diff options
Diffstat (limited to 'ssh-rsa.c')
| -rw-r--r-- | ssh-rsa.c | 21 |
1 files changed, 11 insertions, 10 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-rsa.c,v 1.40 2010/02/26 20:29:54 djm Exp $ */ | 1 | /* $OpenBSD: ssh-rsa.c,v 1.44 2010/07/16 14:07:35 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> |
| 4 | * | 4 | * |
| @@ -30,6 +30,7 @@ | |||
| 30 | #include "buffer.h" | 30 | #include "buffer.h" |
| 31 | #include "key.h" | 31 | #include "key.h" |
| 32 | #include "compat.h" | 32 | #include "compat.h" |
| 33 | #include "misc.h" | ||
| 33 | #include "ssh.h" | 34 | #include "ssh.h" |
| 34 | 35 | ||
| 35 | static int openssh_RSA_verify(int, u_char *, u_int, u_char *, u_int, RSA *); | 36 | static int openssh_RSA_verify(int, u_char *, u_int, u_char *, u_int, RSA *); |
| @@ -46,9 +47,8 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
| 46 | int ok, nid; | 47 | int ok, nid; |
| 47 | Buffer b; | 48 | Buffer b; |
| 48 | 49 | ||
| 49 | if (key == NULL || | 50 | if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA && |
| 50 | (key->type != KEY_RSA && key->type != KEY_RSA_CERT) || | 51 | key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) { |
| 51 | key->rsa == NULL) { | ||
| 52 | error("ssh_rsa_sign: no RSA key"); | 52 | error("ssh_rsa_sign: no RSA key"); |
| 53 | return -1; | 53 | return -1; |
| 54 | } | 54 | } |
| @@ -115,9 +115,8 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
| 115 | u_int len, dlen, modlen; | 115 | u_int len, dlen, modlen; |
| 116 | int rlen, ret, nid; | 116 | int rlen, ret, nid; |
| 117 | 117 | ||
| 118 | if (key == NULL || | 118 | if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA && |
| 119 | (key->type != KEY_RSA && key->type != KEY_RSA_CERT) || | 119 | key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) { |
| 120 | key->rsa == NULL) { | ||
| 121 | error("ssh_rsa_verify: no RSA key"); | 120 | error("ssh_rsa_verify: no RSA key"); |
| 122 | return -1; | 121 | return -1; |
| 123 | } | 122 | } |
| @@ -212,7 +211,7 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen, | |||
| 212 | u_char *sigbuf, u_int siglen, RSA *rsa) | 211 | u_char *sigbuf, u_int siglen, RSA *rsa) |
| 213 | { | 212 | { |
| 214 | u_int ret, rsasize, oidlen = 0, hlen = 0; | 213 | u_int ret, rsasize, oidlen = 0, hlen = 0; |
| 215 | int len; | 214 | int len, oidmatch, hashmatch; |
| 216 | const u_char *oid = NULL; | 215 | const u_char *oid = NULL; |
| 217 | u_char *decrypted = NULL; | 216 | u_char *decrypted = NULL; |
| 218 | 217 | ||
| @@ -251,11 +250,13 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen, | |||
| 251 | error("bad decrypted len: %d != %d + %d", len, hlen, oidlen); | 250 | error("bad decrypted len: %d != %d + %d", len, hlen, oidlen); |
| 252 | goto done; | 251 | goto done; |
| 253 | } | 252 | } |
| 254 | if (memcmp(decrypted, oid, oidlen) != 0) { | 253 | oidmatch = timingsafe_bcmp(decrypted, oid, oidlen) == 0; |
| 254 | hashmatch = timingsafe_bcmp(decrypted + oidlen, hash, hlen) == 0; | ||
| 255 | if (!oidmatch) { | ||
| 255 | error("oid mismatch"); | 256 | error("oid mismatch"); |
| 256 | goto done; | 257 | goto done; |
| 257 | } | 258 | } |
| 258 | if (memcmp(decrypted + oidlen, hash, hlen) != 0) { | 259 | if (!hashmatch) { |
| 259 | error("hash mismatch"); | 260 | error("hash mismatch"); |
| 260 | goto done; | 261 | goto done; |
| 261 | } | 262 | } |