summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--ssh-dss.c29
-rw-r--r--ssh-ecdsa.c12
-rw-r--r--ssh-rsa.c39
4 files changed, 49 insertions, 37 deletions
diff --git a/ChangeLog b/ChangeLog
index f3a72291b..442dec3e9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -34,6 +34,12 @@
34 - tedu@cvs.openbsd.org 2013/12/21 07:10:47 34 - tedu@cvs.openbsd.org 2013/12/21 07:10:47
35 [ssh-keygen.1] 35 [ssh-keygen.1]
36 small typo 36 small typo
37 - djm@cvs.openbsd.org 2013/12/27 22:30:17
38 [ssh-dss.c ssh-ecdsa.c ssh-rsa.c]
39 make the original RSA and DSA signing/verification code look more like
40 the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type
41 rather than tediously listing all variants, use __func__ for debug/
42 error messages
37 43
3820131221 4420131221
39 - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. 45 - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
diff --git a/ssh-dss.c b/ssh-dss.c
index 322ec9fd8..a6292aa84 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-dss.c,v 1.28 2013/05/17 00:13:14 djm Exp $ */ 1/* $OpenBSD: ssh-dss.c,v 1.29 2013/12/27 22:30:17 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -53,11 +53,12 @@ ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp,
53 u_int rlen, slen, len, dlen; 53 u_int rlen, slen, len, dlen;
54 Buffer b; 54 Buffer b;
55 55
56 if (key == NULL || key->dsa == NULL || (key->type != KEY_DSA && 56 if (key == NULL || key_type_plain(key->type) != KEY_DSA ||
57 key->type != KEY_DSA_CERT && key->type != KEY_DSA_CERT_V00)) { 57 key->dsa == NULL) {
58 error("ssh_dss_sign: no DSA key"); 58 error("%s: no DSA key", __func__);
59 return -1; 59 return -1;
60 } 60 }
61
61 EVP_DigestInit(&md, evp_md); 62 EVP_DigestInit(&md, evp_md);
62 EVP_DigestUpdate(&md, data, datalen); 63 EVP_DigestUpdate(&md, data, datalen);
63 EVP_DigestFinal(&md, digest, &dlen); 64 EVP_DigestFinal(&md, digest, &dlen);
@@ -117,9 +118,9 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
117 int rlen, ret; 118 int rlen, ret;
118 Buffer b; 119 Buffer b;
119 120
120 if (key == NULL || key->dsa == NULL || (key->type != KEY_DSA && 121 if (key == NULL || key_type_plain(key->type) != KEY_DSA ||
121 key->type != KEY_DSA_CERT && key->type != KEY_DSA_CERT_V00)) { 122 key->dsa == NULL) {
122 error("ssh_dss_verify: no DSA key"); 123 error("%s: no DSA key", __func__);
123 return -1; 124 return -1;
124 } 125 }
125 126
@@ -135,7 +136,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
135 buffer_append(&b, signature, signaturelen); 136 buffer_append(&b, signature, signaturelen);
136 ktype = buffer_get_cstring(&b, NULL); 137 ktype = buffer_get_cstring(&b, NULL);
137 if (strcmp("ssh-dss", ktype) != 0) { 138 if (strcmp("ssh-dss", ktype) != 0) {
138 error("ssh_dss_verify: cannot handle type %s", ktype); 139 error("%s: cannot handle type %s", __func__, ktype);
139 buffer_free(&b); 140 buffer_free(&b);
140 free(ktype); 141 free(ktype);
141 return -1; 142 return -1;
@@ -145,8 +146,8 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
145 rlen = buffer_len(&b); 146 rlen = buffer_len(&b);
146 buffer_free(&b); 147 buffer_free(&b);
147 if (rlen != 0) { 148 if (rlen != 0) {
148 error("ssh_dss_verify: " 149 error("%s: remaining bytes in signature %d",
149 "remaining bytes in signature %d", rlen); 150 __func__, rlen);
150 free(sigblob); 151 free(sigblob);
151 return -1; 152 return -1;
152 } 153 }
@@ -158,14 +159,14 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
158 159
159 /* parse signature */ 160 /* parse signature */
160 if ((sig = DSA_SIG_new()) == NULL) 161 if ((sig = DSA_SIG_new()) == NULL)
161 fatal("ssh_dss_verify: DSA_SIG_new failed"); 162 fatal("%s: DSA_SIG_new failed", __func__);
162 if ((sig->r = BN_new()) == NULL) 163 if ((sig->r = BN_new()) == NULL)
163 fatal("ssh_dss_verify: BN_new failed"); 164 fatal("%s: BN_new failed", __func__);
164 if ((sig->s = BN_new()) == NULL) 165 if ((sig->s = BN_new()) == NULL)
165 fatal("ssh_dss_verify: BN_new failed"); 166 fatal("ssh_dss_verify: BN_new failed");
166 if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) || 167 if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) ||
