SSH Daemon Project
public
Read
Owner: themaster
Branch: main
Commits: 2
Updated: 2026-04-19 00:20
Git CLI clone URL
git clone https://www.xt-emporium.com/git/ssh-daemon-project.git
Fullscreen desktop URL
Code
Commits
History
Branches
Bug Reports
Discussions
Compare
Settings
ssh-daemon-project
/
src
/
kex-x25519.c
File editor
#include "includes.h" #include "algo.h" #include "buffer.h" #include "session.h" #include "dbrandom.h" #include "crypto_desc.h" #include "curve25519.h" #include "kex.h" /* PQ hybrids also use curve25519 internally */ #if DROPBEAR_CURVE25519_DEP struct kex_curve25519_param *gen_kexcurve25519_param() { /* Per http://cr.yp.to/ecdh.html */ struct kex_curve25519_param *param = m_malloc(sizeof(*param)); const unsigned char basepoint[32] = {9}; genrandom(param->priv, CURVE25519_LEN); dropbear_curve25519_scalarmult(param->pub, param->priv, basepoint); return param; } void free_kexcurve25519_param(struct kex_curve25519_param *param) { m_burn(param->priv, CURVE25519_LEN); m_free(param); } /* out must be CURVE25519_LEN */ void kexcurve25519_derive(const struct kex_curve25519_param *param, const buffer *buf_pub_them, unsigned char *out) { char zeroes[CURVE25519_LEN] = {0}; if (buf_pub_them->len != CURVE25519_LEN) { dropbear_exit("Bad curve25519"); } dropbear_curve25519_scalarmult(out, param->priv, buf_pub_them->data); if (constant_time_memcmp(zeroes, out, CURVE25519_LEN) == 0) { dropbear_exit("Bad curve25519"); } } #endif /* DROPBEAR_CURVE25519_DEP */ #if DROPBEAR_CURVE25519 static void put_ssh_mpint_bytes(buffer *buf, const unsigned char *bytes, unsigned int len) { unsigned int first = 0; unsigned int outlen; while (first < len && bytes[first] == 0) { first++; } if (first == len) { buf_putint(buf, 0); return; } outlen = len - first; if (bytes[first] & 0x80) { buf_putint(buf, outlen + 1); buf_putbyte(buf, 0); } else { buf_putint(buf, outlen); } buf_putbytes(buf, bytes + first, outlen); } /* Only required for x25519 directly */ void kexcurve25519_comb_key(const struct kex_curve25519_param *param, const buffer *buf_pub_them, sign_key *hostkey) { unsigned char out[CURVE25519_LEN]; const unsigned char* Q_C = NULL; const unsigned char* Q_S = NULL; kexcurve25519_derive(param, buf_pub_them, out); ses.dh_K_bytes = buf_new(CURVE25519_LEN + 5); put_ssh_mpint_bytes(ses.dh_K_bytes, out, CURVE25519_LEN); m_burn(out, sizeof(out)); /* Create the remainder of the hash buffer, to generate the exchange hash. See RFC5656 section 4 page 7 */ if (IS_DROPBEAR_CLIENT) { Q_C = param->pub; Q_S = buf_pub_them->data; } else { Q_S = param->pub; Q_C = buf_pub_them->data; } /* K_S, the host key */ buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey); /* Q_C, client's ephemeral public key octet string */ buf_putstring(ses.kexhashbuf, (const char*)Q_C, CURVE25519_LEN); /* Q_S, server's ephemeral public key octet string */ buf_putstring(ses.kexhashbuf, (const char*)Q_S, CURVE25519_LEN); /* K, the shared secret */ buf_putbytes(ses.kexhashbuf, ses.dh_K_bytes->data, ses.dh_K_bytes->len); /* calculate the hash H to sign */ finish_kexhashbuf(); } #endif /* DROPBEAR_CURVE25519 */
Commit message
This repository is read-only for this account.
Repository snapshot
Current branch
main
Visibility
public
Your access
Read
Remote
None
File activity
View file history