Dropbear Interoperation Improvement

1. Added checking to see if the client's DH Init message is a guess or not and if not, skip it if a kex message follows. 2. Added some strings for some other KEX methods.
2020-07-06 11:37:10 -07:00 · 2020-07-06 11:37:10 -07:00 · 810c1459dc
parent a4c1cb460b
commit 810c1459dc
2 changed files with 24 additions and 1 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -919,6 +919,9 @@ static const NameIdPair NameIdMap[] = {
    { ID_ECDH_SHA2_NISTP256, "ecdh-sha2-nistp256" },
    { ID_ECDH_SHA2_NISTP384, "ecdh-sha2-nistp384" },
    { ID_ECDH_SHA2_NISTP521, "ecdh-sha2-nistp521" },
+    { ID_ECDH_SHA2_ED25519, "curve25519-sha256" },
+    { ID_ECDH_SHA2_ED25519_LIBSSH, "curve25519-sha256@libssh.org" },
+    { ID_DH_GROUP14_SHA256, "diffie-hellman-group14-sha256" },

    /* Public Key IDs */
    { ID_SSH_RSA, "ssh-rsa" },
@ -2027,7 +2030,7 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
    int ret = WS_SUCCESS;
    int side;
    byte algoId;
-    byte list[6] = {0};
+    byte list[8] = {ID_NONE};
    word32 listSz;
    word32 skipSz;
    word32 begin;
@ -2079,6 +2082,7 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
        listSz = sizeof(list);
        ret = GetNameList(list, &listSz, buf, len, &begin);
        if (ret == WS_SUCCESS) {
+            ssh->handshake->kexIdGuess = list[0];
            algoId = MatchIdLists(side, list, listSz,
                    cannedKexAlgo, cannedKexAlgoSz);
            if (algoId == ID_UNKNOWN) {
@ -2264,6 +2268,10 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
    if (ret == WS_SUCCESS) {
        WLOG(WS_LOG_DEBUG, "DKI: KEX Packet Follows");
        ret = GetBoolean(&ssh->handshake->kexPacketFollows, buf, len, &begin);
+        if (ret == WS_SUCCESS) {
+            WLOG(WS_LOG_DEBUG, " packet follows: %s",
+                    ssh->handshake->kexPacketFollows ? "yes" : "no");
+        }
    }

    /* Skip the "for future use" length. */
@ -2439,6 +2447,17 @@ static int DoKexDhInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
            idx == NULL)
        ret = WS_BAD_ARGUMENT;

+    if (ret == WS_SUCCESS) {
+        if (ssh->handshake->kexPacketFollows
+                && ssh->handshake->kexIdGuess != ssh->handshake->kexId) {
+
+            /* skip this message. */
+            ssh->handshake->kexPacketFollows = 0;
+            *idx += len;
+            return WS_SUCCESS;
+        }
+    }
+
    if (ret == WS_SUCCESS) {
        begin = *idx;
        ret = GetUint32(&eSz, buf, len, &begin);
--- a/wolfssh/internal.h
+++ b/wolfssh/internal.h
@ -82,6 +82,9 @@ enum {
    ID_ECDH_SHA2_NISTP256,
    ID_ECDH_SHA2_NISTP384,
    ID_ECDH_SHA2_NISTP521,
+    ID_ECDH_SHA2_ED25519,
+    ID_ECDH_SHA2_ED25519_LIBSSH,
+    ID_DH_GROUP14_SHA256,

    /* Public Key IDs */
    ID_SSH_RSA,
@ -231,6 +234,7 @@ typedef struct Keys {

 typedef struct HandshakeInfo {
    byte kexId;
+    byte kexIdGuess;
    byte pubKeyId;
    byte encryptId;
    byte macId;