Mercurial > dropbear
comparison signkey.c @ 1659:d32bcb5c557d
Add Ed25519 support (#91)
* Add support for Ed25519 as a public key type
Ed25519 is a elliptic curve signature scheme that offers
better security than ECDSA and DSA and good performance. It may be
used for both user and host keys.
OpenSSH key import and fuzzer are not supported yet.
Initially inspired by Peter Szabo.
* Add curve25519 and ed25519 fuzzers
* Add import and export of Ed25519 keys
| author | Vladislav Grishenko <themiron@users.noreply.github.com> |
|---|---|
| date | Wed, 11 Mar 2020 21:09:45 +0500 |
| parents | 2f64cb3d3007 |
| children | ba6fc7afe1c5 |
comparison
equal
deleted
inserted
replaced
| 1658:7402218141d4 | 1659:d32bcb5c557d |
|---|---|
| 37 "ssh-dss", | 37 "ssh-dss", |
| 38 #endif | 38 #endif |
| 39 #if DROPBEAR_ECDSA | 39 #if DROPBEAR_ECDSA |
| 40 "ecdsa-sha2-nistp256", | 40 "ecdsa-sha2-nistp256", |
| 41 "ecdsa-sha2-nistp384", | 41 "ecdsa-sha2-nistp384", |
| 42 "ecdsa-sha2-nistp521" | 42 "ecdsa-sha2-nistp521", |
| 43 #endif /* DROPBEAR_ECDSA */ | 43 #endif /* DROPBEAR_ECDSA */ |
| 44 #if DROPBEAR_ED25519 | |
| 45 "ssh-ed25519", | |
| 46 #endif /* DROPBEAR_ED25519 */ | |
| 44 }; | 47 }; |
| 45 | 48 |
| 46 /* malloc a new sign_key and set the dss and rsa keys to NULL */ | 49 /* malloc a new sign_key and set the dss and rsa keys to NULL */ |
| 47 sign_key * new_sign_key() { | 50 sign_key * new_sign_key() { |
| 48 | 51 |
| 105 /* Returns a pointer to the key part specific to "type". | 108 /* Returns a pointer to the key part specific to "type". |
| 106 Be sure to check both (ret != NULL) and (*ret != NULL) */ | 109 Be sure to check both (ret != NULL) and (*ret != NULL) */ |
| 107 void ** | 110 void ** |
| 108 signkey_key_ptr(sign_key *key, enum signkey_type type) { | 111 signkey_key_ptr(sign_key *key, enum signkey_type type) { |
| 109 switch (type) { | 112 switch (type) { |
| 113 #if DROPBEAR_ED25519 | |
| 114 case DROPBEAR_SIGNKEY_ED25519: | |
| 115 return (void**)&key->ed25519key; | |
| 116 #endif | |
| 110 #if DROPBEAR_ECDSA | 117 #if DROPBEAR_ECDSA |
| 111 #if DROPBEAR_ECC_256 | 118 #if DROPBEAR_ECC_256 |
| 112 case DROPBEAR_SIGNKEY_ECDSA_NISTP256: | 119 case DROPBEAR_SIGNKEY_ECDSA_NISTP256: |
| 113 return (void**)&key->ecckey256; | 120 return (void**)&key->ecckey256; |
| 114 #endif | 121 #endif |
| 198 ret = DROPBEAR_SUCCESS; | 205 ret = DROPBEAR_SUCCESS; |
| 199 } | 206 } |
| 200 } | 207 } |
| 201 } | 208 } |
| 202 #endif | 209 #endif |
| 210 #if DROPBEAR_ED25519 | |
| 211 if (keytype == DROPBEAR_SIGNKEY_ED25519) { | |
| 212 ed25519_key_free(key->ed25519key); | |
| 213 key->ed25519key = m_malloc(sizeof(*key->ed25519key)); | |
| 214 ret = buf_get_ed25519_pub_key(buf, key->ed25519key); | |
| 215 if (ret == DROPBEAR_FAILURE) { | |
| 216 m_free(key->ed25519key); | |
| 217 key->ed25519key = NULL; | |
| 218 } | |
| 219 } | |
| 220 #endif | |
| 203 | 221 |
| 204 TRACE2(("leave buf_get_pub_key")) | 222 TRACE2(("leave buf_get_pub_key")) |
| 205 | 223 |
| 206 return ret; | 224 return ret; |
| 207 } | 225 } |
| 268 ret = DROPBEAR_SUCCESS; | 286 ret = DROPBEAR_SUCCESS; |
| 269 } | 287 } |
| 270 } | 288 } |
| 271 } | 289 } |
| 272 #endif | 290 #endif |
| 291 #if DROPBEAR_ED25519 | |
| 292 if (keytype == DROPBEAR_SIGNKEY_ED25519) { | |
| 293 ed25519_key_free(key->ed25519key); | |
| 294 key->ed25519key = m_malloc(sizeof(*key->ed25519key)); | |
| 295 ret = buf_get_ed25519_priv_key(buf, key->ed25519key); | |
| 296 if (ret == DROPBEAR_FAILURE) { | |
| 297 m_free(key->ed25519key); | |
| 298 key->ed25519key = NULL; | |
| 299 } | |
| 300 } | |
| 301 #endif | |
| 273 | 302 |
| 274 TRACE2(("leave buf_get_priv_key")) | 303 TRACE2(("leave buf_get_priv_key")) |
| 275 | 304 |
| 276 return ret; | 305 return ret; |
| 277 | 306 |
| 299 if (signkey_is_ecdsa(type)) { | 328 if (signkey_is_ecdsa(type)) { |
| 300 ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); | 329 ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); |
| 301 if (eck && *eck) { | 330 if (eck && *eck) { |
| 302 buf_put_ecdsa_pub_key(pubkeys, *eck); | 331 buf_put_ecdsa_pub_key(pubkeys, *eck); |
| 303 } | 332 } |
| 333 } | |
| 334 #endif | |
| 335 #if DROPBEAR_ED25519 | |
| 336 if (type == DROPBEAR_SIGNKEY_ED25519) { | |
| 337 buf_put_ed25519_pub_key(pubkeys, key->ed25519key); | |
| 304 } | 338 } |
| 305 #endif | 339 #endif |
| 306 if (pubkeys->len == 0) { | 340 if (pubkeys->len == 0) { |
| 307 dropbear_exit("Bad key types in buf_put_pub_key"); | 341 dropbear_exit("Bad key types in buf_put_pub_key"); |
| 308 } | 342 } |
| 340 TRACE(("leave buf_put_priv_key: ecdsa done")) | 374 TRACE(("leave buf_put_priv_key: ecdsa done")) |
| 341 return; | 375 return; |
| 342 } | 376 } |
| 343 } | 377 } |
| 344 #endif | 378 #endif |
| 379 #if DROPBEAR_ED25519 | |
| 380 if (type == DROPBEAR_SIGNKEY_ED25519) { | |
| 381 buf_put_ed25519_priv_key(buf, key->ed25519key); | |
| 382 TRACE(("leave buf_put_priv_key: ed25519 done")) | |
| 383 return; | |
| 384 } | |
| 385 #endif | |
| 345 dropbear_exit("Bad key types in put pub key"); | 386 dropbear_exit("Bad key types in put pub key"); |
| 346 } | 387 } |
| 347 | 388 |
| 348 void sign_key_free(sign_key *key) { | 389 void sign_key_free(sign_key *key) { |
| 349 | 390 |
| 378 m_free(key->ecckey521); | 419 m_free(key->ecckey521); |
| 379 key->ecckey521 = NULL; | 420 key->ecckey521 = NULL; |
| 380 } | 421 } |
| 381 #endif | 422 #endif |
| 382 #endif | 423 #endif |
| 424 #if DROPBEAR_ED25519 | |
| 425 ed25519_key_free(key->ed25519key); | |
| 426 key->ed25519key = NULL; | |
| 427 #endif | |
| 383 | 428 |
| 384 m_free(key->filename); | 429 m_free(key->filename); |
| 385 | 430 |
| 386 m_free(key); | 431 m_free(key); |
| 387 TRACE2(("leave sign_key_free")) | 432 TRACE2(("leave sign_key_free")) |
| 500 if (signkey_is_ecdsa(type)) { | 545 if (signkey_is_ecdsa(type)) { |
| 501 ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); | 546 ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); |
| 502 if (eck && *eck) { | 547 if (eck && *eck) { |
| 503 buf_put_ecdsa_sign(sigblob, *eck, data_buf); | 548 buf_put_ecdsa_sign(sigblob, *eck, data_buf); |
| 504 } | 549 } |
| 550 } | |
| 551 #endif | |
| 552 #if DROPBEAR_ED25519 | |
| 553 if (type == DROPBEAR_SIGNKEY_ED25519) { | |
| 554 buf_put_ed25519_sign(sigblob, key->ed25519key, data_buf); | |
| 505 } | 555 } |
| 506 #endif | 556 #endif |
| 507 if (sigblob->len == 0) { | 557 if (sigblob->len == 0) { |
| 508 dropbear_exit("Non-matching signing type"); | 558 dropbear_exit("Non-matching signing type"); |
| 509 } | 559 } |
| 553 if (eck && *eck) { | 603 if (eck && *eck) { |
| 554 return buf_ecdsa_verify(buf, *eck, data_buf); | 604 return buf_ecdsa_verify(buf, *eck, data_buf); |
| 555 } | 605 } |
| 556 } | 606 } |
| 557 #endif | 607 #endif |
| 608 #if DROPBEAR_ED25519 | |
| 609 if (type == DROPBEAR_SIGNKEY_ED25519) { | |
| 610 if (key->ed25519key == NULL) { | |
| 611 dropbear_exit("No Ed25519 key to verify signature"); | |
| 612 } | |
| 613 return buf_ed25519_verify(buf, key->ed25519key, data_buf); | |
| 614 } | |
| 615 #endif | |
| 558 | 616 |
| 559 dropbear_exit("Non-matching signing type"); | 617 dropbear_exit("Non-matching signing type"); |
| 560 return DROPBEAR_FAILURE; | 618 return DROPBEAR_FAILURE; |
| 561 } | 619 } |
| 562 #endif /* DROPBEAR_SIGNKEY_VERIFY */ | 620 #endif /* DROPBEAR_SIGNKEY_VERIFY */ |