Mercurial > dropbear
comparison common-kex.c @ 763:f744321ac048 ecc
ecdh works against OpenSSH
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Mon, 08 Apr 2013 23:12:20 +0800 |
| parents | a78a38e402d1 |
| children | 5503e05ab3a4 |
comparison
equal
deleted
inserted
replaced
| 762:a78a38e402d1 | 763:f744321ac048 |
|---|---|
| 302 | 302 |
| 303 hashdesc->init(&hs); | 303 hashdesc->init(&hs); |
| 304 hash_process_mp(hashdesc, &hs, ses.dh_K); | 304 hash_process_mp(hashdesc, &hs, ses.dh_K); |
| 305 mp_clear(ses.dh_K); | 305 mp_clear(ses.dh_K); |
| 306 m_free(ses.dh_K); | 306 m_free(ses.dh_K); |
| 307 sha1_process(&hs, ses.hash->data, ses.hash->len); | 307 hashdesc->process(&hs, ses.hash->data, ses.hash->len); |
| 308 buf_burn(ses.hash); | 308 buf_burn(ses.hash); |
| 309 buf_free(ses.hash); | 309 buf_free(ses.hash); |
| 310 ses.hash = NULL; | 310 ses.hash = NULL; |
| 311 | 311 |
| 312 if (IS_DROPBEAR_CLIENT) { | 312 if (IS_DROPBEAR_CLIENT) { |
| 657 | 657 |
| 658 } | 658 } |
| 659 void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them, | 659 void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them, |
| 660 sign_key *hostkey) { | 660 sign_key *hostkey) { |
| 661 const struct dropbear_kex *algo_kex = ses.newkeys->algo_kex; | 661 const struct dropbear_kex *algo_kex = ses.newkeys->algo_kex; |
| 662 hash_state hs; | |
| 663 // public keys from client and server | 662 // public keys from client and server |
| 664 ecc_key *Q_C, *Q_S, *Q_them; | 663 ecc_key *Q_C, *Q_S, *Q_them; |
| 665 | 664 |
| 666 // XXX load Q_them | |
| 667 Q_them = buf_get_ecc_pubkey(pub_them, algo_kex->ecc_curve); | 665 Q_them = buf_get_ecc_pubkey(pub_them, algo_kex->ecc_curve); |
| 668 | 666 |
| 669 ses.dh_K = dropbear_ecc_shared_secret(Q_them, ¶m->key); | 667 ses.dh_K = dropbear_ecc_shared_secret(Q_them, ¶m->key); |
| 670 | 668 |
| 671 /* From here on, the code needs to work with the _same_ vars on each side, | 669 /* From here on, the code needs to work with the _same_ vars on each side, |
| 685 buf_put_ecc_pubkey_string(ses.kexhashbuf, Q_C); | 683 buf_put_ecc_pubkey_string(ses.kexhashbuf, Q_C); |
| 686 /* Q_S, server's ephemeral public key octet string */ | 684 /* Q_S, server's ephemeral public key octet string */ |
| 687 buf_put_ecc_pubkey_string(ses.kexhashbuf, Q_S); | 685 buf_put_ecc_pubkey_string(ses.kexhashbuf, Q_S); |
| 688 /* K, the shared secret */ | 686 /* K, the shared secret */ |
| 689 buf_putmpint(ses.kexhashbuf, ses.dh_K); | 687 buf_putmpint(ses.kexhashbuf, ses.dh_K); |
| 690 | |
| 691 /* calculate the hash H to sign */ | |
| 692 algo_kex->hashdesc->init(&hs); | |
| 693 buf_setpos(ses.kexhashbuf, 0); | |
| 694 algo_kex->hashdesc->process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len), | |
| 695 ses.kexhashbuf->len); | |
| 696 | 688 |
| 697 /* calculate the hash H to sign */ | 689 /* calculate the hash H to sign */ |
| 698 finish_kexhashbuf(); | 690 finish_kexhashbuf(); |
| 699 } | 691 } |
| 700 #endif | 692 #endif |