# HG changeset patch # User Matt Johnston # Date 1365433940 -28800 # Node ID f744321ac048440320bd98d67bdcbd5ee46f41b7 # Parent a78a38e402d1d7688b1e7b79e3161738d4b14649 ecdh works against OpenSSH diff -r a78a38e402d1 -r f744321ac048 common-kex.c --- a/common-kex.c Mon Apr 08 00:10:57 2013 +0800 +++ b/common-kex.c Mon Apr 08 23:12:20 2013 +0800 @@ -304,7 +304,7 @@ hash_process_mp(hashdesc, &hs, ses.dh_K); mp_clear(ses.dh_K); m_free(ses.dh_K); - sha1_process(&hs, ses.hash->data, ses.hash->len); + hashdesc->process(&hs, ses.hash->data, ses.hash->len); buf_burn(ses.hash); buf_free(ses.hash); ses.hash = NULL; @@ -659,11 +659,9 @@ void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them, sign_key *hostkey) { const struct dropbear_kex *algo_kex = ses.newkeys->algo_kex; - hash_state hs; // public keys from client and server ecc_key *Q_C, *Q_S, *Q_them; - // XXX load Q_them Q_them = buf_get_ecc_pubkey(pub_them, algo_kex->ecc_curve); ses.dh_K = dropbear_ecc_shared_secret(Q_them, ¶m->key); @@ -689,12 +687,6 @@ buf_putmpint(ses.kexhashbuf, ses.dh_K); /* calculate the hash H to sign */ - algo_kex->hashdesc->init(&hs); - buf_setpos(ses.kexhashbuf, 0); - algo_kex->hashdesc->process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len), - ses.kexhashbuf->len); - - /* calculate the hash H to sign */ finish_kexhashbuf(); } #endif diff -r a78a38e402d1 -r f744321ac048 ecc.c --- a/ecc.c Mon Apr 08 00:10:57 2013 +0800 +++ b/ecc.c Mon Apr 08 23:12:20 2013 +0800 @@ -181,17 +181,6 @@ goto done; } -#if 0 - // XXX - possibly not neccessary tests? - if (ltc_ecc_is_valid_idx(private_key->idx) == 0 || ltc_ecc_is_valid_idx(public_key->idx) == 0) { - goto done; - } - - if (XSTRCMP(private_key->dp->name, public_key->dp->name) != 0) { - goto done; - } -#endif - /* make new point */ result = ltc_ecc_new_point(); if (result == NULL) { @@ -211,20 +200,23 @@ err = DROPBEAR_SUCCESS; done: if (err == DROPBEAR_SUCCESS) { - shared_secret = prime; - prime = NULL; + shared_secret = m_malloc(sizeof(*shared_secret)); + m_mp_init(shared_secret); + mp_copy(result->x, shared_secret); } if (prime) { mp_clear(prime); m_free(prime); } - ltc_ecc_del_point(result); + if (result) + { + ltc_ecc_del_point(result); + } if (err == DROPBEAR_FAILURE) { dropbear_exit("ECC error"); } - return shared_secret; }