Mercurial > dropbear
view libtommath/bn_mp_from_ubin.c @ 1855:35d504d59c05
Implement server-side support for sk-ecdsa U2F-backed keys (#142)
* Implement server-side support for sk-ecdsa U2F-backed keys
* Fix out-of-bounds read on normal ecdsa-sha2-[identifier] keys
* Fix one more potential out-of-bounds read
* Check if nistp256 curve is used in sk-ecdsa-sha2- key
It's the only allowed curve per PROTOCOL.u2f specification
* Implement server-side support for sk-ed25519 FIDO2-backed keys
* Keys with type sk-* make no sense as host keys, so they should be
disabled
* fix typo
* Make sk-ecdsa call buf_ecdsa_verify
This reduces code duplication, the SK code just handles the
different message format.
* Reduce sk specific code
The application id can be stored in signkey, then we don't need
to call sk-specific functions from svr-authpubkey
* Remove debugging output, which causes compilation errors with DEBUG_TRACE disabled
* Proper cleanup of sk_app
Co-authored-by: Matt Johnston <[email protected]>
author | egor-duda <egor-duda@users.noreply.github.com> |
---|---|
date | Sat, 22 Jan 2022 16:53:04 +0300 |
parents | 1051e4eea25a |
children |
line wrap: on
line source
#include "tommath_private.h" #ifdef BN_MP_FROM_UBIN_C /* LibTomMath, multiple-precision integer library -- Tom St Denis */ /* SPDX-License-Identifier: Unlicense */ /* reads a unsigned char array, assumes the msb is stored first [big endian] */ mp_err mp_from_ubin(mp_int *a, const unsigned char *buf, size_t size) { mp_err err; /* make sure there are at least two digits */ if (a->alloc < 2) { if ((err = mp_grow(a, 2)) != MP_OKAY) { return err; } } /* zero the int */ mp_zero(a); /* read the bytes in */ while (size-- > 0u) { if ((err = mp_mul_2d(a, 8, a)) != MP_OKAY) { return err; } #ifndef MP_8BIT a->dp[0] |= *buf++; a->used += 1; #else a->dp[0] = (*buf & MP_MASK); a->dp[1] |= ((*buf++ >> 7) & 1u); a->used += 2; #endif } mp_clamp(a); return MP_OKAY; } #endif