Commit c6bdc810 authored by Matt Johnston's avatar Matt Johnston
Browse files

ecc kind of works, needs fixing/testing

--HG--
branch : ecc
parent a8135dec
......@@ -17,9 +17,9 @@ LTC=libtomcrypt/libtomcrypt.a
LTM=libtommath/libtommath.a
ifeq (@[email protected], 1)
LIBTOM_DEPS=$(LTC) $(LTM)
CFLAGS+=-I$(srcdir)/libtomcrypt/src/headers/
LIBS+=$(LTC) $(LTM)
LIBTOM_DEPS=$(LTM) $(LTC)
CFLAGS+=-I$(srcdir)/libtomcrypt/src/headers/
LIBS+=$(LTM) $(LTC)
endif
COMMONOBJS=dbutil.o buffer.o \
......@@ -185,7 +185,7 @@ link%:
-ln -s dropbearmulti$(EXEEXT) $*$(EXEEXT)
$(LTC): options.h
cd libtomcrypt && $(MAKE) clean && $(MAKE)
cd libtomcrypt && $(MAKE)
$(LTM): options.h
cd libtommath && $(MAKE)
......
......@@ -36,7 +36,7 @@
struct Algo_Type {
const unsigned char *name; /* identifying name */
const char val; /* a value for this cipher, or -1 for invalid */
char val; /* a value for this cipher, or -1 for invalid */
const void *data; /* algorithm specific data */
char usable; /* whether we can use this algorithm */
const void *mode; /* the mode, currently only used for ciphers,
......@@ -120,5 +120,6 @@ enum {
DROPBEAR_COMP_ZLIB_DELAY,
};
extern int dropbear_ltc_prng;
#endif /* _ALGO_H_ */
......@@ -59,7 +59,7 @@ buffer * buf_getstringbuf(buffer *buf);
void buf_eatstring(buffer *buf);
void buf_putint(buffer* buf, unsigned int val);
void buf_putstring(buffer* buf, const unsigned char* str, unsigned int len);
void buf_putstringbuf(buffer *buf, const buffer* buf_str);
void buf_putbufstring(buffer *buf, const buffer* buf_str);
void buf_putbytes(buffer *buf, const unsigned char *bytes, unsigned int len);
void buf_putmpint(buffer* buf, mp_int * mp);
int buf_getmpint(buffer* buf, mp_int* mp);
......
......@@ -266,7 +266,7 @@ void agent_buf_sign(buffer *sigblob, sign_key *key,
string data
uint32 flags
*/
request_data = buf_new(MAX_PUBKEY_SIZE + data_buf>-len + 12);
request_data = buf_new(MAX_PUBKEY_SIZE + data_buf->len + 12);
buf_put_pub_key(request_data, key, key->type);
buf_putbufstring(request_data, data_buf);
......
......@@ -172,7 +172,7 @@ static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign) {
sigbuf = buf_new(4 + SHA1_HASH_SIZE + ses.writepayload->len);
buf_putbufstring(sigbuf, ses.session_id);
buf_putbytes(sigbuf, ses.writepayload->data, ses.writepayload->len);
cli_buf_put_sign(ses.writepayload, key, type, sigbuf->data, sigbuf->len);
cli_buf_put_sign(ses.writepayload, key, type, sigbuf);
buf_free(sigbuf); /* Nothing confidential in the buffer */
}
......
......@@ -455,7 +455,7 @@ do_escape(unsigned char c) {
}
static
void cli_escape_handler(struct Channel *channel, unsigned char* buf, int *len) {
void cli_escape_handler(struct Channel* UNUSED(channel), unsigned char* buf, int *len) {
char c;
int skip_char = 0;
......
......@@ -36,6 +36,7 @@
#include "random.h"
#include "runopts.h"
#include "signkey.h"
#include "ecc.h"
static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen);
......@@ -50,6 +51,7 @@ void send_msg_kexdh_init() {
} else {
#ifdef DROPBEAR_ECDH
cli_ses.ecdh_param = gen_kexecdh_param();
buf_put_ecc_pubkey_string(ses.writepayload, &cli_ses.ecdh_param->key);
#endif
}
encrypt_packet();
......@@ -99,14 +101,14 @@ void recv_msg_kexdh_reply() {
} else {
#ifdef DROPBEAR_ECDH
buffer *ecdh_qs = buf_getstringbuf(ses.payload);
kexecdh_comb_key(cli_ses.dh_param, ecdh_qs, hostkey);
kexecdh_comb_key(cli_ses.ecdh_param, ecdh_qs, hostkey);
buf_free(ecdh_qs);
#endif
}
free_kexdh_param(cli_ses.dh_param);
cli_ses.dh_param = NULL;
if (buf_verify(ses.payload, hostkey, ses.hash, SHA1_HASH_SIZE)
if (buf_verify(ses.payload, hostkey, ses.hash)
!= DROPBEAR_SUCCESS) {
dropbear_exit("Bad hostkey signature");
}
......
