diff options
| author | Alan Dunn <amdunn@gmail.com> | 2014-02-14 10:36:29 -0600 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2014-03-12 14:13:29 +0100 |
| commit | 15f3988bc8e2e780affc4180924ca7ff9f9e5c24 (patch) | |
| tree | f92d7520215d03beb8c5ab6235a03b7a6207d0fd /src | |
| parent | 9c2127b798b47cbaee0256f0ae4ab786f166ad45 (diff) | |
| download | libssh-15f3988bc8e2e780affc4180924ca7ff9f9e5c24.tar.gz libssh-15f3988bc8e2e780affc4180924ca7ff9f9e5c24.tar.xz libssh-15f3988bc8e2e780affc4180924ca7ff9f9e5c24.zip | |
pki: Use SHA-2 for session ID signing with ECDSA keys
Previously, SHA-1 was used always.
BUG: https://red.libssh.org/issues/148
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/pki.c | 54 |
1 files changed, 42 insertions, 12 deletions
@@ -1299,6 +1299,11 @@ int ssh_pki_signature_verify_blob(ssh_session session, evp(key->ecdsa_nid, digest, dlen, ehash, &elen); +#ifdef DEBUG_CRYPTO + ssh_print_hexa("Hash to be verified with ecdsa", + ehash, elen); +#endif + rc = pki_signature_verify(session, sig, key, @@ -1365,6 +1370,10 @@ ssh_string ssh_pki_do_sign(ssh_session session, evp_update(ctx, buffer_get_rest(sigbuf), buffer_get_rest_len(sigbuf)); evp_final(ctx, ehash, &elen); +#ifdef DEBUG_CRYPTO + ssh_print_hexa("Hash being signed", ehash, elen); +#endif + sig = pki_do_sign(privkey, ehash, elen); #endif } else { @@ -1458,10 +1467,8 @@ ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session, const ssh_key privkey) { struct ssh_crypto_struct *crypto; - unsigned char hash[SHA_DIGEST_LEN] = {0}; ssh_signature sig; ssh_string sig_blob; - SHACTX ctx; int rc; if (session == NULL || privkey == NULL || !ssh_key_is_private(privkey)) { @@ -1470,24 +1477,47 @@ ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session, crypto = session->next_crypto ? session->next_crypto : session->current_crypto; - ctx = sha1_init(); - if (ctx == NULL) { - return NULL; - } if (crypto->secret_hash == NULL){ ssh_set_error(session,SSH_FATAL,"Missing secret_hash"); return NULL; } - sha1_update(ctx, crypto->secret_hash, crypto->digest_len); - sha1_final(hash, ctx); + + if (privkey->type == SSH_KEYTYPE_ECDSA) { +#ifdef HAVE_ECC + unsigned char ehash[EVP_DIGEST_LEN] = {0}; + uint32_t elen; + + evp(privkey->ecdsa_nid, crypto->secret_hash, crypto->digest_len, + ehash, &elen); #ifdef DEBUG_CRYPTO - ssh_print_hexa("Hash being signed", hash, SHA_DIGEST_LEN); + ssh_print_hexa("Hash being signed", ehash, elen); #endif - sig = pki_do_sign_sessionid(privkey, hash, SHA_DIGEST_LEN); - if (sig == NULL) { - return NULL; + sig = pki_do_sign_sessionid(privkey, ehash, elen); + if (sig == NULL) { + return NULL; + } +#endif + } else { + unsigned char hash[SHA_DIGEST_LEN] = {0}; + SHACTX ctx; + + ctx = sha1_init(); + if (ctx == NULL) { + return NULL; + } + sha1_update(ctx, crypto->secret_hash, crypto->digest_len); + sha1_final(hash, ctx); + +#ifdef DEBUG_CRYPTO + ssh_print_hexa("Hash being signed", hash, SHA_DIGEST_LEN); +#endif + + sig = pki_do_sign_sessionid(privkey, hash, SHA_DIGEST_LEN); + if (sig == NULL) { + return NULL; + } } rc = ssh_pki_export_signature_blob(sig, &sig_blob); |