comparison svr-authpubkey.c @ 1675:ae41624c2198

split signkey_type and signature_type for RSA sha1 vs sha256
author Matt Johnston <matt@ucc.asn.au>
date Sun, 17 May 2020 23:58:31 +0800
parents ba6fc7afe1c5
children 064f5be2fc45
comparison
equal deleted inserted replaced
1674:ba6fc7afe1c5 1675:ae41624c2198
90 unsigned int keybloblen; 90 unsigned int keybloblen;
91 unsigned int sign_payload_length; 91 unsigned int sign_payload_length;
92 buffer * signbuf = NULL; 92 buffer * signbuf = NULL;
93 sign_key * key = NULL; 93 sign_key * key = NULL;
94 char* fp = NULL; 94 char* fp = NULL;
95 enum signkey_type sigtype, keytype; 95 enum signature_type sigtype;
96 enum signkey_type keytype;
96 int auth_failure = 1; 97 int auth_failure = 1;
97 98
98 TRACE(("enter pubkeyauth")) 99 TRACE(("enter pubkeyauth"))
99 100
100 /* 0 indicates user just wants to check if key can be used, 1 is an 101 /* 0 indicates user just wants to check if key can be used, 1 is an
101 * actual attempt*/ 102 * actual attempt*/
102 testkey = (buf_getbool(ses.payload) == 0); 103 testkey = (buf_getbool(ses.payload) == 0);
103 104
104 sigalgo = buf_getstring(ses.payload, &sigalgolen); 105 sigalgo = buf_getstring(ses.payload, &sigalgolen);
105 sigtype = signature_type_from_name(sigalgo, sigalgolen);
106 keytype = signkey_type_from_signature(sigtype);
107 keyalgo = signkey_name_from_type(keytype, &keyalgolen);
108
109 keybloblen = buf_getint(ses.payload); 106 keybloblen = buf_getint(ses.payload);
110 keyblob = buf_getptr(ses.payload, keybloblen); 107 keyblob = buf_getptr(ses.payload, keybloblen);
111 108
112 if (!valid_user) { 109 if (!valid_user) {
113 /* Return failure once we have read the contents of the packet 110 /* Return failure once we have read the contents of the packet
115 Avoids blind user enumeration though it isn't possible to prevent 112 Avoids blind user enumeration though it isn't possible to prevent
116 testing for user existence if the public key is known */ 113 testing for user existence if the public key is known */
117 send_msg_userauth_failure(0, 0); 114 send_msg_userauth_failure(0, 0);
118 goto out; 115 goto out;
119 } 116 }
117
118 sigtype = signature_type_from_name(sigalgo, sigalgolen);
119 if (sigtype == DROPBEAR_SIGNATURE_NONE) {
120 send_msg_userauth_failure(0, 0);
121 goto out;
122 }
123
124 keytype = signkey_type_from_signature(sigtype);
125 keyalgo = signkey_name_from_type(keytype, &keyalgolen);
126
120 #if DROPBEAR_PLUGIN 127 #if DROPBEAR_PLUGIN
121 if (svr_ses.plugin_instance != NULL) { 128 if (svr_ses.plugin_instance != NULL) {
122 char *options_buf; 129 char *options_buf;
123 if (svr_ses.plugin_instance->checkpubkey( 130 if (svr_ses.plugin_instance->checkpubkey(
124 svr_ses.plugin_instance, 131 svr_ses.plugin_instance,