Mercurial > dropbear
comparison dss.c @ 642:33fd2f3499d2 dropbear-tfm
A few build fixes
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 22 Nov 2011 19:28:58 +0700 |
parents | 2b1bb792cd4d |
children |
comparison
equal
deleted
inserted
replaced
641:2b1bb792cd4d | 642:33fd2f3499d2 |
---|---|
41 | 41 |
42 /* Load a dss key from a buffer, initialising the values. | 42 /* Load a dss key from a buffer, initialising the values. |
43 * The key will have the same format as buf_put_dss_key. | 43 * The key will have the same format as buf_put_dss_key. |
44 * These should be freed with dss_key_free. | 44 * These should be freed with dss_key_free. |
45 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 45 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
46 int buf_get_dss_pub_key(buffer* buf, dss_key *key) { | 46 int buf_get_dss_pub_key(buffer* buf, dropbear_dss_key *key) { |
47 | 47 |
48 TRACE(("enter buf_get_dss_pub_key")) | 48 TRACE(("enter buf_get_dss_pub_key")) |
49 dropbear_assert(key != NULL); | 49 dropbear_assert(key != NULL); |
50 key->p = m_malloc(sizeof(fp_int)); | 50 key->p = m_malloc(sizeof(fp_int)); |
51 key->q = m_malloc(sizeof(fp_int)); | 51 key->q = m_malloc(sizeof(fp_int)); |
52 key->g = m_malloc(sizeof(fp_int)); | 52 key->g = m_malloc(sizeof(fp_int)); |
53 key->y = m_malloc(sizeof(fp_int)); | 53 key->y = m_malloc(sizeof(fp_int)); |
54 fp_init(key->p); | 54 m_fp_init_multi(key->p, key->q, key->g, key->y, NULL); |
55 fp_init(key->q); | |
56 fp_init(key->g); | |
57 fp_init(key->y); | |
58 key->x = NULL; | 55 key->x = NULL; |
59 | 56 |
60 buf_incrpos(buf, 4+SSH_SIGNKEY_DSS_LEN); /* int + "ssh-dss" */ | 57 buf_incrpos(buf, 4+SSH_SIGNKEY_DSS_LEN); /* int + "ssh-dss" */ |
61 if (buf_getfpint(buf, key->p) == DROPBEAR_FAILURE | 58 if (buf_getfpint(buf, key->p) == DROPBEAR_FAILURE |
62 || buf_getfpint(buf, key->q) == DROPBEAR_FAILURE | 59 || buf_getfpint(buf, key->q) == DROPBEAR_FAILURE |
77 } | 74 } |
78 | 75 |
79 /* Same as buf_get_dss_pub_key, but reads a private "x" key at the end. | 76 /* Same as buf_get_dss_pub_key, but reads a private "x" key at the end. |
80 * Loads a private dss key from a buffer | 77 * Loads a private dss key from a buffer |
81 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 78 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
82 int buf_get_dss_priv_key(buffer* buf, dss_key *key) { | 79 int buf_get_dss_priv_key(buffer* buf, dropbear_dss_key *key) { |
83 | 80 |
84 int ret = DROPBEAR_FAILURE; | 81 int ret = DROPBEAR_FAILURE; |
85 | 82 |
86 dropbear_assert(key != NULL); | 83 dropbear_assert(key != NULL); |
87 | 84 |
100 return ret; | 97 return ret; |
101 } | 98 } |
102 | 99 |
103 | 100 |
104 /* Clear and free the memory used by a public or private key */ | 101 /* Clear and free the memory used by a public or private key */ |
105 void dss_key_free(dss_key *key) { | 102 void dss_key_free(dropbear_dss_key *key) { |
106 | 103 |
107 TRACE(("enter dsa_key_free")) | 104 TRACE(("enter dsa_key_free")) |
108 if (key == NULL) { | 105 if (key == NULL) { |
109 TRACE(("enter dsa_key_free: key == NULL")) | 106 TRACE(("enter dsa_key_free: key == NULL")) |
110 return; | 107 return; |
139 * fpint p | 136 * fpint p |
140 * fpint q | 137 * fpint q |
141 * fpint g | 138 * fpint g |
142 * fpint y | 139 * fpint y |
143 */ | 140 */ |
144 void buf_put_dss_pub_key(buffer* buf, dss_key *key) { | 141 void buf_put_dss_pub_key(buffer* buf, dropbear_dss_key *key) { |
