diff options
author | Matt Johnston <matt@ucc.asn.au> | 2013-04-08 23:12:20 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2013-04-08 23:12:20 +0800 |
commit | bceb7433b81737a3a205a6432e8f2ea7b53a5a26 (patch) | |
tree | a9c073fc5ba1ab1f1816df5ac907093ec49452b1 | |
parent | 8dd2f70401bb7a6dfc92396e6398a44640d06245 (diff) | |
download | dropbear-bceb7433b81737a3a205a6432e8f2ea7b53a5a26.tar.gz |
ecdh works against OpenSSH
-rw-r--r-- | common-kex.c | 10 | ||||
-rw-r--r-- | ecc.c | 22 |
2 files changed, 8 insertions, 24 deletions
diff --git a/common-kex.c b/common-kex.c index 1543fb8..729b5d8 100644 --- a/common-kex.c +++ b/common-kex.c @@ -304,7 +304,7 @@ void gen_new_keys() { hash_process_mp(hashdesc, &hs, ses.dh_K); mp_clear(ses.dh_K); m_free(ses.dh_K); - sha1_process(&hs, ses.hash->data, ses.hash->len); + hashdesc->process(&hs, ses.hash->data, ses.hash->len); buf_burn(ses.hash); buf_free(ses.hash); ses.hash = NULL; @@ -659,11 +659,9 @@ void free_kexecdh_param(struct kex_ecdh_param *param) { void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them, sign_key *hostkey) { const struct dropbear_kex *algo_kex = ses.newkeys->algo_kex; - hash_state hs; // public keys from client and server ecc_key *Q_C, *Q_S, *Q_them; - // XXX load Q_them Q_them = buf_get_ecc_pubkey(pub_them, algo_kex->ecc_curve); ses.dh_K = dropbear_ecc_shared_secret(Q_them, ¶m->key); @@ -689,12 +687,6 @@ void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them, buf_putmpint(ses.kexhashbuf, ses.dh_K); /* calculate the hash H to sign */ - algo_kex->hashdesc->init(&hs); - buf_setpos(ses.kexhashbuf, 0); - algo_kex->hashdesc->process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len), - ses.kexhashbuf->len); - - /* calculate the hash H to sign */ finish_kexhashbuf(); } #endif @@ -181,17 +181,6 @@ mp_int * dropbear_ecc_shared_secret(ecc_key *public_key, ecc_key *private_key) goto done; } -#if 0 - // XXX - possibly not neccessary tests? - if (ltc_ecc_is_valid_idx(private_key->idx) == 0 || ltc_ecc_is_valid_idx(public_key->idx) == 0) { - goto done; - } - - if (XSTRCMP(private_key->dp->name, public_key->dp->name) != 0) { - goto done; - } -#endif - /* make new point */ result = ltc_ecc_new_point(); if (result == NULL) { @@ -211,20 +200,23 @@ mp_int * dropbear_ecc_shared_secret(ecc_key *public_key, ecc_key *private_key) err = DROPBEAR_SUCCESS; done: if (err == DROPBEAR_SUCCESS) { - shared_secret = prime; - prime = NULL; + shared_secret = m_malloc(sizeof(*shared_secret)); + m_mp_init(shared_secret); + mp_copy(result->x, shared_secret); } if (prime) { mp_clear(prime); m_free(prime); } - ltc_ecc_del_point(result); + if (result) + { + ltc_ecc_del_point(result); + } if (err == DROPBEAR_FAILURE) { dropbear_exit("ECC error"); } - return shared_secret; } |