Mercurial > dropbear
comparison signkey.c @ 807:75509065db53 ecc
have separate ecdsa keys for each size
fix crash from the mp_alloc_init_multi change in RSA
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sat, 25 May 2013 00:54:19 +0800 |
| parents | 7dcb46da72d9 |
| children | d4ce5269a439 |
comparison
equal
deleted
inserted
replaced
| 806:71e7d31f7671 | 807:75509065db53 |
|---|---|
| 101 TRACE(("signkey_type_from_name unexpected key type.")) | 101 TRACE(("signkey_type_from_name unexpected key type.")) |
| 102 | 102 |
| 103 return DROPBEAR_SIGNKEY_NONE; | 103 return DROPBEAR_SIGNKEY_NONE; |
| 104 } | 104 } |
| 105 | 105 |
| 106 #ifdef DROPBEAR_ECDSA | |
| 107 ecc_key ** | |
| 108 signkey_ecc_key_ptr(sign_key *key, enum signkey_type ecc_type) { | |
| 109 switch (ecc_type) { | |
| 110 case DROPBEAR_SIGNKEY_ECDSA_NISTP256: | |
| 111 return &key->ecckey256; | |
| 112 case DROPBEAR_SIGNKEY_ECDSA_NISTP384: | |
| 113 return &key->ecckey384; | |
| 114 case DROPBEAR_SIGNKEY_ECDSA_NISTP521: | |
| 115 return &key->ecckey521; | |
| 116 default: | |
| 117 return NULL; | |
| 118 } | |
| 119 } | |
| 120 #endif | |
| 121 | |
| 106 /* returns DROPBEAR_SUCCESS on success, DROPBEAR_FAILURE on fail. | 122 /* returns DROPBEAR_SUCCESS on success, DROPBEAR_FAILURE on fail. |
| 107 * type should be set by the caller to specify the type to read, and | 123 * type should be set by the caller to specify the type to read, and |
| 108 * on return is set to the type read (useful when type = _ANY) */ | 124 * on return is set to the type read (useful when type = _ANY) */ |
| 109 int buf_get_pub_key(buffer *buf, sign_key *key, int *type) { | 125 int buf_get_pub_key(buffer *buf, sign_key *key, int *type) { |
| 110 | 126 |
| 150 m_free(key->rsakey); | 166 m_free(key->rsakey); |
| 151 } | 167 } |
| 152 } | 168 } |
| 153 #endif | 169 #endif |
| 154 #ifdef DROPBEAR_ECDSA | 170 #ifdef DROPBEAR_ECDSA |
| 155 if (IS_ECDSA_KEY(keytype)) { | 171 { |
| 156 if (key->ecckey) { | 172 ecc_key **eck = signkey_ecc_key_ptr(key, keytype); |
| 157 ecc_free(key->ecckey); | 173 if (eck) { |
| 158 } | 174 if (*eck) { |
| 159 key->ecckey = buf_get_ecdsa_pub_key(buf); | 175 ecc_free(*eck); |
| 160 if (key->ecckey) { | 176 *eck = NULL; |
| 161 ret = DROPBEAR_SUCCESS; | 177 } |
| 178 *eck = buf_get_ecdsa_pub_key(buf); | |
| 179 if (*eck) { | |
| 180 ret = DROPBEAR_SUCCESS; | |
| 181 } | |
| 162 } | 182 } |
| 163 } | 183 } |
| 164 #endif | 184 #endif |
| 165 | 185 |
| 166 TRACE2(("leave buf_get_pub_key")) | 186 TRACE2(("leave buf_get_pub_key")) |
| 214 m_free(key->rsakey); | 234 m_free(key->rsakey); |
| 215 } | 235 } |
| 216 } | 236 } |
| 217 #endif | 237 #endif |
| 218 #ifdef DROPBEAR_ECDSA | 238 #ifdef DROPBEAR_ECDSA |
| 219 if (IS_ECDSA_KEY(keytype)) { | 239 { |
| 220 if (key->ecckey) { | 240 ecc_key **eck = signkey_ecc_key_ptr(key, keytype); |
| 221 ecc_free(key->ecckey); | 241 if (eck) { |
| 222 } | 242 if (*eck) { |
| 223 key->ecckey = buf_get_ecdsa_priv_key(buf); | 243 ecc_free(*eck); |
| 224 if (key->ecckey) { | 244 *eck = NULL; |
| 225 ret = DROPBEAR_SUCCESS; | 245 } |
| 246 *eck = buf_get_ecdsa_priv_key(buf); | |
| 247 if (*eck) { | |
| 248 ret = DROPBEAR_SUCCESS; | |
| 249 } | |
| 226 } | 250 } |
| 227 } | 251 } |
| 228 #endif | 252 #endif |
| 229 | 253 |
| 230 TRACE2(("leave buf_get_priv_key")) | 254 TRACE2(("leave buf_get_priv_key")) |
| 250 if (type == DROPBEAR_SIGNKEY_RSA) { | 274 if (type == DROPBEAR_SIGNKEY_RSA) { |
| 251 buf_put_rsa_pub_key(pubkeys, key->rsakey); | 275 buf_put_rsa_pub_key(pubkeys, key->rsakey); |
| 252 } | 276 } |
| 253 #endif | 277 #endif |
| 254 #ifdef DROPBEAR_ECDSA | 278 #ifdef DROPBEAR_ECDSA |
| 255 if (IS_ECDSA_KEY(type)) { | 279 { |
| 256 buf_put_ecdsa_pub_key(pubkeys, key->ecckey); | 280 ecc_key **eck = signkey_ecc_key_ptr(key, type); |
| 281 if (eck) { | |
| 282 buf_put_ecdsa_pub_key(pubkeys, *eck); | |
| 283 } | |
| 257 } | 284 } |
| 258 #endif | 285 #endif |
| 259 if (pubkeys->len == 0) { | 286 if (pubkeys->len == 0) { |
| 260 dropbear_exit("Bad key types in buf_put_pub_key"); | 287 dropbear_exit("Bad key types in buf_put_pub_key"); |
| 261 } | 288 } |
| 284 TRACE(("leave buf_put_priv_key: rsa done")) | 311 TRACE(("leave buf_put_priv_key: rsa done")) |
| 285 return; | 312 return; |
| 286 } | 313 } |
| 287 #endif | 314 #endif |
| 288 #ifdef DROPBEAR_ECDSA | 315 #ifdef DROPBEAR_ECDSA |
| 289 if (IS_ECDSA_KEY(type)) { | 316 { |
| 290 buf_put_ecdsa_priv_key(buf, key->ecckey); | 317 ecc_key **eck = signkey_ecc_key_ptr(key, type); |
| 291 return; | 318 if (eck) { |
| 319 buf_put_ecdsa_priv_key(buf, *eck); | |
| 320 TRACE(("leave buf_put_priv_key: ecdsa done")) | |
| 321 return; | |
| 322 } | |
| 292 } | 323 } |
| 293 #endif | 324 #endif |
| 294 dropbear_exit("Bad key types in put pub key"); | 325 dropbear_exit("Bad key types in put pub key"); |
| 295 } | 326 } |
| 296 | 327 |
| 305 #ifdef DROPBEAR_RSA | 336 #ifdef DROPBEAR_RSA |
| 306 rsa_key_free(key->rsakey); | 337 rsa_key_free(key->rsakey); |
| 307 key->rsakey = NULL; | 338 key->rsakey = NULL; |
| 308 #endif | 339 #endif |
| 309 #ifdef DROPBEAR_ECDSA | 340 #ifdef DROPBEAR_ECDSA |
| 310 if (key->ecckey) { | 341 if (key->ecckey256) { |
| 311 ecc_free(key->ecckey); | 342 ecc_free(key->ecckey256); |
| 312 key->ecckey = NULL; | 343 key->ecckey256 = NULL; |
| 344 } | |
| 345 if (key->ecckey384) { | |
| 346 ecc_free(key->ecckey384); | |
| 347 key->ecckey384 = NULL; | |
| 348 } | |
| 349 if (key->ecckey521) { | |
| 350 ecc_free(key->ecckey521); | |
| 351 key->ecckey521 = NULL; | |
| 313 } | 352 } |
| 314 #endif | 353 #endif |
| 315 | 354 |
| 316 m_free(key->filename); | 355 m_free(key->filename); |
| 317 | 356 |
| 427 if (type == DROPBEAR_SIGNKEY_RSA) { | 466 if (type == DROPBEAR_SIGNKEY_RSA) { |
| 428 buf_put_rsa_sign(sigblob, key->rsakey, data_buf); | 467 buf_put_rsa_sign(sigblob, key->rsakey, data_buf); |
| 429 } | 468 } |
| 430 #endif | 469 #endif |
| 431 #ifdef DROPBEAR_ECDSA | 470 #ifdef DROPBEAR_ECDSA |
| 432 if (IS_ECDSA_KEY(type)) { | 471 { |
| 433 buf_put_ecdsa_sign(sigblob, key->ecckey, data_buf); | 472 ecc_key **eck = signkey_ecc_key_ptr(key, type); |
| 473 if (eck) { | |
| 474 buf_put_ecdsa_sign(sigblob, *eck, data_buf); | |
| 475 } | |
| 434 } | 476 } |
| 435 #endif | 477 #endif |
| 436 if (sigblob->len == 0) { | 478 if (sigblob->len == 0) { |
| 437 dropbear_exit("Non-matching signing type"); | 479 dropbear_exit("Non-matching signing type"); |
| 438 } | 480 } |
| 475 } | 517 } |
| 476 return buf_rsa_verify(buf, key->rsakey, data_buf); | 518 return buf_rsa_verify(buf, key->rsakey, data_buf); |
| 477 } | 519 } |
| 478 #endif | 520 #endif |
| 479 #ifdef DROPBEAR_ECDSA | 521 #ifdef DROPBEAR_ECDSA |
| 480 if (IS_ECDSA_KEY(type)) { | 522 { |
| 481 return buf_ecdsa_verify(buf, key->ecckey, data_buf); | 523 ecc_key **eck = signkey_ecc_key_ptr(key, type); |
| 524 if (eck) { | |
| 525 return buf_ecdsa_verify(buf, *eck, data_buf); | |
| 526 } | |
| 482 } | 527 } |
| 483 #endif | 528 #endif |
| 484 | 529 |
| 485 dropbear_exit("Non-matching signing type"); | 530 dropbear_exit("Non-matching signing type"); |
| 486 return DROPBEAR_FAILURE; | 531 return DROPBEAR_FAILURE; |