- markus@cvs.openbsd.org 2001/06/06 23:13:54
[ssh-dss.c ssh-rsa.c] cleanup, remove old code
This commit is contained in:
parent
cb3929d1d9
commit
c66d436f60
|
@ -56,6 +56,9 @@
|
|||
- markus@cvs.openbsd.org 2001/06/05 16:46:19
|
||||
[session.c]
|
||||
let session_close() delete the pty. deny x11fwd if xauthfile is set.
|
||||
- markus@cvs.openbsd.org 2001/06/06 23:13:54
|
||||
[ssh-dss.c ssh-rsa.c]
|
||||
cleanup, remove old code
|
||||
|
||||
20010606
|
||||
- OpenBSD CVS Sync
|
||||
|
@ -5567,4 +5570,4 @@
|
|||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.1263 2001/06/09 01:34:15 mouring Exp $
|
||||
$Id: ChangeLog,v 1.1264 2001/06/09 01:36:21 mouring Exp $
|
||||
|
|
57
ssh-dss.c
57
ssh-dss.c
|
@ -23,7 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $");
|
||||
RCSID("$OpenBSD: ssh-dss.c,v 1.7 2001/06/06 23:13:54 markus Exp $");
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/evp.h>
|
||||
|
@ -45,15 +45,11 @@ ssh_dss_sign(
|
|||
u_char **sigp, int *lenp,
|
||||
u_char *data, int datalen)
|
||||
{
|
||||
u_char *digest;
|
||||
u_char *ret;
|
||||
DSA_SIG *sig;
|
||||
EVP_MD *evp_md = EVP_sha1();
|
||||
EVP_MD_CTX md;
|
||||
u_int rlen;
|
||||
u_int slen;
|
||||
u_int len, dlen;
|
||||
u_char sigblob[SIGBLOB_LEN];
|
||||
u_char *digest, *ret, sigblob[SIGBLOB_LEN];
|
||||
u_int rlen, slen, len, dlen;
|
||||
Buffer b;
|
||||
|
||||
if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
|
||||
|
@ -67,11 +63,13 @@ ssh_dss_sign(
|
|||
EVP_DigestFinal(&md, digest, NULL);
|
||||
|
||||
sig = DSA_do_sign(digest, dlen, key->dsa);
|
||||
if (sig == NULL) {
|
||||
fatal("ssh_dss_sign: cannot sign");
|
||||
}
|
||||
|
||||
memset(digest, 0, dlen);
|
||||
xfree(digest);
|
||||
if (sig == NULL) {
|
||||
error("ssh_dss_sign: sign failed");
|
||||
return -1;
|
||||
}
|
||||
|
||||
rlen = BN_num_bytes(sig->r);
|
||||
slen = BN_num_bytes(sig->s);
|
||||
|
@ -80,15 +78,12 @@ ssh_dss_sign(
|
|||
DSA_SIG_free(sig);
|
||||
return -1;
|
||||
}
|
||||
debug("sig size %d %d", rlen, slen);
|
||||
|
||||
memset(sigblob, 0, SIGBLOB_LEN);
|
||||
BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
|
||||
BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
|
||||
DSA_SIG_free(sig);
|
||||
|
||||
if (datafellows & SSH_BUG_SIGBLOB) {
|
||||
debug("datafellows");
|
||||
ret = xmalloc(SIGBLOB_LEN);
|
||||
memcpy(ret, sigblob, SIGBLOB_LEN);
|
||||
if (lenp != NULL)
|
||||
|
@ -117,34 +112,19 @@ ssh_dss_verify(
|
|||
u_char *signature, int signaturelen,
|
||||
u_char *data, int datalen)
|
||||
{
|
||||
Buffer b;
|
||||
u_char *digest;
|
||||
DSA_SIG *sig;
|
||||
EVP_MD *evp_md = EVP_sha1();
|
||||
EVP_MD_CTX md;
|
||||
u_char *sigblob;
|
||||
char *txt;
|
||||
u_char *digest, *sigblob;
|
||||
u_int len, dlen;
|
||||
int rlen;
|
||||
int ret;
|
||||
int rlen, ret;
|
||||
Buffer b;
|
||||
|
||||
if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
|
||||
error("ssh_dss_verify: no DSA key");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!(datafellows & SSH_BUG_SIGBLOB) &&
|
||||
signaturelen == SIGBLOB_LEN) {
|
||||
datafellows |= ~SSH_BUG_SIGBLOB;
|
||||
log("autodetect SSH_BUG_SIGBLOB");
|
||||
} else if ((datafellows & SSH_BUG_SIGBLOB) &&
|
||||
signaturelen != SIGBLOB_LEN) {
|
||||
log("autoremove SSH_BUG_SIGBLOB");
|
||||
datafellows &= ~SSH_BUG_SIGBLOB;
|
||||
}
|
||||
|
||||
debug("len %d datafellows %d", signaturelen, datafellows);
|
||||
|
||||
/* fetch signature */
|
||||
if (datafellows & SSH_BUG_SIGBLOB) {
|
||||
sigblob = signature;
|
||||
|
@ -200,18 +180,7 @@ ssh_dss_verify(
|
|||
xfree(digest);
|
||||
DSA_SIG_free(sig);
|
||||
|
||||
switch (ret) {
|
||||
case 1:
|
||||
txt = "correct";
|
||||
break;
|
||||
case 0:
|
||||
txt = "incorrect";
|
||||
break;
|
||||
case -1:
|
||||
default:
|
||||
txt = "error";
|
||||
break;
|
||||
}
|
||||
debug("ssh_dss_verify: signature %s", txt);
|
||||
debug("ssh_dss_verify: signature %s",
|
||||
ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
|
||||
return ret;
|
||||
}
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: ssh-rsa.c,v 1.8 2001/03/27 10:57:00 markus Exp $");
|
||||
RCSID("$OpenBSD: ssh-rsa.c,v 1.9 2001/06/06 23:13:54 markus Exp $");
|
||||
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/err.h>
|
||||
|
@ -103,7 +103,6 @@ ssh_rsa_sign(
|
|||
*lenp = len;
|
||||
if (sigp != NULL)
|
||||
*sigp = ret;
|
||||
debug2("ssh_rsa_sign: done");
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue