diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-12-18 02:25:15 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-12-19 15:21:37 +1100 |
commit | 04c7e28f83062dc42f2380d1bb3a6bf0190852c0 (patch) | |
tree | bc2c59d39a33aba84e0576039474668ada2546d2 /ssh-rsa.c | |
parent | 931c78dfd7fe30669681a59e536bbe66535f3ee9 (diff) |
upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
Diffstat (limited to 'ssh-rsa.c')
-rw-r--r-- | ssh-rsa.c | 19 |
1 files changed, 13 insertions, 6 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-rsa.c,v 1.62 2017/07/01 13:50:45 djm Exp $ */ | 1 | /* $OpenBSD: ssh-rsa.c,v 1.63 2017/12/18 02:25:15 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> |
4 | * | 4 | * |
@@ -198,9 +198,10 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, | |||
198 | 198 | ||
199 | int | 199 | int |
200 | ssh_rsa_verify(const struct sshkey *key, | 200 | ssh_rsa_verify(const struct sshkey *key, |
201 | const u_char *sig, size_t siglen, const u_char *data, size_t datalen) | 201 | const u_char *sig, size_t siglen, const u_char *data, size_t datalen, |
202 | const char *alg) | ||
202 | { | 203 | { |
203 | char *ktype = NULL; | 204 | char *sigtype = NULL; |
204 | int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; | 205 | int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; |
205 | size_t len, diff, modlen, dlen; | 206 | size_t len, diff, modlen, dlen; |
206 | struct sshbuf *b = NULL; | 207 | struct sshbuf *b = NULL; |
@@ -215,11 +216,17 @@ ssh_rsa_verify(const struct sshkey *key, | |||
215 | 216 | ||
216 | if ((b = sshbuf_from(sig, siglen)) == NULL) | 217 | if ((b = sshbuf_from(sig, siglen)) == NULL) |
217 | return SSH_ERR_ALLOC_FAIL; | 218 | return SSH_ERR_ALLOC_FAIL; |
218 | if (sshbuf_get_cstring(b, &ktype, NULL) != 0) { | 219 | if (sshbuf_get_cstring(b, &sigtype, NULL) != 0) { |
219 | ret = SSH_ERR_INVALID_FORMAT; | 220 | ret = SSH_ERR_INVALID_FORMAT; |
220 | goto out; | 221 | goto out; |
221 | } | 222 | } |
222 | if ((hash_alg = rsa_hash_alg_from_ident(ktype)) == -1) { | 223 | /* XXX djm: need cert types that reliably yield SHA-2 signatures */ |
224 | if (alg != NULL && strcmp(alg, sigtype) != 0 && | ||
225 | strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) { | ||
226 | ret = SSH_ERR_SIGNATURE_INVALID; | ||
227 | goto out; | ||
228 | } | ||
229 | if ((hash_alg = rsa_hash_alg_from_ident(sigtype)) == -1) { | ||
223 | ret = SSH_ERR_KEY_TYPE_MISMATCH; | 230 | ret = SSH_ERR_KEY_TYPE_MISMATCH; |
224 | goto out; | 231 | goto out; |
225 | } | 232 | } |
@@ -263,7 +270,7 @@ ssh_rsa_verify(const struct sshkey *key, | |||
263 | explicit_bzero(sigblob, len); | 270 | explicit_bzero(sigblob, len); |
264 | free(sigblob); | 271 | free(sigblob); |
265 | } | 272 | } |
266 | free(ktype); | 273 | free(sigtype); |
267 | sshbuf_free(b); | 274 | sshbuf_free(b); |
268 | explicit_bzero(digest, sizeof(digest)); | 275 | explicit_bzero(digest, sizeof(digest)); |
269 | return ret; | 276 | return ret; |