| version 1.45, 2010/08/31 09:58:37 |
version 1.46, 2013/05/17 00:13:14 |
|
|
| |
|
| error("ssh_rsa_sign: RSA_sign failed: %s", |
error("ssh_rsa_sign: RSA_sign failed: %s", |
| ERR_error_string(ecode, NULL)); |
ERR_error_string(ecode, NULL)); |
| xfree(sig); |
free(sig); |
| return -1; |
return -1; |
| } |
} |
| if (len < slen) { |
if (len < slen) { |
|
|
| memset(sig, 0, diff); |
memset(sig, 0, diff); |
| } else if (len > slen) { |
} else if (len > slen) { |
| error("ssh_rsa_sign: slen %u slen2 %u", slen, len); |
error("ssh_rsa_sign: slen %u slen2 %u", slen, len); |
| xfree(sig); |
free(sig); |
| return -1; |
return -1; |
| } |
} |
| /* encode signature */ |
/* encode signature */ |
|
|
| } |
} |
| buffer_free(&b); |
buffer_free(&b); |
| memset(sig, 's', slen); |
memset(sig, 's', slen); |
| xfree(sig); |
free(sig); |
| |
|
| return 0; |
return 0; |
| } |
} |
|
|
| if (strcmp("ssh-rsa", ktype) != 0) { |
if (strcmp("ssh-rsa", ktype) != 0) { |
| error("ssh_rsa_verify: cannot handle type %s", ktype); |
error("ssh_rsa_verify: cannot handle type %s", ktype); |
| buffer_free(&b); |
buffer_free(&b); |
| xfree(ktype); |
free(ktype); |
| return -1; |
return -1; |
| } |
} |
| xfree(ktype); |
free(ktype); |
| sigblob = buffer_get_string(&b, &len); |
sigblob = buffer_get_string(&b, &len); |
| rlen = buffer_len(&b); |
rlen = buffer_len(&b); |
| buffer_free(&b); |
buffer_free(&b); |
| if (rlen != 0) { |
if (rlen != 0) { |
| error("ssh_rsa_verify: remaining bytes in signature %d", rlen); |
error("ssh_rsa_verify: remaining bytes in signature %d", rlen); |
| xfree(sigblob); |
free(sigblob); |
| return -1; |
return -1; |
| } |
} |
| /* RSA_verify expects a signature of RSA_size */ |
/* RSA_verify expects a signature of RSA_size */ |
| modlen = RSA_size(key->rsa); |
modlen = RSA_size(key->rsa); |
| if (len > modlen) { |
if (len > modlen) { |
| error("ssh_rsa_verify: len %u > modlen %u", len, modlen); |
error("ssh_rsa_verify: len %u > modlen %u", len, modlen); |
| xfree(sigblob); |
free(sigblob); |
| return -1; |
return -1; |
| } else if (len < modlen) { |
} else if (len < modlen) { |
| u_int diff = modlen - len; |
u_int diff = modlen - len; |
|
|
| nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; |
nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; |
| if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
| error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); |
error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); |
| xfree(sigblob); |
free(sigblob); |
| return -1; |
return -1; |
| } |
} |
| EVP_DigestInit(&md, evp_md); |
EVP_DigestInit(&md, evp_md); |
|
|
| ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa); |
ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa); |
| memset(digest, 'd', sizeof(digest)); |
memset(digest, 'd', sizeof(digest)); |
| memset(sigblob, 's', len); |
memset(sigblob, 's', len); |
| xfree(sigblob); |
free(sigblob); |
| debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : ""); |
debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : ""); |
| return ret; |
return ret; |
| } |
} |
|
|
| } |
} |
| ret = 1; |
ret = 1; |
| done: |
done: |
| if (decrypted) |
free(decrypted); |
| xfree(decrypted); |
|
| return ret; |
return ret; |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-rsa.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh