Mercurial > dropbear

view ecc.h @ 1855:35d504d59c05

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implement server-side support for sk-ecdsa U2F-backed keys (#142) * Implement server-side support for sk-ecdsa U2F-backed keys * Fix out-of-bounds read on normal ecdsa-sha2-[identifier] keys * Fix one more potential out-of-bounds read * Check if nistp256 curve is used in sk-ecdsa-sha2- key It's the only allowed curve per PROTOCOL.u2f specification * Implement server-side support for sk-ed25519 FIDO2-backed keys * Keys with type sk-* make no sense as host keys, so they should be disabled * fix typo * Make sk-ecdsa call buf_ecdsa_verify This reduces code duplication, the SK code just handles the different message format. * Reduce sk specific code The application id can be stored in signkey, then we don't need to call sk-specific functions from svr-authpubkey * Remove debugging output, which causes compilation errors with DEBUG_TRACE disabled * Proper cleanup of sk_app Co-authored-by: Matt Johnston <[email protected]>
author egor-duda <egor-duda@users.noreply.github.com>
date Sat, 22 Jan 2022 16:53:04 +0300
parents d68d61e7056a
children
line wrap: on
line source

#ifndef DROPBEAR_DROPBEAR_ECC_H
#define DROPBEAR_DROPBEAR_ECC_H

#include "includes.h"

#include "buffer.h"

#if DROPBEAR_ECC

struct dropbear_ecc_curve {
	int ltc_size; /* to match the byte sizes in ltc_ecc_sets[] */
	const ltc_ecc_set_type *dp; /* curve domain parameters */
	const struct ltc_hash_descriptor *hash_desc;
	const char *name;
};

extern struct dropbear_ecc_curve ecc_curve_nistp256;
extern struct dropbear_ecc_curve ecc_curve_nistp384;
extern struct dropbear_ecc_curve ecc_curve_nistp521;
extern struct dropbear_ecc_curve *dropbear_ecc_curves[];

void dropbear_ecc_fill_dp(void);
struct dropbear_ecc_curve* curve_for_dp(const ltc_ecc_set_type *dp);

/* "pubkey" refers to a point, but LTC uses ecc_key structure for both public
   and private keys */
void buf_put_ecc_raw_pubkey_string(buffer *buf, ecc_key *key);
ecc_key * buf_get_ecc_raw_pubkey(buffer *buf, const struct dropbear_ecc_curve *curve);
int buf_get_ecc_privkey_string(buffer *buf, ecc_key *key);

mp_int * dropbear_ecc_shared_secret(ecc_key *pub_key, const ecc_key *priv_key);

#endif

#endif /* DROPBEAR_DROPBEAR_ECC_H */