]> andersk Git - openssh.git/blobdiff - ssh-dss.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- markus@cvs.openbsd.org 2001/04/22 23:58:36
[openssh.git] / ssh-dss.c
diff --git a/ssh-dss.c b/ssh-dss.c
index fea1fe2d5d04bb8e348731ffea72ecb1ce4f9010..adc8f983e0927085aeb116a6bf8b8a02122c0844 100644 (file)
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -23,20 +23,18 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.1 2000/11/12 19:50:38 markus Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $");
+
+#include <openssl/bn.h>
+#include <openssl/evp.h>
 
-#include "ssh.h"
 #include "xmalloc.h"
 #include "buffer.h"
 #include "bufaux.h"
 #include "compat.h"
-
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
-
+#include "log.h"
 #include "key.h"
+#include "ssh-dss.h"
 
 #define INTBLOB_LEN    20
 #define SIGBLOB_LEN    (2*INTBLOB_LEN)
@@ -44,33 +42,36 @@ RCSID("$OpenBSD: ssh-dss.c,v 1.1 2000/11/12 19:50:38 markus Exp $");
 int
 ssh_dss_sign(
     Key *key,
-    unsigned char **sigp, int *lenp,
-    unsigned char *data, int datalen)
+    u_char **sigp, int *lenp,
+    u_char *data, int datalen)
 {
-       unsigned char *digest;
-       unsigned char *ret;
+       u_char *digest;
+       u_char *ret;
        DSA_SIG *sig;
        EVP_MD *evp_md = EVP_sha1();
        EVP_MD_CTX md;
-       unsigned int rlen;
-       unsigned int slen;
-       unsigned int len;
-       unsigned char sigblob[SIGBLOB_LEN];
+       u_int rlen;
+       u_int slen;
+       u_int len, dlen;
+       u_char sigblob[SIGBLOB_LEN];
        Buffer b;
 
        if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
                error("ssh_dss_sign: no DSA key");
                return -1;
        }
-       digest = xmalloc(evp_md->md_size);
+       dlen = evp_md->md_size;
+       digest = xmalloc(dlen);
        EVP_DigestInit(&md, evp_md);
        EVP_DigestUpdate(&md, data, datalen);
        EVP_DigestFinal(&md, digest, NULL);
 
-       sig = DSA_do_sign(digest, evp_md->md_size, key->dsa);
+       sig = DSA_do_sign(digest, dlen, key->dsa);
        if (sig == NULL) {
                fatal("ssh_dss_sign: cannot sign");
        }
+       memset(digest, 0, dlen);
+       xfree(digest);
 
        rlen = BN_num_bytes(sig->r);
        slen = BN_num_bytes(sig->s);
@@ -113,17 +114,17 @@ ssh_dss_sign(
 int
 ssh_dss_verify(
     Key *key,
-    unsigned char *signature, int signaturelen,
-    unsigned char *data, int datalen)
+    u_char *signature, int signaturelen,
+    u_char *data, int datalen)
 {
        Buffer b;
-       unsigned char *digest;
+       u_char *digest;
        DSA_SIG *sig;
        EVP_MD *evp_md = EVP_sha1();
        EVP_MD_CTX md;
-       unsigned char *sigblob;
+       u_char *sigblob;
        char *txt;
-       unsigned int len, dlen;
+       u_int len, dlen;
        int rlen;
        int ret;
 
@@ -159,7 +160,7 @@ ssh_dss_verify(
                        buffer_free(&b);
                        return -1;
                }
-               sigblob = (unsigned char *)buffer_get_string(&b, &len);
+               sigblob = (u_char *)buffer_get_string(&b, &len);
                rlen = buffer_len(&b);
                if(rlen != 0) {
                        error("remaining bytes in signature %d", rlen);
@@ -185,7 +186,7 @@ ssh_dss_verify(
                memset(sigblob, 0, len);
                xfree(sigblob);
        }
-       
+
        /* sha1 the data */
        dlen = evp_md->md_size;
        digest = xmalloc(dlen);
git-cvsimport mirror of OpenSSH
This page took 0.04875 seconds and 4 git commands to generate.