diff options
-rw-r--r-- | ssh-ecdsa-sk.c | 6 | ||||
-rw-r--r-- | ssh-ed25519-sk.c | 23 |
2 files changed, 27 insertions, 2 deletions
diff --git a/ssh-ecdsa-sk.c b/ssh-ecdsa-sk.c index b2f31ae2d..40f0dc8c0 100644 --- a/ssh-ecdsa-sk.c +++ b/ssh-ecdsa-sk.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-ecdsa-sk.c,v 1.4 2019/11/25 00:51:37 djm Exp $ */ | 1 | /* $OpenBSD: ssh-ecdsa-sk.c,v 1.5 2019/11/26 03:04:27 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -113,6 +113,8 @@ ssh_ecdsa_sk_verify(const struct sshkey *key, | |||
113 | goto out; | 113 | goto out; |
114 | } | 114 | } |
115 | #ifdef DEBUG_SK | 115 | #ifdef DEBUG_SK |
116 | fprintf(stderr, "%s: data: (len %zu)\n", __func__, datalen); | ||
117 | /* sshbuf_dump_data(data, datalen, stderr); */ | ||
116 | fprintf(stderr, "%s: sig_r: %s\n", __func__, (tmp = BN_bn2hex(sig_r))); | 118 | fprintf(stderr, "%s: sig_r: %s\n", __func__, (tmp = BN_bn2hex(sig_r))); |
117 | free(tmp); | 119 | free(tmp); |
118 | fprintf(stderr, "%s: sig_s: %s\n", __func__, (tmp = BN_bn2hex(sig_s))); | 120 | fprintf(stderr, "%s: sig_s: %s\n", __func__, (tmp = BN_bn2hex(sig_s))); |
@@ -140,6 +142,8 @@ ssh_ecdsa_sk_verify(const struct sshkey *key, | |||
140 | strlen(key->sk_application), apphash, sizeof(apphash))) != 0) | 142 | strlen(key->sk_application), apphash, sizeof(apphash))) != 0) |
141 | goto out; | 143 | goto out; |
142 | #ifdef DEBUG_SK | 144 | #ifdef DEBUG_SK |
145 | fprintf(stderr, "%s: hashed application:\n", __func__); | ||
146 | sshbuf_dump_data(apphash, sizeof(apphash), stderr); | ||
143 | fprintf(stderr, "%s: hashed message:\n", __func__); | 147 | fprintf(stderr, "%s: hashed message:\n", __func__); |
144 | sshbuf_dump_data(msghash, sizeof(msghash), stderr); | 148 | sshbuf_dump_data(msghash, sizeof(msghash), stderr); |
145 | #endif | 149 | #endif |
diff --git a/ssh-ed25519-sk.c b/ssh-ed25519-sk.c index d11fde6fd..89bf479dc 100644 --- a/ssh-ed25519-sk.c +++ b/ssh-ed25519-sk.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-ed25519-sk.c,v 1.3 2019/11/25 00:51:37 djm Exp $ */ | 1 | /* $OpenBSD: ssh-ed25519-sk.c,v 1.4 2019/11/26 03:04:27 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -14,6 +14,9 @@ | |||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | */ | 16 | */ |
17 | |||
18 | /* #define DEBUG_SK 1 */ | ||
19 | |||
17 | #define SSHKEY_INTERNAL | 20 | #define SSHKEY_INTERNAL |
18 | #include <sys/types.h> | 21 | #include <sys/types.h> |
19 | #include <limits.h> | 22 | #include <limits.h> |
@@ -70,6 +73,14 @@ ssh_ed25519_sk_verify(const struct sshkey *key, | |||
70 | r = SSH_ERR_INVALID_FORMAT; | 73 | r = SSH_ERR_INVALID_FORMAT; |
71 | goto out; | 74 | goto out; |
72 | } | 75 | } |
76 | #ifdef DEBUG_SK | ||
77 | fprintf(stderr, "%s: data:\n", __func__); | ||
78 | /* sshbuf_dump_data(data, datalen, stderr); */ | ||
79 | fprintf(stderr, "%s: sigblob:\n", __func__); | ||
80 | sshbuf_dump_data(sigblob, len, stderr); | ||
81 | fprintf(stderr, "%s: sig_flags = 0x%02x, sig_counter = %u\n", | ||
82 | __func__, sig_flags, sig_counter); | ||
83 | #endif | ||
73 | if (strcmp(sshkey_ssh_name_plain(key), ktype) != 0) { | 84 | if (strcmp(sshkey_ssh_name_plain(key), ktype) != 0) { |
74 | r = SSH_ERR_KEY_TYPE_MISMATCH; | 85 | r = SSH_ERR_KEY_TYPE_MISMATCH; |
75 | goto out; | 86 | goto out; |
@@ -89,6 +100,12 @@ ssh_ed25519_sk_verify(const struct sshkey *key, | |||
89 | r = SSH_ERR_INVALID_ARGUMENT; | 100 | r = SSH_ERR_INVALID_ARGUMENT; |
90 | goto out; | 101 | goto out; |
91 | } | 102 | } |
103 | #ifdef DEBUG_SK | ||
104 | fprintf(stderr, "%s: hashed application:\n", __func__); | ||
105 | sshbuf_dump_data(apphash, sizeof(apphash), stderr); | ||
106 | fprintf(stderr, "%s: hashed message:\n", __func__); | ||
107 | sshbuf_dump_data(msghash, sizeof(msghash), stderr); | ||
108 | #endif | ||
92 | if ((details = calloc(1, sizeof(*details))) == NULL) { | 109 | if ((details = calloc(1, sizeof(*details))) == NULL) { |
93 | r = SSH_ERR_ALLOC_FAIL; | 110 | r = SSH_ERR_ALLOC_FAIL; |
94 | goto out; | 111 | goto out; |
@@ -107,6 +124,10 @@ ssh_ed25519_sk_verify(const struct sshkey *key, | |||
107 | r = SSH_ERR_ALLOC_FAIL; | 124 | r = SSH_ERR_ALLOC_FAIL; |
108 | goto out; | 125 | goto out; |
109 | } | 126 | } |
127 | #ifdef DEBUG_SK | ||
128 | fprintf(stderr, "%s: signed buf:\n", __func__); | ||
129 | sshbuf_dump(encoded, stderr); | ||
130 | #endif | ||
110 | sm = sshbuf_ptr(encoded); | 131 | sm = sshbuf_ptr(encoded); |
111 | smlen = sshbuf_len(encoded); | 132 | smlen = sshbuf_len(encoded); |
112 | mlen = smlen; | 133 | mlen = smlen; |