Mercurial > dropbear

comparison svr-kex.c @ 1294:56aba7dedbea

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
options for disabling "normal" DH
author Matt Johnston <matt@ucc.asn.au>
date Mon, 02 May 2016 23:48:16 +0200
parents c8f52c19e949
children 750ec4ec4cbe
comparison
equal deleted inserted replaced
1293:dc8f7997f10f 1294:56aba7dedbea
52 if (!ses.kexstate.recvkexinit) { 52 if (!ses.kexstate.recvkexinit) {
53 dropbear_exit("Premature kexdh_init message received"); 53 dropbear_exit("Premature kexdh_init message received");
54 } 54 }
55 55
56 switch (ses.newkeys->algo_kex->mode) { 56 switch (ses.newkeys->algo_kex->mode) {
57 #if DROPBEAR_NORMAL_DH
57 case DROPBEAR_KEX_NORMAL_DH: 58 case DROPBEAR_KEX_NORMAL_DH:
58 m_mp_init(&dh_e); 59 m_mp_init(&dh_e);
59 if (buf_getmpint(ses.payload, &dh_e) != DROPBEAR_SUCCESS) { 60 if (buf_getmpint(ses.payload, &dh_e) != DROPBEAR_SUCCESS) {
60 dropbear_exit("Bad kex value"); 61 dropbear_exit("Bad kex value");
61 } 62 }
62 break; 63 break;
64 #endif
65 #ifdef DROPBEAR_ECDH
63 case DROPBEAR_KEX_ECDH: 66 case DROPBEAR_KEX_ECDH:
67 #endif
68 #ifdef DROPBEAR_CURVE25519
64 case DROPBEAR_KEX_CURVE25519: 69 case DROPBEAR_KEX_CURVE25519:
70 #endif
65 #if defined(DROPBEAR_ECDH) || defined(DROPBEAR_CURVE25519) 71 #if defined(DROPBEAR_ECDH) || defined(DROPBEAR_CURVE25519)
66 ecdh_qs = buf_getstringbuf(ses.payload); 72 ecdh_qs = buf_getstringbuf(ses.payload);
67 #endif 73 break;
68 break; 74 #endif
69 } 75 }
70 if (ses.payload->pos != ses.payload->len) { 76 if (ses.payload->pos != ses.payload->len) {
71 dropbear_exit("Bad kex value"); 77 dropbear_exit("Bad kex value");
72 } 78 }
73 79
219 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_REPLY); 225 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_REPLY);
220 buf_put_pub_key(ses.writepayload, svr_opts.hostkey, 226 buf_put_pub_key(ses.writepayload, svr_opts.hostkey,
221 ses.newkeys->algo_hostkey); 227 ses.newkeys->algo_hostkey);
222 228
223 switch (ses.newkeys->algo_kex->mode) { 229 switch (ses.newkeys->algo_kex->mode) {
230 #ifdef DROPBEAR_NORMAL_DH
224 case DROPBEAR_KEX_NORMAL_DH: 231 case DROPBEAR_KEX_NORMAL_DH:
225 { 232 {
226 struct kex_dh_param * dh_param = gen_kexdh_param(); 233 struct kex_dh_param * dh_param = gen_kexdh_param();
227 kexdh_comb_key(dh_param, dh_e, svr_opts.hostkey); 234 kexdh_comb_key(dh_param, dh_e, svr_opts.hostkey);
228 235
229 /* put f */ 236 /* put f */
230 buf_putmpint(ses.writepayload, &dh_param->pub); 237 buf_putmpint(ses.writepayload, &dh_param->pub);
231 free_kexdh_param(dh_param); 238 free_kexdh_param(dh_param);
232 } 239 }
233 break; 240 break;
241 #endif
242 #ifdef DROPBEAR_ECDH
234 case DROPBEAR_KEX_ECDH: 243 case DROPBEAR_KEX_ECDH:
235 #ifdef DROPBEAR_ECDH
236 { 244 {
237 struct kex_ecdh_param *ecdh_param = gen_kexecdh_param(); 245 struct kex_ecdh_param *ecdh_param = gen_kexecdh_param();
238 kexecdh_comb_key(ecdh_param, ecdh_qs, svr_opts.hostkey); 246 kexecdh_comb_key(ecdh_param, ecdh_qs, svr_opts.hostkey);
239 247
240 buf_put_ecc_raw_pubkey_string(ses.writepayload, &ecdh_param->key); 248 buf_put_ecc_raw_pubkey_string(ses.writepayload, &ecdh_param->key);
241 free_kexecdh_param(ecdh_param); 249 free_kexecdh_param(ecdh_param);
242 } 250 }
243 #endif 251 break;
244 break; 252 #endif
253 #ifdef DROPBEAR_CURVE25519
245 case DROPBEAR_KEX_CURVE25519: 254 case DROPBEAR_KEX_CURVE25519:
246 #ifdef DROPBEAR_CURVE25519
247 { 255 {
248 struct kex_curve25519_param *param = gen_kexcurve25519_param(); 256 struct kex_curve25519_param *param = gen_kexcurve25519_param();
249 kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey); 257 kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey);
250 buf_putstring(ses.writepayload, (const char*)param->pub, CURVE25519_LEN); 258 buf_putstring(ses.writepayload, (const char*)param->pub, CURVE25519_LEN);
251 free_kexcurve25519_param(param); 259 free_kexcurve25519_param(param);
252 } 260 }
253 #endif 261 break;
254 break; 262 #endif
255 } 263 }
256 264
257 /* calc the signature */ 265 /* calc the signature */
258 buf_put_sign(ses.writepayload, svr_opts.hostkey, 266 buf_put_sign(ses.writepayload, svr_opts.hostkey,
259 ses.newkeys->algo_hostkey, ses.hash); 267 ses.newkeys->algo_hostkey, ses.hash);