Mercurial > dropbear
annotate ecc.c @ 994:5c5ade336926
Prefer stronger algorithms in algorithm negotiation.
Prefer diffie-hellman-group14-sha1 (2048 bit) over
diffie-hellman-group1-sha1 (1024 bit).
Due to meet-in-the-middle attacks the effective key length of
three key 3DES is 112 bits. AES is stronger and faster then 3DES.
Prefer to delay the start of compression until after authentication
has completed. This avoids exposing compression code to attacks
from unauthenticated users.
(github pull request #9)
author | Fedor Brunner <fedor.brunner@azet.sk> |
---|---|
date | Fri, 23 Jan 2015 23:00:25 +0800 |
parents | 30ab30e46452 |
children | 063c38ea622b |
rev | line source |
---|---|
756 | 1 #include "includes.h" |
2 #include "options.h" | |
3 #include "ecc.h" | |
759
76fba0856749
More changes for KEX and ECDH. Set up hash descriptors, make ECC code work,
Matt Johnston <matt@ucc.asn.au>
parents:
757
diff
changeset
|
4 #include "dbutil.h" |
76fba0856749
More changes for KEX and ECDH. Set up hash descriptors, make ECC code work,
Matt Johnston <matt@ucc.asn.au>
parents:
757
diff
changeset
|
5 #include "bignum.h" |
756 | 6 |
755
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 #ifdef DROPBEAR_ECC |
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 |
852
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
805
diff
changeset
|
9 /* .dp members are filled out by dropbear_ecc_fill_dp() at startup */ |
756 | 10 #ifdef DROPBEAR_ECC_256 |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
11 struct dropbear_ecc_curve ecc_curve_nistp256 = { |
855
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
12 32, /* .ltc_size */ |
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
13 NULL, /* .dp */ |
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
14 &sha256_desc, /* .hash_desc */ |
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
15 "nistp256" /* .name */ |
756 | 16 }; |
17 #endif | |
18 #ifdef DROPBEAR_ECC_384 | |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
19 struct dropbear_ecc_curve ecc_curve_nistp384 = { |
855
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
20 48, /* .ltc_size */ |
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
21 NULL, /* .dp */ |
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
22 &sha384_desc, /* .hash_desc */ |
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
23 "nistp384" /* .name */ |
756 | 24 }; |
25 #endif | |
757 | 26 #ifdef DROPBEAR_ECC_521 |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
27 struct dropbear_ecc_curve ecc_curve_nistp521 = { |
855
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
28 66, /* .ltc_size */ |
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
29 NULL, /* .dp */ |
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
30 &sha512_desc, /* .hash_desc */ |
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
31 "nistp521" /* .name */ |
756 | 32 }; |
33 #endif | |
34 | |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
35 struct dropbear_ecc_curve *dropbear_ecc_curves[] = { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
36 #ifdef DROPBEAR_ECC_256 |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
37 &ecc_curve_nistp256, |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
38 #endif |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
39 #ifdef DROPBEAR_ECC_384 |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
40 &ecc_curve_nistp384, |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
41 #endif |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
42 #ifdef DROPBEAR_ECC_521 |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
43 &ecc_curve_nistp521, |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
44 #endif |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
45 NULL |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
46 }; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
47 |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
48 void dropbear_ecc_fill_dp() { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
49 struct dropbear_ecc_curve **curve; |
852
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
805
diff
changeset
|
50 /* libtomcrypt guarantees they're ordered by size */ |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
51 const ltc_ecc_set_type *dp = ltc_ecc_sets; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
52 for (curve = dropbear_ecc_curves; *curve; curve++) { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
53 for (;dp->size > 0; dp++) { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
54 if (dp->size == (*curve)->ltc_size) { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
55 (*curve)->dp = dp; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
56 break; |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
57 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
58 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
59 if (!(*curve)->dp) { |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
60 dropbear_exit("Missing ECC params %s", (*curve)->name); |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
61 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
62 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
63 } |
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
64 |
793
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
65 struct dropbear_ecc_curve* curve_for_dp(const ltc_ecc_set_type *dp) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
66 struct dropbear_ecc_curve **curve = NULL; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
67 for (curve = dropbear_ecc_curves; *curve; curve++) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
68 if ((*curve)->dp == dp) { |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
69 break; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
70 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
71 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
72 assert(*curve); |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
73 return *curve; |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
74 } |
70625eed40c9
A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents:
768
diff
changeset
|
75 |
767
e465ed10c51d
Be safer with how we handle ltc_ecc_sets[] (particularly with
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
76 ecc_key * new_ecc_key(void) { |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
77 ecc_key *key = m_malloc(sizeof(*key)); |
864 | 78 m_mp_alloc_init_multi((mp_int**)&key->pubkey.x, (mp_int**)&key->pubkey.y, |
79 (mp_int**)&key->pubkey.z, (mp_int**)&key->k, NULL); | |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
80 return key; |
759
76fba0856749
More changes for KEX and ECDH. Set up hash descriptors, make ECC code work,
Matt Johnston <matt@ucc.asn.au>
parents:
757
diff
changeset
|
81 } |
756 | 82 |
857 | 83 /* Copied from libtomcrypt ecc_import.c (version there is static), modified |
84 for different mp_int pointer without LTC_SOURCE */ | |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
85 static int ecc_is_point(ecc_key *key) |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
86 { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
87 mp_int *prime, *b, *t1, *t2; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
88 int err; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
89 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
90 prime = m_malloc(sizeof(mp_int)); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
91 b = m_malloc(sizeof(mp_int)); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
92 t1 = m_malloc(sizeof(mp_int)); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
93 t2 = m_malloc(sizeof(mp_int)); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
94 |
805
724c3e0c8734
Add m_mp_alloc_init_multi() helper
Matt Johnston <matt@ucc.asn.au>
parents:
793
diff
changeset
|
95 m_mp_alloc_init_multi(&prime, &b, &t1, &t2, NULL); |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
96 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
97 /* load prime and b */ |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
98 if ((err = mp_read_radix(prime, key->dp->prime, 16)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
99 if ((err = mp_read_radix(b, key->dp->B, 16)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
100 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
101 /* compute y^2 */ |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
102 if ((err = mp_sqr(key->pubkey.y, t1)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
103 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
104 /* compute x^3 */ |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
105 if ((err = mp_sqr(key->pubkey.x, t2)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
106 if ((err = mp_mod(t2, prime, t2)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
107 if ((err = mp_mul(key->pubkey.x, t2, t2)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
108 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
109 /* compute y^2 - x^3 */ |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
110 if ((err = mp_sub(t1, t2, t1)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
111 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
112 /* compute y^2 - x^3 + 3x */ |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
113 if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
114 if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
115 if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
116 if ((err = mp_mod(t1, prime, t1)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
117 while (mp_cmp_d(t1, 0) == LTC_MP_LT) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
118 if ((err = mp_add(t1, prime, t1)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
119 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
120 while (mp_cmp(t1, prime) != LTC_MP_LT) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
121 if ((err = mp_sub(t1, prime, t1)) != CRYPT_OK) { goto error; } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
122 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
123 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
124 /* compare to b */ |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
125 if (mp_cmp(t1, b) != LTC_MP_EQ) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
126 err = CRYPT_INVALID_PACKET; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
127 } else { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
128 err = CRYPT_OK; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
129 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
130 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
131 error: |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
132 mp_clear_multi(prime, b, t1, t2, NULL); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
133 m_free(prime); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
134 m_free(b); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
135 m_free(t1); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
136 m_free(t2); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
137 return err; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
138 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
139 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
140 /* For the "ephemeral public key octet string" in ECDH (rfc5656 section 4) */ |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
141 void buf_put_ecc_raw_pubkey_string(buffer *buf, ecc_key *key) { |
759
76fba0856749
More changes for KEX and ECDH. Set up hash descriptors, make ECC code work,
Matt Johnston <matt@ucc.asn.au>
parents:
757
diff
changeset
|
142 unsigned long len = key->dp->size*2 + 1; |
855
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
143 int err; |
759
76fba0856749
More changes for KEX and ECDH. Set up hash descriptors, make ECC code work,
Matt Johnston <matt@ucc.asn.au>
parents:
757
diff
changeset
|
144 buf_putint(buf, len); |
855
04ede40a529a
- Some fixes for old compilers like tru64 v4 from Daniel Richard G.
Matt Johnston <matt@ucc.asn.au>
parents:
852
diff
changeset
|
145 err = ecc_ansi_x963_export(key, buf_getwriteptr(buf, len), &len); |
755
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
146 if (err != CRYPT_OK) { |
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
147 dropbear_exit("ECC error"); |
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
148 } |
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
149 buf_incrwritepos(buf, len); |
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
150 } |
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
151 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
152 /* For the "ephemeral public key octet string" in ECDH (rfc5656 section 4) */ |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
153 ecc_key * buf_get_ecc_raw_pubkey(buffer *buf, const struct dropbear_ecc_curve *curve) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
154 ecc_key *key = NULL; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
155 int ret = DROPBEAR_FAILURE; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
156 const unsigned int size = curve->dp->size; |
768 | 157 unsigned char first; |
158 | |
159 TRACE(("enter buf_get_ecc_raw_pubkey")) | |
160 | |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
161 buf_setpos(buf, 0); |
768 | 162 first = buf_getbyte(buf); |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
163 if (first == 2 || first == 3) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
164 dropbear_log(LOG_WARNING, "Dropbear doesn't support ECC point compression"); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
165 return NULL; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
166 } |
768 | 167 if (first != 4 || buf->len != 1+2*size) { |
168 TRACE(("leave, wrong size")) | |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
169 return NULL; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
170 } |
759
76fba0856749
More changes for KEX and ECDH. Set up hash descriptors, make ECC code work,
Matt Johnston <matt@ucc.asn.au>
parents:
757
diff
changeset
|
171 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
172 key = new_ecc_key(); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
173 key->dp = curve->dp; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
174 |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
175 if (mp_read_unsigned_bin(key->pubkey.x, buf_getptr(buf, size), size) != MP_OKAY) { |
768 | 176 TRACE(("failed to read x")) |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
177 goto out; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
178 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
179 buf_incrpos(buf, size); |
759
76fba0856749
More changes for KEX and ECDH. Set up hash descriptors, make ECC code work,
Matt Johnston <matt@ucc.asn.au>
parents:
757
diff
changeset
|
180 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
181 if (mp_read_unsigned_bin(key->pubkey.y, buf_getptr(buf, size), size) != MP_OKAY) { |
768 | 182 TRACE(("failed to read y")) |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
183 goto out; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
184 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
185 buf_incrpos(buf, size); |
757 | 186 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
187 mp_set(key->pubkey.z, 1); |
757 | 188 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
189 if (ecc_is_point(key) != CRYPT_OK) { |
768 | 190 TRACE(("failed, not a point")) |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
191 goto out; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
192 } |
757 | 193 |
857 | 194 /* SEC1 3.2.3.1 Check that Q != 0 */ |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
195 if (mp_cmp_d(key->pubkey.x, 0) == LTC_MP_EQ) { |
768 | 196 TRACE(("failed, x == 0")) |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
197 goto out; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
198 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
199 if (mp_cmp_d(key->pubkey.y, 0) == LTC_MP_EQ) { |
768 | 200 TRACE(("failed, y == 0")) |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
201 goto out; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
202 } |
757 | 203 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
204 ret = DROPBEAR_SUCCESS; |
757 | 205 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
206 out: |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
207 if (ret == DROPBEAR_FAILURE) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
208 if (key) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
209 ecc_free(key); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
210 m_free(key); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
211 key = NULL; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
212 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
213 } |
757 | 214 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
215 return key; |
757 | 216 |
755
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
217 } |
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
218 |
857 | 219 /* a modified version of libtomcrypt's "ecc_shared_secret" to output |
220 a mp_int instead. */ | |
756 | 221 mp_int * dropbear_ecc_shared_secret(ecc_key *public_key, ecc_key *private_key) |
222 { | |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
223 ecc_point *result = NULL; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
224 mp_int *prime = NULL, *shared_secret = NULL; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
225 int err = DROPBEAR_FAILURE; |
756 | 226 |
227 /* type valid? */ | |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
228 if (private_key->type != PK_PRIVATE) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
229 goto done; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
230 } |
756 | 231 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
232 if (private_key->dp != public_key->dp) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
233 goto done; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
234 } |
756 | 235 |
236 /* make new point */ | |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
237 result = ltc_ecc_new_point(); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
238 if (result == NULL) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
239 goto done; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
240 } |
756 | 241 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
242 prime = m_malloc(sizeof(*prime)); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
243 m_mp_init(prime); |
756 | 244 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
245 if (mp_read_radix(prime, (char *)private_key->dp->prime, 16) != CRYPT_OK) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
246 goto done; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
247 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
248 if (ltc_mp.ecc_ptmul(private_key->k, &public_key->pubkey, result, prime, 1) != CRYPT_OK) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
249 goto done; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
250 } |
756 | 251 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
252 err = DROPBEAR_SUCCESS; |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
253 done: |
756 | 254 if (err == DROPBEAR_SUCCESS) { |
763 | 255 shared_secret = m_malloc(sizeof(*shared_secret)); |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
256 m_mp_init(shared_secret); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
257 mp_copy(result->x, shared_secret); |
756 | 258 } |
259 | |
260 if (prime) { | |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
261 mp_clear(prime); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
262 m_free(prime); |
756 | 263 } |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
264 if (result) |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
265 { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
266 ltc_ecc_del_point(result); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
267 } |
756 | 268 |
765
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
269 if (err == DROPBEAR_FAILURE) { |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
270 dropbear_exit("ECC error"); |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
271 } |
5503e05ab3a4
- Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string()
Matt Johnston <matt@ucc.asn.au>
parents:
763
diff
changeset
|
272 return shared_secret; |
756 | 273 } |
755
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
274 |
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
275 #endif |