version 1.7, 2013/12/27 22:30:17 |
version 1.8, 2014/01/09 23:20:00 |
|
|
#include "compat.h" |
#include "compat.h" |
#include "log.h" |
#include "log.h" |
#include "key.h" |
#include "key.h" |
|
#include "digest.h" |
|
|
int |
int |
ssh_ecdsa_sign(const Key *key, u_char **sigp, u_int *lenp, |
ssh_ecdsa_sign(const Key *key, u_char **sigp, u_int *lenp, |
const u_char *data, u_int datalen) |
const u_char *data, u_int datalen) |
{ |
{ |
ECDSA_SIG *sig; |
ECDSA_SIG *sig; |
const EVP_MD *evp_md; |
int hash_alg; |
EVP_MD_CTX md; |
u_char digest[SSH_DIGEST_MAX_LENGTH]; |
u_char digest[EVP_MAX_MD_SIZE]; |
|
u_int len, dlen; |
u_int len, dlen; |
Buffer b, bb; |
Buffer b, bb; |
|
|
|
|
return -1; |
return -1; |
} |
} |
|
|
evp_md = key_ec_nid_to_evpmd(key->ecdsa_nid); |
hash_alg = key_ec_nid_to_hash_alg(key->ecdsa_nid); |
EVP_DigestInit(&md, evp_md); |
if ((dlen = ssh_digest_bytes(hash_alg)) == 0) { |
EVP_DigestUpdate(&md, data, datalen); |
error("%s: bad hash algorithm %d", __func__, hash_alg); |
EVP_DigestFinal(&md, digest, &dlen); |
return -1; |
|
} |
|
if (ssh_digest_memory(hash_alg, data, datalen, |
|
digest, sizeof(digest)) != 0) { |
|
error("%s: digest_memory failed", __func__); |
|
return -1; |
|
} |
|
|
sig = ECDSA_do_sign(digest, dlen, key->ecdsa); |
sig = ECDSA_do_sign(digest, dlen, key->ecdsa); |
memset(digest, 'd', sizeof(digest)); |
memset(digest, 'd', sizeof(digest)); |
|
|
const u_char *data, u_int datalen) |
const u_char *data, u_int datalen) |
{ |
{ |
ECDSA_SIG *sig; |
ECDSA_SIG *sig; |
const EVP_MD *evp_md; |
int hash_alg; |
EVP_MD_CTX md; |
u_char digest[SSH_DIGEST_MAX_LENGTH], *sigblob; |
u_char digest[EVP_MAX_MD_SIZE], *sigblob; |
|
u_int len, dlen; |
u_int len, dlen; |
int rlen, ret; |
int rlen, ret; |
Buffer b, bb; |
Buffer b, bb; |
|
|
return -1; |
return -1; |
} |
} |
|
|
evp_md = key_ec_nid_to_evpmd(key->ecdsa_nid); |
|
|
|
/* fetch signature */ |
/* fetch signature */ |
buffer_init(&b); |
buffer_init(&b); |
buffer_append(&b, signature, signaturelen); |
buffer_append(&b, signature, signaturelen); |
|
|
free(sigblob); |
free(sigblob); |
|
|
/* hash the data */ |
/* hash the data */ |
EVP_DigestInit(&md, evp_md); |
hash_alg = key_ec_nid_to_hash_alg(key->ecdsa_nid); |
EVP_DigestUpdate(&md, data, datalen); |
if ((dlen = ssh_digest_bytes(hash_alg)) == 0) { |
EVP_DigestFinal(&md, digest, &dlen); |
error("%s: bad hash algorithm %d", __func__, hash_alg); |
|
return -1; |
|
} |
|
if (ssh_digest_memory(hash_alg, data, datalen, |
|
digest, sizeof(digest)) != 0) { |
|
error("%s: digest_memory failed", __func__); |
|
return -1; |
|
} |
|
|
ret = ECDSA_do_verify(digest, dlen, sig, key->ecdsa); |
ret = ECDSA_do_verify(digest, dlen, sig, key->ecdsa); |
memset(digest, 'd', sizeof(digest)); |
memset(digest, 'd', sizeof(digest)); |