[BACK]Return to ssh-rsa.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Annotation of src/usr.bin/ssh/ssh-rsa.c, Revision 1.5

1.1       markus      1: /*
                      2:  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
                      3:  *
                      4:  * Redistribution and use in source and binary forms, with or without
                      5:  * modification, are permitted provided that the following conditions
                      6:  * are met:
                      7:  * 1. Redistributions of source code must retain the above copyright
                      8:  *    notice, this list of conditions and the following disclaimer.
                      9:  * 2. Redistributions in binary form must reproduce the above copyright
                     10:  *    notice, this list of conditions and the following disclaimer in the
                     11:  *    documentation and/or other materials provided with the distribution.
                     12:  *
                     13:  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
                     14:  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
                     15:  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
                     16:  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
                     17:  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
                     18:  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
                     19:  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
                     20:  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
                     21:  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
                     22:  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
                     23:  */
                     24:
                     25: #include "includes.h"
1.5     ! markus     26: RCSID("$OpenBSD: ssh-rsa.c,v 1.4 2001/01/16 19:20:06 markus Exp $");
        !            27:
        !            28: #include <openssl/evp.h>
        !            29: #include <openssl/err.h>
1.1       markus     30:
                     31: #include "xmalloc.h"
1.5     ! markus     32: #include "log.h"
1.1       markus     33: #include "buffer.h"
                     34: #include "bufaux.h"
                     35: #include "key.h"
                     36:
                     37: /* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
                     38: int
                     39: ssh_rsa_sign(
                     40:     Key *key,
1.2       markus     41:     u_char **sigp, int *lenp,
                     42:     u_char *data, int datalen)
1.1       markus     43: {
                     44:        EVP_MD *evp_md = EVP_sha1();
                     45:        EVP_MD_CTX md;
1.2       markus     46:        u_char *digest, *sig, *ret;
                     47:        u_int slen, dlen, len;
1.1       markus     48:        int ok;
                     49:        Buffer b;
                     50:
                     51:        if (key == NULL || key->type != KEY_RSA || key->rsa == NULL) {
                     52:                error("ssh_rsa_sign: no RSA key");
                     53:                return -1;
                     54:        }
                     55:        slen = RSA_size(key->rsa);
                     56:        sig = xmalloc(slen);
                     57:
                     58:        dlen = evp_md->md_size;
                     59:        digest = xmalloc(dlen);
                     60:        EVP_DigestInit(&md, evp_md);
                     61:        EVP_DigestUpdate(&md, data, datalen);
                     62:        EVP_DigestFinal(&md, digest, NULL);
                     63:
                     64:        ok = RSA_sign(NID_sha1, digest, dlen, sig, &len, key->rsa);
                     65:        memset(digest, 'd', dlen);
                     66:        xfree(digest);
                     67:
                     68:        if (ok != 1) {
                     69:                int ecode = ERR_get_error();
                     70:                error("ssh_rsa_sign: RSA_sign failed: %s", ERR_error_string(ecode, NULL));
                     71:                xfree(sig);
                     72:                return -1;
                     73:        }
                     74:        if (len < slen) {
                     75:                int diff = slen - len;
                     76:                debug("slen %d > len %d", slen, len);
                     77:                memmove(sig + diff, sig, len);
                     78:                memset(sig, 0, diff);
                     79:        } else if (len > slen) {
                     80:                error("ssh_rsa_sign: slen %d slen2 %d", slen, len);
                     81:                xfree(sig);
                     82:                return -1;
                     83:        }
                     84:        /* encode signature */
                     85:        buffer_init(&b);
                     86:        buffer_put_cstring(&b, "ssh-rsa");
                     87:        buffer_put_string(&b, sig, slen);
                     88:        len = buffer_len(&b);
                     89:        ret = xmalloc(len);
                     90:        memcpy(ret, buffer_ptr(&b), len);
                     91:        buffer_free(&b);
                     92:        memset(sig, 's', slen);
                     93:        xfree(sig);
                     94:
                     95:        if (lenp != NULL)
                     96:                *lenp = len;
                     97:        if (sigp != NULL)
                     98:                *sigp = ret;
                     99:        debug2("ssh_rsa_sign: done");
                    100:        return 0;
                    101: }
                    102:
                    103: int
                    104: ssh_rsa_verify(
                    105:     Key *key,
1.2       markus    106:     u_char *signature, int signaturelen,
                    107:     u_char *data, int datalen)
1.1       markus    108: {
                    109:        Buffer b;
                    110:        EVP_MD *evp_md = EVP_sha1();
                    111:        EVP_MD_CTX md;
                    112:        char *ktype;
1.2       markus    113:        u_char *sigblob, *digest;
                    114:        u_int len, dlen;
1.1       markus    115:        int rlen;
                    116:        int ret;
                    117:
                    118:        if (key == NULL || key->type != KEY_RSA || key->rsa == NULL) {
                    119:                error("ssh_rsa_verify: no RSA key");
1.4       markus    120:                return -1;
                    121:        }
                    122:        if (BN_num_bits(key->rsa->n) < 768) {
                    123:                error("ssh_rsa_verify: n too small: %d bits",
                    124:                    BN_num_bits(key->rsa->n));
1.1       markus    125:                return -1;
                    126:        }
                    127:        buffer_init(&b);
                    128:        buffer_append(&b, (char *) signature, signaturelen);
                    129:        ktype = buffer_get_string(&b, NULL);
                    130:        if (strcmp("ssh-rsa", ktype) != 0) {
                    131:                error("ssh_rsa_verify: cannot handle type %s", ktype);
                    132:                buffer_free(&b);
                    133:                xfree(ktype);
                    134:                return -1;
                    135:        }
                    136:        xfree(ktype);
1.2       markus    137:        sigblob = (u_char *)buffer_get_string(&b, &len);
1.1       markus    138:        rlen = buffer_len(&b);
                    139:        buffer_free(&b);
                    140:        if(rlen != 0) {
                    141:                error("ssh_rsa_verify: remaining bytes in signature %d", rlen);
                    142:                return -1;
                    143:        }
                    144:
                    145:        dlen = evp_md->md_size;
                    146:        digest = xmalloc(dlen);
                    147:        EVP_DigestInit(&md, evp_md);
                    148:        EVP_DigestUpdate(&md, data, datalen);
                    149:        EVP_DigestFinal(&md, digest, NULL);
                    150:
                    151:        ret = RSA_verify(NID_sha1, digest, dlen, sigblob, len, key->rsa);
                    152:        memset(digest, 'd', dlen);
                    153:        xfree(digest);
                    154:        memset(sigblob, 's', len);
                    155:        xfree(sigblob);
                    156:        if (ret == 0) {
                    157:                int ecode = ERR_get_error();
                    158:                error("ssh_rsa_verify: RSA_verify failed: %s", ERR_error_string(ecode, NULL));
                    159:        }
                    160:        debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
                    161:        return ret;
                    162: }