Mercurial > dropbear
comparison common-kex.c @ 1175:1b8afc698e39
check for zero K value from curve25519
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 25 Nov 2015 22:15:59 +0800 |
| parents | a9e074b78cd5 |
| children | 82e2037d34ea 2bb4c662d1c2 |
comparison
equal
deleted
inserted
replaced
| 1174:80cacacfec23 | 1175:1b8afc698e39 |
|---|---|
| 758 void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *buf_pub_them, | 758 void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *buf_pub_them, |
| 759 sign_key *hostkey) { | 759 sign_key *hostkey) { |
| 760 unsigned char out[CURVE25519_LEN]; | 760 unsigned char out[CURVE25519_LEN]; |
| 761 const unsigned char* Q_C = NULL; | 761 const unsigned char* Q_C = NULL; |
| 762 const unsigned char* Q_S = NULL; | 762 const unsigned char* Q_S = NULL; |
| 763 char zeroes[CURVE25519_LEN] = {0}; | |
| 763 | 764 |
| 764 if (buf_pub_them->len != CURVE25519_LEN) | 765 if (buf_pub_them->len != CURVE25519_LEN) |
| 765 { | 766 { |
| 766 dropbear_exit("Bad curve25519"); | 767 dropbear_exit("Bad curve25519"); |
| 767 } | 768 } |
| 768 | 769 |
| 769 curve25519_donna(out, param->priv, buf_pub_them->data); | 770 curve25519_donna(out, param->priv, buf_pub_them->data); |
| 771 | |
| 772 if (constant_time_memcmp(zeroes, out, CURVE25519_LEN) == 0) { | |
| 773 dropbear_exit("Bad curve25519"); | |
| 774 } | |
| 775 | |
| 770 m_mp_alloc_init_multi(&ses.dh_K, NULL); | 776 m_mp_alloc_init_multi(&ses.dh_K, NULL); |
| 771 bytes_to_mp(ses.dh_K, out, CURVE25519_LEN); | 777 bytes_to_mp(ses.dh_K, out, CURVE25519_LEN); |
| 772 m_burn(out, sizeof(out)); | 778 m_burn(out, sizeof(out)); |
| 773 | 779 |
| 774 /* Create the remainder of the hash buffer, to generate the exchange hash. | 780 /* Create the remainder of the hash buffer, to generate the exchange hash. |