dropbear: common-kex.c comparison

comparison common-kex.c @ 640:76097ec1a29a dropbear-tfm

- Bring in original tomsfastmath patch against 0.52 from Peter Turczak in 2008

author	Matt Johnston <matt@ucc.asn.au>
date	Mon, 21 Nov 2011 19:19:57 +0800
parents	43bbe17d6ba0
children	2b1bb792cd4d

comparison

equal deleted inserted replaced

-:ce104c8b0be1
+:76097ec1a29a
 	TRACE(("enter gen_new_keys"))
 	/* the dh_K and hash are the start of all hashes, we make use of that */
 	sha1_init(&hs);
-	sha1_process_mp(&hs, ses.dh_K);
+	sha1_process_fp(&hs, ses.dh_K);
-	mp_clear(ses.dh_K);
+	fp_zero(ses.dh_K);
 	m_free(ses.dh_K);
 	sha1_process(&hs, ses.hash, SHA1_HASH_SIZE);
 	m_burn(ses.hash, SHA1_HASH_SIZE);
 	if (IS_DROPBEAR_CLIENT) {
 }
 /* Initialises and generate one side of the diffie-hellman key exchange values.
 * See the ietf-secsh-transport draft, section 6, for details */
 /* dh_pub and dh_priv MUST be already initialised */
-void gen_kexdh_vals(mp_int *dh_pub, mp_int *dh_priv) {
+void gen_kexdh_vals(fp_int *dh_pub, fp_int *dh_priv) {
-	DEF_MP_INT(dh_p);
+	DEF_FP_INT(dh_p);
-	DEF_MP_INT(dh_q);
+	DEF_FP_INT(dh_q);
-	DEF_MP_INT(dh_g);
+	DEF_FP_INT(dh_g);
 	TRACE(("enter send_msg_kexdh_reply"))
-	m_mp_init_multi(&dh_g, &dh_p, &dh_q, NULL);
+	m_fp_init_multi(&dh_g, &dh_p, &dh_q, NULL);
 	/* read the prime and generator*/
-	bytes_to_mp(&dh_p, (unsigned char*)dh_p_val, DH_P_LEN);
+	bytes_to_fp(&dh_p, (unsigned char*)dh_p_val, DH_P_LEN);
-	if (mp_set_int(&dh_g, DH_G_VAL) != MP_OKAY) {
+	fp_set(&dh_g, DH_G_VAL);
-		dropbear_exit("Diffie-Hellman error");
-	}
 	/* calculate q = (p-1)/2 */
 	/* dh_priv is just a temp var here */
-	if (mp_sub_d(&dh_p, 1, dh_priv) != MP_OKAY) {
+	fp_sub_d(&dh_p, 1, dh_priv);
+	fp_div_2(dh_priv, &dh_q);
+	/* Generate a private portion 0 < dh_priv < dh_q */
+	gen_random_fpint(&dh_q, dh_priv);
+	/* f = g^y mod p */
+	if (fp_exptmod(&dh_g, dh_priv, &dh_p, dh_pub) != FP_OKAY) {
 		dropbear_exit("Diffie-Hellman error");
 	}
-	if (mp_div_2(dh_priv, &dh_q) != MP_OKAY) {
+	m_fp_zero_multi(&dh_g, &dh_p, &dh_q, NULL);
-		dropbear_exit("Diffie-Hellman error");
-	}
-	/* Generate a private portion 0 < dh_priv < dh_q */
-	gen_random_mpint(&dh_q, dh_priv);
-	/* f = g^y mod p */
-	if (mp_exptmod(&dh_g, dh_priv, &dh_p, dh_pub) != MP_OKAY) {
-		dropbear_exit("Diffie-Hellman error");
-	}
-	mp_clear_multi(&dh_g, &dh_p, &dh_q, NULL);
 }
 /* This function is fairly common between client/server, with some substitution
 * of dh_e/dh_f etc. Hence these arguments:
 * dh_pub_us is 'e' for the client, 'f' for the server. dh_pub_them is
 * vice-versa. dh_priv is the x/y value corresponding to dh_pub_us */
-void kexdh_comb_key(mp_int *dh_pub_us, mp_int *dh_priv, mp_int *dh_pub_them,
+void kexdh_comb_key(fp_int *dh_pub_us, fp_int *dh_priv, fp_int *dh_pub_them,
 		sign_key *hostkey) {
-	mp_int dh_p;
+	fp_int dh_p;
-	mp_int *dh_e = NULL, *dh_f = NULL;
+	fp_int *dh_e = NULL, *dh_f = NULL;
 	hash_state hs;
 	/* read the prime and generator*/
-	m_mp_init(&dh_p);
+	m_fp_init(&dh_p);
-	bytes_to_mp(&dh_p, dh_p_val, DH_P_LEN);
+	bytes_to_fp(&dh_p, dh_p_val, DH_P_LEN);
 	/* Check that dh_pub_them (dh_e or dh_f) is in the range [1, p-1] */
-	if (mp_cmp(dh_pub_them, &dh_p) != MP_LT
+	if (fp_cmp(dh_pub_them, &dh_p) != FP_LT
-			|| mp_cmp_d(dh_pub_them, 0) != MP_GT) {
+			|| fp_cmp_d(dh_pub_them, 0) != FP_GT) {
 		dropbear_exit("Diffie-Hellman error");
 	}
 	/* K = e^y mod p = f^x mod p */
-	ses.dh_K = (mp_int*)m_malloc(sizeof(mp_int));
+	ses.dh_K = (fp_int*)m_malloc(sizeof(fp_int));
-	m_mp_init(ses.dh_K);
+	m_fp_init(ses.dh_K);
-	if (mp_exptmod(dh_pub_them, dh_priv, &dh_p, ses.dh_K) != MP_OKAY) {
