diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2013-04-09 22:44:19 +0800 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2013-04-09 22:44:19 +0800 |
| commit | 9f01625e235fdee884692fdd6a98e9aeb02ed020 (patch) | |
| tree | a96dfa04e52fda6fc8db0b46ba441a25edf64ac8 /ecdsa.c | |
| parent | 7f091e70196cdcfbf80d16d508e6bed0bce38022 (diff) | |
Be safer with how we handle ltc_ecc_sets[] (particularly with
system libtomcrypt)
A bit of progress with ecdsa code
--HG--
branch : ecc
Diffstat (limited to 'ecdsa.c')
| -rw-r--r-- | ecdsa.c | 55 |
1 files changed, 51 insertions, 4 deletions
@@ -1,6 +1,7 @@ #include "includes.h" #include "dbutil.h" #include "crypto_desc.h" +#include "ecc.h" #ifdef DROPBEAR_ECDSA @@ -10,17 +11,17 @@ ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) { switch (bit_size) { #ifdef DROPBEAR_ECC_256 case 256: - dp = <c_ecc_sets[0]; + dp = ecc_curve_nistp256.dp; break; #endif #ifdef DROPBEAR_ECC_384 case 384: - dp = <c_ecc_sets[0]; + dp = ecc_curve_nistp384.dp; break; #endif #ifdef DROPBEAR_ECC_521 case 521: - dp = <c_ecc_sets[0]; + dp = ecc_curve_nistp521.dp; break; #endif } @@ -45,8 +46,54 @@ ecc_key *gen_ecdsa_priv_key(unsigned int bit_size) { return new_key; } -int buf_get_ecdsa_pub_key(buffer* buf, ecc_key *key) { +ecc_key *buf_get_ecdsa_pub_key(buffer* buf) { + unsigned char *key_ident = NULL, *identifier = NULL; + unsigned int key_ident_len, identifier_len; + buffer *q_buf = NULL; + struct dropbear_ecc_curve **curve; + ecc_key *new_key = NULL; + // string "ecdsa-sha2-[identifier]" + key_ident = buf_getstring(buf, &key_ident_len); + // string "ecdsa-sha2-[identifier]" + identifier = buf_getstring(buf, &identifier_len); + + if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) { + TRACE(("Bad identifier lengths")) + goto out; + } + if (memcmp(&key_ident[strlen("ecdsa-sha2-")], identifier, identifier_len) != 0) { + TRACE(("mismatching identifiers")) + goto out; + } + + for (curve = dropbear_ecc_curves; *curve; curve++) { + if (memcmp(identifier, (*curve)->name, strlen((*curve)->name)) == 0) { + break; + } + } + if (!*curve) { + TRACE(("couldn't match ecc curve")) + goto out; + } + + // string Q + q_buf = buf_getstringbuf(buf); + new_key = buf_get_ecc_raw_pubkey(q_buf, *curve); + +out: + if (key_ident) { + m_free(key_ident); + } + if (identifier) { + m_free(identifier); + } + if (q_buf) { + buf_free(q_buf); + q_buf = NULL; + } + TRACE(("leave buf_get_ecdsa_pub_key")) + return new_key; } |