Mercurial > dropbear
comparison ecdsa.c @ 767:e465ed10c51d ecc
Be safer with how we handle ltc_ecc_sets[] (particularly with
system libtomcrypt)
A bit of progress with ecdsa code
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 09 Apr 2013 22:44:19 +0800 |
| parents | d1575fdc29a6 |
| children | 70625eed40c9 |
comparison
equal
deleted
inserted
replaced
| 766:d1575fdc29a6 | 767:e465ed10c51d |
|---|---|
| 1 #include "includes.h" | 1 #include "includes.h" |
| 2 #include "dbutil.h" | 2 #include "dbutil.h" |
| 3 #include "crypto_desc.h" | 3 #include "crypto_desc.h" |
| 4 #include "ecc.h" | |
| 4 | 5 |
| 5 #ifdef DROPBEAR_ECDSA | 6 #ifdef DROPBEAR_ECDSA |
| 6 | 7 |
| 7 ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) { | 8 ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) { |
| 8 const ltc_ecc_set_type *dp = NULL; // curve domain parameters | 9 const ltc_ecc_set_type *dp = NULL; // curve domain parameters |
| 9 // TODO: use raw bytes for the dp rather than the hex strings in libtomcrypt's ecc.c | 10 // TODO: use raw bytes for the dp rather than the hex strings in libtomcrypt's ecc.c |
| 10 switch (bit_size) { | 11 switch (bit_size) { |
| 11 #ifdef DROPBEAR_ECC_256 | 12 #ifdef DROPBEAR_ECC_256 |
| 12 case 256: | 13 case 256: |
| 13 dp = <c_ecc_sets[0]; | 14 dp = ecc_curve_nistp256.dp; |
| 14 break; | 15 break; |
| 15 #endif | 16 #endif |
| 16 #ifdef DROPBEAR_ECC_384 | 17 #ifdef DROPBEAR_ECC_384 |
| 17 case 384: | 18 case 384: |
| 18 dp = <c_ecc_sets[0]; | 19 dp = ecc_curve_nistp384.dp; |
| 19 break; | 20 break; |
| 20 #endif | 21 #endif |
| 21 #ifdef DROPBEAR_ECC_521 | 22 #ifdef DROPBEAR_ECC_521 |
| 22 case 521: | 23 case 521: |
| 23 dp = <c_ecc_sets[0]; | 24 dp = ecc_curve_nistp521.dp; |
| 24 break; | 25 break; |
| 25 #endif | 26 #endif |
| 26 } | 27 } |
| 27 if (!dp) { | 28 if (!dp) { |
| 28 dropbear_exit("Key size %d isn't valid. Try " | 29 dropbear_exit("Key size %d isn't valid. Try " |
| 43 dropbear_exit("ECC error"); | 44 dropbear_exit("ECC error"); |
| 44 } | 45 } |
| 45 return new_key; | 46 return new_key; |
| 46 } | 47 } |
| 47 | 48 |
| 48 int buf_get_ecdsa_pub_key(buffer* buf, ecc_key *key) { | 49 ecc_key *buf_get_ecdsa_pub_key(buffer* buf) { |
| 50 unsigned char *key_ident = NULL, *identifier = NULL; | |
| 51 unsigned int key_ident_len, identifier_len; | |
| 52 buffer *q_buf = NULL; | |
| 53 struct dropbear_ecc_curve **curve; | |
| 54 ecc_key *new_key = NULL; | |
| 49 | 55 |
| 56 // string "ecdsa-sha2-[identifier]" | |
| 57 key_ident = buf_getstring(buf, &key_ident_len); | |
| 58 // string "ecdsa-sha2-[identifier]" | |
| 59 identifier = buf_getstring(buf, &identifier_len); | |
| 60 | |
| 61 if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) { | |
| 62 TRACE(("Bad identifier lengths")) | |
| 63 goto out; | |
| 64 } | |
| 65 if (memcmp(&key_ident[strlen("ecdsa-sha2-")], identifier, identifier_len) != 0) { | |
| 66 TRACE(("mismatching identifiers")) | |
| 67 goto out; | |
| 68 } | |
| 69 | |
| 70 for (curve = dropbear_ecc_curves; *curve; curve++) { | |
| 71 if (memcmp(identifier, (*curve)->name, strlen((*curve)->name)) == 0) { | |
| 72 break; | |
| 73 } | |
| 74 } | |
| 75 if (!*curve) { | |
| 76 TRACE(("couldn't match ecc curve")) | |
| 77 goto out; | |
| 78 } | |
| 79 | |
| 80 // string Q | |
| 81 q_buf = buf_getstringbuf(buf); | |
| 82 new_key = buf_get_ecc_raw_pubkey(q_buf, *curve); | |
| 83 | |
| 84 out: | |
| 85 if (key_ident) { | |
| 86 m_free(key_ident); | |
| 87 } | |
| 88 if (identifier) { | |
| 89 m_free(identifier); | |
| 90 } | |
| 91 if (q_buf) { | |
| 92 buf_free(q_buf); | |
| 93 q_buf = NULL; | |
| 94 } | |
| 95 TRACE(("leave buf_get_ecdsa_pub_key")) | |
| 96 return new_key; | |
| 50 } | 97 } |
| 51 | 98 |
| 52 | 99 |
| 53 #endif // DROPBEAR_ECDSA | 100 #endif // DROPBEAR_ECDSA |