Mercurial > dropbear
comparison common-kex.c @ 793:70625eed40c9 ecc
A bit of work on ecdsa for host/auth keys
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 14 Apr 2013 00:50:03 +0800 |
| parents | d1575fdc29a6 |
| children | 7dcb46da72d9 |
comparison
equal
deleted
inserted
replaced
| 768:6e6ce39da2fc | 793:70625eed40c9 |
|---|---|
| 253 * | 253 * |
| 254 * See Section 7.2 of rfc4253 (ssh transport) for details */ | 254 * See Section 7.2 of rfc4253 (ssh transport) for details */ |
| 255 static void hashkeys(unsigned char *out, unsigned int outlen, | 255 static void hashkeys(unsigned char *out, unsigned int outlen, |
| 256 const hash_state * hs, const unsigned char X) { | 256 const hash_state * hs, const unsigned char X) { |
| 257 | 257 |
| 258 const struct ltc_hash_descriptor *hashdesc = ses.newkeys->algo_kex->hashdesc; | 258 const struct ltc_hash_descriptor *hash_desc = ses.newkeys->algo_kex->hash_desc; |
| 259 hash_state hs2; | 259 hash_state hs2; |
| 260 unsigned int offset; | 260 unsigned int offset; |
| 261 unsigned char tmpout[hashdesc->hashsize]; | 261 unsigned char tmpout[hash_desc->hashsize]; |
| 262 | 262 |
| 263 memcpy(&hs2, hs, sizeof(hash_state)); | 263 memcpy(&hs2, hs, sizeof(hash_state)); |
| 264 hashdesc->process(&hs2, &X, 1); | 264 hash_desc->process(&hs2, &X, 1); |
| 265 hashdesc->process(&hs2, ses.session_id->data, ses.session_id->len); | 265 hash_desc->process(&hs2, ses.session_id->data, ses.session_id->len); |
| 266 hashdesc->done(&hs2, tmpout); | 266 hash_desc->done(&hs2, tmpout); |
| 267 memcpy(out, tmpout, MIN(hashdesc->hashsize, outlen)); | 267 memcpy(out, tmpout, MIN(hash_desc->hashsize, outlen)); |
| 268 for (offset = hashdesc->hashsize; | 268 for (offset = hash_desc->hashsize; |
| 269 offset < outlen; | 269 offset < outlen; |
| 270 offset += hashdesc->hashsize) | 270 offset += hash_desc->hashsize) |
| 271 { | 271 { |
| 272 /* need to extend */ | 272 /* need to extend */ |
| 273 memcpy(&hs2, hs, sizeof(hash_state)); | 273 memcpy(&hs2, hs, sizeof(hash_state)); |
| 274 hashdesc->process(&hs2, out, offset); | 274 hash_desc->process(&hs2, out, offset); |
| 275 hashdesc->done(&hs2, tmpout); | 275 hash_desc->done(&hs2, tmpout); |
| 276 memcpy(&out[offset], tmpout, MIN(outlen - offset, hashdesc->hashsize)); | 276 memcpy(&out[offset], tmpout, MIN(outlen - offset, hash_desc->hashsize)); |
| 277 } | 277 } |
| 278 } | 278 } |
| 279 | 279 |
| 280 /* Generate the actual encryption/integrity keys, using the results of the | 280 /* Generate the actual encryption/integrity keys, using the results of the |
| 281 * key exchange, as specified in section 7.2 of the transport rfc 4253. | 281 * key exchange, as specified in section 7.2 of the transport rfc 4253. |
| 293 unsigned char S2C_key[MAX_KEY_LEN]; | 293 unsigned char S2C_key[MAX_KEY_LEN]; |
| 294 /* unsigned char key[MAX_KEY_LEN]; */ | 294 /* unsigned char key[MAX_KEY_LEN]; */ |
| 295 unsigned char *trans_IV, *trans_key, *recv_IV, *recv_key; | 295 unsigned char *trans_IV, *trans_key, *recv_IV, *recv_key; |
| 296 | 296 |
| 297 hash_state hs; | 297 hash_state hs; |
| 298 const struct ltc_hash_descriptor *hashdesc = ses.newkeys->algo_kex->hashdesc; | 298 const struct ltc_hash_descriptor *hash_desc = ses.newkeys->algo_kex->hash_desc; |
| 299 char mactransletter, macrecvletter; /* Client or server specific */ | 299 char mactransletter, macrecvletter; /* Client or server specific */ |
| 300 | 300 |
| 301 TRACE(("enter gen_new_keys")) | 301 TRACE(("enter gen_new_keys")) |
