From bceb7433b81737a3a205a6432e8f2ea7b53a5a26 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Mon, 8 Apr 2013 23:12:20 +0800
Subject: ecdh works against OpenSSH

---
 common-kex.c | 10 +---------
 ecc.c        | 22 +++++++---------------
 2 files changed, 8 insertions(+), 24 deletions(-)

diff --git a/common-kex.c b/common-kex.c
index 1543fb8..729b5d8 100644
--- a/common-kex.c
+++ b/common-kex.c
@@ -304,7 +304,7 @@ void gen_new_keys() {
 	hash_process_mp(hashdesc, &hs, ses.dh_K);
 	mp_clear(ses.dh_K);
 	m_free(ses.dh_K);
-	sha1_process(&hs, ses.hash->data, ses.hash->len);
+	hashdesc->process(&hs, ses.hash->data, ses.hash->len);
 	buf_burn(ses.hash);
 	buf_free(ses.hash);
 	ses.hash = NULL;
@@ -659,11 +659,9 @@ void free_kexecdh_param(struct kex_ecdh_param *param) {
 void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
 		sign_key *hostkey) {
 	const struct dropbear_kex *algo_kex = ses.newkeys->algo_kex;
-	hash_state hs;
 	// public keys from client and server
 	ecc_key *Q_C, *Q_S, *Q_them;
 
-	// XXX load Q_them
 	Q_them = buf_get_ecc_pubkey(pub_them, algo_kex->ecc_curve);
 
 	ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key);
@@ -688,12 +686,6 @@ void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
 	/* K, the shared secret */
 	buf_putmpint(ses.kexhashbuf, ses.dh_K);
 
-	/* calculate the hash H to sign */
-	algo_kex->hashdesc->init(&hs);
-	buf_setpos(ses.kexhashbuf, 0);
-	algo_kex->hashdesc->process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len),
-			ses.kexhashbuf->len);
-
 	/* calculate the hash H to sign */
 	finish_kexhashbuf();
 }
diff --git a/ecc.c b/ecc.c
index fc5ea9d..de893f2 100644
--- a/ecc.c
+++ b/ecc.c
@@ -181,17 +181,6 @@ mp_int * dropbear_ecc_shared_secret(ecc_key *public_key, ecc_key *private_key)
    	goto done;
    }
 
-#if 0
-   // XXX - possibly not neccessary tests?
-   if (ltc_ecc_is_valid_idx(private_key->idx) == 0 || ltc_ecc_is_valid_idx(public_key->idx) == 0) {
-   	goto done;
-   }
-
-   if (XSTRCMP(private_key->dp->name, public_key->dp->name) != 0) {
-   	goto done;
-   }
-#endif
-
    /* make new point */
    result = ltc_ecc_new_point();
    if (result == NULL) {
@@ -211,20 +200,23 @@ mp_int * dropbear_ecc_shared_secret(ecc_key *public_key, ecc_key *private_key)
    err = DROPBEAR_SUCCESS;
 done:
 	if (err == DROPBEAR_SUCCESS) {
-		shared_secret = prime;
-		prime = NULL;
+		shared_secret = m_malloc(sizeof(*shared_secret));
+      m_mp_init(shared_secret);
+      mp_copy(result->x, shared_secret);
 	}
 
 	if (prime) {
 	   mp_clear(prime);
 	   m_free(prime);
 	}
-   ltc_ecc_del_point(result);
+   if (result)
+   {
+      ltc_ecc_del_point(result);
+   }
 
    if (err == DROPBEAR_FAILURE) {
    	 dropbear_exit("ECC error");
    }
-
    return shared_secret;
 }
 
-- 
cgit v1.2.1