/src/dropbear/src/kex-ecdh.c

Source (jump to first uncovered line)
#include "includes.h"
#include "algo.h"
#include "buffer.h"
#include "session.h"
#include "dbrandom.h"
#include "crypto_desc.h"
#include "ecc.h"
#include "kex.h"

#if DROPBEAR_ECDH
struct kex_ecdh_param *gen_kexecdh_param() {
    struct kex_ecdh_param *param = m_malloc(sizeof(*param));
    const struct dropbear_ecc_curve *curve = ses.newkeys->algo_kex->details;
    if (ecc_make_key_ex(NULL, dropbear_ltc_prng, 
        &param->key, curve->dp) != CRYPT_OK) {
        dropbear_exit("ECC error");
    }
    return param;
}

void free_kexecdh_param(struct kex_ecdh_param *param) {
    ecc_free(&param->key);
    m_free(param);

}
void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
        sign_key *hostkey) {
    const struct dropbear_ecc_curve *curve
        = ses.newkeys->algo_kex->details;
    /* public keys from client and server */
    ecc_key *Q_C, *Q_S, *Q_them;

    Q_them = buf_get_ecc_raw_pubkey(pub_them, curve);
    if (Q_them == NULL) {
        dropbear_exit("ECC error");
    }

    ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key);

    /* Create the remainder of the hash buffer, to generate the exchange hash
       See RFC5656 section 4 page 7 */
    if (IS_DROPBEAR_CLIENT) {
        Q_C = &param->key;
        Q_S = Q_them;
    } else {
        Q_C = Q_them;
        Q_S = &param->key;
    } 

    /* K_S, the host key */
    buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
    /* Q_C, client's ephemeral public key octet string */
    buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_C);
    /* Q_S, server's ephemeral public key octet string */
    buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_S);
    /* K, the shared secret */
    buf_putmpint(ses.kexhashbuf, ses.dh_K);

    ecc_free(Q_them);
    m_free(Q_them);

    /* calculate the hash H to sign */
    finish_kexhashbuf();
}
#endif /* DROPBEAR_ECDH */


Line	Count	Source (jump to first uncovered line)
1		#include "includes.h"
2		#include "algo.h"
3		#include "buffer.h"
4		#include "session.h"
5		#include "dbrandom.h"
6		#include "crypto_desc.h"
7		#include "ecc.h"
8		#include "kex.h"
9
10		#if DROPBEAR_ECDH
11	0	struct kex_ecdh_param *gen_kexecdh_param() {
12	0	struct kex_ecdh_param param = m_malloc(sizeof(param));
13	0	const struct dropbear_ecc_curve *curve = ses.newkeys->algo_kex->details;
14	0	if (ecc_make_key_ex(NULL, dropbear_ltc_prng,
15	0	&param->key, curve->dp) != CRYPT_OK) {
16	0	dropbear_exit("ECC error");
17	0	}
18	0	return param;
19	0	}
20
21	0	void free_kexecdh_param(struct kex_ecdh_param *param) {
22	0	ecc_free(&param->key);
23	0	m_free(param);
24
25	0	}
26		void kexecdh_comb_key(struct kex_ecdh_param param, buffer pub_them,
27	0	sign_key *hostkey) {
28	0	const struct dropbear_ecc_curve *curve
29	0	= ses.newkeys->algo_kex->details;
30		/* public keys from client and server */
31	0	ecc_key Q_C, Q_S, *Q_them;
32
33	0	Q_them = buf_get_ecc_raw_pubkey(pub_them, curve);
34	0	if (Q_them == NULL) {
35	0	dropbear_exit("ECC error");
36	0	}
37
38	0	ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key);
39
40		/* Create the remainder of the hash buffer, to generate the exchange hash
41		See RFC5656 section 4 page 7 */
42	0	if (IS_DROPBEAR_CLIENT) {
43	0	Q_C = &param->key;
44	0	Q_S = Q_them;
45	0	} else {
46	0	Q_C = Q_them;
47	0	Q_S = &param->key;
48	0	}
49
50		/* K_S, the host key */
51	0	buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
52		/* Q_C, client's ephemeral public key octet string */
53	0	buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_C);
54		/* Q_S, server's ephemeral public key octet string */
55	0	buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_S);
56		/* K, the shared secret */
57	0	buf_putmpint(ses.kexhashbuf, ses.dh_K);
58
59	0	ecc_free(Q_them);
60	0	m_free(Q_them);
61
62		/* calculate the hash H to sign */
63	0	finish_kexhashbuf();
64	0	}
65		#endif /* DROPBEAR_ECDH */
66

Coverage Report

Created: 2025-08-27 07:03