| 302 /* the dh_K and hash are the start of all hashes, we make use of that */ | 302 /* the dh_K and hash are the start of all hashes, we make use of that */ |
| 303 | 303 |
| 304 hashdesc->init(&hs); | 304 hash_desc->init(&hs); |
| 305 hash_process_mp(hashdesc, &hs, ses.dh_K); | 305 hash_process_mp(hash_desc, &hs, ses.dh_K); |
| 306 mp_clear(ses.dh_K); | 306 mp_clear(ses.dh_K); |
| 307 m_free(ses.dh_K); | 307 m_free(ses.dh_K); |
| 308 hashdesc->process(&hs, ses.hash->data, ses.hash->len); | 308 hash_desc->process(&hs, ses.hash->data, ses.hash->len); |
| 309 buf_burn(ses.hash); | 309 buf_burn(ses.hash); |
| 310 buf_free(ses.hash); | 310 buf_free(ses.hash); |
| 311 ses.hash = NULL; | 311 ses.hash = NULL; |
| 312 | 312 |
| 313 if (IS_DROPBEAR_CLIENT) { | 313 if (IS_DROPBEAR_CLIENT) { |
| 353 &ses.newkeys->trans.cipher_state) != CRYPT_OK) { | 353 &ses.newkeys->trans.cipher_state) != CRYPT_OK) { |
| 354 dropbear_exit("Crypto error"); | 354 dropbear_exit("Crypto error"); |
| 355 } | 355 } |
| 356 } | 356 } |
| 357 | 357 |
| 358 if (ses.newkeys->trans.algo_mac->hashdesc != NULL) { | 358 if (ses.newkeys->trans.algo_mac->hash_desc != NULL) { |
| 359 hashkeys(ses.newkeys->trans.mackey, | 359 hashkeys(ses.newkeys->trans.mackey, |
| 360 ses.newkeys->trans.algo_mac->keysize, &hs, mactransletter); | 360 ses.newkeys->trans.algo_mac->keysize, &hs, mactransletter); |
| 361 ses.newkeys->trans.hash_index = find_hash(ses.newkeys->trans.algo_mac->hashdesc->name); | 361 ses.newkeys->trans.hash_index = find_hash(ses.newkeys->trans.algo_mac->hash_desc->name); |
| 362 } | 362 } |
| 363 | 363 |
| 364 if (ses.newkeys->recv.algo_mac->hashdesc != NULL) { | 364 if (ses.newkeys->recv.algo_mac->hash_desc != NULL) { |
| 365 hashkeys(ses.newkeys->recv.mackey, | 365 hashkeys(ses.newkeys->recv.mackey, |
| 366 ses.newkeys->recv.algo_mac->keysize, &hs, macrecvletter); | 366 ses.newkeys->recv.algo_mac->keysize, &hs, macrecvletter); |
| 367 ses.newkeys->recv.hash_index = find_hash(ses.newkeys->recv.algo_mac->hashdesc->name); | 367 ses.newkeys->recv.hash_index = find_hash(ses.newkeys->recv.algo_mac->hash_desc->name); |
| 368 } | 368 } |
| 369 | 369 |
| 370 #ifndef DISABLE_ZLIB | 370 #ifndef DISABLE_ZLIB |
| 371 gen_new_zstreams(); | 371 gen_new_zstreams(); |
| 372 #endif | 372 #endif |
| 692 } | 692 } |
| 693 #endif | 693 #endif |
| 694 | 694 |
| 695 static void finish_kexhashbuf(void) { | 695 static void finish_kexhashbuf(void) { |
| 696 hash_state hs; | 696 hash_state hs; |
| 697 const struct ltc_hash_descriptor *hashdesc = ses.newkeys->algo_kex->hashdesc; | 697 const struct ltc_hash_descriptor *hash_desc = ses.newkeys->algo_kex->hash_desc; |
| 698 | 698 |
| 699 hashdesc->init(&hs); | 699 hash_desc->init(&hs); |
| 700 buf_setpos(ses.kexhashbuf, 0); | 700 buf_setpos(ses.kexhashbuf, 0); |
| 701 hashdesc->process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len), | 701 hash_desc->process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len), |
| 702 ses.kexhashbuf->len); | 702 ses.kexhashbuf->len); |
| 703 ses.hash = buf_new(hashdesc->hashsize); | 703 ses.hash = buf_new(hash_desc->hashsize); |
| 704 hashdesc->done(&hs, buf_getwriteptr(ses.hash, hashdesc->hashsize)); | 704 hash_desc->done(&hs, buf_getwriteptr(ses.hash, hash_desc->hashsize)); |
| 705 buf_setlen(ses.hash, hashdesc->hashsize); | 705 buf_setlen(ses.hash, hash_desc->hashsize); |
| 706 | 706 |
| 707 buf_burn(ses.kexhashbuf); | 707 buf_burn(ses.kexhashbuf); |
| 708 buf_free(ses.kexhashbuf); | 708 buf_free(ses.kexhashbuf); |
| 709 ses.kexhashbuf = NULL; | 709 ses.kexhashbuf = NULL; |
| 710 | 710 |