Fix DSA signature algorithm.
This commit is contained in:
parent
f1236a9ca1
commit
74e1f57a1d
@ -168,9 +168,36 @@ int ssh_key_sign(ssh_key* key, const char* data, int length, u_char* sig) {
|
|||||||
if (RSA_sign(NID_sha1, digest, dlen, sig, &len, key->rsa) == 1)
|
if (RSA_sign(NID_sha1, digest, dlen, sig, &len, key->rsa) == 1)
|
||||||
return len;
|
return len;
|
||||||
|
|
||||||
case SSH_KEY_DSA:
|
case SSH_KEY_DSA: {
|
||||||
if (DSA_sign(NID_sha1, digest, dlen, sig, &len, key->dsa) == 1)
|
|
||||||
return len;
|
DSA_SIG* dsa_sig = DSA_do_sign(digest, dlen, key->dsa);
|
||||||
|
if (dsa_sig != NULL) {
|
||||||
|
|
||||||
|
/* Compute size of each half of signature */
|
||||||
|
int rlen = BN_num_bytes(dsa_sig->r);
|
||||||
|
int slen = BN_num_bytes(dsa_sig->s);
|
||||||
|
|
||||||
|
/* Ensure each number is within the required size */
|
||||||
|
if (rlen > DSA_SIG_NUMBER_SIZE || slen > DSA_SIG_NUMBER_SIZE)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
/* Init to all zeroes */
|
||||||
|
memset(sig, 0, DSA_SIG_SIZE);
|
||||||
|
|
||||||
|
/* Add R at the end of the first block of the signature */
|
||||||
|
BN_bn2bin(dsa_sig->r, sig + DSA_SIG_SIZE
|
||||||
|
- DSA_SIG_NUMBER_SIZE - rlen);
|
||||||
|
|
||||||
|
/* Add S at the end of the second block of the signature */
|
||||||
|
BN_bn2bin(dsa_sig->s, sig + DSA_SIG_SIZE - slen);
|
||||||
|
|
||||||
|
/* Done */
|
||||||
|
DSA_SIG_free(dsa_sig);
|
||||||
|
return DSA_SIG_SIZE;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -54,6 +54,16 @@
|
|||||||
*/
|
*/
|
||||||
#define SSH_DSA_KEY_HEADER "-----BEGIN DSA PRIVATE KEY-----"
|
#define SSH_DSA_KEY_HEADER "-----BEGIN DSA PRIVATE KEY-----"
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The size of single number within a DSA signature, in bytes.
|
||||||
|
*/
|
||||||
|
#define DSA_SIG_NUMBER_SIZE 20
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The size of a DSA signature, in bytes.
|
||||||
|
*/
|
||||||
|
#define DSA_SIG_SIZE DSA_SIG_NUMBER_SIZE*2
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The type of an SSH key.
|
* The type of an SSH key.
|
||||||
*/
|
*/
|
||||||
|
Loading…
Reference in New Issue
Block a user