summaryrefslogtreecommitdiffstats
path: root/src/pki_crypto.c
Commit message (Collapse)AuthorAgeFilesLines
* pki: Move ssh_pki_key_ecdsa_name() to the correct file.Andreas Schneider2014-04-231-14/+0
|
* pki: Make pki_key_ecdsa_nid_to_name() a shared function.Andreas Schneider2014-04-231-1/+1
|
* pki crypto: expose new ssh_pki_key_ecdsa_name APIJon Simons2014-04-091-0/+14
| | | | | | | | | | | | | Enable retrieving the "ecdsa-sha2-nistpNNN" name of ECDSA keys with a new 'ssh_pki_key_ecdsa_name' API. This gives more information than the 'ssh_key_type_to_char' API, which yields "ssh-ecdsa" for ECDSA keys. The motivation is that this info is useful to have in a server context. The torture_pki unit test is updated to include the new API, and a few more passes are added to additionally test 384 and 521-bit keys. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki_crypto: guard against NULL pubkey->rsa in signature extractionJon Simons2014-03-271-1/+7
| | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki_crypto: Replace deprecated RSA_generate_key() with RSA_generate_key_ex()Petar Koretic2014-03-271-4/+14
| | | | | | | | | | | | | | | | | On Mar 16, 09:41, Aris Adamantiadis wrote: > Hi Petar, > I agree with the principle, but I don't think this code can work... > RSA_generate_key takes an RSA* as parameter and in our code we probably > have key->rsa==NULL. (if we don't then the old code had a memory leak). > > Does the test case work ? > > Aris > Yes, you are right. This works, tested with tests/unittests/torture_pki Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
* pki_crypto: Always copy ecdsa_nid into duplicated ECDSA keysAlan Dunn2014-03-121-2/+2
| | | | | | BUG: https://red.libssh.org/issues/147 Signed-off-by: Alan Dunn <amdunn@gmail.com>
* pki: Fix build warning about unused variables.Andreas Schneider2014-02-141-2/+2
|
* pki_crypto: Fix memory leak with EC_KEY_set_public_key().Andreas Schneider2014-01-281-1/+3
| | | | BUG: https://red.libssh.org/issues/146
* pki_crypto: fix DSA signature extractionJon Simons2014-01-231-26/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | Fix the DSA portion of 'pki_signature_to_blob': before this change, it is possible to sometimes observe DSA signature validation failure when testing with OpenSSH clients. The problem ended up being the following snippet which did not account for the case when 'ssh_string_len(x)' may be less than 20: r = make_bignum_string(sig->dsa_sig->r); ... memcpy(buffer, ((char *) ssh_string_data(r)) + ssh_string_len(r) - 20, 20); Above consider the case that ssh_string_len(r) is 19; in that case the memcpy unintentionally starts in the wrong place. The same situation can happen for value 's' in this code. To fix, adjust the offsets used for the input and output pointers, taking into account that the lengths of 'r' and 's' can be less than 20. With the fix I am no longer able to reproduce the original failure mode. BUG: https://red.libssh.org/issues/144 Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki_crypto: pad RSA signature blobsJon Simons2014-01-211-24/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Pad RSA signature blobs to the expected RSA signature length when processing via 'pki_signature_to_blob'. Some clients, notably PuTTY, may send unpadded RSA signatures during the public key exchange: before this change, one can sometimes observe failure in signature validation when using PuTTY's 'plink' client, along these lines: ssh_packet_process: ssh_packet_process: Dispatching handler for packet type 50 ssh_packet_userauth_request: ssh_packet_userauth_request: Auth request for service ssh-connection, method publickey for user 'foo' ssh_pki_signature_verify_blob: ssh_pki_signature_verify_blob: Going to verify a ssh-rsa type signature pki_signature_verify: pki_signature_verify: RSA error: error:04091077:rsa routines:INT_RSA_VERIFY:wrong signature length ssh_packet_userauth_request: ssh_packet_userauth_request: Received an invalid signature from peer For cross-reference this issue once also existed between PuTTY and OpenSSH: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/rsa-verify-failed.html http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-rsa.c?rev=1.19;content-type=text%2Fx-cvsweb-markup With the fix I am unable to reproduce the above failure mode when testing with 'plink'. Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* src: Rename buffer_add_data() to ssh_buffer_add_data().Andreas Schneider2014-01-191-3/+3
|
* src: Rename buffer_init to ssh_buffer_init().Andreas Schneider2014-01-191-1/+1
|
* update copyright informationAris Adamantiadis2014-01-071-1/+1
|
* pki_crypto: Add pki_private_key_to_pem().Andreas Schneider2013-11-271-0/+118
|
* remove warnings on OSX (workaround)Aris Adamantiadis2013-11-041-2/+2
|
* pki: Don't leak a buffer.Andreas Schneider2013-10-191-0/+2
|
* pki_crpypto: Fix ecdsa signature to blob.Andreas Schneider2013-10-181-12/+26
| | | | BUG: https://red.libssh.org/issues/118
* pki: Add the type as a char pointer.Andreas Schneider2013-10-181-1/+4
|
* pki: Fix switch statement of pki_key_generate_ecdsa().Andreas Schneider2013-06-181-0/+2
|
* pki: Fix resource leak on error.Andreas Schneider2013-06-131-0/+1
|
* pki: Don't leak the signature on error paths.Andreas Schneider2012-10-121-0/+2
| | | | Found by Coverity.
* pki: Don't leak memory in pubkey to blob.Andreas Schneider2012-10-071-3/+4
|
* pki: Make sure we don't double free pointers.Andreas Schneider2012-10-071-0/+6
|
* pki: Fix openssl ecdsa signature from blob.Andreas Schneider2012-02-041-34/+62
|
* pki: Update copyright.Andreas Schneider2012-02-041-1/+1
|
* pki: Fix build if you don't have ECC support.Andreas Schneider2012-02-041-0/+4
|
* pki: Add ecdsa support to do_sign_sessionid.Andreas Schneider2012-02-041-0/+8
|
* pki: Add ecdsa support to do_sign.Andreas Schneider2012-02-041-0/+14
|
* pki: Add ecdsa support for signature_verify.Andreas Schneider2012-02-041-0/+14
|
* pki: Add ecdsa support for signature_from_blob.Andreas Schneider2012-02-041-0/+50
|
* pki: Add ecdsa support for signature_to_blob.Andreas Schneider2012-02-041-0/+29
|
* pki: Add support to generate ecdsa keys.Andreas Schneider2012-02-041-0/+34
|
* pki: Fix ecdsa key dup.Andreas Schneider2012-02-041-0/+2
|
* pki: Add support to import ecdsa pubkeys.Andreas Schneider2012-02-041-0/+52
|
* pki: Add support for export ecdsa pubkeys.Andreas Schneider2012-02-041-0/+116
|
* pki: Add support to import ecdsa private keys.Andreas Schneider2012-02-041-0/+52
|
* pki: Add ECDSA for key compare.Andreas Schneider2012-02-041-0/+29
|
* pki: Add a ssh_key_cmp() function.Andreas Schneider2011-10-291-0/+58
|
* pki: ssh_pki_generateAris Adamantiadis2011-09-241-0/+23
| | | | for both gcrypt and openssl
* pki: DO actually verify signaturesAris Adamantiadis2011-09-241-2/+2
| | | | Would have been an embarrassing bug...
* pki: Add missing ECC ifdef.Andreas Schneider2011-09-061-0/+2
|
* pki: Add ssh_pki_export_pubkey_rsa1().Andreas Schneider2011-09-051-0/+29
|
* pki_crypto: Add ecdsa support for key duplication.Andreas Schneider2011-09-021-0/+31
|
* pki: string_* -> ssh_string_*Andreas Schneider2011-08-281-4/+4
|
* pki: Refactor _RSA_do_sign().Andreas Schneider2011-08-281-15/+31
|
* pki: Cleanup crypto includes.Andreas Schneider2011-08-281-2/+0
|
* pki: Handle hash correctly.Andreas Schneider2011-08-261-10/+11
| | | | | | | Looks like only DSA in grypt needs a leading zero to mark the has as positive. See http://lists.gnupg.org/pipermail/gcrypt-devel/2005-February/000754.html
* pki: Fix build with DEBUG_CRYPTO.Andreas Schneider2011-08-261-4/+4
|
* pki: Migrate ssh_pki_do_sign to new pki.Andreas Schneider2011-08-261-19/+18
|
* pki: Add ssh_pki_signature_verify_blob().Andreas Schneider2011-08-221-0/+47
|
generated by cgit (git 2.34.1) at 2025-09-26 08:01:35 +0000