......@@ -23,24 +23,33 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. */
#include "includes.h"
#include "algo.h"
#include "dbutil.h"
#include "kex.h"
#include "ltc_prng.h"
#include "ecc.h"
/* This file (algo.c) organises the ciphers which can be used, and is used to
* decide which ciphers/hashes/compression/signing to use during key exchange*/
#ifdef DROPBEAR_LTC_PRNG
int dropbear_ltc_prng = -1;
#endif
static int void_cipher(const unsigned char* in, unsigned char* out,
unsigned long len, void *cipher_state) {
unsigned long len, void* UNUSED(cipher_state)) {
if (in != out) {
memmove(out, in, len);
}
return CRYPT_OK;
}
static int void_start(int cipher, const unsigned char *IV,
const unsigned char *key,
int keylen, int num_rounds, void *cipher_state) {
static int void_start(int UNUSED(cipher), const unsigned char* UNUSED(IV),
const unsigned char* UNUSED(key),
int UNUSED(keylen), int UNUSED(num_rounds), void* UNUSED(cipher_state)) {
return CRYPT_OK;
}
......@@ -216,7 +225,7 @@ algo_type sshhostkey[] = {
static struct dropbear_kex kex_dh_group1 = {dh_p_1, DH_P_1_LEN, NULL, &sha1_desc };
static struct dropbear_kex kex_dh_group14 = {dh_p_14, DH_P_14_LEN, NULL, &sha1_desc };
#ifdef DROPBEAR_ECC_DH
#ifdef DROPBEAR_ECDH
#ifdef DROPBEAR_ECC_256
static struct dropbear_kex kex_ecdh_secp256r1 = {NULL, 0, &ecc_curve_secp256r1, &sha256_desc };
#endif
......@@ -226,19 +235,19 @@ static struct dropbear_kex kex_ecdh_secp384r1 = {NULL, 0, &ecc_curve_secp384r1,
#ifdef DROPBEAR_ECC_521
static struct dropbear_kex kex_ecdh_secp521r1 = {NULL, 0, &ecc_curve_secp521r1, &sha512_desc };
#endif
#endif // DROPBEAR_ECC_DH
#endif // DROPBEAR_ECDH
algo_type sshkex[] = {
#ifdef DROPBEAR_ECC_DH
#ifdef DROPBEAR_ECDH
#ifdef DROPBEAR_ECC_256
{"ecdh-sha2-secp256r1", 0, &kex_ecdh_descp256r1, 1, NULL},
{"ecdh-sha2-secp256r1", 0, &kex_ecdh_secp256r1, 1, NULL},
#endif
#ifdef DROPBEAR_ECC_384
{"ecdh-sha2-secp384r1", 0, &kex_ecdh_descp384r1, 1, NULL},
{"ecdh-sha2-secp384r1", 0, &kex_ecdh_secp384r1, 1, NULL},
#endif
#ifdef DROPBEAR_ECC_521
{"ecdh-sha2-secp521r1", 0, &kex_ecdh_descp521r1, 1, NULL},
{"ecdh-sha2-secp521r1", 0, &kex_ecdh_secp521r1, 1, NULL},
#endif
#endif
{"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL},
......@@ -297,6 +306,17 @@ void crypto_init() {
dropbear_exit("Error registering crypto");
}
}
#ifdef DROPBEAR_LTC_PRNG
dropbear_ltc_prng = register_prng(&dropbear_prng_desc);
if (dropbear_ltc_prng == -1) {
dropbear_exit("Error registering crypto");
}
#endif
#ifdef DROPBEAR_ECC
ltc_mp = ltm_desc;
#endif
}
/* algolen specifies the length of algo, algos is our local list to match
......
