ports/libssh
ports/libssh
1
1
Форкнуть 0
Код Релизы 1 Активность

pki_gcrypt: Do not treat Ed25519 as a special case

Просмотр исходного кода 
Verify the Ed25519 signature in pki_verify_data_signature() along with
the other signature types.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Этот коммит содержится в:
Anderson Toshiyuki Sasaki 2019-08-22 17:50:41 +02:00
родитель 90944a3651
Коммит 38ede2e225
1 изменённых файлов: 37 добавлений и 10 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

47
src/pki_gcrypt.c
Просмотреть файл

@ -2115,15 +2115,8 @@ int pki_signature_verify(ssh_session session,
return SSH_ERROR;
}
/* For ed25519 keys, verify using the input directly */
if (key->type == SSH_KEYTYPE_ED25519 ||
key->type == SSH_KEYTYPE_ED25519_CERT01)
{
rc = pki_ed25519_verify(key, sig, input, input_len);
} else {
/* For the other key types, calculate the hash and verify the signature */
rc = pki_verify_data_signature(sig, key, input, input_len);
}
/* For the other key types, calculate the hash and verify the signature */
rc = pki_verify_data_signature(sig, key, input, input_len);
if (rc != SSH_OK){
ssh_set_error(session,
@ -2268,6 +2261,7 @@ ssh_signature pki_sign_data(const ssh_key privkey,
size_t input_len)
{
unsigned char hash[SHA512_DIGEST_LEN] = {0};
const unsigned char *sign_input = NULL;
uint32_t hlen = 0;
int rc;
@ -2287,27 +2281,38 @@ ssh_signature pki_sign_data(const ssh_key privkey,
case SSH_DIGEST_SHA256:
sha256(input, input_len, hash);
hlen = SHA256_DIGEST_LEN;
sign_input = hash;
break;
case SSH_DIGEST_SHA384:
sha384(input, input_len, hash);
hlen = SHA384_DIGEST_LEN;
sign_input = hash;
break;
case SSH_DIGEST_SHA512:
sha512(input, input_len, hash);
hlen = SHA512_DIGEST_LEN;
sign_input = hash;
break;
case SSH_DIGEST_SHA1:
sha1(input, input_len, hash);
hlen = SHA_DIGEST_LEN;
sign_input = hash;
break;
case SSH_DIGEST_AUTO:
if (privkey->type == SSH_KEYTYPE_ED25519) {
/* SSH_DIGEST_AUTO should only be used with ed25519 */
sign_input = input;
hlen = input_len;
break;
}
FALL_THROUGH;
default:
SSH_LOG(SSH_LOG_TRACE, "Unknown hash algorithm for type: %d",
hash_type);
return NULL;
}
return pki_do_sign_hash(privkey, hash, hlen, hash_type);
return pki_do_sign_hash(privkey, sign_input, hlen, hash_type);
}
/**
@ -2336,6 +2341,8 @@ int pki_verify_data_signature(ssh_signature signature,
unsigned char *hash = ghash + 1;
uint32_t hlen = 0;
const unsigned char *verify_input = NULL;
int rc;
if (pubkey == NULL || ssh_key_is_private(pubkey) || input == NULL ||
@ -2357,23 +2364,35 @@ int pki_verify_data_signature(ssh_signature signature,
sha256(input, input_len, hash);
hlen = SHA256_DIGEST_LEN;
hash_type = "sha256";
verify_input = hash;
break;
case SSH_DIGEST_SHA384:
sha384(input, input_len, hash);
hlen = SHA384_DIGEST_LEN;
hash_type = "sha384";
verify_input = hash;
break;
case SSH_DIGEST_SHA512:
sha512(input, input_len, hash);
hlen = SHA512_DIGEST_LEN;
hash_type = "sha512";
verify_input = hash;
break;
case SSH_DIGEST_SHA1:
sha1(input, input_len, hash);
hlen = SHA_DIGEST_LEN;
hash_type = "sha1";
verify_input = hash;
break;
case SSH_DIGEST_AUTO:
if (pubkey->type == SSH_KEYTYPE_ED25519 ||
pubkey->type == SSH_KEYTYPE_ED25519_CERT01)
{
verify_input = input;
hlen = input_len;
break;
}
FALL_THROUGH;
default:
SSH_LOG(SSH_LOG_TRACE, "Unknown sig->hash_type: %d", signature->hash_type);
return SSH_ERROR;
@ -2461,6 +2480,14 @@ int pki_verify_data_signature(ssh_signature signature,
}
break;
#endif
case SSH_KEYTYPE_ED25519:
case SSH_KEYTYPE_ED25519_CERT01:
rc = pki_ed25519_verify(pubkey, signature, verify_input, hlen);
if (rc != SSH_OK) {
SSH_LOG(SSH_LOG_TRACE, "ED25519 error: Signature invalid");
return SSH_ERROR;
}
break;
case SSH_KEYTYPE_RSA1:
case SSH_KEYTYPE_UNKNOWN:
default: