Mercurial > dropbear
comparison svr-kex.c @ 849:754d7bee1068 ecc
Merge
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Fri, 08 Nov 2013 23:32:13 +0800 |
| parents | 6c69e7df3621 f4bb964c8678 |
| children | 7507b174bba0 |
comparison
equal
deleted
inserted
replaced
| 848:6c69e7df3621 | 849:754d7bee1068 |
|---|---|
| 33 #include "packet.h" | 33 #include "packet.h" |
| 34 #include "bignum.h" | 34 #include "bignum.h" |
| 35 #include "random.h" | 35 #include "random.h" |
| 36 #include "runopts.h" | 36 #include "runopts.h" |
| 37 #include "ecc.h" | 37 #include "ecc.h" |
| 38 #include "gensignkey.h" | |
| 38 | 39 |
| 39 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs); | 40 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs); |
| 40 | 41 |
| 41 /* Handle a diffie-hellman key exchange initialisation. This involves | 42 /* Handle a diffie-hellman key exchange initialisation. This involves |
| 42 * calculating a session key reply value, and corresponding hash. These | 43 * calculating a session key reply value, and corresponding hash. These |
| 80 send_msg_newkeys(); | 81 send_msg_newkeys(); |
| 81 ses.requirenext[0] = SSH_MSG_NEWKEYS; | 82 ses.requirenext[0] = SSH_MSG_NEWKEYS; |
| 82 ses.requirenext[1] = 0; | 83 ses.requirenext[1] = 0; |
| 83 TRACE(("leave recv_msg_kexdh_init")) | 84 TRACE(("leave recv_msg_kexdh_init")) |
| 84 } | 85 } |
| 86 | |
| 87 #ifdef DROPBEAR_DELAY_HOSTKEY | |
| 88 static void svr_ensure_hostkey() { | |
| 89 | |
| 90 const char* fn = NULL; | |
| 91 char *fn_temp = NULL; | |
| 92 enum signkey_type type = ses.newkeys->algo_hostkey; | |
| 93 void **hostkey = signkey_key_ptr(svr_opts.hostkey, type); | |
| 94 int ret = DROPBEAR_FAILURE; | |
| 95 | |
| 96 if (hostkey && *hostkey) { | |
| 97 return; | |
| 98 } | |
| 99 | |
| 100 switch (type) | |
| 101 { | |
| 102 #ifdef DROPBEAR_RSA | |
| 103 case DROPBEAR_SIGNKEY_RSA: | |
| 104 fn = RSA_PRIV_FILENAME; | |
| 105 break; | |
| 106 #endif | |
| 107 #ifdef DROPBEAR_DSS | |
| 108 case DROPBEAR_SIGNKEY_DSS: | |
| 109 fn = DSS_PRIV_FILENAME; | |
| 110 break; | |
| 111 #endif | |
| 112 #ifdef DROPBEAR_ECDSA | |
| 113 case DROPBEAR_SIGNKEY_ECDSA_NISTP256: | |
| 114 case DROPBEAR_SIGNKEY_ECDSA_NISTP384: | |
| 115 case DROPBEAR_SIGNKEY_ECDSA_NISTP521: | |
| 116 fn = ECDSA_PRIV_FILENAME; | |
| 117 break; | |
| 118 #endif | |
| 119 default: | |
| 120 (void)0; | |
| 121 } | |
| 122 | |
| 123 if (readhostkey(fn, svr_opts.hostkey, &type) == DROPBEAR_SUCCESS) { | |
| 124 return; | |
| 125 } | |
| 126 | |
| 127 fn_temp = m_malloc(strlen(fn) + 20); | |
| 128 snprintf(fn_temp, strlen(fn)+20, "%s.tmp%d", fn, getpid()); | |
| 129 | |
| 130 if (signkey_generate(type, 0, fn_temp) == DROPBEAR_FAILURE) { | |
| 131 goto out; | |
| 132 } | |
| 133 | |
| 134 if (link(fn_temp, fn) < 0) { | |
| 135 if (errno != EEXIST) { | |
| 136 dropbear_log(LOG_ERR, "Failed moving key file to %s", fn); | |
| 137 /* XXX fallback to non-atomic copy for some filesystems? */ | |
| 138 goto out; | |
| 139 } | |
| 140 } | |
| 141 | |
| 142 ret = readhostkey(fn, svr_opts.hostkey, &type); | |
| 143 | |
| 144 out: | |
| 145 if (fn_temp) { | |
| 146 unlink(fn_temp); | |
| 147 m_free(fn_temp); | |
| 148 } | |
| 149 | |
| 150 if (ret == DROPBEAR_FAILURE) | |
| 151 { | |
| 152 dropbear_exit("Couldn't read or generate hostkey %s", fn); | |
| 153 } | |
| 154 | |
| 155 // directory for keys. | |
| 156 | |
| 157 // Create lockfile first, or wait if it exists. PID! | |
| 158 // Generate key | |
| 159 // write it, load to memory | |
| 160 // atomic rename, done. | |
| 161 | |
| 162 } | |
| 163 #endif | |
| 85 | 164 |
| 86 /* Generate our side of the diffie-hellman key exchange value (dh_f), and | 165 /* Generate our side of the diffie-hellman key exchange value (dh_f), and |
| 87 * calculate the session key using the diffie-hellman algorithm. Following | 166 * calculate the session key using the diffie-hellman algorithm. Following |
| 88 * that, the session hash is calculated, and signed with RSA or DSS. The | 167 * that, the session hash is calculated, and signed with RSA or DSS. The |
| 89 * result is sent to the client. | 168 * result is sent to the client. |
| 93 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) { | 172 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) { |
| 94 TRACE(("enter send_msg_kexdh_reply")) | 173 TRACE(("enter send_msg_kexdh_reply")) |
| 95 | 174 |
| 96 /* we can start creating the kexdh_reply packet */ | 175 /* we can start creating the kexdh_reply packet */ |
| 97 CHECKCLEARTOWRITE(); | 176 CHECKCLEARTOWRITE(); |
| 177 | |
| 178 #ifdef DROPBEAR_DELAY_HOSTKEY | |
| 179 if (svr_opts.delay_hostkey) | |
| 180 { | |
| 181 svr_ensure_hostkey(); | |
| 182 } | |
| 183 #endif | |
| 184 | |
| 98 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_REPLY); | 185 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_REPLY); |
| 99 buf_put_pub_key(ses.writepayload, svr_opts.hostkey, | 186 buf_put_pub_key(ses.writepayload, svr_opts.hostkey, |
| 100 ses.newkeys->algo_hostkey); | 187 ses.newkeys->algo_hostkey); |
| 101 | 188 |
| 102 switch (ses.newkeys->algo_kex->mode) { | 189 switch (ses.newkeys->algo_kex->mode) { |
| 122 #endif | 209 #endif |
| 123 break; | 210 break; |
| 124 case DROPBEAR_KEX_CURVE25519: | 211 case DROPBEAR_KEX_CURVE25519: |
| 125 #ifdef DROPBEAR_CURVE25519 | 212 #ifdef DROPBEAR_CURVE25519 |
| 126 { | 213 { |
| 127 struct kex_curve25519_param *param = gen_kexecdh_param(); | 214 struct kex_curve25519_param *param = gen_kexcurve25519_param(); |
| 128 kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey); | 215 kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey); |
| 129 buf_putstring(ses.writepayload, param->priv, CURVE25519_LEN); | 216 buf_putstring(ses.writepayload, param->priv, CURVE25519_LEN); |
| 130 free_kexcurve25519_param(param); | 217 free_kexcurve25519_param(param); |
| 131 } | 218 } |
| 132 #endif | 219 #endif |