167 (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL)) 168 (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL))
168 fatal("ssh_dss_verify: BN_bin2bn failed"); 169 fatal("%s: BN_bin2bn failed", __func__);
169 170
170 /* clean up */ 171 /* clean up */
171 memset(sigblob, 0, len); 172 memset(sigblob, 0, len);
@@ -181,7 +182,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
181 182
182 DSA_SIG_free(sig); 183 DSA_SIG_free(sig);
183 184
184 debug("ssh_dss_verify: signature %s", 185 debug("%s: signature %s", __func__,
185 ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error"); 186 ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
186 return ret; 187 return ret;
187} 188}
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c
index 766338941..52f9e74c0 100644
--- a/ssh-ecdsa.c
+++ b/ssh-ecdsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-ecdsa.c,v 1.6 2013/05/17 00:13:14 djm Exp $ */ 1/* $OpenBSD: ssh-ecdsa.c,v 1.7 2013/12/27 22:30:17 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -54,11 +54,12 @@ ssh_ecdsa_sign(const Key *key, u_char **sigp, u_int *lenp,
54 u_int len, dlen; 54 u_int len, dlen;
55 Buffer b, bb; 55 Buffer b, bb;
56 56
57 if (key == NULL || key->ecdsa == NULL || 57 if (key == NULL || key_type_plain(key->type) != KEY_ECDSA ||
58 (key->type != KEY_ECDSA && key->type != KEY_ECDSA_CERT)) { 58 key->ecdsa == NULL) {
59 error("%s: no ECDSA key", __func__); 59 error("%s: no ECDSA key", __func__);
60 return -1; 60 return -1;
61 } 61 }
62
62 evp_md = key_ec_nid_to_evpmd(key->ecdsa_nid); 63 evp_md = key_ec_nid_to_evpmd(key->ecdsa_nid);
63 EVP_DigestInit(&md, evp_md); 64 EVP_DigestInit(&md, evp_md);
64 EVP_DigestUpdate(&md, data, datalen); 65 EVP_DigestUpdate(&md, data, datalen);
@@ -105,11 +106,12 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
105 Buffer b, bb; 106 Buffer b, bb;
106 char *ktype; 107 char *ktype;
107 108
108 if (key == NULL || key->ecdsa == NULL || 109 if (key == NULL || key_type_plain(key->type) != KEY_ECDSA ||
109 (key->type != KEY_ECDSA && key->type != KEY_ECDSA_CERT)) { 110 key->ecdsa == NULL) {
110 error("%s: no ECDSA key", __func__); 111 error("%s: no ECDSA key", __func__);
111 return -1; 112 return -1;
112 } 113 }
114
113 evp_md = key_ec_nid_to_evpmd(key->ecdsa_nid); 115 evp_md = key_ec_nid_to_evpmd(key->ecdsa_nid);
114 116
115 /* fetch signature */ 117 /* fetch signature */
diff --git a/ssh-rsa.c b/ssh-rsa.c
index 30f96abc2..782c85573 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-rsa.c,v 1.46 2013/05/17 00:13:14 djm Exp $ */ 1/* $OpenBSD: ssh-rsa.c,v 1.47 2013/12/27 22:30:17 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> 3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
4 * 4 *
@@ -47,14 +47,15 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
47 int ok, nid; 47 int ok, nid;
48 Buffer b; 48 Buffer b;
49 49
50 if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA && 50 if (key == NULL || key_type_plain(key->type) != KEY_RSA ||
51 key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) { 51 key->rsa == NULL) {
52 error("ssh_rsa_sign: no RSA key"); 52 error("%s: no RSA key", __func__);
53 return -1; 53 return -1;
54 } 54 }
55
55 nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; 56 nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
56 if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { 57 if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
57 error("ssh_rsa_sign: EVP_get_digestbynid %d failed", nid); 58 error("%s: EVP_get_digestbynid %d failed", __func__, nid);
58 return -1; 59 return -1;
59 } 60 }
60 EVP_DigestInit(&md, evp_md); 61 EVP_DigestInit(&md, evp_md);
@@ -70,7 +71,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
70 if (ok != 1) { 71 if (ok != 1) {
71 int ecode = ERR_get_error(); 72 int ecode = ERR_get_error();
72 73
73 error("ssh_rsa_sign: RSA_sign failed: %s", 74 error("%s: RSA_sign failed: %s", __func__,
74 ERR_error_string(ecode, NULL)); 75 ERR_error_string(ecode, NULL));
75 free(sig); 76 free(sig);
76 return -1; 77 return -1;
@@ -81,7 +82,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
81 memmove(sig + diff, sig, len); 82 memmove(sig + diff, sig, len);
82 memset(sig, 0, diff); 83 memset(sig, 0, diff);
83 } else if (len > slen) { 84 } else if (len > slen) {
84 error("ssh_rsa_sign: slen %u slen2 %u", slen, len); 85 error("%s: slen %u slen2 %u", __func__, slen, len);
85 free(sig); 86 free(sig);
86 return -1; 87 return -1;
87 } 88 }
@@ -115,21 +116,23 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
115 u_int len, dlen, modlen; 116 u_int len, dlen, modlen;
116 int rlen, ret, nid; 117 int rlen, ret, nid;
117 118
118 if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA && 119 if (key == NULL || key_type_plain(key->type) != KEY_RSA ||
119 key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) { 120 key->rsa == NULL) {
120 error("ssh_rsa_verify: no RSA key"); 121 error("%s: no RSA key", __func__);
121 return -1; 122 return -1;
122 } 123 }
124
123 if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { 125 if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
124 error("ssh_rsa_verify: RSA modulus too small: %d < minimum %d bits", 126 error("%s: RSA modulus too small: %d < minimum %d bits",
125 BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); 127 __func__, BN_num_bits(key->rsa->n),
128 SSH_RSA_MINIMUM_MODULUS_SIZE);
126 return -1; 129 return -1;
127 } 130 }
128 buffer_init(&b); 131 buffer_init(&b);
129 buffer_append(&b, signature, signaturelen); 132 buffer_append(&b, signature, signaturelen);
130 ktype = buffer_get_cstring(&b, NULL); 133 ktype = buffer_get_cstring(&b, NULL);
131 if (strcmp("ssh-rsa", ktype) != 0) { 134 if (strcmp("ssh-rsa", ktype) != 0) {
132 error("ssh_rsa_verify: cannot handle type %s", ktype); 135 error("%s: cannot handle type %s", __func__, ktype);
133 buffer_free(&b); 136 buffer_free(&b);
134 free(ktype); 137 free(ktype);
135 return -1; 138 return -1;
@@ -139,19 +142,19 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
139 rlen = buffer_len(&b); 142 rlen = buffer_len(&b);
140 buffer_free(&b); 143 buffer_free(&b);
141 if (rlen != 0) { 144 if (rlen != 0) {
142 error("ssh_rsa_verify: remaining bytes in signature %d", rlen); 145 error("%s: remaining bytes in signature %d", __func__, rlen);
143 free(sigblob); 146 free(sigblob);
144 return -1; 147 return -1;
145 } 148 }
146 /* RSA_verify expects a signature of RSA_size */ 149 /* RSA_verify expects a signature of RSA_size */
147 modlen = RSA_size(key->rsa); 150 modlen = RSA_size(key->rsa);
148 if (len > modlen) { 151 if (len > modlen) {
149 error("ssh_rsa_verify: len %u > modlen %u", len, modlen); 152 error("%s: len %u > modlen %u", __func__, len, modlen);
150 free(sigblob); 153 free(sigblob);
151 return -1; 154 return -1;
152 } else if (len < modlen) { 155 } else if (len < modlen) {
153 u_int diff = modlen - len; 156 u_int diff = modlen - len;
154 debug("ssh_rsa_verify: add padding: modlen %u > len %u", 157 debug("%s: add padding: modlen %u > len %u", __func__,
155 modlen, len); 158 modlen, len);
156 sigblob = xrealloc(sigblob, 1, modlen); 159 sigblob = xrealloc(sigblob, 1, modlen);
157 memmove(sigblob + diff, sigblob, len); 160 memmove(sigblob + diff, sigblob, len);
@@ -160,7 +163,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
160 } 163 }
161 nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; 164 nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
162 if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { 165 if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
163 error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); 166 error("%s: EVP_get_digestbynid %d failed", __func__, nid);
164 free(sigblob); 167 free(sigblob);
165 return -1; 168 return -1;
166 } 169 }
@@ -172,7 +175,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
172 memset(digest, 'd', sizeof(digest)); 175 memset(digest, 'd', sizeof(digest));
173 memset(sigblob, 's', len); 176 memset(sigblob, 's', len);
174 free(sigblob); 177 free(sigblob);
175 debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : ""); 178 debug("%s: signature %scorrect", __func__, (ret == 0) ? "in" : "");
176 return ret; 179 return ret;
177} 180}
178 181
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 08:58:42 +0000