ports/libssh
ports/libssh
1
1
Форкнуть 0
Код Релизы 1 Активность

pki_crypto: Added pki_sign_data() and pki_verify_data_signature()

Просмотр исходного кода 
pki_sign_data() uses the given private key and hash algorithm to sign
the data using the OpenSSL EVP interface.  The corresponding function
pki_verify_data_signature() receives the signature, the signed data, and
the public key to verify the signature.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
Anderson Toshiyuki Sasaki 2019-05-02 13:56:15 +02:00 коммит произвёл Andreas Schneider
родитель 33af736555
Коммит fd9446553b
5 изменённых файлов: 498 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

8
include/libssh/pki_priv.h
Просмотреть файл

@ -109,6 +109,14 @@ int pki_privkey_build_ecdsa(ssh_key key,
ssh_string pki_publickey_to_blob(const ssh_key key);
/* SSH Signature Functions */
ssh_signature pki_sign_data(const ssh_key privkey,
enum ssh_digest_e hash_type,
const unsigned char *input,
size_t input_len);
int pki_verify_data_signature(ssh_signature signature,
const ssh_key pubkey,
const unsigned char *input,
size_t input_len);
ssh_string pki_signature_to_blob(const ssh_signature sign);
ssh_signature pki_signature_from_blob(const ssh_key pubkey,
const ssh_string sig_blob,

306
src/pki_crypto.c
Просмотреть файл

@ -2135,6 +2135,312 @@ int pki_signature_verify(ssh_session session,
return SSH_OK;
}
static const EVP_MD *pki_digest_to_md(enum ssh_digest_e hash_type)
{
const EVP_MD *md = NULL;
switch (hash_type) {
case SSH_DIGEST_SHA256:
md = EVP_sha256();
break;
case SSH_DIGEST_SHA384:
md = EVP_sha384();
break;
case SSH_DIGEST_SHA512:
md = EVP_sha512();
break;
case SSH_DIGEST_SHA1:
case SSH_DIGEST_AUTO:
md = EVP_sha1();
break;
default:
SSH_LOG(SSH_LOG_TRACE, "Unknown hash algorithm for type: %d",
hash_type);
return NULL;
}
return md;
}
static EVP_PKEY *pki_key_to_pkey(ssh_key key)
{
EVP_PKEY *pkey = NULL;
pkey = EVP_PKEY_new();
if (pkey == NULL) {
SSH_LOG(SSH_LOG_TRACE, "Out of memory");
return NULL;
}
switch(key->type) {
case SSH_KEYTYPE_DSS:
case SSH_KEYTYPE_DSS_CERT01:
if (key->dsa == NULL) {
SSH_LOG(SSH_LOG_TRACE, "NULL key->dsa");
goto error;
}
EVP_PKEY_set1_DSA(pkey, key->dsa);
break;
case SSH_KEYTYPE_RSA:
case SSH_KEYTYPE_RSA1:
case SSH_KEYTYPE_RSA_CERT01:
if (key->rsa == NULL) {
SSH_LOG(SSH_LOG_TRACE, "NULL key->rsa");
goto error;
}
EVP_PKEY_set1_RSA(pkey, key->rsa);
break;
case SSH_KEYTYPE_ECDSA_P256:
case SSH_KEYTYPE_ECDSA_P384:
case SSH_KEYTYPE_ECDSA_P521:
case SSH_KEYTYPE_ECDSA_P256_CERT01:
case SSH_KEYTYPE_ECDSA_P384_CERT01:
case SSH_KEYTYPE_ECDSA_P521_CERT01:
# if defined(HAVE_OPENSSL_ECC)
if (key->ecdsa == NULL) {
SSH_LOG(SSH_LOG_TRACE, "NULL key->ecdsa");
goto error;
}
EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa);
break;
# endif
case SSH_KEYTYPE_ED25519:
/* Not supported yet. This type requires the use of EVP_DigestSign*()
* API and ECX keys. There is no EVP_set1_ECX_KEY() or equivalent yet. */
case SSH_KEYTYPE_UNKNOWN:
default:
SSH_LOG(SSH_LOG_TRACE, "Unknown private key algorithm for type: %d",
key->type);
goto error;
}
return pkey;
error:
EVP_PKEY_free(pkey);
return NULL;
}
/**
* @internal
*
* @brief Sign the given input data. The digest of to be signed is calculated
* internally as necessary.
*
* @param[in] privkey The private key to be used for signing.
* @param[in] hash_type The digest algorithm to be used.
* @param[in] input The data to be signed.
* @param[in] input_len The length of the data to be signed.
*
* @return a newly allocated ssh_signature or NULL on error.
*/
ssh_signature pki_sign_data(const ssh_key privkey,
enum ssh_digest_e hash_type,
const unsigned char *input,
size_t input_len)
{
const EVP_MD *md = NULL;
EVP_MD_CTX *ctx = NULL;
EVP_PKEY *pkey = NULL;
unsigned char *raw_sig_data = NULL;
unsigned int raw_sig_len;
ssh_signature sig = NULL;
int rc;
if (privkey == NULL || !ssh_key_is_private(privkey) || input == NULL) {
SSH_LOG(SSH_LOG_TRACE, "Bad parameter provided to "
"pki_sign_data()");
return NULL;
}
/* Set hash algorithm to be used */
md = pki_digest_to_md(hash_type);
if (md == NULL) {
return NULL;
}
/* Setup private key EVP_PKEY */
pkey = pki_key_to_pkey(privkey);
if (pkey == NULL) {
return NULL;
}
/* Allocate buffer for signature */
raw_sig_len = EVP_PKEY_size(pkey);
raw_sig_data = (unsigned char *)malloc(raw_sig_len);
if (raw_sig_data == NULL) {
SSH_LOG(SSH_LOG_TRACE, "Out of memory");
goto out;
}
/* Create the context */
ctx = EVP_MD_CTX_create();
if (ctx == NULL) {
SSH_LOG(SSH_LOG_TRACE, "Out of memory");
goto out;
}
/* Sign the data */
rc = EVP_SignInit_ex(ctx, md, NULL);
if (!rc){
SSH_LOG(SSH_LOG_TRACE, "EVP_SignInit() failed");
goto out;
}
rc = EVP_SignUpdate(ctx, input, input_len);
if (!rc) {
SSH_LOG(SSH_LOG_TRACE, "EVP_SignUpdate() failed");
goto out;
}
rc = EVP_SignFinal(ctx, raw_sig_data, &raw_sig_len, pkey);
if (!rc) {
SSH_LOG(SSH_LOG_TRACE, "EVP_SignFinal() failed");
goto out;
}
#ifdef DEBUG_CRYPTO
ssh_print_hexa("Generated signature", raw_sig_data, raw_sig_len);
#endif
/* Allocate and fill output signature */
sig = ssh_signature_new();
if (sig == NULL) {
goto out;
}
sig->raw_sig = ssh_string_new(raw_sig_len);
if (sig->raw_sig == NULL) {
ssh_signature_free(sig);
sig = NULL;
goto out;
}
rc = ssh_string_fill(sig->raw_sig, raw_sig_data, raw_sig_len);
if (rc < 0) {
ssh_signature_free(sig);
sig = NULL;
goto out;
}
sig->type = privkey->type;
sig->hash_type = hash_type;
sig->type_c = ssh_key_signature_to_char(privkey->type, hash_type);
out:
if (ctx != NULL) {
EVP_MD_CTX_free(ctx);
}
if (raw_sig_data != NULL) {
explicit_bzero(raw_sig_data, raw_sig_len);
}
SAFE_FREE(raw_sig_data);
if (pkey != NULL) {
EVP_PKEY_free(pkey);
}
return sig;
}
/**
* @internal
*
* @brief Verify the signature of a given input. The digest of the input is
* calculated internally as necessary.
*
* @param[in] signature The signature to be verified.
* @param[in] pubkey The public key used to verify the signature.
* @param[in] input The signed data.
* @param[in] input_len The length of the signed data.
*
* @return SSH_OK if the signature is valid; SSH_ERROR otherwise.
*/
int pki_verify_data_signature(ssh_signature signature,
const ssh_key pubkey,
const unsigned char *input,
size_t input_len)
{
const EVP_MD *md = NULL;
EVP_MD_CTX *ctx = NULL;
EVP_PKEY *pkey = NULL;
unsigned char *raw_sig_data = NULL;
unsigned int raw_sig_len;
int rc = SSH_ERROR;
int evp_rc;
if (pubkey == NULL || ssh_key_is_private(pubkey) || input == NULL ||
signature == NULL || signature->raw_sig == NULL)
{
SSH_LOG(SSH_LOG_TRACE, "Bad parameter provided to "
"pki_verify_data_signature()");
return SSH_ERROR;
}
/* Get the signature to be verified */
raw_sig_data = ssh_string_data(signature->raw_sig);
raw_sig_len = ssh_string_len(signature->raw_sig);
if (raw_sig_data == NULL) {
return SSH_ERROR;
}
/* Set hash algorithm to be used */
md = pki_digest_to_md(signature->hash_type);
if (md == NULL) {
return SSH_ERROR;
}
/* Setup public key EVP_PKEY */
pkey = pki_key_to_pkey(pubkey);
if (pkey == NULL) {
return SSH_ERROR;
}
/* Create the context */
ctx = EVP_MD_CTX_create();
if (ctx == NULL) {
SSH_LOG(SSH_LOG_TRACE, "Out of memory");
goto out;
}
/* Verify the signature */
evp_rc = EVP_VerifyInit_ex(ctx, md, NULL);
if (!evp_rc){
SSH_LOG(SSH_LOG_TRACE, "EVP_SignInit() failed");
goto out;
}
evp_rc = EVP_VerifyUpdate(ctx, input, input_len);
if (!evp_rc) {
SSH_LOG(SSH_LOG_TRACE, "EVP_SignUpdate() failed");
goto out;
}
evp_rc = EVP_VerifyFinal(ctx, raw_sig_data, raw_sig_len, pkey);
if (evp_rc < 0) {
SSH_LOG(SSH_LOG_TRACE, "EVP_SignFinal() failed");
rc = SSH_ERROR;
} else if (evp_rc == 0) {
SSH_LOG(SSH_LOG_TRACE, "Signature invalid");
rc = SSH_ERROR;
} else if (evp_rc == 1) {
SSH_LOG(SSH_LOG_TRACE, "Signature valid");
rc = SSH_OK;
}
out:
if (ctx != NULL) {
EVP_MD_CTX_free(ctx);
}
if (pkey != NULL) {
EVP_PKEY_free(pkey);
}
return rc;
}
ssh_signature pki_do_sign_hash(const ssh_key privkey,
const unsigned char *hash,
size_t hlen,

61
tests/unittests/torture_pki_dsa.c
Просмотреть файл

@ -169,6 +169,66 @@ static void torture_pki_dsa_import_privkey_base64(void **state)
}
#ifdef HAVE_LIBCRYPTO
static int test_sign_verify_data(ssh_key key,
enum ssh_digest_e hash_type,
const unsigned char *input,
size_t input_len)
{
ssh_signature sig;
ssh_key pubkey = NULL;
int rc;
/* Get the public key to verify signature */
rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
assert_int_equal(rc, SSH_OK);
assert_non_null(pubkey);
/* Sign the buffer */
sig = pki_sign_data(key, hash_type, input, input_len);
assert_non_null(sig);
/* Verify signature */
rc = pki_verify_data_signature(sig, pubkey, input, input_len);
assert_int_equal(rc, SSH_OK);
ssh_signature_free(sig);
SSH_KEY_FREE(pubkey);
return rc;
}
static void torture_pki_sign_data_dsa(void **state)
{
int rc;
ssh_key key = NULL;
(void) state;
/* Setup */
rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 2048, &key);
assert_int_equal(rc, SSH_OK);
assert_non_null(key);
/* Test using automatic digest */
rc = test_sign_verify_data(key, SSH_DIGEST_AUTO, DSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Test using SHA1 */
rc = test_sign_verify_data(key, SSH_DIGEST_SHA1, DSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Test using SHA256 */
rc = test_sign_verify_data(key, SSH_DIGEST_SHA256, DSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Test using SHA512 */
rc = test_sign_verify_data(key, SSH_DIGEST_SHA512, DSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Cleanup */
SSH_KEY_FREE(key);
}
static void torture_pki_dsa_write_privkey(void **state)
{
ssh_key origkey = NULL;
@ -708,6 +768,7 @@ int torture_run_tests(void)
cmocka_unit_test_setup_teardown(torture_pki_dsa_write_privkey,
setup_dsa_key,
teardown),
cmocka_unit_test(torture_pki_sign_data_dsa),
#endif
cmocka_unit_test(torture_pki_dsa_import_privkey_base64_passphrase),
cmocka_unit_test(torture_pki_dsa_import_openssh_privkey_base64_passphrase),

62
tests/unittests/torture_pki_ecdsa.c
Просмотреть файл

@ -611,6 +611,67 @@ static void torture_pki_ecdsa_cert_verify(void **state)
}
#ifdef HAVE_LIBCRYPTO
static int test_sign_verify_data(ssh_key key,
enum ssh_digest_e hash_type,
const unsigned char *input,
size_t input_len)
{
ssh_signature sig;
ssh_key pubkey = NULL;
int rc;
/* Get the public key to verify signature */
rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
assert_int_equal(rc, SSH_OK);
assert_non_null(pubkey);
/* Sign the buffer */
sig = pki_sign_data(key, hash_type, input, input_len);
assert_non_null(sig);
/* Verify signature */
rc = pki_verify_data_signature(sig, pubkey, input, input_len);
assert_int_equal(rc, SSH_OK);
ssh_signature_free(sig);
SSH_KEY_FREE(pubkey);
return rc;
}
static void torture_pki_sign_data_ecdsa(void **state)
{
int rc;
ssh_key key = NULL;
(void) state;
/* Setup */
rc = ssh_pki_generate(SSH_KEYTYPE_ECDSA, 256, &key);
assert_int_equal(rc, SSH_OK);
assert_non_null(key);
/* Test using automatic digest */
rc = test_sign_verify_data(key, SSH_DIGEST_AUTO, ECDSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Test using SHA1 */
rc = test_sign_verify_data(key, SSH_DIGEST_SHA1, ECDSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Test using SHA256 */
rc = test_sign_verify_data(key, SSH_DIGEST_SHA256, ECDSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Test using SHA512 */
rc = test_sign_verify_data(key, SSH_DIGEST_SHA512, ECDSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Cleanup */
SSH_KEY_FREE(key);
}
static void torture_pki_ecdsa_write_privkey(void **state)
{
ssh_key origkey = NULL;
@ -838,6 +899,7 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_ecdsa_write_privkey,
setup_ecdsa_key_521,
teardown),
cmocka_unit_test(torture_pki_sign_data_ecdsa),
#endif /* HAVE_LIBCRYPTO */
cmocka_unit_test_setup_teardown(torture_pki_ecdsa_name256,
setup_ecdsa_key_256,

61
tests/unittests/torture_pki_rsa.c
Просмотреть файл

@ -564,6 +564,66 @@ static void torture_pki_rsa_sha2(void **state)
}
#ifdef HAVE_LIBCRYPTO
static int test_sign_verify_data(ssh_key key,
enum ssh_digest_e hash_type,
const unsigned char *input,
size_t input_len)
{
ssh_signature sig;
ssh_key pubkey = NULL;
int rc;
/* Get the public key to verify signature */
rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
assert_int_equal(rc, SSH_OK);
assert_non_null(pubkey);
/* Sign the buffer */
sig = pki_sign_data(key, hash_type, input, input_len);
assert_non_null(sig);
/* Verify signature */
rc = pki_verify_data_signature(sig, pubkey, input, input_len);
assert_int_equal(rc, SSH_OK);
ssh_signature_free(sig);
SSH_KEY_FREE(pubkey);
return rc;
}
static void torture_pki_sign_data_rsa(void **state)
{
int rc;
ssh_key key = NULL;
(void) state;
/* Setup */
rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 2048, &key);
assert_int_equal(rc, SSH_OK);
assert_non_null(key);
/* Test using automatic digest */
rc = test_sign_verify_data(key, SSH_DIGEST_AUTO, RSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Test using SHA1 */
rc = test_sign_verify_data(key, SSH_DIGEST_SHA1, RSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Test using SHA256 */
rc = test_sign_verify_data(key, SSH_DIGEST_SHA256, RSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Test using SHA512 */
rc = test_sign_verify_data(key, SSH_DIGEST_SHA512, RSA_HASH, 20);
assert_int_equal(rc, SSH_OK);
/* Cleanup */
SSH_KEY_FREE(key);
}
static void torture_pki_rsa_write_privkey(void **state)
{
ssh_key origkey = NULL;
@ -781,6 +841,7 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_rsa_write_privkey,
setup_rsa_key,
teardown),
cmocka_unit_test(torture_pki_sign_data_rsa),
#endif /* HAVE_LIBCRYPTO */
cmocka_unit_test_setup_teardown(torture_pki_rsa_sha2,
setup_rsa_key,