Return to ssh-rsa.c CVS log

Up to [local] / src / usr.bin / ssh

Annotation of src/usr.bin/ssh/ssh-rsa.c, Revision 1.6.4.1

1.1       markus      1: /*
                      2:  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
                      3:  *
                      4:  * Redistribution and use in source and binary forms, with or without
                      5:  * modification, are permitted provided that the following conditions
                      6:  * are met:
                      7:  * 1. Redistributions of source code must retain the above copyright
                      8:  *    notice, this list of conditions and the following disclaimer.
                      9:  * 2. Redistributions in binary form must reproduce the above copyright
                     10:  *    notice, this list of conditions and the following disclaimer in the
                     11:  *    documentation and/or other materials provided with the distribution.
                     12:  *
                     13:  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
                     14:  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
                     15:  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
                     16:  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
                     17:  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
                     18:  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
                     19:  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
                     20:  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
                     21:  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
                     22:  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
                     23:  */
                     24:
                     25: #include "includes.h"
1.6.4.1 ! jason      26: RCSID("$OpenBSD: ssh-rsa.c,v 1.6 2001/02/08 19:30:52 itojun Exp $");
1.5       markus     27:
                     28: #include <openssl/evp.h>
                     29: #include <openssl/err.h>
1.1       markus     30:
                     31: #include "xmalloc.h"
1.5       markus     32: #include "log.h"
1.1       markus     33: #include "buffer.h"
                     34: #include "bufaux.h"
                     35: #include "key.h"
1.6       itojun     36: #include "ssh-rsa.h"
1.1       markus     37:
                     38: /* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
                     39: int
                     40: ssh_rsa_sign(
                     41:     Key *key,
1.2       markus     42:     u_char **sigp, int *lenp,
                     43:     u_char *data, int datalen)
1.1       markus     44: {
                     45:        EVP_MD *evp_md = EVP_sha1();
                     46:        EVP_MD_CTX md;
1.2       markus     47:        u_char *digest, *sig, *ret;
                     48:        u_int slen, dlen, len;
1.1       markus     49:        int ok;
                     50:        Buffer b;
                     51:
                     52:        if (key == NULL || key->type != KEY_RSA || key->rsa == NULL) {
                     53:                error("ssh_rsa_sign: no RSA key");
                     54:                return -1;
                     55:        }
                     56:        slen = RSA_size(key->rsa);
                     57:        sig = xmalloc(slen);
                     58:
                     59:        dlen = evp_md->md_size;
                     60:        digest = xmalloc(dlen);
                     61:        EVP_DigestInit(&md, evp_md);
                     62:        EVP_DigestUpdate(&md, data, datalen);
                     63:        EVP_DigestFinal(&md, digest, NULL);
                     64:
                     65:        ok = RSA_sign(NID_sha1, digest, dlen, sig, &len, key->rsa);
                     66:        memset(digest, 'd', dlen);
                     67:        xfree(digest);
                     68:
                     69:        if (ok != 1) {
                     70:                int ecode = ERR_get_error();
                     71:                error("ssh_rsa_sign: RSA_sign failed: %s", ERR_error_string(ecode, NULL));
                     72:                xfree(sig);
                     73:                return -1;
                     74:        }
                     75:        if (len < slen) {
                     76:                int diff = slen - len;
                     77:                debug("slen %d > len %d", slen, len);
                     78:                memmove(sig + diff, sig, len);
                     79:                memset(sig, 0, diff);
                     80:        } else if (len > slen) {
                     81:                error("ssh_rsa_sign: slen %d slen2 %d", slen, len);
                     82:                xfree(sig);
                     83:                return -1;
                     84:        }
                     85:        /* encode signature */
                     86:        buffer_init(&b);
                     87:        buffer_put_cstring(&b, "ssh-rsa");
                     88:        buffer_put_string(&b, sig, slen);
                     89:        len = buffer_len(&b);
                     90:        ret = xmalloc(len);
                     91:        memcpy(ret, buffer_ptr(&b), len);
                     92:        buffer_free(&b);
                     93:        memset(sig, 's', slen);
                     94:        xfree(sig);
                     95:
                     96:        if (lenp != NULL)
                     97:                *lenp = len;
                     98:        if (sigp != NULL)
                     99:                *sigp = ret;
                    100:        debug2("ssh_rsa_sign: done");
                    101:        return 0;
                    102: }
                    103:
                    104: int
                    105: ssh_rsa_verify(
                    106:     Key *key,
1.2       markus    107:     u_char *signature, int signaturelen,
                    108:     u_char *data, int datalen)
1.1       markus    109: {
                    110:        Buffer b;
                    111:        EVP_MD *evp_md = EVP_sha1();
                    112:        EVP_MD_CTX md;
                    113:        char *ktype;
1.2       markus    114:        u_char *sigblob, *digest;
                    115:        u_int len, dlen;
1.1       markus    116:        int rlen;
                    117:        int ret;
                    118:
                    119:        if (key == NULL || key->type != KEY_RSA || key->rsa == NULL) {
                    120:                error("ssh_rsa_verify: no RSA key");
1.4       markus    121:                return -1;
                    122:        }
                    123:        if (BN_num_bits(key->rsa->n) < 768) {
                    124:                error("ssh_rsa_verify: n too small: %d bits",
                    125:                    BN_num_bits(key->rsa->n));
1.1       markus    126:                return -1;
                    127:        }
                    128:        buffer_init(&b);
                    129:        buffer_append(&b, (char *) signature, signaturelen);
                    130:        ktype = buffer_get_string(&b, NULL);
                    131:        if (strcmp("ssh-rsa", ktype) != 0) {
                    132:                error("ssh_rsa_verify: cannot handle type %s", ktype);
                    133:                buffer_free(&b);
                    134:                xfree(ktype);
                    135:                return -1;
                    136:        }
                    137:        xfree(ktype);
1.2       markus    138:        sigblob = (u_char *)buffer_get_string(&b, &len);
1.1       markus    139:        rlen = buffer_len(&b);
                    140:        buffer_free(&b);
                    141:        if(rlen != 0) {
                    142:                error("ssh_rsa_verify: remaining bytes in signature %d", rlen);
                    143:                return -1;
                    144:        }
                    145:
                    146:        dlen = evp_md->md_size;
                    147:        digest = xmalloc(dlen);
                    148:        EVP_DigestInit(&md, evp_md);
                    149:        EVP_DigestUpdate(&md, data, datalen);
                    150:        EVP_DigestFinal(&md, digest, NULL);
                    151:
                    152:        ret = RSA_verify(NID_sha1, digest, dlen, sigblob, len, key->rsa);
                    153:        memset(digest, 'd', dlen);
                    154:        xfree(digest);
                    155:        memset(sigblob, 's', len);
                    156:        xfree(sigblob);
                    157:        if (ret == 0) {
                    158:                int ecode = ERR_get_error();
                    159:                error("ssh_rsa_verify: RSA_verify failed: %s", ERR_error_string(ecode, NULL));
                    160:        }
                    161:        debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
                    162:        return ret;
                    163: }