dropbear: signkey.c comparison

comparison signkey.c @ 1916:3f4cdf839a1a

Make SHA1 optional, implement SHA256 fingerprints SHA256 is always compiled and only enable SHA1 when needed. Fingerprints are always SHA256: base64 format, md5 and sha1 are removed. dbrandom now uses sha256 its hash function.

author	Matt Johnston <matt@ucc.asn.au>
date	Wed, 30 Mar 2022 11:44:04 +0800
parents	35d504d59c05
children

comparison

equal deleted inserted replaced

-:13cb8cc1b0e4
+:3f4cdf839a1a
 	m_free(key);
 	TRACE2(("leave sign_key_free"))
 }
-static char hexdig(unsigned char x) {
+static char * sign_key_sha256_fingerprint(const unsigned char* keyblob,
-	if (x > 0xf)
-		return 'X';
-	if (x < 10)
-		return '0' + x;
-	else
-		return 'a' + x - 10;
-}
-/* Since we're not sure if we'll have md5 or sha1, we present both.
-* MD5 is used in preference, but sha1 could still be useful */
-#if DROPBEAR_MD5_HMAC
-static char * sign_key_md5_fingerprint(const unsigned char* keyblob,
 		unsigned int keybloblen) {
 	char * ret;
 	hash_state hs;
-	unsigned char hash[MD5_HASH_SIZE];
+	unsigned char hash[SHA256_HASH_SIZE];
-	unsigned int i;
+	unsigned int b64chars, start;
-	unsigned int buflen;
+	unsigned long b64size;
+	const char *prefix = "SHA256:";
-	md5_init(&hs);
+	int err;
-	/* skip the size int of the string - this is a bit messy */
+	sha256_init(&hs);
-	md5_process(&hs, keyblob, keybloblen);
+	sha256_process(&hs, keyblob, keybloblen);
+	sha256_done(&hs, hash);
-	md5_done(&hs, hash);
+	/* eg "SHA256:P9szN0L2ls6KxkVv7Bppv3asnZCn03rY7Msm/c8+ZgA"
-	/* "md5 hexfingerprinthere\0", each hex digit is "AB:" etc */
+	 * 256/6 = 42.66 => 43 base64 chars. OpenSSH discards
-	buflen = 4 + 3*MD5_HASH_SIZE;
+	 * base64 padding output. */
-	ret = (char*)m_malloc(buflen);
+	start = strlen(prefix);
+	b64chars = 43;
-	memset(ret, 'Z', buflen);
+	/* space for discarded b64 padding and null terminator */
-	strcpy(ret, "md5 ");
+	b64size = b64chars + 4;
+	ret = m_malloc(start + b64size);
-	for (i = 0; i < MD5_HASH_SIZE; i++) {
-		unsigned int pos = 4 + i*3;
+	memcpy(ret, prefix, start);
-		ret[pos] = hexdig(hash[i] >> 4);
+	err = base64_encode(hash, SHA256_HASH_SIZE, &ret[start], &b64size);
-		ret[pos+1] = hexdig(hash[i] & 0x0f);
+	if (err != CRYPT_OK) {
-		ret[pos+2] = ':';
+		dropbear_exit("base64 failed");
 	}
-	ret[buflen-1] = 0x0;
+	ret[start + b64chars] = '\0';
 	return ret;
 }
-#else /* use SHA1 rather than MD5 for fingerprint */
+/* This will return a freshly malloced string */
-static char * sign_key_sha1_fingerprint(const unsigned char* keyblob,
-		unsigned int keybloblen) {
-	char * ret;
-	hash_state hs;
-	unsigned char hash[SHA1_HASH_SIZE];
-	unsigned int i;
-	unsigned int buflen;
-	sha1_init(&hs);
-	/* skip the size int of the string - this is a bit messy */
-	sha1_process(&hs, keyblob, keybloblen);
-	sha1_done(&hs, hash);
-	/* "sha1!! hexfingerprinthere\0", each hex digit is "AB:" etc */
-	buflen = 7 + 3*SHA1_HASH_SIZE;
-	ret = (char*)m_malloc(buflen);
-	strcpy(ret, "sha1 ");
-	for (i = 0; i < SHA1_HASH_SIZE; i++) {
-		unsigned int pos = 7 + 3*i;
-		ret[pos] = hexdig(hash[i] >> 4);
-		ret[pos+1] = hexdig(hash[i] & 0x0f);
-		ret[pos+2] = ':';
-	}
-	ret[buflen-1] = 0x0;
-	return ret;
-}
-#endif /* MD5/SHA1 switch */
-/* This will return a freshly malloced string, containing a fingerprint
-* in either sha1 or md5 */
 char * sign_key_fingerprint(const unsigned char* keyblob, unsigned int keybloblen) {
+	return sign_key_sha256_fingerprint(keyblob, keybloblen);
-#if DROPBEAR_MD5_HMAC
-	return sign_key_md5_fingerprint(keyblob, keybloblen);
-#else
-	return sign_key_sha1_fingerprint(keyblob, keybloblen);
-#endif
 }
 void buf_put_sign(buffer* buf, sign_key *key, enum signature_type sigtype,
 	const buffer *data_buf) {
 	buffer *sigblob = buf_new(MAX_PUBKEY_SIZE);

Mercurial > dropbear

comparison signkey.c @ 1916:3f4cdf839a1a