Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Matt Johnston
dropbear
Commits
d6daad29
Commit
d6daad29
authored
May 02, 2016
by
Matt Johnston
Browse files
options for disabling "normal" DH
parent
4664ce2c
Changes
7
Hide whitespace changes
Inline
Side-by-side
algo.h
View file @
d6daad29
...
...
@@ -83,9 +83,15 @@ struct dropbear_hash {
};
enum
dropbear_kex_mode
{
#if DROPBEAR_NORMAL_DH
DROPBEAR_KEX_NORMAL_DH
,
#endif
#ifdef DROPBEAR_ECDH
DROPBEAR_KEX_ECDH
,
#endif
#ifdef DROPBEAR_CURVE25519
DROPBEAR_KEX_CURVE25519
,
#endif
};
struct
dropbear_kex
{
...
...
cli-kex.c
View file @
d6daad29
...
...
@@ -48,6 +48,7 @@ void send_msg_kexdh_init() {
CHECKCLEARTOWRITE
();
buf_putbyte
(
ses
.
writepayload
,
SSH_MSG_KEXDH_INIT
);
switch
(
ses
.
newkeys
->
algo_kex
->
mode
)
{
#if DROPBEAR_NORMAL_DH
case
DROPBEAR_KEX_NORMAL_DH
:
if
(
ses
.
newkeys
->
algo_kex
!=
cli_ses
.
param_kex_algo
||
!
cli_ses
.
dh_param
)
{
...
...
@@ -58,8 +59,9 @@ void send_msg_kexdh_init() {
}
buf_putmpint
(
ses
.
writepayload
,
&
cli_ses
.
dh_param
->
pub
);
break
;
case
DROPBEAR_KEX_ECDH
:
#endif
#ifdef DROPBEAR_ECDH
case
DROPBEAR_KEX_ECDH
:
if
(
ses
.
newkeys
->
algo_kex
!=
cli_ses
.
param_kex_algo
||
!
cli_ses
.
ecdh_param
)
{
if
(
cli_ses
.
ecdh_param
)
{
...
...
@@ -68,8 +70,8 @@ void send_msg_kexdh_init() {
cli_ses
.
ecdh_param
=
gen_kexecdh_param
();
}
buf_put_ecc_raw_pubkey_string
(
ses
.
writepayload
,
&
cli_ses
.
ecdh_param
->
key
);
#endif
break
;
#endif
#ifdef DROPBEAR_CURVE25519
case
DROPBEAR_KEX_CURVE25519
:
if
(
ses
.
newkeys
->
algo_kex
!=
cli_ses
.
param_kex_algo
...
...
@@ -80,8 +82,8 @@ void send_msg_kexdh_init() {
cli_ses
.
curve25519_param
=
gen_kexcurve25519_param
();
}
buf_putstring
(
ses
.
writepayload
,
(
const
char
*
)
cli_ses
.
curve25519_param
->
pub
,
CURVE25519_LEN
);
#endif
break
;
#endif
}
cli_ses
.
param_kex_algo
=
ses
.
newkeys
->
algo_kex
;
...
...
@@ -118,6 +120,7 @@ void recv_msg_kexdh_reply() {
}
switch
(
ses
.
newkeys
->
algo_kex
->
mode
)
{
#if DROPBEAR_NORMAL_DH
case
DROPBEAR_KEX_NORMAL_DH
:
{
DEF_MP_INT
(
dh_f
);
...
...
@@ -131,15 +134,16 @@ void recv_msg_kexdh_reply() {
mp_clear
(
&
dh_f
);
}
break
;
case
DROPBEAR_KEX_ECDH
:
#endif
#ifdef DROPBEAR_ECDH
case
DROPBEAR_KEX_ECDH
:
{
buffer
*
ecdh_qs
=
buf_getstringbuf
(
ses
.
payload
);
kexecdh_comb_key
(
cli_ses
.
ecdh_param
,
ecdh_qs
,
hostkey
);
buf_free
(
ecdh_qs
);
}
#endif
break
;
#endif
#ifdef DROPBEAR_CURVE25519
case
DROPBEAR_KEX_CURVE25519
:
{
...
...
@@ -147,8 +151,8 @@ void recv_msg_kexdh_reply() {
kexcurve25519_comb_key
(
cli_ses
.
curve25519_param
,
ecdh_qs
,
hostkey
);
buf_free
(
ecdh_qs
);
}
#endif
break
;
#endif
}
if
(
cli_ses
.
dh_param
)
{
...
...
common-algo.c
View file @
d6daad29
...
...
@@ -251,11 +251,11 @@ algo_type sshhostkey[] = {
#if DROPBEAR_DH_GROUP1
static
const
struct
dropbear_kex
kex_dh_group1
=
{
DROPBEAR_KEX_NORMAL_DH
,
dh_p_1
,
DH_P_1_LEN
,
NULL
,
&
sha1_desc
};
#endif
#if DROPBEAR_DH_GROUP14
#if DROPBEAR_DH_GROUP14
_SHA1
static
const
struct
dropbear_kex
kex_dh_group14_sha1
=
{
DROPBEAR_KEX_NORMAL_DH
,
dh_p_14
,
DH_P_14_LEN
,
NULL
,
&
sha1_desc
};
#if DROPBEAR_DH_GROUP14_256
static
const
struct
dropbear_kex
kex_dh_group14_sha256
=
{
DROPBEAR_KEX_NORMAL_DH
,
dh_p_14
,
DH_P_14_LEN
,
NULL
,
&
sha256_desc
};
#endif
#if DROPBEAR_DH_GROUP14_SHA256
static
const
struct
dropbear_kex
kex_dh_group14_sha256
=
{
DROPBEAR_KEX_NORMAL_DH
,
dh_p_14
,
DH_P_14_LEN
,
NULL
,
&
sha256_desc
};
#endif
#if DROPBEAR_DH_GROUP16
static
const
struct
dropbear_kex
kex_dh_group16_sha512
=
{
DROPBEAR_KEX_NORMAL_DH
,
dh_p_16
,
DH_P_16_LEN
,
NULL
,
&
sha512_desc
};
...
...
@@ -295,12 +295,12 @@ algo_type sshkex[] = {
{
"ecdh-sha2-nistp256"
,
0
,
&
kex_ecdh_nistp256
,
1
,
NULL
},
#endif
#endif
#if DROPBEAR_DH_GROUP14
#if DROPBEAR_DH_GROUP14_256
{
"diffie-hellman-group14-sha256"
,
0
,
&
kex_dh_group14_sha256
,
1
,
NULL
},
#endif
#if DROPBEAR_DH_GROUP14_SHA1
{
"diffie-hellman-group14-sha1"
,
0
,
&
kex_dh_group14_sha1
,
1
,
NULL
},
#endif
#if DROPBEAR_DH_GROUP14_SHA256
{
"diffie-hellman-group14-sha256"
,
0
,
&
kex_dh_group14_sha256
,
1
,
NULL
},
#endif
#if DROPBEAR_DH_GROUP1
{
"diffie-hellman-group1-sha1"
,
0
,
&
kex_dh_group1
,
1
,
NULL
},
#endif
...
...
@@ -349,6 +349,7 @@ void buf_put_algolist(buffer * buf, algo_type localalgos[]) {
}
}
buf_putstring
(
buf
,
(
const
char
*
)
algolist
->
data
,
algolist
->
len
);
TRACE
((
"algolist add '%*s'"
,
algolist
->
len
,
algolist
->
data
))
buf_free
(
algolist
);
}
...
...
keyimport.c
View file @
d6daad29
...
...
@@ -36,9 +36,11 @@
#include
"dbutil.h"
#include
"ecc.h"
#ifdef DROPBEAR_ECDSA
static
const
unsigned
char
OID_SEC256R1_BLOB
[]
=
{
0x2a
,
0x86
,
0x48
,
0xce
,
0x3d
,
0x03
,
0x01
,
0x07
};
static
const
unsigned
char
OID_SEC384R1_BLOB
[]
=
{
0x2b
,
0x81
,
0x04
,
0x00
,
0x22
};
static
const
unsigned
char
OID_SEC521R1_BLOB
[]
=
{
0x2b
,
0x81
,
0x04
,
0x00
,
0x23
};
#endif
#define PUT_32BIT(cp, value) do { \
(cp)[3] = (unsigned char)(value); \
...
...
options.h
View file @
d6daad29
...
...
@@ -150,7 +150,7 @@ If you test it please contact the Dropbear author */
/* ECDSA is significantly faster than RSA or DSS. Compiling in ECC
* code (either ECDSA or ECDH) increases binary size - around 30kB
* on x86-64 */
#define DROPBEAR_ECDSA
//
#define DROPBEAR_ECDSA
/* Generate hostkeys as-needed when the first connection using that key type occurs.
This avoids the need to otherwise run "dropbearkey" and avoids some problems
...
...
@@ -169,18 +169,19 @@ If you test it please contact the Dropbear author */
#define DROPBEAR_ECDH
/* Key exchange algorithm.
* group1 - 1024 bit, sha1
* group14 - 2048 bit, sha1
* group14_256 - 2048 bit, sha2-256
* group14_sha1 - 2048 bit, sha1
* group14_sha256 - 2048 bit, sha2-256
* group16 - 4096 bit, sha2-512
* group1 - 1024 bit, sha1
*
* group14 is supported by most implementations.
* group16 provides a greater strength but is slower and increases binary size
* group1 is necessary if compatibility with Dropbear versions < 0.53 is required
* group16 provides a greater strength level but is slower and increases binary size
* group1 is too small for security though is necessary if you need
compatibility with some implementations such as Dropbear versions < 0.53
*/
#define DROPBEAR_DH_GROUP1 1
#define DROPBEAR_DH_GROUP14 1
#define DROPBEAR_DH_GROUP14_256 1
#define DROPBEAR_DH_GROUP14
_SHA1
1
#define DROPBEAR_DH_GROUP14_
SHA
256 1
#define DROPBEAR_DH_GROUP16 0
/* Control the memory/performance/compression tradeoff for zlib.
...
...
svr-kex.c
View file @
d6daad29
...
...
@@ -54,18 +54,24 @@ void recv_msg_kexdh_init() {
}
switch
(
ses
.
newkeys
->
algo_kex
->
mode
)
{
#if DROPBEAR_NORMAL_DH
case
DROPBEAR_KEX_NORMAL_DH
:
m_mp_init
(
&
dh_e
);
if
(
buf_getmpint
(
ses
.
payload
,
&
dh_e
)
!=
DROPBEAR_SUCCESS
)
{
dropbear_exit
(
"Bad kex value"
);
}
break
;
#endif
#ifdef DROPBEAR_ECDH
case
DROPBEAR_KEX_ECDH
:
#endif
#ifdef DROPBEAR_CURVE25519
case
DROPBEAR_KEX_CURVE25519
:
#endif
#if defined(DROPBEAR_ECDH) || defined(DROPBEAR_CURVE25519)
ecdh_qs
=
buf_getstringbuf
(
ses
.
payload
);
#endif
break
;
#endif
}
if
(
ses
.
payload
->
pos
!=
ses
.
payload
->
len
)
{
dropbear_exit
(
"Bad kex value"
);
...
...
@@ -221,6 +227,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
ses
.
newkeys
->
algo_hostkey
);
switch
(
ses
.
newkeys
->
algo_kex
->
mode
)
{
#ifdef DROPBEAR_NORMAL_DH
case
DROPBEAR_KEX_NORMAL_DH
:
{
struct
kex_dh_param
*
dh_param
=
gen_kexdh_param
();
...
...
@@ -231,8 +238,9 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
free_kexdh_param
(
dh_param
);
}
break
;
case
DROPBEAR_KEX_ECDH
:
#endif
#ifdef DROPBEAR_ECDH
case
DROPBEAR_KEX_ECDH
:
{
struct
kex_ecdh_param
*
ecdh_param
=
gen_kexecdh_param
();
kexecdh_comb_key
(
ecdh_param
,
ecdh_qs
,
svr_opts
.
hostkey
);
...
...
@@ -240,18 +248,18 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
buf_put_ecc_raw_pubkey_string
(
ses
.
writepayload
,
&
ecdh_param
->
key
);
free_kexecdh_param
(
ecdh_param
);
}
#endif
break
;
case
DROPBEAR_KEX_CURVE25519
:
#endif
#ifdef DROPBEAR_CURVE25519
case
DROPBEAR_KEX_CURVE25519
:
{
struct
kex_curve25519_param
*
param
=
gen_kexcurve25519_param
();
kexcurve25519_comb_key
(
param
,
ecdh_qs
,
svr_opts
.
hostkey
);
buf_putstring
(
ses
.
writepayload
,
(
const
char
*
)
param
->
pub
,
CURVE25519_LEN
);
free_kexcurve25519_param
(
param
);
}
#endif
break
;
#endif
}
/* calc the signature */
...
...
sysoptions.h
View file @
d6daad29
...
...
@@ -113,7 +113,7 @@
#define RSA_BLINDING
/* hashes which will be linked and registered */
#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) || DROPBEAR_DH_GROUP14
#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) || DROPBEAR_DH_GROUP14
_SHA256
#define DROPBEAR_SHA256
#endif
#if defined(DROPBEAR_ECC_384)
...
...
@@ -125,6 +125,14 @@
#endif
#if defined(DROPBEAR_MD5_HMAC)
#define DROPBEAR_MD5
#endif
#if DROPBEAR_DH_GROUP14_SHA256 || DROPBEAR_DH_GROUP14_SHA1
#define DROPBEAR_DH_GROUP14 1
#endif
#if DROPBEAR_DH_GROUP1 || DROPBEAR_DH_GROUP14 || DROPBEAR_DH_GROUP16
#define DROPBEAR_NORMAL_DH 1
#endif
/* roughly 2x 521 bits */
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment