silc_hash_final(md5, enc + 16);
/* Pad */
- pad_len = 8 - (key_len % 8);
+ pad_len = (-key_len) % 8;
if (pad_len) {
keyenc = silc_smalloc(stack, (key_len + pad_len) * sizeof(*keyenc));
- if (!key)
+ if (!keyenc)
goto err;
memset(keyenc + key_len, 'F', pad_len);
memcpy(keyenc, key, key_len);
} else {
- keyenc = silc_memdup(key, key_len);
+ keyenc = silc_smemdup(stack, key, key_len);
if (!keyenc)
goto err;
}
/* Sign context */
typedef struct {
+ SilcStack stack;
SilcSshPrivateKey privkey;
SilcPKCSSignCb sign_cb;
void *context;
void *context)
{
SilcSshSign sign = context;
+ SilcStack stack = sign->stack;
+ unsigned char rbuf[20], sbuf[20];
SilcBufferStruct sig;
- const char *name;
-
- if (!strcmp(sign->privkey->pkcs->name, "rsa"))
- name = "ssh-rsa";
- else
- name = "ssh-dss";
+ SilcAsn1 asn1;
+ SilcMPInt r, s;
memset(&sig, 0, sizeof(sig));
- if (silc_buffer_format(&sig,
- SILC_STR_UI_INT(strlen(name)),
- SILC_STR_UI32_STRING(name),
- SILC_STR_UI_INT(signature_len),
- SILC_STR_DATA(signature, signature_len),
- SILC_STR_END) < 0) {
- silc_free(sign);
- sign->sign_cb(FALSE, NULL, 0, sign->context);
+
+ /* Format the signature. RSA is easy because PKCS#1 is already in
+ correct format. For DSA the returned signature is in PKIX compliant
+ format and we have to reformat it for SSH2. */
+ if (!strcmp(sign->privkey->pkcs->name, "dsa")) {
+ asn1 = silc_asn1_alloc(stack);
+ if (!asn1) {
+ sign->sign_cb(FALSE, NULL, 0, sign->context);
+ silc_sfree(stack, sign);
+ silc_stack_free(stack);
+ return;
+ }
+
+ /* Decode the signature */
+ silc_buffer_set(&sig, (unsigned char *)signature, signature_len);
+ if (!silc_asn1_decode(asn1, &sig,
+ SILC_ASN1_SEQUENCE,
+ SILC_ASN1_INT(&r),
+ SILC_ASN1_INT(&s),
+ SILC_ASN1_END, SILC_ASN1_END)) {
+ sign->sign_cb(FALSE, NULL, 0, sign->context);
+ silc_asn1_free(asn1);
+ silc_sfree(stack, sign);
+ silc_stack_free(stack);
+ return;
+ }
+
+ /* Encode the integers */
+ memset(rbuf, 0, sizeof(rbuf));
+ memset(sbuf, 0, sizeof(sbuf));
+ silc_mp_mp2bin_noalloc(&r, rbuf, sizeof(rbuf));
+ silc_mp_mp2bin_noalloc(&s, sbuf, sizeof(sbuf));
+
+ silc_asn1_free(asn1);
+
+ /* Encode SSH2 DSS signature */
+ if (silc_buffer_sformat(stack, &sig,
+ SILC_STR_UI_INT(7),
+ SILC_STR_UI32_STRING("ssh-dss"),
+ SILC_STR_UI_INT(sizeof(rbuf) + sizeof(sbuf)),
+ SILC_STR_DATA(rbuf, sizeof(rbuf)),
+ SILC_STR_DATA(sbuf, sizeof(sbuf)),
+ SILC_STR_END) < 0) {
+ sign->sign_cb(FALSE, NULL, 0, sign->context);
+ silc_sfree(stack, sign);
+ silc_stack_free(stack);
+ return;
+ }
+ } else {
+ /* Encode SSH2 RSA signature */
+ if (silc_buffer_sformat(stack, &sig,
+ SILC_STR_UI_INT(7),
+ SILC_STR_UI32_STRING("ssh-rsa"),
+ SILC_STR_UI_INT(signature_len),
+ SILC_STR_DATA(signature, signature_len),
+ SILC_STR_END) < 0) {
+ sign->sign_cb(FALSE, NULL, 0, sign->context);
+ silc_sfree(stack, sign);
+ silc_stack_free(stack);
+ return;
+ }
}
/* Deliver result */
sign->sign_cb(TRUE, silc_buffer_data(&sig), silc_buffer_len(&sig),
sign->context);
- silc_buffer_purge(&sig);
- silc_free(sign);
+ silc_buffer_spurge(stack, &sig);
+ silc_sfree(stack, sign);
+ silc_stack_free(stack);
}
/* Sign */
SILC_PKCS_SIGN(silc_pkcs_ssh_sign)
{
SilcSshPrivateKey privkey = private_key;
+ SilcStack stack;
SilcSshSign sign;
if (!privkey->pkcs->sign) {
return NULL;
}
- sign = silc_calloc(1, sizeof(*sign));
+ stack = silc_stack_alloc(0, silc_crypto_stack());
+
+ sign = silc_scalloc(stack, 1, sizeof(*sign));
if (!sign) {
sign_cb(FALSE, NULL, 0, context);
+ silc_stack_free(stack);
return NULL;
}
+ sign->stack = stack;
sign->privkey = privkey;
sign->sign_cb = sign_cb;
sign->context = context;
SILC_PKCS_VERIFY(silc_pkcs_ssh_verify)
{
SilcSshPublicKey pubkey = public_key;
- SilcBufferStruct sig;
+ SilcAsyncOperation op;
+ SilcBufferStruct sig, r, s;
+ unsigned char *signame;
+ SilcStack stack = NULL;
+ SilcAsn1 asn1;
if (!pubkey->pkcs->verify) {
verify_cb(FALSE, context);
return NULL;
}
- /* Decode the SSH2 protocol style signature encoding. Ignore the
- algorithm name. We know the algorithm. */
+ /* Decode the SSH2 protocol style signature encoding. */
silc_buffer_set(&sig, signature, signature_len);
if (silc_buffer_unformat(&sig,
- SILC_STR_UI32_NSTRING(NULL, NULL),
+ SILC_STR_UI32_STRING_ALLOC(&signame),
SILC_STR_UI32_NSTRING(&signature, &signature_len),
SILC_STR_END) < 0) {
verify_cb(FALSE, context);
return NULL;
}
+ memset(&sig, 0, sizeof(sig));
+
+ /* DSS signature must be formatted to PKIX compliant format since our
+ implementation expects that. */
+ if (!strcmp(signame, "ssh-dss")) {
+ /* The integers must be 160 bits each */
+ if (signature_len != 40) {
+ verify_cb(FALSE, context);
+ silc_free(signame);
+ return NULL;
+ }
+
+ silc_buffer_set(&r, signature, 20);
+ silc_buffer_set(&s, signature + 20, 20);
+
+ stack = silc_stack_alloc(0, silc_crypto_stack());
+
+ asn1 = silc_asn1_alloc(stack);
+ if (!asn1) {
+ verify_cb(FALSE, context);
+ silc_free(signame);
+ silc_stack_free(stack);
+ return NULL;
+ }
+
+ /* Encode signature to PKIX compliant format. */
+ if (!silc_asn1_encode(asn1, &sig,
+ SILC_ASN1_OPTS(SILC_ASN1_ALLOC),
+ SILC_ASN1_SEQUENCE,
+ SILC_ASN1_ANY_PRIMITIVE(SILC_ASN1_TAG_INTEGER, &r),
+ SILC_ASN1_ANY_PRIMITIVE(SILC_ASN1_TAG_INTEGER, &s),
+ SILC_ASN1_END, SILC_ASN1_END)) {
+ verify_cb(FALSE, context);
+ silc_free(signame);
+ silc_asn1_free(asn1);
+ silc_stack_free(stack);
+ return NULL;
+ }
+
+ signature = silc_buffer_steal(&sig, &signature_len);
+
+ silc_asn1_free(asn1);
+ }
/* Verify */
- return pubkey->pkcs->verify(pubkey->pkcs, pubkey->public_key,
- signature, signature_len,
- data, data_len, hash, rng,
- verify_cb, context);
+ op = pubkey->pkcs->verify(pubkey->pkcs, pubkey->public_key,
+ signature, signature_len,
+ data, data_len, hash, rng,
+ verify_cb, context);
+
+ silc_free(signame);
+ silc_buffer_spurge(stack, &sig);
+ silc_stack_free(stack);
+
+ return op;
}
/************************** SSH2 PKCS RSA Alg API ***************************/
projects / silc.git / blobdiff