dropbear: rsa.c annotate

annotate rsa.c @ 1788:1fc0012b9c38

Fix handling of replies to global requests (#112) The current code assumes that all global requests want / need a reply. This isn't always true and the request itself indicates if it wants a reply or not. It causes a specific problem with [email protected] messages. These are sent by OpenSSH after authentication to inform the client of potential other host keys for the host. This can be used to add a new type of host key or to rotate host keys. The initial information message from the server is sent as a global request, but with want_reply set to false. This means that the server doesn't expect an answer to this message. Instead the client needs to send a prove request as a reply if it wants to receive proof of ownership for the host keys. The bug doesn't cause any current problems with due to how OpenSSH treats receiving the failure message. It instead treats it as a keepalive message and further ignores it. Arguably this is a protocol violation though of Dropbear and it is only accidental that it doesn't cause a problem with OpenSSH. The bug was found when adding host keys support to libssh, which is more strict protocol wise and treats the unexpected failure message an error, also see https://gitlab.com/libssh/libssh-mirror/-/merge_requests/145 for more information. The fix here is to honor the want_reply flag in the global request and to only send a reply if the other side expects a reply.

author	Dirkjan Bussink <d.bussink@gmail.com>
date	Thu, 10 Dec 2020 16:13:13 +0100
parents	1051e4eea25a
children

rev	line source
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 /*
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 * Dropbear - a SSH2 server
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4 * Copyright (c) 2002,2003 Matt Johnston
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	5 * All rights reserved.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	6 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7 * Permission is hereby granted, free of charge, to any person obtaining a copy
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8 * of this software and associated documentation files (the "Software"), to deal
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9 * in the Software without restriction, including without limitation the rights
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 * copies of the Software, and to permit persons to whom the Software is
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	12 * furnished to do so, subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14 * The above copyright notice and this permission notice shall be included in
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15 * all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	16 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	23 * SOFTWARE. */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	24
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	25 /* Perform RSA operations on data, including reading keys, signing and
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	26 * verification.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	27 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	28 * The format is specified in rfc2437, Applied Cryptography or The Handbook of
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	29 * Applied Cryptography detail the general algorithm. */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	30
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	31 #include "includes.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	32 #include "dbutil.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	33 #include "bignum.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	34 #include "rsa.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	35 #include "buffer.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	36 #include "ssh.h"
858 220f55d540ae rename random.h to dbrandom.h since some OSes have a system random.h Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	37 #include "dbrandom.h"
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	38 #include "signkey.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	39
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	40 #if DROPBEAR_RSA
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	41
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	42 #if !(DROPBEAR_RSA_SHA1 \|\| DROPBEAR_RSA_SHA256)
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	43 #error Somehow RSA was enabled with neither DROPBEAR_RSA_SHA1 nor DROPBEAR_RSA_SHA256
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	44 #endif
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	45
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1409 diff changeset	46 static void rsa_pad_em(const dropbear_rsa_key * key,
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	47 const buffer data_buf, mp_int rsa_em, enum signature_type sigtype);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	48
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	49 /* Load a public rsa key from a buffer, initialising the values.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	50 * The key will have the same format as buf_put_rsa_key.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	51 * These should be freed with rsa_key_free.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	52 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
586 b50f0107e505 Rename rsa_key to dropbear_rsa_key (and same for dss too) so Matt Johnston <matt@ucc.asn.au> parents: 378 diff changeset	53 int buf_get_rsa_pub_key(buffer* buf, dropbear_rsa_key *key) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	54
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	55 int ret = DROPBEAR_FAILURE;
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	56 TRACE(("enter buf_get_rsa_pub_key"))
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 216 diff changeset	57 dropbear_assert(key != NULL);
805 724c3e0c8734 Add m_mp_alloc_init_multi() helper Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	58 m_mp_alloc_init_multi(&key->e, &key->n, NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	59 key->d = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	60 key->p = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	61 key->q = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	62
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	63 buf_incrpos(buf, 4+SSH_SIGNKEY_RSA_LEN); /* int + "ssh-rsa" */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	64
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	65 if (buf_getmpint(buf, key->e) == DROPBEAR_FAILURE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	66 \|\| buf_getmpint(buf, key->n) == DROPBEAR_FAILURE) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	67 TRACE(("leave buf_get_rsa_pub_key: failure"))
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	68 goto out;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	69 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	70
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	71 if (mp_count_bits(key->n) < MIN_RSA_KEYLEN) {
594 a98a2138364a Improve capitalisation for all logged strings Matt Johnston <matt@ucc.asn.au> parents: 586 diff changeset	72 dropbear_log(LOG_WARNING, "RSA key too short");
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	73 goto out;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	74 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	75
1526 36ab6b091ad3 limit rsa->e size to 64 bits Matt Johnston <matt@ucc.asn.au> parents: 1459 diff changeset	76 /* 64 bit is limit used by openssl, so we won't block any keys in the wild */
36ab6b091ad3 limit rsa->e size to 64 bits Matt Johnston <matt@ucc.asn.au> parents: 1459 diff changeset	77 if (mp_count_bits(key->e) > 64) {
36ab6b091ad3 limit rsa->e size to 64 bits Matt Johnston <matt@ucc.asn.au> parents: 1459 diff changeset	78 dropbear_log(LOG_WARNING, "RSA key bad e");
36ab6b091ad3 limit rsa->e size to 64 bits Matt Johnston <matt@ucc.asn.au> parents: 1459 diff changeset	79 goto out;
36ab6b091ad3 limit rsa->e size to 64 bits Matt Johnston <matt@ucc.asn.au> parents: 1459 diff changeset	80 }
36ab6b091ad3 limit rsa->e size to 64 bits Matt Johnston <matt@ucc.asn.au> parents: 1459 diff changeset	81
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	82 TRACE(("leave buf_get_rsa_pub_key: success"))
1249 c6346c63281b refactor indentation with hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1123 diff changeset	83 ret = DROPBEAR_SUCCESS;
370 9a789fc03f40 Make sure that we clean up key parts if we fail during reading a rsa key Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	84 out:
1249 c6346c63281b refactor indentation with hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1123 diff changeset	85 if (ret == DROPBEAR_FAILURE) {
1409 c721e8c42d2a add m_mp_free_multi, be more careful freeing when failing to load keys Matt Johnston <matt@ucc.asn.au> parents: 1402 diff changeset	86 m_mp_free_multi(&key->e, &key->n, NULL);
1249 c6346c63281b refactor indentation with hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1123 diff changeset	87 }
370 9a789fc03f40 Make sure that we clean up key parts if we fail during reading a rsa key Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	88 return ret;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	89 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	90
370 9a789fc03f40 Make sure that we clean up key parts if we fail during reading a rsa key Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	91 /* Same as buf_get_rsa_pub_key, but reads private bits at the end.
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	92 * Loads a private rsa key from a buffer
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	93 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
586 b50f0107e505 Rename rsa_key to dropbear_rsa_key (and same for dss too) so Matt Johnston <matt@ucc.asn.au> parents: 378 diff changeset	94 int buf_get_rsa_priv_key(buffer* buf, dropbear_rsa_key *key) {
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	95 int ret = DROPBEAR_FAILURE;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	96
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	97 TRACE(("enter buf_get_rsa_priv_key"))
370 9a789fc03f40 Make sure that we clean up key parts if we fail during reading a rsa key Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	98 dropbear_assert(key != NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	99
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	100 if (buf_get_rsa_pub_key(buf, key) == DROPBEAR_FAILURE) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	101 TRACE(("leave buf_get_rsa_priv_key: pub: ret == DROPBEAR_FAILURE"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	102 return DROPBEAR_FAILURE;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	103 }
370 9a789fc03f40 Make sure that we clean up key parts if we fail during reading a rsa key Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	104
9a789fc03f40 Make sure that we clean up key parts if we fail during reading a rsa key Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	105 key->d = NULL;
9a789fc03f40 Make sure that we clean up key parts if we fail during reading a rsa key Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	106 key->p = NULL;
9a789fc03f40 Make sure that we clean up key parts if we fail during reading a rsa key Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	107 key->q = NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	108
807 75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 805 diff changeset	109 m_mp_alloc_init_multi(&key->d, NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	110 if (buf_getmpint(buf, key->d) == DROPBEAR_FAILURE) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	111 TRACE(("leave buf_get_rsa_priv_key: d: ret == DROPBEAR_FAILURE"))
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	112 goto out;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	113 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	114
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	115 if (buf->pos == buf->len) {
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	116 /* old Dropbear private keys didn't keep p and q, so we will ignore them*/
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	117 } else {
805 724c3e0c8734 Add m_mp_alloc_init_multi() helper Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	118 m_mp_alloc_init_multi(&key->p, &key->q, NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	119
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	120 if (buf_getmpint(buf, key->p) == DROPBEAR_FAILURE) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	121 TRACE(("leave buf_get_rsa_priv_key: p: ret == DROPBEAR_FAILURE"))
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	122 goto out;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	123 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	124
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	125 if (buf_getmpint(buf, key->q) == DROPBEAR_FAILURE) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	126 TRACE(("leave buf_get_rsa_priv_key: q: ret == DROPBEAR_FAILURE"))
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	127 goto out;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	128 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	129 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	130
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	131 ret = DROPBEAR_SUCCESS;
370 9a789fc03f40 Make sure that we clean up key parts if we fail during reading a rsa key Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	132 out:
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	133 if (ret == DROPBEAR_FAILURE) {
1409 c721e8c42d2a add m_mp_free_multi, be more careful freeing when failing to load keys Matt Johnston <matt@ucc.asn.au> parents: 1402 diff changeset	134 m_mp_free_multi(&key->d, &key->p, &key->q, NULL);
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	135 }
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	136 TRACE(("leave buf_get_rsa_priv_key"))
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1249 diff changeset	137 return ret;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	138 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	139
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	140
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	141 /* Clear and free the memory used by a public or private key */
586 b50f0107e505 Rename rsa_key to dropbear_rsa_key (and same for dss too) so Matt Johnston <matt@ucc.asn.au> parents: 378 diff changeset	142 void rsa_key_free(dropbear_rsa_key *key) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	143
731 9a5438271556 Move the more verbose TRACE() statements into TRACE2() Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	144 TRACE2(("enter rsa_key_free"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	145
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	146 if (key == NULL) {
731 9a5438271556 Move the more verbose TRACE() statements into TRACE2() Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	147 TRACE2(("leave rsa_key_free: key == NULL"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	148 return;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	149 }
1409 c721e8c42d2a add m_mp_free_multi, be more careful freeing when failing to load keys Matt Johnston <matt@ucc.asn.au> parents: 1402 diff changeset	150 m_mp_free_multi(&key->d, &key->e, &key->p, &key->q, &key->n, NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	151 m_free(key);
731 9a5438271556 Move the more verbose TRACE() statements into TRACE2() Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	152 TRACE2(("leave rsa_key_free"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	153 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	154
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	155 /* Put the public rsa key into the buffer in the required format:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	156 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	157 * string "ssh-rsa"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	158 * mp_int e
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	159 * mp_int n
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	160 */
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1409 diff changeset	161 void buf_put_rsa_pub_key(buffer* buf, const dropbear_rsa_key *key) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	162
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	163 TRACE(("enter buf_put_rsa_pub_key"))
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 216 diff changeset	164 dropbear_assert(key != NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	165
1123 d7b752525b91 buf_getstring and buf_putstring now use non-unsigned char* Matt Johnston <matt@ucc.asn.au> parents: 1094 diff changeset	166 buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	167 buf_putmpint(buf, key->e);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	168 buf_putmpint(buf, key->n);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	169
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	170 TRACE(("leave buf_put_rsa_pub_key"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	171
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	172 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	173
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	174 /* Same as buf_put_rsa_pub_key, but with the private "x" key appended */
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1409 diff changeset	175 void buf_put_rsa_priv_key(buffer* buf, const dropbear_rsa_key *key) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	176
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	177 TRACE(("enter buf_put_rsa_priv_key"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	178
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 216 diff changeset	179 dropbear_assert(key != NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	180 buf_put_rsa_pub_key(buf, key);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	181 buf_putmpint(buf, key->d);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	182
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	183 /* new versions have p and q, old versions don't */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	184 if (key->p) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	185 buf_putmpint(buf, key->p);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	186 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	187 if (key->q) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	188 buf_putmpint(buf, key->q);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	189 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	190
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	191
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	192 TRACE(("leave buf_put_rsa_priv_key"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	193
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	194 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	195
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	196 #if DROPBEAR_SIGNKEY_VERIFY
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	197 /* Verify a signature in buf, made on data by the key given.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	198 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	199 int buf_rsa_verify(buffer * buf, const dropbear_rsa_key *key,
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	200 enum signature_type sigtype, const buffer *data_buf) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	201 unsigned int slen;
84 29a5c7c62350 default initialisers for mp_ints Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	202 DEF_MP_INT(rsa_s);
29a5c7c62350 default initialisers for mp_ints Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	203 DEF_MP_INT(rsa_mdash);
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	204 DEF_MP_INT(rsa_em);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	205 int ret = DROPBEAR_FAILURE;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	206
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	207 TRACE(("enter buf_rsa_verify"))
34 e2a1eaa19f22 Client mostly works up to password auth Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	208
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 216 diff changeset	209 dropbear_assert(key != NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	210
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	211 m_mp_init_multi(&rsa_mdash, &rsa_s, &rsa_em, NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	212
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	213 slen = buf_getint(buf);
1692 1051e4eea25a Update LibTomMath to 1.2.0 (#84) Steffen Jaeckel <s@jaeckel.eu> parents: 1675 diff changeset	214 if (slen != (unsigned int)mp_ubin_size(key->n)) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	215 TRACE(("bad size"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	216 goto out;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	217 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	218
1692 1051e4eea25a Update LibTomMath to 1.2.0 (#84) Steffen Jaeckel <s@jaeckel.eu> parents: 1675 diff changeset	219 if (mp_from_ubin(&rsa_s, buf_getptr(buf, buf->len - buf->pos),
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	220 buf->len - buf->pos) != MP_OKAY) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	221 TRACE(("failed reading rsa_s"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	222 goto out;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	223 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	224
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	225 /* check that s <= n-1 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	226 if (mp_cmp(&rsa_s, key->n) != MP_LT) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	227 TRACE(("s > n-1"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	228 goto out;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	229 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	230
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	231 /* create the magic PKCS padded value */
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	232 rsa_pad_em(key, data_buf, &rsa_em, sigtype);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	233
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	234 if (mp_exptmod(&rsa_s, key->e, key->n, &rsa_mdash) != MP_OKAY) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	235 TRACE(("failed exptmod rsa_s"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	236 goto out;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	237 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	238
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	239 if (mp_cmp(&rsa_em, &rsa_mdash) == MP_EQ) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	240 /* signature is valid */
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	241 TRACE(("success!"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	242 ret = DROPBEAR_SUCCESS;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	243 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	244
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	245 out:
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	246 mp_clear_multi(&rsa_mdash, &rsa_s, &rsa_em, NULL);
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	247 TRACE(("leave buf_rsa_verify: ret %d", ret))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	248 return ret;
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	249 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	250
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	251 #endif /* DROPBEAR_SIGNKEY_VERIFY */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	252
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	253 /* Sign the data presented with key, writing the signature contents
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	254 * to the buffer */
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	255 void buf_put_rsa_sign(buffer* buf, const dropbear_rsa_key *key,
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	256 enum signature_type sigtype, const buffer *data_buf) {
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	257 const char *name = NULL;
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	258 unsigned int nsize, ssize, namelen = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	259 unsigned int i;
1692 1051e4eea25a Update LibTomMath to 1.2.0 (#84) Steffen Jaeckel <s@jaeckel.eu> parents: 1675 diff changeset	260 size_t written;
84 29a5c7c62350 default initialisers for mp_ints Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	261 DEF_MP_INT(rsa_s);
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	262 DEF_MP_INT(rsa_tmp1);
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	263 DEF_MP_INT(rsa_tmp2);
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	264 DEF_MP_INT(rsa_tmp3);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	265
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	266 TRACE(("enter buf_put_rsa_sign"))
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 216 diff changeset	267 dropbear_assert(key != NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	268
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	269 m_mp_init_multi(&rsa_s, &rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	270
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	271 rsa_pad_em(key, data_buf, &rsa_tmp1, sigtype);
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 34 diff changeset	272
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	273 /* the actual signing of the padded data */
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	274
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	275 #if DROPBEAR_RSA_BLINDING
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	276
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	277 /* With blinding, s = (r^(-1))((em)r^e)^d mod n /
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	278
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	279 /* generate the r blinding value */
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	280 /* rsa_tmp2 is r */
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	281 gen_random_mpint(key->n, &rsa_tmp2);
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	282
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	283 /* rsa_tmp1 is em */
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	284 /* em' = em * r^e mod n */
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	285
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	286 /* rsa_s used as a temp var*/
454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	287 if (mp_exptmod(&rsa_tmp2, key->e, key->n, &rsa_s) != MP_OKAY) {
594 a98a2138364a Improve capitalisation for all logged strings Matt Johnston <matt@ucc.asn.au> parents: 586 diff changeset	288 dropbear_exit("RSA error");
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	289 }
454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	290 if (mp_invmod(&rsa_tmp2, key->n, &rsa_tmp3) != MP_OKAY) {
594 a98a2138364a Improve capitalisation for all logged strings Matt Johnston <matt@ucc.asn.au> parents: 586 diff changeset	291 dropbear_exit("RSA error");
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	292 }
454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	293 if (mp_mulmod(&rsa_tmp1, &rsa_s, key->n, &rsa_tmp2) != MP_OKAY) {
594 a98a2138364a Improve capitalisation for all logged strings Matt Johnston <matt@ucc.asn.au> parents: 586 diff changeset	294 dropbear_exit("RSA error");
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	295 }
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	296
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	297 /* rsa_tmp2 is em' */
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	298 /* s' = (em')^d mod n */
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	299 if (mp_exptmod(&rsa_tmp2, key->d, key->n, &rsa_tmp1) != MP_OKAY) {
594 a98a2138364a Improve capitalisation for all logged strings Matt Johnston <matt@ucc.asn.au> parents: 586 diff changeset	300 dropbear_exit("RSA error");
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	301 }
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	302
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	303 /* rsa_tmp1 is s' */
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	304 /* rsa_tmp3 is r^(-1) mod n */
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	305 /* s = (s')r^(-1) mod n */
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	306 if (mp_mulmod(&rsa_tmp1, &rsa_tmp3, key->n, &rsa_s) != MP_OKAY) {
594 a98a2138364a Improve capitalisation for all logged strings Matt Johnston <matt@ucc.asn.au> parents: 586 diff changeset	307 dropbear_exit("RSA error");
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 276 diff changeset	308 }
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	309
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	310 #else
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	311
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	312 /* s = em^d mod n */
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	313 /* rsa_tmp1 is em */
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	314 if (mp_exptmod(&rsa_tmp1, key->d, key->n, &rsa_s) != MP_OKAY) {
594 a98a2138364a Improve capitalisation for all logged strings Matt Johnston <matt@ucc.asn.au> parents: 586 diff changeset	315 dropbear_exit("RSA error");
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	316 }
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	317
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	318 #endif /* DROPBEAR_RSA_BLINDING */
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	319
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	320 mp_clear_multi(&rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	321
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	322 /* create the signature to return */
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	323 name = signature_name_from_type(sigtype, &namelen);
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	324 buf_putstring(buf, name, namelen);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	325
1692 1051e4eea25a Update LibTomMath to 1.2.0 (#84) Steffen Jaeckel <s@jaeckel.eu> parents: 1675 diff changeset	326 nsize = mp_ubin_size(key->n);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	327
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	328 /* string rsa_signature_blob length */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	329 buf_putint(buf, nsize);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	330 /* pad out s to same length as n */
1692 1051e4eea25a Update LibTomMath to 1.2.0 (#84) Steffen Jaeckel <s@jaeckel.eu> parents: 1675 diff changeset	331 ssize = mp_ubin_size(&rsa_s);
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 216 diff changeset	332 dropbear_assert(ssize <= nsize);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	333 for (i = 0; i < nsize-ssize; i++) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	334 buf_putbyte(buf, 0x00);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	335 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	336
1692 1051e4eea25a Update LibTomMath to 1.2.0 (#84) Steffen Jaeckel <s@jaeckel.eu> parents: 1675 diff changeset	337 if (mp_to_ubin(&rsa_s, buf_getwriteptr(buf, ssize), ssize, &written) != MP_OKAY) {
594 a98a2138364a Improve capitalisation for all logged strings Matt Johnston <matt@ucc.asn.au> parents: 586 diff changeset	338 dropbear_exit("RSA error");
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	339 }
1692 1051e4eea25a Update LibTomMath to 1.2.0 (#84) Steffen Jaeckel <s@jaeckel.eu> parents: 1675 diff changeset	340 buf_incrwritepos(buf, written);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	341 mp_clear(&rsa_s);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	342
1402 553c6bb80265 fix DEBUG_* condition Francois Perrad <francois.perrad@gadz.org> parents: 1295 diff changeset	343 #if defined(DEBUG_RSA) && DEBUG_TRACE
907 4a74c58e11fc Make some debug info conditional Matt Johnston <matt@ucc.asn.au> parents: 858 diff changeset	344 if (!debug_trace) {
4a74c58e11fc Make some debug info conditional Matt Johnston <matt@ucc.asn.au> parents: 858 diff changeset	345 printhex("RSA sig", buf->data, buf->len);
4a74c58e11fc Make some debug info conditional Matt Johnston <matt@ucc.asn.au> parents: 858 diff changeset	346 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	347 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	348
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	349
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 84 diff changeset	350 TRACE(("leave buf_put_rsa_sign"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	351 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	352
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	353 /* Creates the message value as expected by PKCS,
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	354 see rfc8017 section 9.2 */
