[BACK]Return to ssh-rsa.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-rsa.c between version 1.74 and 1.75

version 1.74, 2022/10/28 00:41:52 version 1.75, 2022/10/28 00:43:08
Line 321 
Line 321 
 }  }
   
 /* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */  /* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
 int  static int
 ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,  ssh_rsa_sign(struct sshkey *key,
     const u_char *data, size_t datalen, const char *alg_ident)      u_char **sigp, size_t *lenp,
       const u_char *data, size_t datalen,
       const char *alg, const char *sk_provider, const char *sk_pin, u_int compat)
 {  {
         const BIGNUM *rsa_n;          const BIGNUM *rsa_n;
         u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL;          u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL;
         size_t slen = 0;          size_t slen = 0;
         u_int dlen, len;          u_int hlen, len;
         int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR;          int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR;
         struct sshbuf *b = NULL;          struct sshbuf *b = NULL;
   
Line 337 
Line 339 
         if (sigp != NULL)          if (sigp != NULL)
                 *sigp = NULL;                  *sigp = NULL;
   
         if (alg_ident == NULL || strlen(alg_ident) == 0)          if (alg == NULL || strlen(alg) == 0)
                 hash_alg = SSH_DIGEST_SHA1;                  hash_alg = SSH_DIGEST_SHA1;
         else          else
                 hash_alg = rsa_hash_id_from_keyname(alg_ident);                  hash_alg = rsa_hash_id_from_keyname(alg);
         if (key == NULL || key->rsa == NULL || hash_alg == -1 ||          if (key == NULL || key->rsa == NULL || hash_alg == -1 ||
             sshkey_type_plain(key->type) != KEY_RSA)              sshkey_type_plain(key->type) != KEY_RSA)
                 return SSH_ERR_INVALID_ARGUMENT;                  return SSH_ERR_INVALID_ARGUMENT;
Line 353 
Line 355 
   
         /* hash the data */          /* hash the data */
         nid = rsa_hash_alg_nid(hash_alg);          nid = rsa_hash_alg_nid(hash_alg);
         if ((dlen = ssh_digest_bytes(hash_alg)) == 0)          if ((hlen = ssh_digest_bytes(hash_alg)) == 0)
                 return SSH_ERR_INTERNAL_ERROR;                  return SSH_ERR_INTERNAL_ERROR;
         if ((ret = ssh_digest_memory(hash_alg, data, datalen,          if ((ret = ssh_digest_memory(hash_alg, data, datalen,
             digest, sizeof(digest))) != 0)              digest, sizeof(digest))) != 0)
Line 364 
Line 366 
                 goto out;                  goto out;
         }          }
   
         if (RSA_sign(nid, digest, dlen, sig, &len, key->rsa) != 1) {          if (RSA_sign(nid, digest, hlen, sig, &len, key->rsa) != 1) {
                 ret = SSH_ERR_LIBCRYPTO_ERROR;                  ret = SSH_ERR_LIBCRYPTO_ERROR;
                 goto out;                  goto out;
         }          }
Line 402 
Line 404 
         return ret;          return ret;
 }  }
   
 int  static int
 ssh_rsa_verify(const struct sshkey *key,  ssh_rsa_verify(const struct sshkey *key,
     const u_char *sig, size_t siglen, const u_char *data, size_t datalen,      const u_char *sig, size_t siglen,
     const char *alg)      const u_char *data, size_t dlen, const char *alg, u_int compat,
       struct sshkey_sig_details **detailsp)
 {  {
         const BIGNUM *rsa_n;          const BIGNUM *rsa_n;
         char *sigtype = NULL;          char *sigtype = NULL;
         int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR;          int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR;
         size_t len = 0, diff, modlen, dlen;          size_t len = 0, diff, modlen, hlen;
         struct sshbuf *b = NULL;          struct sshbuf *b = NULL;
         u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL;          u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL;
   
Line 471 
Line 474 
                 explicit_bzero(sigblob, diff);                  explicit_bzero(sigblob, diff);
                 len = modlen;                  len = modlen;
         }          }
         if ((dlen = ssh_digest_bytes(hash_alg)) == 0) {          if ((hlen = ssh_digest_bytes(hash_alg)) == 0) {
                 ret = SSH_ERR_INTERNAL_ERROR;                  ret = SSH_ERR_INTERNAL_ERROR;
                 goto out;                  goto out;
         }          }
         if ((ret = ssh_digest_memory(hash_alg, data, datalen,          if ((ret = ssh_digest_memory(hash_alg, data, dlen,
             digest, sizeof(digest))) != 0)              digest, sizeof(digest))) != 0)
                 goto out;                  goto out;
   
         ret = openssh_RSA_verify(hash_alg, digest, dlen, sigblob, len,          ret = openssh_RSA_verify(hash_alg, digest, hlen, sigblob, len,
             key->rsa);              key->rsa);
  out:   out:
         freezero(sigblob, len);          freezero(sigblob, len);
Line 617 
Line 620 
         /* .ssh_deserialize_public = */ ssh_rsa_deserialize_public,          /* .ssh_deserialize_public = */ ssh_rsa_deserialize_public,
         /* .generate = */       ssh_rsa_generate,          /* .generate = */       ssh_rsa_generate,
         /* .copy_public = */    ssh_rsa_copy_public,          /* .copy_public = */    ssh_rsa_copy_public,
           /* .sign = */           ssh_rsa_sign,
           /* .verify = */         ssh_rsa_verify,
 };  };
   
 const struct sshkey_impl sshkey_rsa_impl = {  const struct sshkey_impl sshkey_rsa_impl = {
Legend:
Removed from v.1.74  
changed lines
  Added in v.1.75