/src/dropbear/src/kex-ecdh.c

Source
#include "includes.h"
#include "algo.h"
#include "buffer.h"
#include "session.h"
#include "dbrandom.h"
#include "crypto_desc.h"
#include "ecc.h"
#include "kex.h"

#if DROPBEAR_ECDH
struct kex_ecdh_param *gen_kexecdh_param() {
    struct kex_ecdh_param *param = m_malloc(sizeof(*param));
    const struct dropbear_ecc_curve *curve = ses.newkeys->algo_kex->details;
    if (ecc_make_key_ex(NULL, dropbear_ltc_prng, 
        &param->key, curve->dp) != CRYPT_OK) {
        dropbear_exit("ECC error");
    }
    return param;
}

void free_kexecdh_param(struct kex_ecdh_param *param) {
    ecc_free(&param->key);
    m_free(param);

}
void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
        sign_key *hostkey) {
    const struct dropbear_ecc_curve *curve
        = ses.newkeys->algo_kex->details;
    /* public keys from client and server */
    ecc_key *Q_C, *Q_S, *Q_them;

    Q_them = buf_get_ecc_raw_pubkey(pub_them, curve);
    if (Q_them == NULL) {
        dropbear_exit("ECC error");
    }

    ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key);

    /* Create the remainder of the hash buffer, to generate the exchange hash
       See RFC5656 section 4 page 7 */
    if (IS_DROPBEAR_CLIENT) {
        Q_C = &param->key;
        Q_S = Q_them;
    } else {
        Q_C = Q_them;
        Q_S = &param->key;
    } 

    /* K_S, the host key */
    buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
    /* Q_C, client's ephemeral public key octet string */
    buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_C);
    /* Q_S, server's ephemeral public key octet string */
    buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_S);
    /* K, the shared secret */
    buf_putmpint(ses.kexhashbuf, ses.dh_K);

    ecc_free(Q_them);
    m_free(Q_them);

    /* calculate the hash H to sign */
    finish_kexhashbuf();
}
#endif /* DROPBEAR_ECDH */


Line	Count	Source
1		#include "includes.h"
2		#include "algo.h"
3		#include "buffer.h"
4		#include "session.h"
5		#include "dbrandom.h"
6		#include "crypto_desc.h"
7		#include "ecc.h"
8		#include "kex.h"
9
10		#if DROPBEAR_ECDH
11	710	struct kex_ecdh_param *gen_kexecdh_param() {
12	710	struct kex_ecdh_param param = m_malloc(sizeof(param));
13	710	const struct dropbear_ecc_curve *curve = ses.newkeys->algo_kex->details;
14	710	if (ecc_make_key_ex(NULL, dropbear_ltc_prng,
15	710	&param->key, curve->dp) != CRYPT_OK) {
16	0	dropbear_exit("ECC error");
17	0	}
18	710	return param;
19	710	}
20
21	75	void free_kexecdh_param(struct kex_ecdh_param *param) {
22	75	ecc_free(&param->key);
23	75	m_free(param);
24
25	75	}
26		void kexecdh_comb_key(struct kex_ecdh_param param, buffer pub_them,
27	100	sign_key *hostkey) {
28	100	const struct dropbear_ecc_curve *curve
29	100	= ses.newkeys->algo_kex->details;
30		/* public keys from client and server */
31	100	ecc_key Q_C, Q_S, *Q_them;
32
33	100	Q_them = buf_get_ecc_raw_pubkey(pub_them, curve);
34	100	if (Q_them == NULL) {
35	22	dropbear_exit("ECC error");
36	22	}
37
38	78	ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key);
39
40		/* Create the remainder of the hash buffer, to generate the exchange hash
41		See RFC5656 section 4 page 7 */
42	78	if (IS_DROPBEAR_CLIENT) {
43	75	Q_C = &param->key;
44	75	Q_S = Q_them;
45	75	} else {
46	3	Q_C = Q_them;
47	3	Q_S = &param->key;
48	3	}
49
50		/* K_S, the host key */
51	78	buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
52		/* Q_C, client's ephemeral public key octet string */
53	78	buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_C);
54		/* Q_S, server's ephemeral public key octet string */
55	78	buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_S);
56		/* K, the shared secret */
57	78	buf_putmpint(ses.kexhashbuf, ses.dh_K);
58
59	78	ecc_free(Q_them);
60	78	m_free(Q_them);
61
62		/* calculate the hash H to sign */
63	78	finish_kexhashbuf();
64	78	}
65		#endif /* DROPBEAR_ECDH */
66

Coverage Report

Created: 2026-01-17 06:44