Mercurial > dropbear
comparison ed25519.c @ 1855:35d504d59c05
Implement server-side support for sk-ecdsa U2F-backed keys (#142)
* Implement server-side support for sk-ecdsa U2F-backed keys
* Fix out-of-bounds read on normal ecdsa-sha2-[identifier] keys
* Fix one more potential out-of-bounds read
* Check if nistp256 curve is used in sk-ecdsa-sha2- key
It's the only allowed curve per PROTOCOL.u2f specification
* Implement server-side support for sk-ed25519 FIDO2-backed keys
* Keys with type sk-* make no sense as host keys, so they should be
disabled
* fix typo
* Make sk-ecdsa call buf_ecdsa_verify
This reduces code duplication, the SK code just handles the
different message format.
* Reduce sk specific code
The application id can be stored in signkey, then we don't need
to call sk-specific functions from svr-authpubkey
* Remove debugging output, which causes compilation errors with DEBUG_TRACE disabled
* Proper cleanup of sk_app
Co-authored-by: Matt Johnston <[email protected]>
| author | egor-duda <egor-duda@users.noreply.github.com> |
|---|---|
| date | Sat, 22 Jan 2022 16:53:04 +0300 |
| parents | 93dcc97c3f3f |
| children |
comparison
equal
deleted
inserted
replaced
| 1854:cba37fe1ddc8 | 1855:35d504d59c05 |
|---|---|
| 36 | 36 |
| 37 /* Load a public ed25519 key from a buffer, initialising the values. | 37 /* Load a public ed25519 key from a buffer, initialising the values. |
| 38 * The key will have the same format as buf_put_ed25519_key. | 38 * The key will have the same format as buf_put_ed25519_key. |
| 39 * These should be freed with ed25519_key_free. | 39 * These should be freed with ed25519_key_free. |
| 40 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 40 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
| 41 int buf_get_ed25519_pub_key(buffer *buf, dropbear_ed25519_key *key) { | 41 int buf_get_ed25519_pub_key(buffer *buf, dropbear_ed25519_key *key, |
| 42 enum signkey_type expect_keytype) { | |
| 42 | 43 |
| 43 unsigned int len; | 44 |
| 45 unsigned int len, typelen; | |
| 46 char *keytype = NULL; | |
| 47 enum signkey_type buf_keytype; | |
| 44 | 48 |
| 45 TRACE(("enter buf_get_ed25519_pub_key")) | 49 TRACE(("enter buf_get_ed25519_pub_key")) |
| 46 dropbear_assert(key != NULL); | 50 dropbear_assert(key != NULL); |
| 47 | 51 |
| 48 buf_incrpos(buf, 4+SSH_SIGNKEY_ED25519_LEN); /* int + "ssh-ed25519" */ | 52 /* consume and check the key string */ |
| 53 keytype = buf_getstring(buf, &typelen); | |
| 54 buf_keytype = signkey_type_from_name(keytype, typelen); | |
| 55 m_free(keytype); | |
| 56 if (buf_keytype != expect_keytype) { | |
| 57 TRACE(("leave buf_get_ed25519_pub_key: mismatch key type")) | |
| 58 return DROPBEAR_FAILURE; | |
| 59 } | |
| 49 | 60 |
| 50 len = buf_getint(buf); | 61 len = buf_getint(buf); |
| 51 if (len != CURVE25519_LEN || buf->len - buf->pos < len) { | 62 if (len != CURVE25519_LEN || buf->len - buf->pos < len) { |
| 52 TRACE(("leave buf_get_ed25519_pub_key: failure")) | 63 TRACE(("leave buf_get_ed25519_pub_key: failure")) |
| 53 return DROPBEAR_FAILURE; | 64 return DROPBEAR_FAILURE; |