Mercurial > dropbear

comparison common-kex.c @ 1659:d32bcb5c557d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add Ed25519 support (#91) * Add support for Ed25519 as a public key type Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. OpenSSH key import and fuzzer are not supported yet. Initially inspired by Peter Szabo. * Add curve25519 and ed25519 fuzzers * Add import and export of Ed25519 keys
author Vladislav Grishenko <themiron@users.noreply.github.com>
date Wed, 11 Mar 2020 21:09:45 +0500
parents 0bdbb9ecc403
children 3a97f14c0235 ba6fc7afe1c5
comparison
equal deleted inserted replaced
1658:7402218141d4 1659:d32bcb5c557d
34 #include "packet.h" 34 #include "packet.h"
35 #include "bignum.h" 35 #include "bignum.h"
36 #include "dbrandom.h" 36 #include "dbrandom.h"
37 #include "runopts.h" 37 #include "runopts.h"
38 #include "ecc.h" 38 #include "ecc.h"
39 #include "curve25519.h"
39 #include "crypto_desc.h" 40 #include "crypto_desc.h"
40 41
41 static void kexinitialise(void); 42 static void kexinitialise(void);
42 static void gen_new_keys(void); 43 static void gen_new_keys(void);
43 #ifndef DISABLE_ZLIB 44 #ifndef DISABLE_ZLIB
701 finish_kexhashbuf(); 702 finish_kexhashbuf();
702 } 703 }
703 #endif /* DROPBEAR_ECDH */ 704 #endif /* DROPBEAR_ECDH */
704 705
705 #if DROPBEAR_CURVE25519 706 #if DROPBEAR_CURVE25519
706 struct kex_curve25519_param *gen_kexcurve25519_param () { 707 struct kex_curve25519_param *gen_kexcurve25519_param() {
707 /* Per http://cr.yp.to/ecdh.html */ 708 /* Per http://cr.yp.to/ecdh.html */
708 struct kex_curve25519_param *param = m_malloc(sizeof(*param)); 709 struct kex_curve25519_param *param = m_malloc(sizeof(*param));
709 const unsigned char basepoint[32] = {9}; 710 const unsigned char basepoint[32] = {9};
710 711
711 genrandom(param->priv, CURVE25519_LEN); 712 genrandom(param->priv, CURVE25519_LEN);
712 param->priv[0] &= 248; 713 dropbear_curve25519_scalarmult(param->pub, param->priv, basepoint);
713 param->priv[31] &= 127;
714 param->priv[31] |= 64;
715
716 curve25519_donna(param->pub, param->priv, basepoint);
717 714
718 return param; 715 return param;
719 } 716 }
720 717
721 void free_kexcurve25519_param(struct kex_curve25519_param *param) 718 void free_kexcurve25519_param(struct kex_curve25519_param *param) {
722 {
723 m_burn(param->priv, CURVE25519_LEN); 719 m_burn(param->priv, CURVE25519_LEN);
724 m_free(param); 720 m_free(param);
725 } 721 }
726 722
727 void kexcurve25519_comb_key(const struct kex_curve25519_param *param, const buffer *buf_pub_them, 723 void kexcurve25519_comb_key(const struct kex_curve25519_param *param, const buffer *buf_pub_them,
734 if (buf_pub_them->len != CURVE25519_LEN) 730 if (buf_pub_them->len != CURVE25519_LEN)
735 { 731 {
736 dropbear_exit("Bad curve25519"); 732 dropbear_exit("Bad curve25519");
737 } 733 }
738 734
739 curve25519_donna(out, param->priv, buf_pub_them->data); 735 dropbear_curve25519_scalarmult(out, param->priv, buf_pub_them->data);
740 736
741 if (constant_time_memcmp(zeroes, out, CURVE25519_LEN) == 0) { 737 if (constant_time_memcmp(zeroes, out, CURVE25519_LEN) == 0) {
742 dropbear_exit("Bad curve25519"); 738 dropbear_exit("Bad curve25519");
743 } 739 }
744 740