+	if (fp_exptmod(dh_pub_them, dh_priv, &dh_p, ses.dh_K) != FP_OKAY) {
 		dropbear_exit("Diffie-Hellman error");
 	}
 	/* clear no longer needed vars */
-	mp_clear_multi(&dh_p, NULL);
+	m_fp_zero_multi(&dh_p, NULL);
 	/* From here on, the code needs to work with the _same_ vars on each side,
 	 * not vice-versaing for client/server */
 	if (IS_DROPBEAR_CLIENT) {
 		dh_e = dh_pub_us;
 	/* Create the remainder of the hash buffer, to generate the exchange hash */
 	/* K_S, the host key */
 	buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
 	/* e, exchange value sent by the client */
-	buf_putmpint(ses.kexhashbuf, dh_e);
+	buf_putfpint(ses.kexhashbuf, dh_e);
 	/* f, exchange value sent by the server */
-	buf_putmpint(ses.kexhashbuf, dh_f);
+	buf_putfpint(ses.kexhashbuf, dh_f);
 	/* K, the shared secret */
-	buf_putmpint(ses.kexhashbuf, ses.dh_K);
+	buf_putfpint(ses.kexhashbuf, ses.dh_K);
 	/* calculate the hash H to sign */
 	sha1_init(&hs);
 	buf_setpos(ses.kexhashbuf, 0);
 	sha1_process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len),
 	/* for asymmetry */
 	algo_type * c2s_hash_algo = NULL;
 	algo_type * s2c_hash_algo = NULL;
 	algo_type * c2s_cipher_algo = NULL;
 	algo_type * s2c_cipher_algo = NULL;
-	algo_type * c2s_comp_algo = NULL;
+	algo_type * c2s_cofp_algo = NULL;
-	algo_type * s2c_comp_algo = NULL;
+	algo_type * s2c_cofp_algo = NULL;
 	/* the generic one */
 	algo_type * algo = NULL;
 	/* which algo couldn't match */
 	char * erralgo = NULL;
 		goto error;
 	}
 	TRACE(("hash s2c is  %s", s2c_hash_algo->name))
 	/* compression_algorithms_client_to_server */
-	c2s_comp_algo = ses.buf_match_algo(ses.payload, sshcompress, &goodguess);
+	c2s_cofp_algo = ses.buf_match_algo(ses.payload, sshcompress, &goodguess);
-	if (c2s_comp_algo == NULL) {
+	if (c2s_cofp_algo == NULL) {
 		erralgo = "comp c->s";
 		goto error;
 	}
-	TRACE(("hash c2s is  %s", c2s_comp_algo->name))
+	TRACE(("hash c2s is  %s", c2s_cofp_algo->name))
 	/* compression_algorithms_server_to_client */
-	s2c_comp_algo = ses.buf_match_algo(ses.payload, sshcompress, &goodguess);
+	s2c_cofp_algo = ses.buf_match_algo(ses.payload, sshcompress, &goodguess);
-	if (s2c_comp_algo == NULL) {
+	if (s2c_cofp_algo == NULL) {
 		erralgo = "comp s->c";
 		goto error;
 	}
-	TRACE(("hash s2c is  %s", s2c_comp_algo->name))
+	TRACE(("hash s2c is  %s", s2c_cofp_algo->name))
 	/* languages_client_to_server */
 	buf_eatstring(ses.payload);
 	/* languages_server_to_client */
 			(struct dropbear_cipher_mode*)c2s_cipher_algo->mode;
 		ses.newkeys->recv_algo_mac =
 			(struct dropbear_hash*)s2c_hash_algo->data;
 		ses.newkeys->trans_algo_mac =
 			(struct dropbear_hash*)c2s_hash_algo->data;
-		ses.newkeys->recv_algo_comp = s2c_comp_algo->val;
+		ses.newkeys->recv_algo_comp = s2c_cofp_algo->val;
-		ses.newkeys->trans_algo_comp = c2s_comp_algo->val;
+		ses.newkeys->trans_algo_comp = c2s_cofp_algo->val;
 	} else {
 		/* SERVER */
 		ses.newkeys->recv_algo_crypt =
 			(struct dropbear_cipher*)c2s_cipher_algo->data;
 		ses.newkeys->trans_algo_crypt =
 			(struct dropbear_cipher_mode*)s2c_cipher_algo->mode;
 		ses.newkeys->recv_algo_mac =
 			(struct dropbear_hash*)c2s_hash_algo->data;
 		ses.newkeys->trans_algo_mac =
 			(struct dropbear_hash*)s2c_hash_algo->data;
-		ses.newkeys->recv_algo_comp = c2s_comp_algo->val;
+		ses.newkeys->recv_algo_comp = c2s_cofp_algo->val;
-		ses.newkeys->trans_algo_comp = s2c_comp_algo->val;
+		ses.newkeys->trans_algo_comp = s2c_cofp_algo->val;
 	}
 	/* reserved for future extensions */
 	buf_getint(ses.payload);
 	return;

Mercurial > dropbear

comparison common-kex.c @ 640:76097ec1a29a dropbear-tfm