Mercurial > dropbear
comparison rsa.c @ 1675:ae41624c2198
split signkey_type and signature_type for RSA sha1 vs sha256
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 17 May 2020 23:58:31 +0800 |
| parents | ba6fc7afe1c5 |
| children | 1051e4eea25a |
comparison
equal
deleted
inserted
replaced
| 1674:ba6fc7afe1c5 | 1675:ae41624c2198 |
|---|---|
| 42 #if !(DROPBEAR_RSA_SHA1 || DROPBEAR_RSA_SHA256) | 42 #if !(DROPBEAR_RSA_SHA1 || DROPBEAR_RSA_SHA256) |
| 43 #error Somehow RSA was enabled with neither DROPBEAR_RSA_SHA1 nor DROPBEAR_RSA_SHA256 | 43 #error Somehow RSA was enabled with neither DROPBEAR_RSA_SHA1 nor DROPBEAR_RSA_SHA256 |
| 44 #endif | 44 #endif |
| 45 | 45 |
| 46 static void rsa_pad_em(const dropbear_rsa_key * key, | 46 static void rsa_pad_em(const dropbear_rsa_key * key, |
| 47 const buffer *data_buf, mp_int * rsa_em, enum signkey_type sigtype); | 47 const buffer *data_buf, mp_int * rsa_em, enum signature_type sigtype); |
| 48 | 48 |
| 49 /* Load a public rsa key from a buffer, initialising the values. | 49 /* Load a public rsa key from a buffer, initialising the values. |
| 50 * The key will have the same format as buf_put_rsa_key. | 50 * The key will have the same format as buf_put_rsa_key. |
| 51 * These should be freed with rsa_key_free. | 51 * These should be freed with rsa_key_free. |
| 52 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 52 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
| 195 | 195 |
| 196 #if DROPBEAR_SIGNKEY_VERIFY | 196 #if DROPBEAR_SIGNKEY_VERIFY |
| 197 /* Verify a signature in buf, made on data by the key given. | 197 /* Verify a signature in buf, made on data by the key given. |
| 198 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 198 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
| 199 int buf_rsa_verify(buffer * buf, const dropbear_rsa_key *key, | 199 int buf_rsa_verify(buffer * buf, const dropbear_rsa_key *key, |
| 200 enum signkey_type sigtype, const buffer *data_buf) { | 200 enum signature_type sigtype, const buffer *data_buf) { |
| 201 unsigned int slen; | 201 unsigned int slen; |
| 202 DEF_MP_INT(rsa_s); | 202 DEF_MP_INT(rsa_s); |
| 203 DEF_MP_INT(rsa_mdash); | 203 DEF_MP_INT(rsa_mdash); |
| 204 DEF_MP_INT(rsa_em); | 204 DEF_MP_INT(rsa_em); |
| 205 int ret = DROPBEAR_FAILURE; | 205 int ret = DROPBEAR_FAILURE; |
| 251 #endif /* DROPBEAR_SIGNKEY_VERIFY */ | 251 #endif /* DROPBEAR_SIGNKEY_VERIFY */ |
| 252 | 252 |
| 253 /* Sign the data presented with key, writing the signature contents | 253 /* Sign the data presented with key, writing the signature contents |
| 254 * to the buffer */ | 254 * to the buffer */ |
| 255 void buf_put_rsa_sign(buffer* buf, const dropbear_rsa_key *key, | 255 void buf_put_rsa_sign(buffer* buf, const dropbear_rsa_key *key, |
| 256 enum signkey_type sigtype, const buffer *data_buf) { | 256 enum signature_type sigtype, const buffer *data_buf) { |
| 257 const char *name = NULL; | 257 const char *name = NULL; |
| 258 unsigned int nsize, ssize, namelen = 0; | 258 unsigned int nsize, ssize, namelen = 0; |
| 259 unsigned int i; | 259 unsigned int i; |
| 260 DEF_MP_INT(rsa_s); | 260 DEF_MP_INT(rsa_s); |
| 261 DEF_MP_INT(rsa_tmp1); | 261 DEF_MP_INT(rsa_tmp1); |
| 350 } | 350 } |
| 351 | 351 |
| 352 /* Creates the message value as expected by PKCS, | 352 /* Creates the message value as expected by PKCS, |
| 353 see rfc8017 section 9.2 */ | 353 see rfc8017 section 9.2 */ |
| 354 static void rsa_pad_em(const dropbear_rsa_key * key, | 354 static void rsa_pad_em(const dropbear_rsa_key * key, |
| 355 const buffer *data_buf, mp_int * rsa_em, enum signkey_type sigtype) { | 355 const buffer *data_buf, mp_int * rsa_em, enum signature_type sigtype) { |
| 356 /* EM = 0x00 || 0x01 || PS || 0x00 || T | 356 /* EM = 0x00 || 0x01 || PS || 0x00 || T |
| 357 PS is padding of 0xff to make EM the size of key->n | 357 PS is padding of 0xff to make EM the size of key->n |
| 358 | 358 |
| 359 T is the DER encoding of the hash alg (sha1 or sha256) | 359 T is the DER encoding of the hash alg (sha1 or sha256) |
| 360 */ | 360 */ |
| 378 hash_state hs; | 378 hash_state hs; |
| 379 unsigned int nsize; | 379 unsigned int nsize; |
| 380 | 380 |
| 381 switch (sigtype) { | 381 switch (sigtype) { |
| 382 #if DROPBEAR_RSA_SHA1 | 382 #if DROPBEAR_RSA_SHA1 |
| 383 case DROPBEAR_SIGNKEY_RSA: | 383 case DROPBEAR_SIGNATURE_RSA_SHA1: |
| 384 Tlen = sizeof(T_sha1); | 384 Tlen = sizeof(T_sha1); |
| 385 T = T_sha1; | 385 T = T_sha1; |
| 386 hash_desc = &sha1_desc; | 386 hash_desc = &sha1_desc; |
| 387 break; | 387 break; |
| 388 #endif | 388 #endif |
| 389 #if DROPBEAR_RSA_SHA256 | 389 #if DROPBEAR_RSA_SHA256 |
| 390 case DROPBEAR_SIGNKEY_RSA_SHA256: | 390 case DROPBEAR_SIGNATURE_RSA_SHA256: |
| 391 Tlen = sizeof(T_sha256); | 391 Tlen = sizeof(T_sha256); |
| 392 T = T_sha256; | 392 T = T_sha256; |
| 393 hash_desc = &sha256_desc; | 393 hash_desc = &sha256_desc; |
| 394 break; | 394 break; |
| 395 #endif | 395 #endif |