version 1.50, 2014/01/09 23:20:00 |
version 1.51, 2014/02/02 03:44:31 |
|
|
sig = xmalloc(slen); |
sig = xmalloc(slen); |
|
|
ok = RSA_sign(nid, digest, dlen, sig, &len, key->rsa); |
ok = RSA_sign(nid, digest, dlen, sig, &len, key->rsa); |
memset(digest, 'd', sizeof(digest)); |
explicit_bzero(digest, sizeof(digest)); |
|
|
if (ok != 1) { |
if (ok != 1) { |
int ecode = ERR_get_error(); |
int ecode = ERR_get_error(); |
|
|
u_int diff = slen - len; |
u_int diff = slen - len; |
debug("slen %u > len %u", slen, len); |
debug("slen %u > len %u", slen, len); |
memmove(sig + diff, sig, len); |
memmove(sig + diff, sig, len); |
memset(sig, 0, diff); |
explicit_bzero(sig, diff); |
} else if (len > slen) { |
} else if (len > slen) { |
error("%s: slen %u slen2 %u", __func__, slen, len); |
error("%s: slen %u slen2 %u", __func__, slen, len); |
free(sig); |
free(sig); |
|
|
memcpy(*sigp, buffer_ptr(&b), len); |
memcpy(*sigp, buffer_ptr(&b), len); |
} |
} |
buffer_free(&b); |
buffer_free(&b); |
memset(sig, 's', slen); |
explicit_bzero(sig, slen); |
free(sig); |
free(sig); |
|
|
return 0; |
return 0; |
|
|
modlen, len); |
modlen, len); |
sigblob = xrealloc(sigblob, 1, modlen); |
sigblob = xrealloc(sigblob, 1, modlen); |
memmove(sigblob + diff, sigblob, len); |
memmove(sigblob + diff, sigblob, len); |
memset(sigblob, 0, diff); |
explicit_bzero(sigblob, diff); |
len = modlen; |
len = modlen; |
} |
} |
/* hash the data */ |
/* hash the data */ |
|
|
|
|
ret = openssh_RSA_verify(hash_alg, digest, dlen, sigblob, len, |
ret = openssh_RSA_verify(hash_alg, digest, dlen, sigblob, len, |
key->rsa); |
key->rsa); |
memset(digest, 'd', sizeof(digest)); |
explicit_bzero(digest, sizeof(digest)); |
memset(sigblob, 's', len); |
explicit_bzero(sigblob, len); |
free(sigblob); |
free(sigblob); |
debug("%s: signature %scorrect", __func__, (ret == 0) ? "in" : ""); |
debug("%s: signature %scorrect", __func__, (ret == 0) ? "in" : ""); |
return ret; |
return ret; |