Mercurial > dropbear

comparison cli-kex.c @ 848:6c69e7df3621 ecc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
curve25519
author Matt Johnston <matt@ucc.asn.au>
date Fri, 08 Nov 2013 23:11:43 +0800
parents 7dcb46da72d9
children 754d7bee1068
comparison
equal deleted inserted replaced
845:774ad9b112ef 848:6c69e7df3621
45 void send_msg_kexdh_init() { 45 void send_msg_kexdh_init() {
46 TRACE(("send_msg_kexdh_init()")) 46 TRACE(("send_msg_kexdh_init()"))
47 47
48 CHECKCLEARTOWRITE(); 48 CHECKCLEARTOWRITE();
49 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_INIT); 49 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_INIT);
50 if (IS_NORMAL_DH(ses.newkeys->algo_kex)) { 50 switch (ses.newkeys->algo_kex->mode) {
51 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo 51 case DROPBEAR_KEX_NORMAL_DH:
52 || !cli_ses.dh_param) { 52 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo
53 if (cli_ses.dh_param) { 53 || !cli_ses.dh_param) {
54 free_kexdh_param(cli_ses.dh_param); 54 if (cli_ses.dh_param) {
55 } 55 free_kexdh_param(cli_ses.dh_param);
56 cli_ses.dh_param = gen_kexdh_param(); 56 }
57 } 57 cli_ses.dh_param = gen_kexdh_param();
58 buf_putmpint(ses.writepayload, &cli_ses.dh_param->pub); 58 }
59 } else { 59 buf_putmpint(ses.writepayload, &cli_ses.dh_param->pub);
60 break;
61 case DROPBEAR_KEX_ECDH:
60 #ifdef DROPBEAR_ECDH 62 #ifdef DROPBEAR_ECDH
61 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo 63 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo
62 || !cli_ses.ecdh_param) { 64 || !cli_ses.ecdh_param) {
63 if (cli_ses.ecdh_param) { 65 if (cli_ses.ecdh_param) {
64 free_kexecdh_param(cli_ses.ecdh_param); 66 free_kexecdh_param(cli_ses.ecdh_param);
65 } 67 }
66 cli_ses.ecdh_param = gen_kexecdh_param(); 68 cli_ses.ecdh_param = gen_kexecdh_param();
67 } 69 }
68 buf_put_ecc_raw_pubkey_string(ses.writepayload, &cli_ses.ecdh_param->key); 70 buf_put_ecc_raw_pubkey_string(ses.writepayload, &cli_ses.ecdh_param->key);
69 #endif 71 #endif
70 } 72 break;
73 #ifdef DROPBEAR_CURVE25519
74 case DROPBEAR_KEX_CURVE25519:
75 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo
76 || !cli_ses.curve25519_param) {
77 if (cli_ses.curve25519_param) {
78 free_kexcurve25519_param(cli_ses.curve25519_param);
79 }
80 cli_ses.curve25519_param = gen_kexcurve25519_param();
81 }
82 buf_putstring(ses.writepayload, cli_ses.curve25519_param->priv, CURVE25519_LEN);
83 #endif
84 break;
85 }
86
71 cli_ses.param_kex_algo = ses.newkeys->algo_kex; 87 cli_ses.param_kex_algo = ses.newkeys->algo_kex;
72 encrypt_packet(); 88 encrypt_packet();
73 ses.requirenext[0] = SSH_MSG_KEXDH_REPLY; 89 ses.requirenext[0] = SSH_MSG_KEXDH_REPLY;
74 ses.requirenext[1] = SSH_MSG_KEXINIT; 90 ses.requirenext[1] = SSH_MSG_KEXINIT;
75 } 91 }
101 if (buf_get_pub_key(ses.payload, hostkey, &type) != DROPBEAR_SUCCESS) { 117 if (buf_get_pub_key(ses.payload, hostkey, &type) != DROPBEAR_SUCCESS) {
102 TRACE(("failed getting pubkey")) 118 TRACE(("failed getting pubkey"))
103 dropbear_exit("Bad KEX packet"); 119 dropbear_exit("Bad KEX packet");
104 } 120 }
105 121
106 if (IS_NORMAL_DH(ses.newkeys->algo_kex)) { 122 switch (ses.newkeys->algo_kex->mode) {
107 // Normal diffie-hellman 123 case DROPBEAR_KEX_NORMAL_DH:
108 DEF_MP_INT(dh_f); 124 {
109 m_mp_init(&dh_f); 125 DEF_MP_INT(dh_f);
110 if (buf_getmpint(ses.payload, &dh_f) != DROPBEAR_SUCCESS) { 126 m_mp_init(&dh_f);
111 TRACE(("failed getting mpint")) 127 if (buf_getmpint(ses.payload, &dh_f) != DROPBEAR_SUCCESS) {
112 dropbear_exit("Bad KEX packet"); 128 TRACE(("failed getting mpint"))
113 } 129 dropbear_exit("Bad KEX packet");
114 130 }
115 kexdh_comb_key(cli_ses.dh_param, &dh_f, hostkey); 131
116 mp_clear(&dh_f); 132 kexdh_comb_key(cli_ses.dh_param, &dh_f, hostkey);
117 } else { 133 mp_clear(&dh_f);
134 }
135 break;
136 case DROPBEAR_KEX_ECDH:
118 #ifdef DROPBEAR_ECDH 137 #ifdef DROPBEAR_ECDH
119 buffer *ecdh_qs = buf_getstringbuf(ses.payload); 138 {
120 kexecdh_comb_key(cli_ses.ecdh_param, ecdh_qs, hostkey); 139 buffer *ecdh_qs = buf_getstringbuf(ses.payload);
121 buf_free(ecdh_qs); 140 kexecdh_comb_key(cli_ses.ecdh_param, ecdh_qs, hostkey);
122 #endif 141 buf_free(ecdh_qs);
142 }
143 #endif
144 break;
145 #ifdef DROPBEAR_CURVE25519
146 case DROPBEAR_KEX_CURVE25519:
147 {
148 buffer *ecdh_qs = buf_getstringbuf(ses.payload);
149 kexcurve25519_comb_key(cli_ses.curve25519_param, ecdh_qs, hostkey);
150 buf_free(ecdh_qs);
151 }
152 #endif
153 break;
123 } 154 }
124 155
125 if (cli_ses.dh_param) { 156 if (cli_ses.dh_param) {
126 free_kexdh_param(cli_ses.dh_param); 157 free_kexdh_param(cli_ses.dh_param);
127 cli_ses.dh_param = NULL; 158 cli_ses.dh_param = NULL;
128 } 159 }
129 #ifdef DROPBEAR_ECDH 160 #ifdef DROPBEAR_ECDH
130 if (cli_ses.ecdh_param) { 161 if (cli_ses.ecdh_param) {
131 free_kexecdh_param(cli_ses.ecdh_param); 162 free_kexecdh_param(cli_ses.ecdh_param);
132 cli_ses.ecdh_param = NULL; 163 cli_ses.ecdh_param = NULL;
164 }
165 #endif
166 #ifdef DROPBEAR_CURVE25519
167 if (cli_ses.curve25519_param) {
168 free_kexcurve25519_param(cli_ses.curve25519_param);
169 cli_ses.curve25519_param = NULL;
133 } 170 }
134 #endif 171 #endif
135 172
136 cli_ses.param_kex_algo = NULL; 173 cli_ses.param_kex_algo = NULL;
137 if (buf_verify(ses.payload, hostkey, ses.hash) != DROPBEAR_SUCCESS) { 174 if (buf_verify(ses.payload, hostkey, ses.hash) != DROPBEAR_SUCCESS) {