Mercurial > dropbear

comparison signkey.c @ 795:7f604f9b3756 ecc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
ecdsa is working
author Matt Johnston <matt@ucc.asn.au>
date Fri, 03 May 2013 23:07:48 +0800
parents d386defb5376
children 7dcb46da72d9
comparison
equal deleted inserted replaced
794:d386defb5376 795:7f604f9b3756
35 #endif 35 #endif
36 #ifdef DROPBEAR_DSS 36 #ifdef DROPBEAR_DSS
37 "ssh-dss", 37 "ssh-dss",
38 #endif 38 #endif
39 #ifdef DROPBEAR_ECDSA 39 #ifdef DROPBEAR_ECDSA
40 #ifdef DROPBEAR_ECC_256
41 "ecdsa-sha2-nistp256", 40 "ecdsa-sha2-nistp256",
42 #endif
43 #ifdef DROPBEAR_ECC_384
44 "ecdsa-sha2-nistp384", 41 "ecdsa-sha2-nistp384",
45 #endif
46 #ifdef DROPBEAR_ECC_521
47 "ecdsa-sha2-nistp521", 42 "ecdsa-sha2-nistp521",
48 #endif
49 "ecdsa" // for keygen 43 "ecdsa" // for keygen
50 #endif // DROPBEAR_ECDSA 44 #endif // DROPBEAR_ECDSA
51 }; 45 };
52 46
53 /* malloc a new sign_key and set the dss and rsa keys to NULL */ 47 /* malloc a new sign_key and set the dss and rsa keys to NULL */
79 int i; 73 int i;
80 for (i = 0; i < DROPBEAR_SIGNKEY_NUM_NAMED; i++) { 74 for (i = 0; i < DROPBEAR_SIGNKEY_NUM_NAMED; i++) {
81 const char *fixed_name = signkey_names[i]; 75 const char *fixed_name = signkey_names[i];
82 if (namelen == strlen(fixed_name) 76 if (namelen == strlen(fixed_name)
83 && memcmp(fixed_name, name, namelen) == 0) { 77 && memcmp(fixed_name, name, namelen) == 0) {
78
79 #ifdef DROPBEAR_ECDSA
80 /* Some of the ECDSA key sizes are defined even if they're not compiled in */
81 if (0
82 #ifndef DROPBEAR_ECC_256
83 || i == DROPBEAR_SIGNKEY_ECDSA_NISTP256
84 #endif
85 #ifndef DROPBEAR_ECC_384
86 || i == DROPBEAR_SIGNKEY_ECDSA_NISTP384
87 #endif
88 #ifndef DROPBEAR_ECC_521
89 || i == DROPBEAR_SIGNKEY_ECDSA_NISTP521
90 #endif
91 ) {
92 TRACE(("attempt to use ecdsa type %d not compiled in", i))
93 return DROPBEAR_SIGNKEY_NONE;
94 }
95 #endif
96
84 return i; 97 return i;
85 } 98 }
86 } 99 }
87 100
88 TRACE(("signkey_type_from_name unexpected key type.")) 101 TRACE(("signkey_type_from_name unexpected key type."))
137 m_free(key->rsakey); 150 m_free(key->rsakey);
138 } 151 }
139 } 152 }
140 #endif 153 #endif
141 #ifdef DROPBEAR_ECDSA 154 #ifdef DROPBEAR_ECDSA
142 if (keytype == DROPBEAR_SIGNKEY_ECDSA_NISTP256 155 if (IS_ECDSA_KEY(keytype)) {
143 || keytype == DROPBEAR_SIGNKEY_ECDSA_NISTP384
144 || keytype == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
145 if (key->ecckey) { 156 if (key->ecckey) {
146 ecc_free(key->ecckey); 157 ecc_free(key->ecckey);
147 } 158 }
148 key->ecckey = buf_get_ecdsa_pub_key(buf); 159 key->ecckey = buf_get_ecdsa_pub_key(buf);
149 if (key->ecckey) { 160 if (key->ecckey) {
203 m_free(key->rsakey); 214 m_free(key->rsakey);
204 } 215 }
205 } 216 }
206 #endif 217 #endif
207 #ifdef DROPBEAR_ECDSA 218 #ifdef DROPBEAR_ECDSA
208 if (keytype == DROPBEAR_SIGNKEY_ECDSA_NISTP256 219 if (IS_ECDSA_KEY(keytype)) {
209 || keytype == DROPBEAR_SIGNKEY_ECDSA_NISTP384
210 || keytype == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
211 if (key->ecckey) { 220 if (key->ecckey) {
212 ecc_free(key->ecckey); 221 ecc_free(key->ecckey);
213 } 222 }
214 key->ecckey = buf_get_ecdsa_priv_key(buf); 223 key->ecckey = buf_get_ecdsa_priv_key(buf);
215 if (key->ecckey) { 224 if (key->ecckey) {
241 if (type == DROPBEAR_SIGNKEY_RSA) { 250 if (type == DROPBEAR_SIGNKEY_RSA) {
242 buf_put_rsa_pub_key(pubkeys, key->rsakey); 251 buf_put_rsa_pub_key(pubkeys, key->rsakey);
243 } 252 }
244 #endif 253 #endif
245 #ifdef DROPBEAR_ECDSA 254 #ifdef DROPBEAR_ECDSA
246 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP256 255 if (IS_ECDSA_KEY(type)) {
247 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
248 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
249 buf_put_ecdsa_pub_key(pubkeys, key->ecckey); 256 buf_put_ecdsa_pub_key(pubkeys, key->ecckey);
250 } 257 }
251 #endif 258 #endif
252 if (pubkeys->len == 0) { 259 if (pubkeys->len == 0) {
253 dropbear_exit("Bad key types in buf_put_pub_key"); 260 dropbear_exit("Bad key types in buf_put_pub_key");
277 TRACE(("leave buf_put_priv_key: rsa done")) 284 TRACE(("leave buf_put_priv_key: rsa done"))
278 return; 285 return;
279 } 286 }
280 #endif 287 #endif
281 #ifdef DROPBEAR_ECDSA 288 #ifdef DROPBEAR_ECDSA
282 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP256 289 if (IS_ECDSA_KEY(type)) {
283 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP384 290 buf_put_ecdsa_priv_key(buf, key->ecckey);
284 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
285 buf_put_ecdsa_pub_key(buf, key->ecckey);
286 return; 291 return;
287 } 292 }
288 #endif 293 #endif
289 dropbear_exit("Bad key types in put pub key"); 294 dropbear_exit("Bad key types in put pub key");
290 } 295 }
422 if (type == DROPBEAR_SIGNKEY_RSA) { 427 if (type == DROPBEAR_SIGNKEY_RSA) {
423 buf_put_rsa_sign(sigblob, key->rsakey, data_buf); 428 buf_put_rsa_sign(sigblob, key->rsakey, data_buf);
424 } 429 }
425 #endif 430 #endif
426 #ifdef DROPBEAR_ECDSA 431 #ifdef DROPBEAR_ECDSA
427 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP256 432 if (IS_ECDSA_KEY(type)) {
428 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
429 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
430 buf_put_ecdsa_sign(sigblob, key->ecckey, data_buf); 433 buf_put_ecdsa_sign(sigblob, key->ecckey, data_buf);
431 } 434 }
432 #endif 435 #endif
433 if (sigblob->len == 0) { 436 if (sigblob->len == 0) {
434 dropbear_exit("Non-matching signing type"); 437 dropbear_exit("Non-matching signing type");
472 } 475 }
473 return buf_rsa_verify(buf, key->rsakey, data_buf); 476 return buf_rsa_verify(buf, key->rsakey, data_buf);
474 } 477 }
475 #endif 478 #endif
476 #ifdef DROPBEAR_ECDSA 479 #ifdef DROPBEAR_ECDSA
477 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP256 480 if (IS_ECDSA_KEY(type)) {
478 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
479 || type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
480 return buf_ecdsa_verify(buf, key->ecckey, data_buf); 481 return buf_ecdsa_verify(buf, key->ecckey, data_buf);
481 } 482 }
482 #endif 483 #endif
483 484
484 dropbear_exit("Non-matching signing type"); 485 dropbear_exit("Non-matching signing type");