Mercurial > dropbear
comparison rsa.c @ 297:79bf1023cf11 agent-client
propagate from branch 'au.asn.ucc.matt.dropbear' (head 0501e6f661b5415eb76f3b312d183c3adfbfb712)
to branch 'au.asn.ucc.matt.dropbear.cli-agent' (head 01038174ec27245b51bd43a66c01ad930880f67b)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 21 Mar 2006 16:20:59 +0000 |
parents | 3cea9d789cca |
children | 454a34b2dfd1 9a789fc03f40 |
comparison
equal
deleted
inserted
replaced
225:ca7e76d981d9 | 297:79bf1023cf11 |
---|---|
47 * These should be freed with rsa_key_free. | 47 * These should be freed with rsa_key_free. |
48 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 48 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
49 int buf_get_rsa_pub_key(buffer* buf, rsa_key *key) { | 49 int buf_get_rsa_pub_key(buffer* buf, rsa_key *key) { |
50 | 50 |
51 TRACE(("enter buf_get_rsa_pub_key")) | 51 TRACE(("enter buf_get_rsa_pub_key")) |
52 assert(key != NULL); | 52 dropbear_assert(key != NULL); |
53 key->e = m_malloc(sizeof(mp_int)); | 53 key->e = m_malloc(sizeof(mp_int)); |
54 key->n = m_malloc(sizeof(mp_int)); | 54 key->n = m_malloc(sizeof(mp_int)); |
55 m_mp_init_multi(key->e, key->n, NULL); | 55 m_mp_init_multi(key->e, key->n, NULL); |
56 key->d = NULL; | 56 key->d = NULL; |
57 key->p = NULL; | 57 key->p = NULL; |
78 /* Same as buf_get_rsa_pub_key, but reads a private "x" key at the end. | 78 /* Same as buf_get_rsa_pub_key, but reads a private "x" key at the end. |
79 * Loads a private rsa key from a buffer | 79 * Loads a private rsa key from a buffer |
80 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 80 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
81 int buf_get_rsa_priv_key(buffer* buf, rsa_key *key) { | 81 int buf_get_rsa_priv_key(buffer* buf, rsa_key *key) { |
82 | 82 |
83 assert(key != NULL); | 83 dropbear_assert(key != NULL); |
84 | 84 |
85 TRACE(("enter buf_get_rsa_priv_key")) | 85 TRACE(("enter buf_get_rsa_priv_key")) |
86 | 86 |
87 if (buf_get_rsa_pub_key(buf, key) == DROPBEAR_FAILURE) { | 87 if (buf_get_rsa_pub_key(buf, key) == DROPBEAR_FAILURE) { |
88 TRACE(("leave buf_get_rsa_priv_key: pub: ret == DROPBEAR_FAILURE")) | 88 TRACE(("leave buf_get_rsa_priv_key: pub: ret == DROPBEAR_FAILURE")) |
161 * mp_int n | 161 * mp_int n |
162 */ | 162 */ |
163 void buf_put_rsa_pub_key(buffer* buf, rsa_key *key) { | 163 void buf_put_rsa_pub_key(buffer* buf, rsa_key *key) { |
164 | 164 |
165 TRACE(("enter buf_put_rsa_pub_key")) | 165 TRACE(("enter buf_put_rsa_pub_key")) |
166 assert(key != NULL); | 166 dropbear_assert(key != NULL); |
167 | 167 |
168 buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN); | 168 buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN); |
169 buf_putmpint(buf, key->e); | 169 buf_putmpint(buf, key->e); |
170 buf_putmpint(buf, key->n); | 170 buf_putmpint(buf, key->n); |
171 | 171 |
176 /* Same as buf_put_rsa_pub_key, but with the private "x" key appended */ | 176 /* Same as buf_put_rsa_pub_key, but with the private "x" key appended */ |
177 void buf_put_rsa_priv_key(buffer* buf, rsa_key *key) { | 177 void buf_put_rsa_priv_key(buffer* buf, rsa_key *key) { |
178 | 178 |
179 TRACE(("enter buf_put_rsa_priv_key")) | 179 TRACE(("enter buf_put_rsa_priv_key")) |
180 | 180 |
181 assert(key != NULL); | 181 dropbear_assert(key != NULL); |
182 buf_put_rsa_pub_key(buf, key); | 182 buf_put_rsa_pub_key(buf, key); |
183 buf_putmpint(buf, key->d); | 183 buf_putmpint(buf, key->d); |
184 | 184 |
185 /* new versions have p and q, old versions don't */ | 185 /* new versions have p and q, old versions don't */ |
186 if (key->p) { | 186 if (key->p) { |
207 DEF_MP_INT(rsa_em); | 207 DEF_MP_INT(rsa_em); |
208 int ret = DROPBEAR_FAILURE; | 208 int ret = DROPBEAR_FAILURE; |
209 | 209 |
210 TRACE(("enter buf_rsa_verify")) | 210 TRACE(("enter buf_rsa_verify")) |
211 | 211 |
212 assert(key != NULL); | 212 dropbear_assert(key != NULL); |
213 | 213 |
214 m_mp_init_multi(&rsa_mdash, &rsa_s, &rsa_em, NULL); | 214 m_mp_init_multi(&rsa_mdash, &rsa_s, &rsa_em, NULL); |
215 | 215 |
216 slen = buf_getint(buf); | 216 slen = buf_getint(buf); |
217 if (slen != (unsigned int)mp_unsigned_bin_size(key->n)) { | 217 if (slen != (unsigned int)mp_unsigned_bin_size(key->n)) { |
262 unsigned int i; | 262 unsigned int i; |
263 DEF_MP_INT(rsa_s); | 263 DEF_MP_INT(rsa_s); |
264 DEF_MP_INT(rsa_tmp1); | 264 DEF_MP_INT(rsa_tmp1); |
265 DEF_MP_INT(rsa_tmp2); | 265 DEF_MP_INT(rsa_tmp2); |
266 DEF_MP_INT(rsa_tmp3); | 266 DEF_MP_INT(rsa_tmp3); |
267 unsigned char *tmpbuf; | |
268 | 267 |
269 TRACE(("enter buf_put_rsa_sign")) | 268 TRACE(("enter buf_put_rsa_sign")) |
270 assert(key != NULL); | 269 dropbear_assert(key != NULL); |
271 | 270 |
272 m_mp_init_multi(&rsa_s, &rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL); | 271 m_mp_init_multi(&rsa_s, &rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL); |
273 | 272 |
274 rsa_pad_em(key, data, len, &rsa_tmp1); | 273 rsa_pad_em(key, data, len, &rsa_tmp1); |
275 | 274 |
318 | 317 |
319 /* string rsa_signature_blob length */ | 318 /* string rsa_signature_blob length */ |
320 buf_putint(buf, nsize); | 319 buf_putint(buf, nsize); |
321 /* pad out s to same length as n */ | 320 /* pad out s to same length as n */ |
322 ssize = mp_unsigned_bin_size(&rsa_s); | 321 ssize = mp_unsigned_bin_size(&rsa_s); |
323 assert(ssize <= nsize); | 322 dropbear_assert(ssize <= nsize); |
324 for (i = 0; i < nsize-ssize; i++) { | 323 for (i = 0; i < nsize-ssize; i++) { |
325 buf_putbyte(buf, 0x00); | 324 buf_putbyte(buf, 0x00); |
326 } | 325 } |
327 | 326 |
328 if (mp_to_unsigned_bin(&rsa_s, buf_getwriteptr(buf, ssize)) != MP_OKAY) { | 327 if (mp_to_unsigned_bin(&rsa_s, buf_getwriteptr(buf, ssize)) != MP_OKAY) { |
363 | 362 |
364 buffer * rsa_EM = NULL; | 363 buffer * rsa_EM = NULL; |
365 hash_state hs; | 364 hash_state hs; |
366 unsigned int nsize; | 365 unsigned int nsize; |
367 | 366 |
368 assert(key != NULL); | 367 dropbear_assert(key != NULL); |
369 assert(data != NULL); | 368 dropbear_assert(data != NULL); |
370 nsize = mp_unsigned_bin_size(key->n); | 369 nsize = mp_unsigned_bin_size(key->n); |
371 | 370 |
372 rsa_EM = buf_new(nsize-1); | 371 rsa_EM = buf_new(nsize-1); |
373 /* type byte */ | 372 /* type byte */ |
374 buf_putbyte(rsa_EM, 0x01); | 373 buf_putbyte(rsa_EM, 0x01); |
385 sha1_init(&hs); | 384 sha1_init(&hs); |
386 sha1_process(&hs, data, len); | 385 sha1_process(&hs, data, len); |
387 sha1_done(&hs, buf_getwriteptr(rsa_EM, SHA1_HASH_SIZE)); | 386 sha1_done(&hs, buf_getwriteptr(rsa_EM, SHA1_HASH_SIZE)); |
388 buf_incrwritepos(rsa_EM, SHA1_HASH_SIZE); | 387 buf_incrwritepos(rsa_EM, SHA1_HASH_SIZE); |
389 | 388 |
390 assert(rsa_EM->pos == rsa_EM->size); | 389 dropbear_assert(rsa_EM->pos == rsa_EM->size); |
391 | 390 |
392 /* Create the mp_int from the encoded bytes */ | 391 /* Create the mp_int from the encoded bytes */ |
393 buf_setpos(rsa_EM, 0); | 392 buf_setpos(rsa_EM, 0); |
394 bytes_to_mp(rsa_em, buf_getptr(rsa_EM, rsa_EM->size), | 393 bytes_to_mp(rsa_em, buf_getptr(rsa_EM, rsa_EM->size), |
395 rsa_EM->size); | 394 rsa_EM->size); |