| version 1.5, 2019/11/26 03:04:27 |
version 1.6, 2020/06/22 05:56:23 |
|
|
| /* fetch signature */ |
/* fetch signature */ |
| if ((b = sshbuf_from(signature, signaturelen)) == NULL) |
if ((b = sshbuf_from(signature, signaturelen)) == NULL) |
| return SSH_ERR_ALLOC_FAIL; |
return SSH_ERR_ALLOC_FAIL; |
| if (sshbuf_get_cstring(b, &ktype, NULL) != 0 || |
if ((details = calloc(1, sizeof(*details))) == NULL) { |
| sshbuf_froms(b, &sigbuf) != 0 || |
ret = SSH_ERR_ALLOC_FAIL; |
| sshbuf_get_u8(b, &sig_flags) != 0 || |
goto out; |
| sshbuf_get_u32(b, &sig_counter) != 0) { |
} |
| |
if (sshbuf_get_cstring(b, &ktype, NULL) != 0) { |
| ret = SSH_ERR_INVALID_FORMAT; |
ret = SSH_ERR_INVALID_FORMAT; |
| goto out; |
goto out; |
| } |
} |
| if (strcmp(sshkey_ssh_name_plain(key), ktype) != 0) { |
if (strcmp(ktype, "sk-ecdsa-sha2-nistp256@openssh.com") != 0) { |
| ret = SSH_ERR_KEY_TYPE_MISMATCH; |
ret = SSH_ERR_INVALID_FORMAT; |
| goto out; |
goto out; |
| } |
} |
| |
if (sshbuf_froms(b, &sigbuf) != 0 || |
| |
sshbuf_get_u8(b, &sig_flags) != 0 || |
| |
sshbuf_get_u32(b, &sig_counter) != 0) { |
| |
ret = SSH_ERR_INVALID_FORMAT; |
| |
goto out; |
| |
} |
| if (sshbuf_len(b) != 0) { |
if (sshbuf_len(b) != 0) { |
| ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; |
ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; |
| goto out; |
goto out; |
|
|
| ret = SSH_ERR_INVALID_FORMAT; |
ret = SSH_ERR_INVALID_FORMAT; |
| goto out; |
goto out; |
| } |
} |
| if ((sig = ECDSA_SIG_new()) == NULL) { |
if (sshbuf_len(sigbuf) != 0) { |
| ret = SSH_ERR_ALLOC_FAIL; |
ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; |
| goto out; |
goto out; |
| } |
} |
| if (!ECDSA_SIG_set0(sig, sig_r, sig_s)) { |
|
| ret = SSH_ERR_LIBCRYPTO_ERROR; |
|
| goto out; |
|
| } |
|
| #ifdef DEBUG_SK |
#ifdef DEBUG_SK |
| fprintf(stderr, "%s: data: (len %zu)\n", __func__, datalen); |
fprintf(stderr, "%s: data: (len %zu)\n", __func__, datalen); |
| /* sshbuf_dump_data(data, datalen, stderr); */ |
/* sshbuf_dump_data(data, datalen, stderr); */ |
|
|
| fprintf(stderr, "%s: sig_flags = 0x%02x, sig_counter = %u\n", |
fprintf(stderr, "%s: sig_flags = 0x%02x, sig_counter = %u\n", |
| __func__, sig_flags, sig_counter); |
__func__, sig_flags, sig_counter); |
| #endif |
#endif |
| sig_r = sig_s = NULL; /* transferred */ |
if ((sig = ECDSA_SIG_new()) == NULL) { |
| |
ret = SSH_ERR_ALLOC_FAIL; |
| if (sshbuf_len(sigbuf) != 0) { |
|
| ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; |
|
| goto out; |
goto out; |
| } |
} |
| |
if (!ECDSA_SIG_set0(sig, sig_r, sig_s)) { |
| |
ret = SSH_ERR_LIBCRYPTO_ERROR; |
| |
goto out; |
| |
} |
| |
sig_r = sig_s = NULL; /* transferred */ |
| |
|
| /* Reconstruct data that was supposedly signed */ |
/* Reconstruct data that was supposedly signed */ |
| if ((original_signed = sshbuf_new()) == NULL) { |
if ((original_signed = sshbuf_new()) == NULL) { |
|
|
| if ((ret = ssh_digest_buffer(SSH_DIGEST_SHA256, original_signed, |
if ((ret = ssh_digest_buffer(SSH_DIGEST_SHA256, original_signed, |
| sighash, sizeof(sighash))) != 0) |
sighash, sizeof(sighash))) != 0) |
| goto out; |
goto out; |
| if ((details = calloc(1, sizeof(*details))) == NULL) { |
|
| ret = SSH_ERR_ALLOC_FAIL; |
|
| goto out; |
|
| } |
|
| details->sk_counter = sig_counter; |
details->sk_counter = sig_counter; |
| details->sk_flags = sig_flags; |
details->sk_flags = sig_flags; |
| #ifdef DEBUG_SK |
#ifdef DEBUG_SK |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-ecdsa-sk.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh