pki: Add ecdsa support for signature_to_blob.

2011-12-30 11:06:10 +01:00 · 2011-12-30 11:06:10 +01:00 · 9070b04184
--- a/include/libssh/pki.h
+++ b/include/libssh/pki.h
@ -22,6 +22,13 @@
 #ifndef PKI_H_
 #define PKI_H_

+#ifdef HAVE_OPENSSL_EC_H
+#include <openssl/ec.h>
+#endif
+#ifdef HAVE_OPENSSL_ECDSA_H
+#include <openssl/ecdsa.h>
+#endif
+
 #include "libssh/crypto.h"

 #define SSH_KEY_FLAG_EMPTY   0x0
@ -54,11 +61,16 @@ struct ssh_signature_struct {
 #ifdef HAVE_LIBGCRYPT
    gcry_sexp_t dsa_sig;
    gcry_sexp_t rsa_sig;
+    void *ecdsa_sig;
 #elif defined HAVE_LIBCRYPTO
    DSA_SIG *dsa_sig;
    ssh_string rsa_sig;
+# ifdef HAVE_OPENSSL_ECC
+    ECDSA_SIG *ecdsa_sig;
+# else
+    void *ecdsa_sig;
+# endif
 #endif
-    void *ecdsa;
 };

 typedef struct ssh_signature_struct *ssh_signature;
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@ -1003,6 +1003,35 @@ ssh_string pki_signature_to_blob(const ssh_signature sig)
            sig_blob = ssh_string_copy(sig->rsa_sig);
            break;
        case SSH_KEYTYPE_ECDSA:
+#ifdef HAVE_OPENSSL_ECC
+            r = make_bignum_string(sig->ecdsa_sig->r);
+            if (r == NULL) {
+                return NULL;
+            }
+            s = make_bignum_string(sig->ecdsa_sig->s);
+            if (s == NULL) {
+                ssh_string_free(r);
+                return NULL;
+            }
+
+            memcpy(buffer,
+                   ((char *)ssh_string_data(r)) + ssh_string_len(r) - 20,
+                   20);
+            memcpy(buffer + 20,
+                   ((char *)ssh_string_data(s)) + ssh_string_len(s) - 20,
+                   20);
+
+            ssh_string_free(r);
+            ssh_string_free(s);
+
+            sig_blob = ssh_string_new(40);
+            if (sig_blob == NULL) {
+                return NULL;
+            }
+
+            ssh_string_fill(sig_blob, buffer, 40);
+            break;
+#endif
        case SSH_KEYTYPE_UNKNOWN:
            ssh_pki_log("Unknown signature key type: %d", sig->type);
            return NULL;