145 | 142 |
146 dropbear_assert(key != NULL); | 143 dropbear_assert(key != NULL); |
147 buf_putstring(buf, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN); | 144 buf_putstring(buf, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN); |
148 buf_putfpint(buf, key->p); | 145 buf_putfpint(buf, key->p); |
149 buf_putfpint(buf, key->q); | 146 buf_putfpint(buf, key->q); |
151 buf_putfpint(buf, key->y); | 148 buf_putfpint(buf, key->y); |
152 | 149 |
153 } | 150 } |
154 | 151 |
155 /* Same as buf_put_dss_pub_key, but with the private "x" key appended */ | 152 /* Same as buf_put_dss_pub_key, but with the private "x" key appended */ |
156 void buf_put_dss_priv_key(buffer* buf, dss_key *key) { | 153 void buf_put_dss_priv_key(buffer* buf, dropbear_dss_key *key) { |
157 | 154 |
158 dropbear_assert(key != NULL); | 155 dropbear_assert(key != NULL); |
159 buf_put_dss_pub_key(buf, key); | 156 buf_put_dss_pub_key(buf, key); |
160 buf_putfpint(buf, key->x); | 157 buf_putfpint(buf, key->x); |
161 | 158 |
162 } | 159 } |
163 | 160 |
164 #ifdef DROPBEAR_SIGNKEY_VERIFY | 161 #ifdef DROPBEAR_SIGNKEY_VERIFY |
165 /* Verify a DSS signature (in buf) made on data by the key given. | 162 /* Verify a DSS signature (in buf) made on data by the key given. |
166 * returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 163 * returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
167 int buf_dss_verify(buffer* buf, dss_key *key, const unsigned char* data, | 164 int buf_dss_verify(buffer* buf, dropbear_dss_key *key, const unsigned char* data, |
168 unsigned int len) { | 165 unsigned int len) { |
169 | 166 |
170 unsigned char msghash[SHA1_HASH_SIZE]; | 167 unsigned char msghash[SHA1_HASH_SIZE]; |
171 hash_state hs; | 168 hash_state hs; |
172 int ret = DROPBEAR_FAILURE; | 169 int ret = DROPBEAR_FAILURE; |
178 int stringlen; | 175 int stringlen; |
179 | 176 |
180 TRACE(("enter buf_dss_verify")) | 177 TRACE(("enter buf_dss_verify")) |
181 dropbear_assert(key != NULL); | 178 dropbear_assert(key != NULL); |
182 | 179 |
183 fp_init(&val1); | 180 m_fp_init_multi(&val1, &val2, &val3, &val4, NULL); |
184 fp_init(&val2); | |
185 fp_init(&val3); | |
186 fp_init(&val4); | |
187 | 181 |
188 /* get blob, check length */ | 182 /* get blob, check length */ |
189 string = buf_getstring(buf, &stringlen); | 183 string = buf_getstring(buf, &stringlen); |
190 if (stringlen != 2*SHA1_HASH_SIZE) { | 184 if (stringlen != 2*SHA1_HASH_SIZE) { |
191 goto out; | 185 goto out; |
294 * proto_k = SHA512 ( SHA512(x) || SHA160(message) ) | 288 * proto_k = SHA512 ( SHA512(x) || SHA160(message) ) |
295 * k = proto_k mod q | 289 * k = proto_k mod q |
296 * | 290 * |
297 * Now we aren't relying on the random number generation to protect the private | 291 * Now we aren't relying on the random number generation to protect the private |
298 * key x, which is a long term secret */ | 292 * key x, which is a long term secret */ |
299 void buf_put_dss_sign(buffer* buf, dss_key *key, const unsigned char* data, | 293 void buf_put_dss_sign(buffer* buf, dropbear_dss_key *key, const unsigned char* data, |
300 unsigned int len) { | 294 unsigned int len) { |
301 | 295 |
302 unsigned char msghash[SHA1_HASH_SIZE]; | 296 unsigned char msghash[SHA1_HASH_SIZE]; |
303 unsigned int writelen; | 297 unsigned int writelen; |
304 unsigned int i; | 298 unsigned int i; |