- markus@cvs.openbsd.org 2001/06/06 23:13:54
[ssh-dss.c ssh-rsa.c] cleanup, remove old code
This commit is contained in:
parent
cb3929d1d9
commit
c66d436f60
|
@ -56,6 +56,9 @@
|
||||||
- markus@cvs.openbsd.org 2001/06/05 16:46:19
|
- markus@cvs.openbsd.org 2001/06/05 16:46:19
|
||||||
[session.c]
|
[session.c]
|
||||||
let session_close() delete the pty. deny x11fwd if xauthfile is set.
|
let session_close() delete the pty. deny x11fwd if xauthfile is set.
|
||||||
|
- markus@cvs.openbsd.org 2001/06/06 23:13:54
|
||||||
|
[ssh-dss.c ssh-rsa.c]
|
||||||
|
cleanup, remove old code
|
||||||
|
|
||||||
20010606
|
20010606
|
||||||
- OpenBSD CVS Sync
|
- OpenBSD CVS Sync
|
||||||
|
@ -5567,4 +5570,4 @@
|
||||||
- Wrote replacements for strlcpy and mkdtemp
|
- Wrote replacements for strlcpy and mkdtemp
|
||||||
- Released 1.0pre1
|
- Released 1.0pre1
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.1263 2001/06/09 01:34:15 mouring Exp $
|
$Id: ChangeLog,v 1.1264 2001/06/09 01:36:21 mouring Exp $
|
||||||
|
|
57
ssh-dss.c
57
ssh-dss.c
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $");
|
RCSID("$OpenBSD: ssh-dss.c,v 1.7 2001/06/06 23:13:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
@ -45,15 +45,11 @@ ssh_dss_sign(
|
||||||
u_char **sigp, int *lenp,
|
u_char **sigp, int *lenp,
|
||||||
u_char *data, int datalen)
|
u_char *data, int datalen)
|
||||||
{
|
{
|
||||||
u_char *digest;
|
|
||||||
u_char *ret;
|
|
||||||
DSA_SIG *sig;
|
DSA_SIG *sig;
|
||||||
EVP_MD *evp_md = EVP_sha1();
|
EVP_MD *evp_md = EVP_sha1();
|
||||||
EVP_MD_CTX md;
|
EVP_MD_CTX md;
|
||||||
u_int rlen;
|
u_char *digest, *ret, sigblob[SIGBLOB_LEN];
|
||||||
u_int slen;
|
u_int rlen, slen, len, dlen;
|
||||||
u_int len, dlen;
|
|
||||||
u_char sigblob[SIGBLOB_LEN];
|
|
||||||
Buffer b;
|
Buffer b;
|
||||||
|
|
||||||
if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
|
if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
|
||||||
|
@ -67,11 +63,13 @@ ssh_dss_sign(
|
||||||
EVP_DigestFinal(&md, digest, NULL);
|
EVP_DigestFinal(&md, digest, NULL);
|
||||||
|
|
||||||
sig = DSA_do_sign(digest, dlen, key->dsa);
|
sig = DSA_do_sign(digest, dlen, key->dsa);
|
||||||
if (sig == NULL) {
|
|
||||||
fatal("ssh_dss_sign: cannot sign");
|
|
||||||
}
|
|
||||||
memset(digest, 0, dlen);
|
memset(digest, 0, dlen);
|
||||||
xfree(digest);
|
xfree(digest);
|
||||||
|
if (sig == NULL) {
|
||||||
|
error("ssh_dss_sign: sign failed");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
rlen = BN_num_bytes(sig->r);
|
rlen = BN_num_bytes(sig->r);
|
||||||
slen = BN_num_bytes(sig->s);
|
slen = BN_num_bytes(sig->s);
|
||||||
|
@ -80,15 +78,12 @@ ssh_dss_sign(
|
||||||
DSA_SIG_free(sig);
|
DSA_SIG_free(sig);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
debug("sig size %d %d", rlen, slen);
|
|
||||||
|
|
||||||
memset(sigblob, 0, SIGBLOB_LEN);
|
memset(sigblob, 0, SIGBLOB_LEN);
|
||||||
BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
|
BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
|
||||||
BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
|
BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
|
||||||
DSA_SIG_free(sig);
|
DSA_SIG_free(sig);
|
||||||
|
|
||||||
if (datafellows & SSH_BUG_SIGBLOB) {
|
if (datafellows & SSH_BUG_SIGBLOB) {
|
||||||
debug("datafellows");
|
|
||||||
ret = xmalloc(SIGBLOB_LEN);
|
ret = xmalloc(SIGBLOB_LEN);
|
||||||
memcpy(ret, sigblob, SIGBLOB_LEN);
|
memcpy(ret, sigblob, SIGBLOB_LEN);
|
||||||
if (lenp != NULL)
|
if (lenp != NULL)
|
||||||
|
@ -117,34 +112,19 @@ ssh_dss_verify(
|
||||||
u_char *signature, int signaturelen,
|
u_char *signature, int signaturelen,
|
||||||
u_char *data, int datalen)
|
u_char *data, int datalen)
|
||||||
{
|
{
|
||||||
Buffer b;
|
|
||||||
u_char *digest;
|
|
||||||
DSA_SIG *sig;
|
DSA_SIG *sig;
|
||||||
EVP_MD *evp_md = EVP_sha1();
|
EVP_MD *evp_md = EVP_sha1();
|
||||||
EVP_MD_CTX md;
|
EVP_MD_CTX md;
|
||||||
u_char *sigblob;
|
u_char *digest, *sigblob;
|
||||||
char *txt;
|
|
||||||
u_int len, dlen;
|
u_int len, dlen;
|
||||||
int rlen;
|
int rlen, ret;
|
||||||
int ret;
|
Buffer b;
|
||||||
|
|
||||||
if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
|
if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
|
||||||
error("ssh_dss_verify: no DSA key");
|
error("ssh_dss_verify: no DSA key");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(datafellows & SSH_BUG_SIGBLOB) &&
|
|
||||||
signaturelen == SIGBLOB_LEN) {
|
|
||||||
datafellows |= ~SSH_BUG_SIGBLOB;
|
|
||||||
log("autodetect SSH_BUG_SIGBLOB");
|
|
||||||
} else if ((datafellows & SSH_BUG_SIGBLOB) &&
|
|
||||||
signaturelen != SIGBLOB_LEN) {
|
|
||||||
log("autoremove SSH_BUG_SIGBLOB");
|
|
||||||
datafellows &= ~SSH_BUG_SIGBLOB;
|
|
||||||
}
|
|
||||||
|
|
||||||
debug("len %d datafellows %d", signaturelen, datafellows);
|
|
||||||
|
|
||||||
/* fetch signature */
|
/* fetch signature */
|
||||||
if (datafellows & SSH_BUG_SIGBLOB) {
|
if (datafellows & SSH_BUG_SIGBLOB) {
|
||||||
sigblob = signature;
|
sigblob = signature;
|
||||||
|
@ -200,18 +180,7 @@ ssh_dss_verify(
|
||||||
xfree(digest);
|
xfree(digest);
|
||||||
DSA_SIG_free(sig);
|
DSA_SIG_free(sig);
|
||||||
|
|
||||||
switch (ret) {
|
debug("ssh_dss_verify: signature %s",
|
||||||
case 1:
|
ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
|
||||||
txt = "correct";
|
|
||||||
break;
|
|
||||||
case 0:
|
|
||||||
txt = "incorrect";
|
|
||||||
break;
|
|
||||||
case -1:
|
|
||||||
default:
|
|
||||||
txt = "error";
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
debug("ssh_dss_verify: signature %s", txt);
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: ssh-rsa.c,v 1.8 2001/03/27 10:57:00 markus Exp $");
|
RCSID("$OpenBSD: ssh-rsa.c,v 1.9 2001/06/06 23:13:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
|
@ -103,7 +103,6 @@ ssh_rsa_sign(
|
||||||
*lenp = len;
|
*lenp = len;
|
||||||
if (sigp != NULL)
|
if (sigp != NULL)
|
||||||
*sigp = ret;
|
*sigp = ret;
|
||||||
debug2("ssh_rsa_sign: done");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue