version 1.46, 2013/05/17 00:13:14 |
version 1.47, 2013/12/27 22:30:17 |
|
|
int ok, nid; |
int ok, nid; |
Buffer b; |
Buffer b; |
|
|
if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA && |
if (key == NULL || key_type_plain(key->type) != KEY_RSA || |
key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) { |
key->rsa == NULL) { |
error("ssh_rsa_sign: no RSA key"); |
error("%s: no RSA key", __func__); |
return -1; |
return -1; |
} |
} |
|
|
nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; |
nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; |
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
error("ssh_rsa_sign: EVP_get_digestbynid %d failed", nid); |
error("%s: EVP_get_digestbynid %d failed", __func__, nid); |
return -1; |
return -1; |
} |
} |
EVP_DigestInit(&md, evp_md); |
EVP_DigestInit(&md, evp_md); |
|
|
if (ok != 1) { |
if (ok != 1) { |
int ecode = ERR_get_error(); |
int ecode = ERR_get_error(); |
|
|
error("ssh_rsa_sign: RSA_sign failed: %s", |
error("%s: RSA_sign failed: %s", __func__, |
ERR_error_string(ecode, NULL)); |
ERR_error_string(ecode, NULL)); |
free(sig); |
free(sig); |
return -1; |
return -1; |
|
|
memmove(sig + diff, sig, len); |
memmove(sig + diff, sig, len); |
memset(sig, 0, diff); |
memset(sig, 0, diff); |
} else if (len > slen) { |
} else if (len > slen) { |
error("ssh_rsa_sign: slen %u slen2 %u", slen, len); |
error("%s: slen %u slen2 %u", __func__, slen, len); |
free(sig); |
free(sig); |
return -1; |
return -1; |
} |
} |
|
|
u_int len, dlen, modlen; |
u_int len, dlen, modlen; |
int rlen, ret, nid; |
int rlen, ret, nid; |
|
|
if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA && |
if (key == NULL || key_type_plain(key->type) != KEY_RSA || |
key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) { |
key->rsa == NULL) { |
error("ssh_rsa_verify: no RSA key"); |
error("%s: no RSA key", __func__); |
return -1; |
return -1; |
} |
} |
|
|
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { |
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { |
error("ssh_rsa_verify: RSA modulus too small: %d < minimum %d bits", |
error("%s: RSA modulus too small: %d < minimum %d bits", |
BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); |
__func__, BN_num_bits(key->rsa->n), |
|
SSH_RSA_MINIMUM_MODULUS_SIZE); |
return -1; |
return -1; |
} |
} |
buffer_init(&b); |
buffer_init(&b); |
buffer_append(&b, signature, signaturelen); |
buffer_append(&b, signature, signaturelen); |
ktype = buffer_get_cstring(&b, NULL); |
ktype = buffer_get_cstring(&b, NULL); |
if (strcmp("ssh-rsa", ktype) != 0) { |
if (strcmp("ssh-rsa", ktype) != 0) { |
error("ssh_rsa_verify: cannot handle type %s", ktype); |
error("%s: cannot handle type %s", __func__, ktype); |
buffer_free(&b); |
buffer_free(&b); |
free(ktype); |
free(ktype); |
return -1; |
return -1; |
|
|
rlen = buffer_len(&b); |
rlen = buffer_len(&b); |
buffer_free(&b); |
buffer_free(&b); |
if (rlen != 0) { |
if (rlen != 0) { |
error("ssh_rsa_verify: remaining bytes in signature %d", rlen); |
error("%s: remaining bytes in signature %d", __func__, rlen); |
free(sigblob); |
free(sigblob); |
return -1; |
return -1; |
} |
} |
/* RSA_verify expects a signature of RSA_size */ |
/* RSA_verify expects a signature of RSA_size */ |
modlen = RSA_size(key->rsa); |
modlen = RSA_size(key->rsa); |
if (len > modlen) { |
if (len > modlen) { |
error("ssh_rsa_verify: len %u > modlen %u", len, modlen); |
error("%s: len %u > modlen %u", __func__, len, modlen); |
free(sigblob); |
free(sigblob); |
return -1; |
return -1; |
} else if (len < modlen) { |
} else if (len < modlen) { |
u_int diff = modlen - len; |
u_int diff = modlen - len; |
debug("ssh_rsa_verify: add padding: modlen %u > len %u", |
debug("%s: add padding: modlen %u > len %u", __func__, |
modlen, len); |
modlen, len); |
sigblob = xrealloc(sigblob, 1, modlen); |
sigblob = xrealloc(sigblob, 1, modlen); |
memmove(sigblob + diff, sigblob, len); |
memmove(sigblob + diff, sigblob, len); |
|
|
} |
} |
nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; |
nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; |
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); |
error("%s: EVP_get_digestbynid %d failed", __func__, nid); |
free(sigblob); |
free(sigblob); |
return -1; |
return -1; |
} |
} |
|
|
memset(digest, 'd', sizeof(digest)); |
memset(digest, 'd', sizeof(digest)); |
memset(sigblob, 's', len); |
memset(sigblob, 's', len); |
free(sigblob); |
free(sigblob); |
debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : ""); |
debug("%s: signature %scorrect", __func__, (ret == 0) ? "in" : ""); |
return ret; |
return ret; |
} |
} |
|
|