# HG changeset patch # User Matt Johnston # Date 1365438964 -28800 # Node ID d1575fdc29a6ff92d9708876091b7f8041ca26d5 # Parent 5503e05ab3a4426e430aba849751a73b9054c845 start on ecdsa keys diff -r 5503e05ab3a4 -r d1575fdc29a6 Makefile.in --- a/Makefile.in Mon Apr 08 23:56:31 2013 +0800 +++ b/Makefile.in Tue Apr 09 00:36:04 2013 +0800 @@ -26,7 +26,8 @@ dss.o bignum.o \ signkey.o rsa.o random.o \ queue.o \ - atomicio.o compat.o fake-rfc2553.o ltc_prng.o ecc.o + atomicio.o compat.o fake-rfc2553.o \ + ltc_prng.o ecc.o ecdsa.o crypto_desc.o SVROBJS=svr-kex.o svr-algo.o svr-auth.o sshpty.o \ svr-authpasswd.o svr-authpubkey.o svr-authpubkeyoptions.o svr-session.o svr-service.o \ @@ -54,7 +55,7 @@ debug.h channel.h chansession.h config.h queue.h sshpty.h \ termcodes.h gendss.h genrsa.h runopts.h includes.h \ loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \ - listener.h fake-rfc2553.h + listener.h fake-rfc2553.h ecc.h ecdsa.h dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS) diff -r 5503e05ab3a4 -r d1575fdc29a6 algo.h --- a/algo.h Mon Apr 08 23:56:31 2013 +0800 +++ b/algo.h Tue Apr 09 00:36:04 2013 +0800 @@ -93,7 +93,6 @@ const struct ltc_hash_descriptor *hashdesc; }; -void crypto_init(); int have_algo(char* algo, size_t algolen, algo_type algos[]); void buf_put_algolist(buffer * buf, algo_type localalgos[]); @@ -120,6 +119,4 @@ DROPBEAR_COMP_ZLIB_DELAY, }; -extern int dropbear_ltc_prng; - #endif /* _ALGO_H_ */ diff -r 5503e05ab3a4 -r d1575fdc29a6 cli-session.c --- a/cli-session.c Mon Apr 08 23:56:31 2013 +0800 +++ b/cli-session.c Tue Apr 09 00:36:04 2013 +0800 @@ -36,6 +36,7 @@ #include "runopts.h" #include "chansession.h" #include "agentfwd.h" +#include "crypto_desc.h" static void cli_remoteclosed(); static void cli_sessionloop(); diff -r 5503e05ab3a4 -r d1575fdc29a6 common-algo.c --- a/common-algo.c Mon Apr 08 23:56:31 2013 +0800 +++ b/common-algo.c Tue Apr 09 00:36:04 2013 +0800 @@ -33,12 +33,6 @@ /* This file (algo.c) organises the ciphers which can be used, and is used to * decide which ciphers/hashes/compression/signing to use during key exchange*/ -#ifdef DROPBEAR_LTC_PRNG - int dropbear_ltc_prng = -1; -#endif - - - static int void_cipher(const unsigned char* in, unsigned char* out, unsigned long len, void* UNUSED(cipher_state)) { if (in != out) { @@ -255,70 +249,6 @@ {NULL, 0, NULL, 0, NULL} }; - -/* Register the compiled in ciphers. - * This should be run before using any of the ciphers/hashes */ -void crypto_init() { - - const struct ltc_cipher_descriptor *regciphers[] = { -#ifdef DROPBEAR_AES - &aes_desc, -#endif -#ifdef DROPBEAR_BLOWFISH - &blowfish_desc, -#endif -#ifdef DROPBEAR_TWOFISH - &twofish_desc, -#endif -#ifdef DROPBEAR_3DES - &des3_desc, -#endif - NULL - }; - - const struct ltc_hash_descriptor *reghashes[] = { - /* we need sha1 for hostkey stuff regardless */ - &sha1_desc, -#ifdef DROPBEAR_MD5_HMAC - &md5_desc, -#endif -#ifdef DROPBEAR_SHA256 - &sha256_desc, -#endif -#ifdef DROPBEAR_SHA384 - &sha384_desc, -#endif -#ifdef DROPBEAR_SHA512 - &sha512_desc, -#endif - NULL - }; - int i; - - for (i = 0; regciphers[i] != NULL; i++) { - if (register_cipher(regciphers[i]) == -1) { - dropbear_exit("Error registering crypto"); - } - } - - for (i = 0; reghashes[i] != NULL; i++) { - if (register_hash(reghashes[i]) == -1) { - dropbear_exit("Error registering crypto"); - } - } - -#ifdef DROPBEAR_LTC_PRNG - dropbear_ltc_prng = register_prng(&dropbear_prng_desc); - if (dropbear_ltc_prng == -1) { - dropbear_exit("Error registering crypto"); - } -#endif - -#ifdef DROPBEAR_ECC - ltc_mp = ltm_desc; -#endif -} - /* algolen specifies the length of algo, algos is our local list to match * against. * Returns DROPBEAR_SUCCESS if we have a match for algo, DROPBEAR_FAILURE diff -r 5503e05ab3a4 -r d1575fdc29a6 common-kex.c --- a/common-kex.c Mon Apr 08 23:56:31 2013 +0800 +++ b/common-kex.c Tue Apr 09 00:36:04 2013 +0800 @@ -35,6 +35,7 @@ #include "random.h" #include "runopts.h" #include "ecc.h" +#include "crypto_desc.h" /* diffie-hellman-group1-sha1 value for p */ const unsigned char dh_p_1[DH_P_1_LEN] = { diff -r 5503e05ab3a4 -r d1575fdc29a6 crypto_desc.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/crypto_desc.c Tue Apr 09 00:36:04 2013 +0800 @@ -0,0 +1,73 @@ +#include "includes.h" +#include "dbutil.h" +#include "crypto_desc.h" +#include "ltc_prng.h" + +#ifdef DROPBEAR_LTC_PRNG + int dropbear_ltc_prng = -1; +#endif + + +/* Register the compiled in ciphers. + * This should be run before using any of the ciphers/hashes */ +void crypto_init() { + + const struct ltc_cipher_descriptor *regciphers[] = { +#ifdef DROPBEAR_AES + &aes_desc, +#endif +#ifdef DROPBEAR_BLOWFISH + &blowfish_desc, +#endif +#ifdef DROPBEAR_TWOFISH + &twofish_desc, +#endif +#ifdef DROPBEAR_3DES + &des3_desc, +#endif + NULL + }; + + const struct ltc_hash_descriptor *reghashes[] = { + /* we need sha1 for hostkey stuff regardless */ + &sha1_desc, +#ifdef DROPBEAR_MD5_HMAC + &md5_desc, +#endif +#ifdef DROPBEAR_SHA256 + &sha256_desc, +#endif +#ifdef DROPBEAR_SHA384 + &sha384_desc, +#endif +#ifdef DROPBEAR_SHA512 + &sha512_desc, +#endif + NULL + }; + int i; + + for (i = 0; regciphers[i] != NULL; i++) { + if (register_cipher(regciphers[i]) == -1) { + dropbear_exit("Error registering crypto"); + } + } + + for (i = 0; reghashes[i] != NULL; i++) { + if (register_hash(reghashes[i]) == -1) { + dropbear_exit("Error registering crypto"); + } + } + +#ifdef DROPBEAR_LTC_PRNG + dropbear_ltc_prng = register_prng(&dropbear_prng_desc); + if (dropbear_ltc_prng == -1) { + dropbear_exit("Error registering crypto"); + } +#endif + +#ifdef DROPBEAR_ECC + ltc_mp = ltm_desc; +#endif +} + diff -r 5503e05ab3a4 -r d1575fdc29a6 crypto_desc.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/crypto_desc.h Tue Apr 09 00:36:04 2013 +0800 @@ -0,0 +1,9 @@ +#ifndef _CRYPTO_DESC_H +#define _CRYPTO_DESC_H + +void crypto_init(); + +extern int dropbear_ltc_prng; + +#endif // _CRYPTO_DESC_H + diff -r 5503e05ab3a4 -r d1575fdc29a6 dropbearkey.c --- a/dropbearkey.c Mon Apr 08 23:56:31 2013 +0800 +++ b/dropbearkey.c Tue Apr 09 00:36:04 2013 +0800 @@ -188,6 +188,7 @@ exit(EXIT_FAILURE); } + // TODO: put RSA and DSS size checks into genrsa.c etc if (keytype == DROPBEAR_SIGNKEY_DSS && bits != 1024) { fprintf(stderr, "DSS keys have a fixed size of 1024 bits\n"); exit(EXIT_FAILURE); diff -r 5503e05ab3a4 -r d1575fdc29a6 ecc.c --- a/ecc.c Mon Apr 08 23:56:31 2013 +0800 +++ b/ecc.c Tue Apr 09 00:36:04 2013 +0800 @@ -7,25 +7,24 @@ #ifdef DROPBEAR_ECC // TODO: use raw bytes for the dp rather than the hex strings in libtomcrypt's ecc.c - #ifdef DROPBEAR_ECC_256 const struct dropbear_ecc_curve ecc_curve_nistp256 = { .dp = <c_ecc_sets[0], - .hash_desc = &sha256_desc, + .hashdesc = &sha256_desc, .name = "nistp256" }; #endif #ifdef DROPBEAR_ECC_384 const struct dropbear_ecc_curve ecc_curve_nistp384 = { .dp = <c_ecc_sets[1], - .hash_desc = &sha384_desc, + .hashdesc = &sha384_desc, .name = "nistp384" }; #endif #ifdef DROPBEAR_ECC_521 const struct dropbear_ecc_curve ecc_curve_nistp521 = { .dp = <c_ecc_sets[2], - .hash_desc = &sha512_desc, + .hashdesc = &sha512_desc, .name = "nistp521" }; #endif diff -r 5503e05ab3a4 -r d1575fdc29a6 ecc.h --- a/ecc.h Mon Apr 08 23:56:31 2013 +0800 +++ b/ecc.h Tue Apr 09 00:36:04 2013 +0800 @@ -10,7 +10,7 @@ struct dropbear_ecc_curve { const ltc_ecc_set_type *dp; // curve domain parameters - const struct ltc_hash_descriptor *hash_desc; + const struct ltc_hash_descriptor *hashdesc; const char *name; }; diff -r 5503e05ab3a4 -r d1575fdc29a6 ecdsa.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/ecdsa.c Tue Apr 09 00:36:04 2013 +0800 @@ -0,0 +1,53 @@ +#include "includes.h" +#include "dbutil.h" +#include "crypto_desc.h" + +#ifdef DROPBEAR_ECDSA + +ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) { + const ltc_ecc_set_type *dp = NULL; // curve domain parameters + // TODO: use raw bytes for the dp rather than the hex strings in libtomcrypt's ecc.c + switch (bit_size) { +#ifdef DROPBEAR_ECC_256 + case 256: + dp = <c_ecc_sets[0]; + break; +#endif +#ifdef DROPBEAR_ECC_384 + case 384: + dp = <c_ecc_sets[0]; + break; +#endif +#ifdef DROPBEAR_ECC_521 + case 521: + dp = <c_ecc_sets[0]; + break; +#endif + } + if (!dp) { + dropbear_exit("Key size %d isn't valid. Try " +#ifdef DROPBEAR_ECC_256 + "256 " +#endif +#ifdef DROPBEAR_ECC_384 + "384 " +#endif +#ifdef DROPBEAR_ECC_521 + "521 " +#endif + , bit_size); + } + + ecc_key *new_key = m_malloc(sizeof(*new_key)); + if (ecc_make_key_ex(NULL, dropbear_ltc_prng, new_key, dp) != CRYPT_OK) { + dropbear_exit("ECC error"); + } + return new_key; +} + +int buf_get_ecdsa_pub_key(buffer* buf, ecc_key *key) { + +} + + +#endif // DROPBEAR_ECDSA diff -r 5503e05ab3a4 -r d1575fdc29a6 ecdsa.h diff -r 5503e05ab3a4 -r d1575fdc29a6 options.h --- a/options.h Mon Apr 08 23:56:31 2013 +0800 +++ b/options.h Tue Apr 09 00:36:04 2013 +0800 @@ -137,6 +137,7 @@ #define DROPBEAR_DSS #define DROPBEAR_ECDH +#define DROPBEAR_ECDSA /* RSA can be vulnerable to timing attacks which use the time required for * signing to guess the private key. Blinding avoids this attack, though makes diff -r 5503e05ab3a4 -r d1575fdc29a6 signkey.h --- a/signkey.h Mon Apr 08 23:56:31 2013 +0800 +++ b/signkey.h Tue Apr 09 00:36:04 2013 +0800 @@ -51,6 +51,9 @@ #ifdef DROPBEAR_RSA dropbear_rsa_key * rsakey; #endif +#ifdef DROPBEAR_ECDSA + ecc_key *ecckey; +#endif }; typedef struct SIGN_key sign_key; diff -r 5503e05ab3a4 -r d1575fdc29a6 svr-session.c --- a/svr-session.c Mon Apr 08 23:56:31 2013 +0800 +++ b/svr-session.c Tue Apr 09 00:36:04 2013 +0800 @@ -39,6 +39,7 @@ #include "service.h" #include "auth.h" #include "runopts.h" +#include "crypto_desc.h" static void svr_remoteclosed(); diff -r 5503e05ab3a4 -r d1575fdc29a6 sysoptions.h --- a/sysoptions.h Mon Apr 08 23:56:31 2013 +0800 +++ b/sysoptions.h Tue Apr 09 00:36:04 2013 +0800 @@ -60,10 +60,13 @@ #define DROPBEAR_SUCCESS 0 #define DROPBEAR_FAILURE -1 -#define DROPBEAR_SIGNKEY_ANY 0 -#define DROPBEAR_SIGNKEY_RSA 1 -#define DROPBEAR_SIGNKEY_DSS 2 -#define DROPBEAR_SIGNKEY_NONE 3 +enum { + DROPBEAR_SIGNKEY_ANY, + DROPBEAR_SIGNKEY_RSA, + DROPBEAR_SIGNKEY_DSS, + DROPBEAR_SIGNKEY_ECDSA, + DROPBEAR_SIGNKEY_NONE, +}; /* Required for pubkey auth */ #if defined(ENABLE_SVR_PUBKEY_AUTH) || defined(DROPBEAR_CLIENT)