- markus@cvs.openbsd.org 2001/06/06 23:13:54

[ssh-dss.c ssh-rsa.c] cleanup, remove old code
author: Ben Lindstrom <mouring@eviladmin.org> 2001-06-09 01:36:21 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-06-09 01:36:21 +0000
commit: c66d436f603c8e1d727dc55a8087e497701ca7f3 (patch)
tree: d8f6e6d0cff6f2ca9e0e5a56d7787462a0e8df7b /ssh-dss.c
parent: cb3929d1d9ef6ca0059c39a9659668dd7c52ca6e (diff)
1 files changed, 13 insertions, 44 deletions
diff --git a/ssh-dss.c b/ssh-dss.c
index adc8f983e..5cf007667 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.7 2001/06/06 23:13:54 markus Exp $");
 #include <openssl/bn.h>
 #include <openssl/evp.h>
@@ -45,15 +45,11 @@ ssh_dss_sign(
    u_char **sigp, int *lenp,
    u_char *data, int datalen)
 {
-        u_char *digest;
-        u_char *ret;
        DSA_SIG *sig;
        EVP_MD *evp_md = EVP_sha1();
        EVP_MD_CTX md;
-        u_int rlen;
+        u_char *digest, *ret, sigblob[SIGBLOB_LEN];
-        u_int slen;
+        u_int rlen, slen, len, dlen;
-        u_int len, dlen;
-        u_char sigblob[SIGBLOB_LEN];
        Buffer b;
        if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
@@ -67,11 +63,13 @@ ssh_dss_sign(
        EVP_DigestFinal(&md, digest, NULL);
        sig = DSA_do_sign(digest, dlen, key->dsa);
-        if (sig == NULL) {
-                fatal("ssh_dss_sign: cannot sign");
-        }
        memset(digest, 0, dlen);
        xfree(digest);
+        if (sig == NULL) {
+                error("ssh_dss_sign: sign failed");
+                return -1;
+        }
        rlen = BN_num_bytes(sig->r);
        slen = BN_num_bytes(sig->s);
@@ -80,15 +78,12 @@ ssh_dss_sign(
                DSA_SIG_free(sig);
                return -1;
        }
-        debug("sig size %d %d", rlen, slen);
        memset(sigblob, 0, SIGBLOB_LEN);
        BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
        BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
        DSA_SIG_free(sig);
        if (datafellows & SSH_BUG_SIGBLOB) {
-                debug("datafellows");
                ret = xmalloc(SIGBLOB_LEN);
                memcpy(ret, sigblob, SIGBLOB_LEN);
                if (lenp != NULL)
@@ -117,34 +112,19 @@ ssh_dss_verify(
    u_char *signature, int signaturelen,
    u_char *data, int datalen)
 {
-        Buffer b;
-        u_char *digest;
        DSA_SIG *sig;
        EVP_MD *evp_md = EVP_sha1();
        EVP_MD_CTX md;
-        u_char *sigblob;
+        u_char *digest, *sigblob;
-        char *txt;
        u_int len, dlen;
-        int rlen;
+        int rlen, ret;
-        int ret;
+        Buffer b;
        if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
                error("ssh_dss_verify: no DSA key");
                return -1;
        }
-        if (!(datafellows & SSH_BUG_SIGBLOB) &&
-            signaturelen == SIGBLOB_LEN) {
-                datafellows |= ~SSH_BUG_SIGBLOB;
-                log("autodetect SSH_BUG_SIGBLOB");
-        } else if ((datafellows & SSH_BUG_SIGBLOB) &&
-            signaturelen != SIGBLOB_LEN) {
-                log("autoremove SSH_BUG_SIGBLOB");
-                datafellows &= ~SSH_BUG_SIGBLOB;
-        }
-        debug("len %d datafellows %d", signaturelen, datafellows);
        /* fetch signature */
        if (datafellows & SSH_BUG_SIGBLOB) {
                sigblob = signature;
@@ -200,18 +180,7 @@ ssh_dss_verify(
        xfree(digest);
        DSA_SIG_free(sig);
-        switch (ret) {
+        debug("ssh_dss_verify: signature %s",
-        case 1:
+            ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
-                txt = "correct";
-                break;
-        case 0:
-                txt = "incorrect";
-                break;
-        case -1:
-        default:
-                txt = "error";
-                break;
-        }
-        debug("ssh_dss_verify: signature %s", txt);
        return ret;
 }
author	Ben Lindstrom <mouring@eviladmin.org>	2001-06-09 01:36:21 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-06-09 01:36:21 +0000
commit	c66d436f603c8e1d727dc55a8087e497701ca7f3 (patch)
tree	d8f6e6d0cff6f2ca9e0e5a56d7787462a0e8df7b /ssh-dss.c
parent	cb3929d1d9ef6ca0059c39a9659668dd7c52ca6e (diff)

diff --git a/ssh-dss.c b/ssh-dss.c index adc8f983e..5cf007667 100644 --- a/ssh-dss.c +++ b/ssh-dss.c
@@ -23,7 +23,7 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $");	26	RCSID("$OpenBSD: ssh-dss.c,v 1.7 2001/06/06 23:13:54 markus Exp $");
27		27
28	#include <openssl/bn.h>	28	#include <openssl/bn.h>
29	#include <openssl/evp.h>	29	#include <openssl/evp.h>
@@ -45,15 +45,11 @@ ssh_dss_sign(
45	u_char *sigp, int lenp,	45	u_char *sigp, int lenp,
46	u_char *data, int datalen)	46	u_char *data, int datalen)
47	{	47	{
48	u_char *digest;
49	u_char *ret;
50	DSA_SIG *sig;	48	DSA_SIG *sig;
51	EVP_MD *evp_md = EVP_sha1();	49	EVP_MD *evp_md = EVP_sha1();
52	EVP_MD_CTX md;	50	EVP_MD_CTX md;
53	u_int rlen;	51	u_char digest, ret, sigblob[SIGBLOB_LEN];
54	u_int slen;	52	u_int rlen, slen, len, dlen;
55	u_int len, dlen;
56	u_char sigblob[SIGBLOB_LEN];
57	Buffer b;	53	Buffer b;
58		54
59	if (key == NULL \|\| key->type != KEY_DSA \|\| key->dsa == NULL) {	55	if (key == NULL \|\| key->type != KEY_DSA \|\| key->dsa == NULL) {
@@ -67,11 +63,13 @@ ssh_dss_sign(
67	EVP_DigestFinal(&md, digest, NULL);	63	EVP_DigestFinal(&md, digest, NULL);
68		64
69	sig = DSA_do_sign(digest, dlen, key->dsa);	65	sig = DSA_do_sign(digest, dlen, key->dsa);
70	if (sig == NULL) {	66
71	fatal("ssh_dss_sign: cannot sign");
72	}
73	memset(digest, 0, dlen);	67	memset(digest, 0, dlen);
74	xfree(digest);	68	xfree(digest);
		69	if (sig == NULL) {
		70	error("ssh_dss_sign: sign failed");
		71	return -1;
		72	}
75		73
76	rlen = BN_num_bytes(sig->r);	74	rlen = BN_num_bytes(sig->r);
77	slen = BN_num_bytes(sig->s);	75	slen = BN_num_bytes(sig->s);
@@ -80,15 +78,12 @@ ssh_dss_sign(
80	DSA_SIG_free(sig);	78	DSA_SIG_free(sig);
81	return -1;	79	return -1;
82	}	80	}
83	debug("sig size %d %d", rlen, slen);
84
85	memset(sigblob, 0, SIGBLOB_LEN);	81	memset(sigblob, 0, SIGBLOB_LEN);
86	BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);	82	BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
87	BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);	83	BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
88	DSA_SIG_free(sig);	84	DSA_SIG_free(sig);
89		85
90	if (datafellows & SSH_BUG_SIGBLOB) {	86	if (datafellows & SSH_BUG_SIGBLOB) {
91	debug("datafellows");
92	ret = xmalloc(SIGBLOB_LEN);	87	ret = xmalloc(SIGBLOB_LEN);
93	memcpy(ret, sigblob, SIGBLOB_LEN);	88	memcpy(ret, sigblob, SIGBLOB_LEN);
94	if (lenp != NULL)	89	if (lenp != NULL)
@@ -117,34 +112,19 @@ ssh_dss_verify(
117	u_char *signature, int signaturelen,	112	u_char *signature, int signaturelen,
118	u_char *data, int datalen)	113	u_char *data, int datalen)
119	{	114	{
120	Buffer b;
121	u_char *digest;
122	DSA_SIG *sig;	115	DSA_SIG *sig;
123	EVP_MD *evp_md = EVP_sha1();	116	EVP_MD *evp_md = EVP_sha1();
124	EVP_MD_CTX md;	117	EVP_MD_CTX md;
125	u_char *sigblob;	118	u_char digest, sigblob;
126	char *txt;
127	u_int len, dlen;	119	u_int len, dlen;
128	int rlen;	120	int rlen, ret;
129	int ret;	121	Buffer b;
130		122
131	if (key == NULL \|\| key->type != KEY_DSA \|\| key->dsa == NULL) {	123	if (key == NULL \|\| key->type != KEY_DSA \|\| key->dsa == NULL) {
132	error("ssh_dss_verify: no DSA key");	124	error("ssh_dss_verify: no DSA key");
133	return -1;	125	return -1;
134	}	126	}
135		127
136	if (!(datafellows & SSH_BUG_SIGBLOB) &&
137	signaturelen == SIGBLOB_LEN) {
138	datafellows \|= ~SSH_BUG_SIGBLOB;
139	log("autodetect SSH_BUG_SIGBLOB");
140	} else if ((datafellows & SSH_BUG_SIGBLOB) &&
141	signaturelen != SIGBLOB_LEN) {
142	log("autoremove SSH_BUG_SIGBLOB");
143	datafellows &= ~SSH_BUG_SIGBLOB;
144	}
145
146	debug("len %d datafellows %d", signaturelen, datafellows);
147
148	/* fetch signature */	128	/* fetch signature */
149	if (datafellows & SSH_BUG_SIGBLOB) {	129	if (datafellows & SSH_BUG_SIGBLOB) {
150	sigblob = signature;	130	sigblob = signature;
@@ -200,18 +180,7 @@ ssh_dss_verify(
200	xfree(digest);	180	xfree(digest);
201	DSA_SIG_free(sig);	181	DSA_SIG_free(sig);
202		182
203	switch (ret) {	183	debug("ssh_dss_verify: signature %s",
204	case 1:	184	ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
205	txt = "correct";
206	break;
207	case 0:
208	txt = "incorrect";
209	break;
210	case -1:
211	default:
212	txt = "error";
213	break;
214	}
215	debug("ssh_dss_verify: signature %s", txt);
216	return ret;	185	return ret;
217	}	186	}