......@@ -87,6 +87,7 @@ static void read_kex_algos();
/* helper function for gen_new_keys */
static void hashkeys(unsigned char *out, int outlen,
const hash_state * hs, unsigned const char X);
static void finish_kexhashbuf(void);
/* Send our list of algorithms we can use */
......@@ -258,7 +259,7 @@ static void hashkeys(unsigned char *out, int outlen,
memcpy(&hs2, hs, sizeof(hash_state));
sha1_process(&hs2, &X, 1);
sha1_process(&hs2, ses.session_id, SHA1_HASH_SIZE);
sha1_process(&hs2, ses.session_id->data, ses.session_id->len);
sha1_done(&hs2, out);
for (offset = SHA1_HASH_SIZE;
offset < outlen;
......@@ -301,8 +302,10 @@ void gen_new_keys() {
sha1_process_mp(&hs, ses.dh_K);
mp_clear(ses.dh_K);
m_free(ses.dh_K);
sha1_process(&hs, ses.hash, SHA1_HASH_SIZE);
m_burn(ses.hash, SHA1_HASH_SIZE);
sha1_process(&hs, ses.hash->data, ses.hash->len);
buf_burn(ses.hash);
buf_free(ses.hash);
ses.hash = NULL;
if (IS_DROPBEAR_CLIENT) {
trans_IV = C2S_IV;
......@@ -596,8 +599,6 @@ void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them,
mp_int dh_p;
mp_int *dh_e = NULL, *dh_f = NULL;
hash_state hs;
/* read the prime and generator*/
m_mp_init(&dh_p);
load_dh_p(&dh_p);
......@@ -639,25 +640,7 @@ void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them,
buf_putmpint(ses.kexhashbuf, ses.dh_K);
/* calculate the hash H to sign */
sha1_init(&hs);
buf_setpos(ses.kexhashbuf, 0);
sha1_process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len),
ses.kexhashbuf->len);
ses.hash = m_malloc(SHA1_HASH_SIZE);
}
sha1_done(&hs, ses.hash);
buf_burn(ses.kexhashbuf);
buf_free(ses.kexhashbuf);
ses.kexhashbuf = NULL;
/* first time around, we set the session_id to H */
if (ses.session_id == NULL) {
/* create the session_id, this never needs freeing */
ses.session_id = (unsigned char*)m_malloc(SHA1_HASH_SIZE);
memcpy(ses.session_id, ses.hash, SHA1_HASH_SIZE);
}
finish_kexhashbuf();
}
#ifdef DROPBEAR_ECDH
......@@ -685,25 +668,25 @@ void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
// XXX load Q_them
Q_them = buf_get_ecc_pubkey(pub_them, algo_kex->ecc_curve);
ses.dh_K = dropbear_ecc_shared_secret(Q_them, param->key);
ses.dh_K = dropbear_ecc_shared_secret(Q_them, &param->key);
/* From here on, the code needs to work with the _same_ vars on each side,
* not vice-versaing for client/server */
if (IS_DROPBEAR_CLIENT) {
Q_C = param->key;
Q_C = &param->key;
Q_S = Q_them;
} else {
Q_C = Q_them;
Q_S = param->key;
Q_S = &param->key;
}
/* Create the remainder of the hash buffer, to generate the exchange hash */
/* K_S, the host key */
buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
/* Q_C, client's ephemeral public key octet string */
buf_put_ecc_pubkey_string(Q_C);
buf_put_ecc_pubkey_string(ses.kexhashbuf, Q_C);
/* Q_S, server's ephemeral public key octet string */
buf_put_ecc_pubkey_string(Q_S);
buf_put_ecc_pubkey_string(ses.kexhashbuf, Q_S);
/* K, the shared secret */
buf_putmpint(ses.kexhashbuf, ses.dh_K);
......@@ -712,10 +695,23 @@ void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
buf_setpos(ses.kexhashbuf, 0);
algo_kex->hashdesc->process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len),
ses.kexhashbuf->len);
if (!ses.hash) {
ses.hash = m_malloc(algo_kex->hashdesc->hashsize);
}
algo_kex->hashdesc->done(&hs, ses.hash);
/* calculate the hash H to sign */
finish_kexhashbuf();
}
#endif
static void finish_kexhashbuf(void) {
hash_state hs;
const struct ltc_hash_descriptor *hashdesc = ses.newkeys->algo_kex->hashdesc;
hashdesc->init(&hs);
buf_setpos(ses.kexhashbuf, 0);
hashdesc->process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len),
ses.kexhashbuf->len);
ses.hash = buf_new(hashdesc->hashsize);
hashdesc->done(&hs, buf_getwriteptr(ses.hash, hashdesc->hashsize));
buf_setlen(ses.hash, hashdesc->hashsize);
buf_burn(ses.kexhashbuf);
buf_free(ses.kexhashbuf);
......@@ -724,12 +720,10 @@ void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
/* first time around, we set the session_id to H */
if (ses.session_id == NULL) {
/* create the session_id, this never needs freeing */
ses.session_id = m_malloc(algo_kex->hashdesc->hashsize);
memcpy(ses.session_id, ses.hash, algo_kex->hashdesc->hashsize);
ses.session_id = buf_newcopy(ses.hash);
}
}
#endif
/* read the other side's algo list. buf_match_algo is a callback to match
* algos for the client or server. */
......
