Fix DSA signature algorithm.
This commit is contained in:
parent
f1236a9ca1
commit
74e1f57a1d
@ -168,9 +168,36 @@ int ssh_key_sign(ssh_key* key, const char* data, int length, u_char* sig) {
|
||||
if (RSA_sign(NID_sha1, digest, dlen, sig, &len, key->rsa) == 1)
|
||||
return len;
|
||||
|
||||
case SSH_KEY_DSA:
|
||||
if (DSA_sign(NID_sha1, digest, dlen, sig, &len, key->dsa) == 1)
|
||||
return len;
|
||||
case SSH_KEY_DSA: {
|
||||
|
||||
DSA_SIG* dsa_sig = DSA_do_sign(digest, dlen, key->dsa);
|
||||
if (dsa_sig != NULL) {
|
||||
|
||||
/* Compute size of each half of signature */
|
||||
int rlen = BN_num_bytes(dsa_sig->r);
|
||||
int slen = BN_num_bytes(dsa_sig->s);
|
||||
|
||||
/* Ensure each number is within the required size */
|
||||
if (rlen > DSA_SIG_NUMBER_SIZE || slen > DSA_SIG_NUMBER_SIZE)
|
||||
return -1;
|
||||
|
||||
/* Init to all zeroes */
|
||||
memset(sig, 0, DSA_SIG_SIZE);
|
||||
|
||||
/* Add R at the end of the first block of the signature */
|
||||
BN_bn2bin(dsa_sig->r, sig + DSA_SIG_SIZE
|
||||
- DSA_SIG_NUMBER_SIZE - rlen);
|
||||
|
||||
/* Add S at the end of the second block of the signature */
|
||||
BN_bn2bin(dsa_sig->s, sig + DSA_SIG_SIZE - slen);
|
||||
|
||||
/* Done */
|
||||
DSA_SIG_free(dsa_sig);
|
||||
return DSA_SIG_SIZE;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
@ -54,6 +54,16 @@
|
||||
*/
|
||||
#define SSH_DSA_KEY_HEADER "-----BEGIN DSA PRIVATE KEY-----"
|
||||
|
||||
/**
|
||||
* The size of single number within a DSA signature, in bytes.
|
||||
*/
|
||||
#define DSA_SIG_NUMBER_SIZE 20
|
||||
|
||||
/**
|
||||
* The size of a DSA signature, in bytes.
|
||||
*/
|
||||
#define DSA_SIG_SIZE DSA_SIG_NUMBER_SIZE*2
|
||||
|
||||
/**
|
||||
* The type of an SSH key.
|
||||
*/
|
||||
|
Loading…
Reference in New Issue
Block a user