/src/dropbear/src/kex-ecdh.c

Source
#include "includes.h"
#include "algo.h"
#include "buffer.h"
#include "session.h"
#include "dbrandom.h"
#include "crypto_desc.h"
#include "ecc.h"
#include "kex.h"

#if DROPBEAR_ECDH
struct kex_ecdh_param *gen_kexecdh_param() {
    struct kex_ecdh_param *param = m_malloc(sizeof(*param));
    const struct dropbear_ecc_curve *curve = ses.newkeys->algo_kex->details;
    if (ecc_make_key_ex(NULL, dropbear_ltc_prng, 
        &param->key, curve->dp) != CRYPT_OK) {
        dropbear_exit("ECC error");
    }
    return param;
}

void free_kexecdh_param(struct kex_ecdh_param *param) {
    ecc_free(&param->key);
    m_free(param);

}
void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
        sign_key *hostkey) {
    const struct dropbear_ecc_curve *curve
        = ses.newkeys->algo_kex->details;
    /* public keys from client and server */
    ecc_key *Q_C, *Q_S, *Q_them;

    Q_them = buf_get_ecc_raw_pubkey(pub_them, curve);
    if (Q_them == NULL) {
        dropbear_exit("ECC error");
    }

    ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key);

    /* Create the remainder of the hash buffer, to generate the exchange hash
       See RFC5656 section 4 page 7 */
    if (IS_DROPBEAR_CLIENT) {
        Q_C = &param->key;
        Q_S = Q_them;
    } else {
        Q_C = Q_them;
        Q_S = &param->key;
    } 

    /* K_S, the host key */
    buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
    /* Q_C, client's ephemeral public key octet string */
    buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_C);
    /* Q_S, server's ephemeral public key octet string */
    buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_S);
    /* K, the shared secret */
    buf_putmpint(ses.kexhashbuf, ses.dh_K);

    ecc_free(Q_them);
    m_free(Q_them);

    /* calculate the hash H to sign */
    finish_kexhashbuf();
}
#endif /* DROPBEAR_ECDH */


Line	Count	Source
1		#include "includes.h"
2		#include "algo.h"
3		#include "buffer.h"
4		#include "session.h"
5		#include "dbrandom.h"
6		#include "crypto_desc.h"
7		#include "ecc.h"
8		#include "kex.h"
9
10		#if DROPBEAR_ECDH
11	160	struct kex_ecdh_param *gen_kexecdh_param() {
12	160	struct kex_ecdh_param param = m_malloc(sizeof(param));
13	160	const struct dropbear_ecc_curve *curve = ses.newkeys->algo_kex->details;
14	160	if (ecc_make_key_ex(NULL, dropbear_ltc_prng,
15	160	&param->key, curve->dp) != CRYPT_OK) {
16	0	dropbear_exit("ECC error");
17	0	}
18	160	return param;
19	160	}
20
21	0	void free_kexecdh_param(struct kex_ecdh_param *param) {
22	0	ecc_free(&param->key);
23	0	m_free(param);
24
25	0	}
26		void kexecdh_comb_key(struct kex_ecdh_param param, buffer pub_them,
27	495	sign_key *hostkey) {
28	495	const struct dropbear_ecc_curve *curve
29	495	= ses.newkeys->algo_kex->details;
30		/* public keys from client and server */
31	495	ecc_key Q_C, Q_S, *Q_them;
32
33	495	Q_them = buf_get_ecc_raw_pubkey(pub_them, curve);
34	495	if (Q_them == NULL) {
35	292	dropbear_exit("ECC error");
36	292	}
37
38	203	ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key);
39
40		/* Create the remainder of the hash buffer, to generate the exchange hash
41		See RFC5656 section 4 page 7 */
42	203	if (IS_DROPBEAR_CLIENT) {
43	195	Q_C = &param->key;
44	195	Q_S = Q_them;
45	195	} else {
46	8	Q_C = Q_them;
47	8	Q_S = &param->key;
48	8	}
49
50		/* K_S, the host key */
51	203	buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
52		/* Q_C, client's ephemeral public key octet string */
53	203	buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_C);
54		/* Q_S, server's ephemeral public key octet string */
55	203	buf_put_ecc_raw_pubkey_string(ses.kexhashbuf, Q_S);
56		/* K, the shared secret */
57	203	buf_putmpint(ses.kexhashbuf, ses.dh_K);
58
59	203	ecc_free(Q_them);
60	203	m_free(Q_them);
61
62		/* calculate the hash H to sign */
63	203	finish_kexhashbuf();
64	203	}
65		#endif /* DROPBEAR_ECDH */
66

Coverage Report

Created: 2026-01-17 06:43