......@@ -103,7 +103,7 @@ void common_session_init(int sock_in, int sock_out) {
ses.keys->recv.algo_mac = &dropbear_nohash;
ses.keys->trans.algo_mac = &dropbear_nohash;
ses.keys->algo_kex = -1;
ses.keys->algo_kex = NULL;
ses.keys->algo_hostkey = -1;
ses.keys->recv.algo_comp = DROPBEAR_COMP_NONE;
ses.keys->trans.algo_comp = DROPBEAR_COMP_NONE;
......@@ -235,7 +235,16 @@ void common_session_cleanup() {
return;
}
m_free(ses.session_id);
if (ses.session_id) {
buf_burn(ses.session_id);
buf_free(ses.session_id);
ses.session_id = NULL;
}
if (ses.hash) {
buf_burn(ses.hash);
buf_free(ses.hash);
ses.hash = NULL;
}
m_burn(ses.keys, sizeof(struct key_context));
m_free(ses.keys);
......
......@@ -39,7 +39,7 @@
* Caution: Don't use this in an unfriendly environment (ie unfirewalled),
* since the printing may not sanitise strings etc. This will add a reasonable
* amount to your executable size. */
/*#define DEBUG_TRACE */
#define DEBUG_TRACE
/* All functions writing to the cleartext payload buffer call
* CHECKCLEARTOWRITE() before writing. This is only really useful if you're
......@@ -69,7 +69,7 @@
/* To debug with GDB it is easier to run with no forking of child processes.
You will need to pass "-F" as well. */
/* #define DEBUG_NOFORK */
#define DEBUG_NOFORK
/* For testing as non-root on shadowed systems, include the crypt of a password
......
......@@ -110,7 +110,7 @@ error:
ecc_key * buf_get_ecc_pubkey(buffer *buf, const struct dropbear_ecc_curve *curve) {
ecc_key *key = NULL;
int ret = DROPBEAR_FAILURE;
const int size = curve->dp->size;
const unsigned int size = curve->dp->size;
buf_setpos(buf, 0);
unsigned int len = buf->len;
unsigned char first = buf_getbyte(buf);
......@@ -123,6 +123,7 @@ ecc_key * buf_get_ecc_pubkey(buffer *buf, const struct dropbear_ecc_curve *curve
}
key = new_ecc_key();
key->dp = curve->dp;
if (mp_read_unsigned_bin(key->pubkey.x, buf_getptr(buf, size), size) != MP_OKAY) {
goto out;
......
......@@ -19,7 +19,7 @@ [email protected]@
# Compilation flags. Note the += does not write over the user's CFLAGS!
# The rest of the flags come from the parent Dropbear makefile
CFLAGS += -c -I$(srcdir)/src/headers/ -I$(srcdir)/../ -DLTC_SOURCE
CFLAGS += -c -I$(srcdir)/src/headers/ -I$(srcdir)/../ -DLTC_SOURCE -I$(srcdir)/../libtommath/
# additional warnings (newer GCC 3.4 and higher)
ifdef GCC_34
......@@ -157,7 +157,53 @@ src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o src/modes/lrw/lrw_encrypt.o
src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o src/modes/lrw/lrw_setiv.o \
src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \
src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \
src/modes/ofb/ofb_start.o
src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \
src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \
src/pk/asn1/der/boolean/der_decode_boolean.o src/pk/asn1/der/boolean/der_encode_boolean.o \
src/pk/asn1/der/boolean/der_length_boolean.o src/pk/asn1/der/choice/der_decode_choice.o \
src/pk/asn1/der/ia5/der_decode_ia5_string.o src/pk/asn1/der/ia5/der_encode_ia5_string.o \
src/pk/asn1/der/ia5/der_length_ia5_string.o src/pk/asn1/der/integer/der_decode_integer.o \
src/pk/asn1/der/integer/der_encode_integer.o src/pk/asn1/der/integer/der_length_integer.o \
src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \
src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \
src/pk/asn1/der/object_identifier/der_length_object_identifier.o \
src/pk/asn1/der/octet/der_decode_octet_string.o src/pk/asn1/der/octet/der_encode_octet_string.o \
src/pk/asn1/der/octet/der_length_octet_string.o \
src/pk/asn1/der/printable_string/der_decode_printable_string.o \
src/pk/asn1/der/printable_string/der_encode_printable_string.o \
