c9758
Turn local key_indent variable into char *
Gaël PORTAY <gael.portay@gmail.com>
parents:
1058
diff
changeset
|
142 char key_ident[30]; |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
143 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
144 curve = curve_for_dp(key->dp); |
1105
c339657c9758
Turn local key_indent variable into char *
Gaël PORTAY <gael.portay@gmail.com>
parents:
1058
diff
changeset
|
145 snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name); |
1122
aaf576b27a10
Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents:
1107
diff
changeset
|
146 buf_putstring(buf, key_ident, strlen(key_ident)); |
aaf576b27a10
Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents:
1107
diff
changeset
|
147 buf_putstring(buf, curve->name, strlen(curve->name)); |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
148 buf_put_ecc_raw_pubkey_string(buf, key); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
149 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
150 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
151 void buf_put_ecdsa_priv_key(buffer *buf, ecc_key *key) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
152 buf_put_ecdsa_pub_key(buf, key); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
153 buf_putmpint(buf, key->k); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
154 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
155 |
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
156 void buf_put_ecdsa_sign(buffer *buf, const ecc_key *key, const buffer *data_buf) { |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
157 /* Based on libtomcrypt's ecc_sign_hash but without the asn1 */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
158 int err = DROPBEAR_FAILURE; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
159 struct dropbear_ecc_curve *curve = NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
160 hash_state hs; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
161 unsigned char hash[64]; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
162 void *e = NULL, *p = NULL, *s = NULL, *r; |
1105
c339657c9758
Turn local key_indent variable into char *
Gaël PORTAY <gael.portay@gmail.com>
parents:
1058
diff
changeset
|
163 char key_ident[30]; |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
164 buffer *sigbuf = NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
165 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
166 TRACE(("buf_put_ecdsa_sign")) |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
167 curve = curve_for_dp(key->dp); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
168 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
169 if (ltc_init_multi(&r, &s, &p, &e, NULL) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
170 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
171 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
172 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
173 curve->hash_desc->init(&hs); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
174 curve->hash_desc->process(&hs, data_buf->data, data_buf->len); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
175 curve->hash_desc->done(&hs, hash); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
176 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
177 if (ltc_mp.unsigned_read(e, hash, curve->hash_desc->hashsize) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
178 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
179 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
180 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
181 if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
182 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
183 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
184 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
185 for (;;) { |
857 | 186 ecc_key R_key; /* ephemeral key */ |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
187 if (ecc_make_key_ex(NULL, dropbear_ltc_prng, &R_key, key->dp) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
188 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
189 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
190 if (ltc_mp.mpdiv(R_key.pubkey.x, p, NULL, r) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
191 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
192 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
193 if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ) { |
857 | 194 /* try again */ |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
195 ecc_free(&R_key); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
196 continue; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
197 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
198 /* k = 1/k */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
199 if (ltc_mp.invmod(R_key.k, p, R_key.k) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
200 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
201 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
202 /* s = xr */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
203 if (ltc_mp.mulmod(key->k, r, p, s) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
204 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
205 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
206 /* s = e + xr */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
207 if (ltc_mp.add(e, s, s) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
208 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
209 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
210 if (ltc_mp.mpdiv(s, p, NULL, s) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
211 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
212 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
213 /* s = (e + xr)/k */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
214 if (ltc_mp.mulmod(s, R_key.k, p, s) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
215 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
216 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
217 ecc_free(&R_key); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
218 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
219 if (ltc_mp.compare_d(s, 0) != LTC_MP_EQ) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
220 break; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
221 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
222 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
223 |
1105
c339657c9758
Turn local key_indent variable into char *
Gaël PORTAY <gael.portay@gmail.com>
parents:
1058
diff
changeset
|
224 snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name); |
1122
aaf576b27a10
Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents:
1107
diff
changeset
|
225 buf_putstring(buf, key_ident, strlen(key_ident)); |
857 | 226 /* enough for nistp521 */ |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
227 sigbuf = buf_new(200); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
228 buf_putmpint(sigbuf, (mp_int*)r); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
229 buf_putmpint(sigbuf, (mp_int*)s); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
230 buf_putbufstring(buf, sigbuf); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
231 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
232 err = DROPBEAR_SUCCESS; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
233 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
234 out: |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
235 if (r && s && p && e) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
236 ltc_deinit_multi(r, s, p, e, NULL); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
237 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
238 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
239 if (sigbuf) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
240 buf_free(sigbuf); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
241 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
242 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
243 if (err == DROPBEAR_FAILURE) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
244 dropbear_exit("ECC error"); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
245 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
246 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
247 |
857 | 248 /* returns values in s and r |
249 returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | |
852
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
250 static int buf_get_ecdsa_verify_params(buffer *buf, |
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
251 void *r, void* s) { |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
252 int ret = DROPBEAR_FAILURE; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
253 unsigned int sig_len; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
254 unsigned int sig_pos; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
255 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
256 sig_len = buf_getint(buf); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
257 sig_pos = buf->pos; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
258 if (buf_getmpint(buf, r) != DROPBEAR_SUCCESS) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
259 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
260 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
261 if (buf_getmpint(buf, s) != DROPBEAR_SUCCESS) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
262 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
263 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
264 if (buf->pos - sig_pos != sig_len) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
265 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
266 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
267 ret = DROPBEAR_SUCCESS; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
268 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
269 out: |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
270 return ret; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
271 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
272 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
273 |
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
274 int buf_ecdsa_verify(buffer *buf, const ecc_key *key, const buffer *data_buf) { |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
275 /* Based on libtomcrypt's ecc_verify_hash but without the asn1 */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