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1409 diff changeset	355 static void rsa_pad_em(const dropbear_rsa_key * key,
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	356 const buffer data_buf, mp_int rsa_em, enum signature_type sigtype) {
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	357 /* EM = 0x00 \|\| 0x01 \|\| PS \|\| 0x00 \|\| T
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	358 PS is padding of 0xff to make EM the size of key->n
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	359
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	360 T is the DER encoding of the hash alg (sha1 or sha256)
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	361 */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	362
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	363 /* From rfc8017 page 46 */
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	364 #if DROPBEAR_RSA_SHA1
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	365 const unsigned char T_sha1[] =
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	366 {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b,
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	367 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14};
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	368 #endif
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	369 #if DROPBEAR_RSA_SHA256
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	370 const unsigned char T_sha256[] =
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	371 {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	372 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20};
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	373 #endif
198 65585699d980 * add a "label" argument to printhex() Matt Johnston <matt@ucc.asn.au> parents: 188 diff changeset	374
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	375 int Tlen = 0;
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	376 const unsigned char *T = NULL;
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	377 const struct ltc_hash_descriptor *hash_desc = NULL;
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 34 diff changeset	378 buffer * rsa_EM = NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	379 hash_state hs;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	380 unsigned int nsize;
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	381
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	382 switch (sigtype) {
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	383 #if DROPBEAR_RSA_SHA1
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	384 case DROPBEAR_SIGNATURE_RSA_SHA1:
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	385 Tlen = sizeof(T_sha1);
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	386 T = T_sha1;
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	387 hash_desc = &sha1_desc;
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	388 break;
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	389 #endif
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	390 #if DROPBEAR_RSA_SHA256
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	391 case DROPBEAR_SIGNATURE_RSA_SHA256:
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	392 Tlen = sizeof(T_sha256);
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	393 T = T_sha256;
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	394 hash_desc = &sha256_desc;
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	395 break;
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	396 #endif
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	397 default:
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	398 assert(0);
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	399 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	400
1692 1051e4eea25a Update LibTomMath to 1.2.0 (#84) Steffen Jaeckel <s@jaeckel.eu> parents: 1675 diff changeset	401
1051e4eea25a Update LibTomMath to 1.2.0 (#84) Steffen Jaeckel <s@jaeckel.eu> parents: 1675 diff changeset	402 nsize = mp_ubin_size(key->n);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	403
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	404 rsa_EM = buf_new(nsize);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	405 /* type byte */
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	406 buf_putbyte(rsa_EM, 0x00);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	407 buf_putbyte(rsa_EM, 0x01);
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	408 /* Padding with PS 0xFF bytes */
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	409 while(rsa_EM->pos != rsa_EM->size - (1 + Tlen + hash_desc->hashsize)) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	410 buf_putbyte(rsa_EM, 0xff);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	411 }
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	412 buf_putbyte(rsa_EM, 0x00);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	413 /* Magic ASN1 stuff */
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	414 buf_putbytes(rsa_EM, T, Tlen);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	415
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	416 /* The hash of the data */
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	417 hash_desc->init(&hs);
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	418 hash_desc->process(&hs, data_buf->data, data_buf->len);
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	419 hash_desc->done(&hs, buf_getwriteptr(rsa_EM, hash_desc->hashsize));
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1546 diff changeset	420 buf_incrwritepos(rsa_EM, hash_desc->hashsize);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	421
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 216 diff changeset	422 dropbear_assert(rsa_EM->pos == rsa_EM->size);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	423
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	424 /* Create the mp_int from the encoded bytes */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	425 buf_setpos(rsa_EM, 0);
188 c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	426 bytes_to_mp(rsa_em, buf_getptr(rsa_EM, rsa_EM->size),
c9483550701b - refactored random mp_int generation and byte->mp_int code Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	427 rsa_EM->size);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	428 buf_free(rsa_EM);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	429 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	430
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	431 #endif /* DROPBEAR_RSA */

Mercurial > dropbear

annotate rsa.c @ 1788:1fc0012b9c38