Mercurial > dropbear
comparison ecdsa.c @ 857:c19acba28590
use oldstyle comments
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 14 Nov 2013 22:03:30 +0800 |
| parents | 04ede40a529a |
| children | c0b1b7eb5c84 |
comparison
equal
deleted
inserted
replaced
| 856:f56c41030c15 | 857:c19acba28590 |
|---|---|
| 33 #endif | 33 #endif |
| 34 return DROPBEAR_SIGNKEY_NONE; | 34 return DROPBEAR_SIGNKEY_NONE; |
| 35 } | 35 } |
| 36 | 36 |
| 37 ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) { | 37 ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) { |
| 38 const ltc_ecc_set_type *dp = NULL; // curve domain parameters | 38 const ltc_ecc_set_type *dp = NULL; /* curve domain parameters */ |
| 39 ecc_key *new_key = NULL; | 39 ecc_key *new_key = NULL; |
| 40 switch (bit_size) { | 40 switch (bit_size) { |
| 41 #ifdef DROPBEAR_ECC_256 | 41 #ifdef DROPBEAR_ECC_256 |
| 42 case 256: | 42 case 256: |
| 43 dp = ecc_curve_nistp256.dp; | 43 dp = ecc_curve_nistp256.dp; |
| 80 unsigned int key_ident_len, identifier_len; | 80 unsigned int key_ident_len, identifier_len; |
| 81 buffer *q_buf = NULL; | 81 buffer *q_buf = NULL; |
| 82 struct dropbear_ecc_curve **curve; | 82 struct dropbear_ecc_curve **curve; |
| 83 ecc_key *new_key = NULL; | 83 ecc_key *new_key = NULL; |
| 84 | 84 |
| 85 // string "ecdsa-sha2-[identifier]" | 85 /* string "ecdsa-sha2-[identifier]" */ |
| 86 key_ident = buf_getstring(buf, &key_ident_len); | 86 key_ident = buf_getstring(buf, &key_ident_len); |
| 87 // string "[identifier]" | 87 /* string "[identifier]" */ |
| 88 identifier = buf_getstring(buf, &identifier_len); | 88 identifier = buf_getstring(buf, &identifier_len); |
| 89 | 89 |
| 90 if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) { | 90 if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) { |
| 91 TRACE(("Bad identifier lengths")) | 91 TRACE(("Bad identifier lengths")) |
| 92 goto out; | 92 goto out; |
| 104 if (!*curve) { | 104 if (!*curve) { |
| 105 TRACE(("couldn't match ecc curve")) | 105 TRACE(("couldn't match ecc curve")) |
| 106 goto out; | 106 goto out; |
| 107 } | 107 } |
| 108 | 108 |
| 109 // string Q | 109 /* string Q */ |
| 110 q_buf = buf_getstringbuf(buf); | 110 q_buf = buf_getstringbuf(buf); |
| 111 new_key = buf_get_ecc_raw_pubkey(q_buf, *curve); | 111 new_key = buf_get_ecc_raw_pubkey(q_buf, *curve); |
| 112 | 112 |
| 113 out: | 113 out: |
| 114 m_free(key_ident); | 114 m_free(key_ident); |
| 181 if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) { | 181 if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) { |
| 182 goto out; | 182 goto out; |
| 183 } | 183 } |
| 184 | 184 |
| 185 for (;;) { | 185 for (;;) { |
| 186 ecc_key R_key; // ephemeral key | 186 ecc_key R_key; /* ephemeral key */ |
| 187 if (ecc_make_key_ex(NULL, dropbear_ltc_prng, &R_key, key->dp) != CRYPT_OK) { | 187 if (ecc_make_key_ex(NULL, dropbear_ltc_prng, &R_key, key->dp) != CRYPT_OK) { |
| 188 goto out; | 188 goto out; |
| 189 } | 189 } |
| 190 if (ltc_mp.mpdiv(R_key.pubkey.x, p, NULL, r) != CRYPT_OK) { | 190 if (ltc_mp.mpdiv(R_key.pubkey.x, p, NULL, r) != CRYPT_OK) { |
| 191 goto out; | 191 goto out; |
| 192 } | 192 } |
| 193 if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ) { | 193 if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ) { |
| 194 // try again | 194 /* try again */ |
| 195 ecc_free(&R_key); | 195 ecc_free(&R_key); |
| 196 continue; | 196 continue; |
| 197 } | 197 } |
| 198 /* k = 1/k */ | 198 /* k = 1/k */ |
| 199 if (ltc_mp.invmod(R_key.k, p, R_key.k) != CRYPT_OK) { | 199 if (ltc_mp.invmod(R_key.k, p, R_key.k) != CRYPT_OK) { |
| 221 } | 221 } |
| 222 } | 222 } |
| 223 | 223 |
| 224 snprintf((char*)key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name); | 224 snprintf((char*)key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name); |
| 225 buf_putstring(buf, key_ident, strlen(key_ident)); | 225 buf_putstring(buf, key_ident, strlen(key_ident)); |
| 226 // enough for nistp521 | 226 /* enough for nistp521 */ |
| 227 sigbuf = buf_new(200); | 227 sigbuf = buf_new(200); |
| 228 buf_putmpint(sigbuf, (mp_int*)r); | 228 buf_putmpint(sigbuf, (mp_int*)r); |
| 229 buf_putmpint(sigbuf, (mp_int*)s); | 229 buf_putmpint(sigbuf, (mp_int*)s); |
| 230 buf_putbufstring(buf, sigbuf); | 230 buf_putbufstring(buf, sigbuf); |
| 231 | 231 |
| 243 if (err == DROPBEAR_FAILURE) { | 243 if (err == DROPBEAR_FAILURE) { |
| 244 dropbear_exit("ECC error"); | 244 dropbear_exit("ECC error"); |
| 245 } | 245 } |
| 246 } | 246 } |
| 247 | 247 |
| 248 // returns values in s and r | 248 /* returns values in s and r |
| 249 // returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE | 249 returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
| 250 static int buf_get_ecdsa_verify_params(buffer *buf, | 250 static int buf_get_ecdsa_verify_params(buffer *buf, |
| 251 void *r, void* s) { | 251 void *r, void* s) { |
| 252 int ret = DROPBEAR_FAILURE; | 252 int ret = DROPBEAR_FAILURE; |
| 253 unsigned int sig_len; | 253 unsigned int sig_len; |
| 254 unsigned int sig_pos; | 254 unsigned int sig_pos; |
| 415 return ret; | 415 return ret; |
| 416 } | 416 } |
| 417 | 417 |
| 418 | 418 |
| 419 | 419 |
| 420 #endif // DROPBEAR_ECDSA | 420 #endif /* DROPBEAR_ECDSA */ |