Mercurial > dropbear
changeset 756:bf9dc2d9c2b1 ecc
more bits on ecc branch
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 27 Mar 2013 00:38:03 +0800 |
| parents | b07eb3dc23ec |
| children | 230666086711 |
| files | Makefile.in algo.h cli-kex.c common-algo.c common-kex.c ecc.c ecc.h kex.h libtomcrypt/src/headers/tomcrypt_custom.h session.h sysoptions.h |
| diffstat | 11 files changed, 281 insertions(+), 25 deletions(-) [+] |
line wrap: on
line diff
--- a/Makefile.in Tue Mar 26 01:35:22 2013 +0800 +++ b/Makefile.in Wed Mar 27 00:38:03 2013 +0800 @@ -26,7 +26,7 @@ dss.o bignum.o \ signkey.o rsa.o random.o \ queue.o \ - atomicio.o compat.o fake-rfc2553.o ltc_prng.o ecc.o + atomicio.o compat.o fake-rfc2553.o ltc_prng.o ecc.o SVROBJS=svr-kex.o svr-algo.o svr-auth.o sshpty.o \ svr-authpasswd.o svr-authpubkey.o svr-authpubkeyoptions.o svr-session.o svr-service.o \
--- a/algo.h Tue Mar 26 01:35:22 2013 +0800 +++ b/algo.h Wed Mar 27 00:38:03 2013 +0800 @@ -79,6 +79,20 @@ unsigned char hashsize; }; +struct dropbear_kex { + // "normal" DH KEX + unsigned char *dh_p_bytes; + int dh_p_len; + + // elliptic curve DH KEX +#ifdef DROPBEAR_ECDH + const struct dropbear_ecc_curve *ecc_curve; +#endif + + // both + const struct ltc_hash_descriptor *hashdesc; +}; + void crypto_init(); int have_algo(char* algo, size_t algolen, algo_type algos[]); void buf_put_algolist(buffer * buf, algo_type localalgos[]); @@ -94,14 +108,16 @@ char * algolist_string(algo_type algos[]); #endif -enum { +enum kex_type { DROPBEAR_KEX_DH_GROUP1, DROPBEAR_KEX_DH_GROUP14, DROPBEAR_KEX_ECDH_SECP256R1, + DROPBEAR_KEX_ECDH_SECP384R1, + DROPBEAR_KEX_ECDH_SECP521R1, }; #ifdef DROPBEAR_ECDH -#define IS_NORMAL_DH(algo) ((algo) == DROPBEAR_KEX_DH_GROUP1 || (algo) == DROPBEAR_KEX_DH_GROUP14) +#define IS_NORMAL_DH(algo) ((algo)->dh_p_bytes != NULL) #else #define IS_NORMAL_DH(algo) 1 #endif
--- a/cli-kex.c Tue Mar 26 01:35:22 2013 +0800 +++ b/cli-kex.c Wed Mar 27 00:38:03 2013 +0800 @@ -49,7 +49,7 @@ buf_putmpint(ses.writepayload, &cli_ses.dh_param->pub); } else { #ifdef DROPBEAR_ECDH - cli_ses.ecdh_param = + cli_ses.ecdh_param = gen_kexecdh_param(); #endif } encrypt_packet();
--- a/common-algo.c Tue Mar 26 01:35:22 2013 +0800 +++ b/common-algo.c Wed Mar 27 00:38:03 2013 +0800 @@ -212,10 +212,36 @@ {NULL, 0, NULL, 0, NULL} }; +static struct dropbear_kex kex_dh_group1 {dh_p_1, DH_P_1_LEN, NULL, sha1_desc }; +static struct dropbear_kex kex_dh_group14 {dh_p_14, DH_P_14_LEN, NULL, sha1_desc }; + +#ifdef DROPBEAR_ECC_DH +#ifdef DROPBEAR_ECC_256 +static struct dropbear_kex kex_ecdh_secp256r1 {NULL, 0, &ecc_curve_secp256r1, sha256_desc }; +#endif +#ifdef DROPBEAR_ECC_384 +static struct dropbear_kex kex_ecdh_secp384r1 {NULL, 0, &ecc_curve_secp384r1, sha384_desc }; +#endif +#ifdef DROPBEAR_ECC_521 +static struct dropbear_kex kex_ecdh_secp521r1 {NULL, 0, &ecc_curve_secp521r1, sha512_desc }; +#endif +#endif // DROPBEAR_ECC_DH + + algo_type sshkex[] = { -// {"ecdh-sha2-secp256r1", DROPBEAR_KEX_ECDH_SECP256R1, NULL, 1, NULL}, - {"diffie-hellman-group1-sha1", DROPBEAR_KEX_DH_GROUP1, NULL, 1, NULL},