276 int ret = DROPBEAR_FAILURE; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
277 hash_state hs; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
278 struct dropbear_ecc_curve *curve = NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
279 unsigned char hash[64]; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
280 ecc_point *mG = NULL, *mQ = NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
281 void *r = NULL, *s = NULL, *v = NULL, *w = NULL, *u1 = NULL, *u2 = NULL, |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
282 *e = NULL, *p = NULL, *m = NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
283 void *mp = NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
284 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
285 /* verify |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
286 * |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
287 * w = s^-1 mod n |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
288 * u1 = xw |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
289 * u2 = rw |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
290 * X = u1*G + u2*Q |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
291 * v = X_x1 mod n |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
292 * accept if v == r |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
293 */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
294 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
295 TRACE(("buf_ecdsa_verify")) |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
296 curve = curve_for_dp(key->dp); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
297 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
298 mG = ltc_ecc_new_point(); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
299 mQ = ltc_ecc_new_point(); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
300 if (ltc_init_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL) != CRYPT_OK |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
301 || !mG |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
302 || !mQ) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
303 dropbear_exit("ECC error"); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
304 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
305 |
852
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
306 if (buf_get_ecdsa_verify_params(buf, r, s) != DROPBEAR_SUCCESS) { |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
307 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
308 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
309 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
310 curve->hash_desc->init(&hs); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
311 curve->hash_desc->process(&hs, data_buf->data, data_buf->len); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
312 curve->hash_desc->done(&hs, hash); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
313 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
314 if (ltc_mp.unsigned_read(e, hash, curve->hash_desc->hashsize) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
315 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
316 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
317 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
318 /* get the order */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
319 if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
320 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
321 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
322 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
323 /* get the modulus */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
324 if (ltc_mp.read_radix(m, (char *)key->dp->prime, 16) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
325 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
326 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
327 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
328 /* check for zero */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
329 if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
330 || ltc_mp.compare_d(s, 0) == LTC_MP_EQ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
331 || ltc_mp.compare(r, p) != LTC_MP_LT |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
332 || ltc_mp.compare(s, p) != LTC_MP_LT) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
333 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
334 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
335 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
336 /* w = s^-1 mod n */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
337 if (ltc_mp.invmod(s, p, w) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
338 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
339 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
340 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
341 /* u1 = ew */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
342 if (ltc_mp.mulmod(e, w, p, u1) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
343 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
344 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
345 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
346 /* u2 = rw */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
347 if (ltc_mp.mulmod(r, w, p, u2) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
348 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
349 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
350 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
351 /* find mG and mQ */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
352 if (ltc_mp.read_radix(mG->x, (char *)key->dp->Gx, 16) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
353 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
354 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
355 if (ltc_mp.read_radix(mG->y, (char *)key->dp->Gy, 16) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
356 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
357 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
358 if (ltc_mp.set_int(mG->z, 1) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
359 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
360 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
361 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
362 if (ltc_mp.copy(key->pubkey.x, mQ->x) != CRYPT_OK |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
363 || ltc_mp.copy(key->pubkey.y, mQ->y) != CRYPT_OK |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
364 || ltc_mp.copy(key->pubkey.z, mQ->z) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
365 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
366 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
367 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
368 /* compute u1*mG + u2*mQ = mG */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
369 if (ltc_mp.ecc_mul2add == NULL) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
370 if (ltc_mp.ecc_ptmul(u1, mG, mG, m, 0) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
371 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
372 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
373 if (ltc_mp.ecc_ptmul(u2, mQ, mQ, m, 0) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
374 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
375 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
376 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
377 /* find the montgomery mp */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
378 if (ltc_mp.montgomery_setup(m, &mp) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
379 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
380 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
381 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
382 /* add them */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
383 if (ltc_mp.ecc_ptadd(mQ, mG, mG, m, mp) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
384 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
385 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
386 |
1250 | 387 /* reduce */ |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
388 if (ltc_mp.ecc_map(mG, m, mp) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
389 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
390 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
391 } else { |
1250 | 392 /* use Shamir's trick to compute u1*mG + u2*mQ using half of the doubles */ |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
393 if (ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, m) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
394 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
395 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
396 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
397 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
398 /* v = X_x1 mod n */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
399 if (ltc_mp.mpdiv(mG->x, p, NULL, v) != CRYPT_OK) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
400 goto out; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
401 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
402 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
403 /* does v == r */ |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
404 if (ltc_mp.compare(v, r) == LTC_MP_EQ) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
405 ret = DROPBEAR_SUCCESS; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
406 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
407 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
408 out: |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
409 ltc_ecc_del_point(mG); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
410 ltc_ecc_del_point(mQ); |
1058
063c38ea622b
Fix some memory leaks in ecc code
Matt Johnston <matt@ucc.asn.au>
parents:
1000
diff
changeset
|
411 ltc_deinit_multi(r, s, v, w, u1, u2, p, e, m, NULL); |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
412 if (mp != NULL) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
413 ltc_mp.montgomery_deinit(mp); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
414 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
415 return ret; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
416 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
417 |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
767
diff
changeset
|
418 |
766 | 419 |
857 | 420 #endif /* DROPBEAR_ECDSA */ |