*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.1 2000/11/12 19:50:38 markus Exp $");
-
-#include "ssh.h"
-#include "xmalloc.h"
-#include "buffer.h"
-#include "bufaux.h"
+RCSID("$OpenBSD: ssh-rsa.c,v 1.5 2001/01/21 19:05:58 markus Exp $");
#include <openssl/evp.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include <openssl/err.h>
+#include "xmalloc.h"
+#include "log.h"
+#include "buffer.h"
+#include "bufaux.h"
#include "key.h"
-#define INTBLOB_LEN 20
-#define SIGBLOB_LEN (2*INTBLOB_LEN)
-
/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
int
ssh_rsa_sign(
Key *key,
- unsigned char **sigp, int *lenp,
- unsigned char *data, int datalen)
+ u_char **sigp, int *lenp,
+ u_char *data, int datalen)
{
EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
- unsigned char *digest, *sig, *ret;
- unsigned int slen, dlen, len;
+ u_char *digest, *sig, *ret;
+ u_int slen, dlen, len;
int ok;
Buffer b;
int
ssh_rsa_verify(
Key *key,
- unsigned char *signature, int signaturelen,
- unsigned char *data, int datalen)
+ u_char *signature, int signaturelen,
+ u_char *data, int datalen)
{
Buffer b;
EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
char *ktype;
- unsigned char *sigblob, *digest;
- unsigned int len, dlen;
+ u_char *sigblob, *digest;
+ u_int len, dlen;
int rlen;
int ret;
error("ssh_rsa_verify: no RSA key");
return -1;
}
+ if (BN_num_bits(key->rsa->n) < 768) {
+ error("ssh_rsa_verify: n too small: %d bits",
+ BN_num_bits(key->rsa->n));
+ return -1;
+ }
buffer_init(&b);
buffer_append(&b, (char *) signature, signaturelen);
ktype = buffer_get_string(&b, NULL);
return -1;
}
xfree(ktype);
- sigblob = (unsigned char *)buffer_get_string(&b, &len);
+ sigblob = (u_char *)buffer_get_string(&b, &len);
rlen = buffer_len(&b);
buffer_free(&b);
if(rlen != 0) {