src/pk/asn1/der/printable_string/der_length_printable_string.o \
src/pk/asn1/der/sequence/der_decode_sequence_ex.o \
src/pk/asn1/der/sequence/der_decode_sequence_flexi.o \
src/pk/asn1/der/sequence/der_decode_sequence_multi.o \
src/pk/asn1/der/sequence/der_encode_sequence_ex.o \
src/pk/asn1/der/sequence/der_encode_sequence_multi.o src/pk/asn1/der/sequence/der_length_sequence.o \
src/pk/asn1/der/sequence/der_sequence_free.o src/pk/asn1/der/set/der_encode_set.o \
src/pk/asn1/der/set/der_encode_setof.o src/pk/asn1/der/short_integer/der_decode_short_integer.o \
src/pk/asn1/der/short_integer/der_encode_short_integer.o \
src/pk/asn1/der/short_integer/der_length_short_integer.o src/pk/asn1/der/utctime/der_decode_utctime.o \
src/pk/asn1/der/utctime/der_encode_utctime.o src/pk/asn1/der/utctime/der_length_utctime.o \
src/pk/asn1/der/utf8/der_decode_utf8_string.o src/pk/asn1/der/utf8/der_encode_utf8_string.o \
src/pk/asn1/der/utf8/der_length_utf8_string.o src/pk/dsa/dsa_decrypt_key.o \
src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o \
src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o \
src/pk/ecc/ecc_import.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o \
src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
src/pk/ecc/ltc_ecc_is_valid_idx.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
src/pk/ecc/ltc_ecc_projective_add_point.o src/pk/ecc/ltc_ecc_projective_dbl_point.o \
src/pk/katja/katja_decrypt_key.o src/pk/katja/katja_encrypt_key.o src/pk/katja/katja_export.o \
src/pk/katja/katja_exptmod.o src/pk/katja/katja_free.o src/pk/katja/katja_import.o \
src/pk/katja/katja_make_key.o src/pk/pkcs1/pkcs_1_i2osp.o src/pk/pkcs1/pkcs_1_mgf1.o \
src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1/pkcs_1_os2ip.o \
src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_import.o \
src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o \
src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
src/prngs/sprng.o src/prngs/yarrow.o
HEADERS=src/headers/tomcrypt_cfg.h src/headers/tomcrypt_mac.h src/headers/tomcrypt_macros.h \
src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cipher.h \
......
......@@ -24,7 +24,7 @@ extern "C" {
/* descriptor table size */
/* Dropbear change - this should be smaller, saves some size */
#define TAB_SIZE 4
#define TAB_SIZE 5
/* error codes [will be expanded in future releases] */
enum {
......
......@@ -138,6 +138,8 @@
#ifdef DROPBEAR_ECC
#define MECC
#define MPI
#define LTM_DESC
#ifdef DROPBEAR_ECC_256
#define ECC256
#endif
......
......@@ -11,12 +11,9 @@
typedef void ecc_point;
#endif
/* Dropbear has its own rsa_key. We just comment this out. */
#if 0
#ifndef MRSA
typedef void rsa_key;
#endif
#endif
/** math descriptor */
typedef struct {
......@@ -389,8 +386,6 @@ typedef struct {
ecc_point *C,
void *modulus);
/* Dropbear has its own rsa code */
#if 0
/* ---- (optional) rsa optimized math (for internal CRT) ---- */
/** RSA Key Generation
......@@ -416,7 +411,6 @@ typedef struct {
int (*rsa_me)(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen, int which,
rsa_key *key);
#endif
} ltc_math_descriptor;
extern ltc_math_descriptor ltc_mp;
......
......@@ -10,4 +10,4 @@
*/
#include "tomcrypt.h"
ltc_math_descriptor ltc_mp;
ltc_math_descriptor ltc_mp = {0};
......@@ -21,7 +21,7 @@
ECC Crypto, Tom St Denis
*/
#ifdef MECC
#if defined(MECC) && defined(LTC_DER)
/**
Decrypt an ECC encrypted key
......
......@@ -21,7 +21,7 @@
ECC Crypto, Tom St Denis
*/
#ifdef MECC
#if defined(MECC) && defined(LTC_DER)
/**
Encrypt a symmetric key with ECC
......
......@@ -21,7 +21,7 @@
ECC Crypto, Tom St Denis
*/
#ifdef MECC
#if defined(MECC) && defined(LTC_DER)
/**
Export an ECC key as a binary packet
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment