version 1.3, 2019/11/25 00:38:17 |
version 1.4, 2019/11/25 00:51:37 |
|
|
int |
int |
ssh_ecdsa_sk_verify(const struct sshkey *key, |
ssh_ecdsa_sk_verify(const struct sshkey *key, |
const u_char *signature, size_t signaturelen, |
const u_char *signature, size_t signaturelen, |
const u_char *data, size_t datalen, u_int compat) |
const u_char *data, size_t datalen, u_int compat, |
|
struct sshkey_sig_details **detailsp) |
{ |
{ |
ECDSA_SIG *sig = NULL; |
ECDSA_SIG *sig = NULL; |
BIGNUM *sig_r = NULL, *sig_s = NULL; |
BIGNUM *sig_r = NULL, *sig_s = NULL; |
|
|
int ret = SSH_ERR_INTERNAL_ERROR; |
int ret = SSH_ERR_INTERNAL_ERROR; |
struct sshbuf *b = NULL, *sigbuf = NULL, *original_signed = NULL; |
struct sshbuf *b = NULL, *sigbuf = NULL, *original_signed = NULL; |
char *ktype = NULL; |
char *ktype = NULL; |
|
struct sshkey_sig_details *details = NULL; |
#ifdef DEBUG_SK |
#ifdef DEBUG_SK |
char *tmp = NULL; |
char *tmp = NULL; |
#endif |
#endif |
|
|
|
if (detailsp != NULL) |
|
*detailsp = NULL; |
if (key == NULL || key->ecdsa == NULL || |
if (key == NULL || key->ecdsa == NULL || |
sshkey_type_plain(key->type) != KEY_ECDSA_SK || |
sshkey_type_plain(key->type) != KEY_ECDSA_SK || |
signature == NULL || signaturelen == 0) |
signature == NULL || signaturelen == 0) |
|
|
if ((ret = ssh_digest_buffer(SSH_DIGEST_SHA256, original_signed, |
if ((ret = ssh_digest_buffer(SSH_DIGEST_SHA256, original_signed, |
sighash, sizeof(sighash))) != 0) |
sighash, sizeof(sighash))) != 0) |
goto out; |
goto out; |
|
if ((details = calloc(1, sizeof(*details))) == NULL) { |
|
ret = SSH_ERR_ALLOC_FAIL; |
|
goto out; |
|
} |
|
details->sk_counter = sig_counter; |
|
details->sk_flags = sig_flags; |
#ifdef DEBUG_SK |
#ifdef DEBUG_SK |
fprintf(stderr, "%s: signed buf:\n", __func__); |
fprintf(stderr, "%s: signed buf:\n", __func__); |
sshbuf_dump(original_signed, stderr); |
sshbuf_dump(original_signed, stderr); |
|
|
ret = SSH_ERR_LIBCRYPTO_ERROR; |
ret = SSH_ERR_LIBCRYPTO_ERROR; |
goto out; |
goto out; |
} |
} |
|
/* success */ |
|
if (detailsp != NULL) { |
|
*detailsp = details; |
|
details = NULL; |
|
} |
out: |
out: |
explicit_bzero(&sig_flags, sizeof(sig_flags)); |
explicit_bzero(&sig_flags, sizeof(sig_flags)); |
explicit_bzero(&sig_counter, sizeof(sig_counter)); |
explicit_bzero(&sig_counter, sizeof(sig_counter)); |
explicit_bzero(msghash, sizeof(msghash)); |
explicit_bzero(msghash, sizeof(msghash)); |
explicit_bzero(sighash, sizeof(msghash)); |
explicit_bzero(sighash, sizeof(msghash)); |
explicit_bzero(apphash, sizeof(apphash)); |
explicit_bzero(apphash, sizeof(apphash)); |
|
sshkey_sig_details_free(details); |
sshbuf_free(original_signed); |
sshbuf_free(original_signed); |
sshbuf_free(sigbuf); |
sshbuf_free(sigbuf); |
sshbuf_free(b); |
sshbuf_free(b); |