From d2434c69c008aa1cd3bd488ca6bc524da0e4ca3a Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Thu, 22 Nov 2018 10:43:18 +0100 Subject: [PATCH] pki: Separate signature extraction and verification Initial solution proposed by Tilo Eckert Signed-off-by: Jakub Jelen Reviewed-by: Andreas Schneider --- include/libssh/pki.h | 10 +++++----- src/messages.c | 15 +++++++++++---- src/packet_cb.c | 19 +++++++++++++------ src/pki.c | 18 +++++------------- 4 files changed, 34 insertions(+), 28 deletions(-) diff --git a/include/libssh/pki.h b/include/libssh/pki.h index 241cfdd1..17c142c1 100644 --- a/include/libssh/pki.h +++ b/include/libssh/pki.h @@ -110,11 +110,11 @@ int ssh_pki_export_signature_blob(const ssh_signature sign, int ssh_pki_import_signature_blob(const ssh_string sig_blob, const ssh_key pubkey, ssh_signature *psig); -int ssh_pki_signature_verify_blob(ssh_session session, - ssh_string sig_blob, - const ssh_key key, - unsigned char *digest, - size_t dlen); +int ssh_pki_signature_verify(ssh_session session, + ssh_signature sig, + const ssh_key key, + unsigned char *digest, + size_t dlen); /* SSH Public Key Functions */ int ssh_pki_export_pubkey_blob(const ssh_key key, diff --git a/src/messages.c b/src/messages.c index 9273fda7..4c83cf0b 100644 --- a/src/messages.c +++ b/src/messages.c @@ -730,6 +730,7 @@ static ssh_buffer ssh_msg_userauth_build_digest(ssh_session session, */ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ ssh_message msg = NULL; + ssh_signature sig = NULL; char *service = NULL; char *method = NULL; int cmp; @@ -863,13 +864,19 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ goto error; } - rc = ssh_pki_signature_verify_blob(session, - sig_blob, + rc = ssh_pki_import_signature_blob(sig_blob, msg->auth_request.pubkey, - ssh_buffer_get(digest), - ssh_buffer_get_len(digest)); + &sig); + if (rc == SSH_OK) { + rc = ssh_pki_signature_verify(session, + sig, + msg->auth_request.pubkey, + ssh_buffer_get(digest), + ssh_buffer_get_len(digest)); + } ssh_string_free(sig_blob); ssh_buffer_free(digest); + ssh_signature_free(sig); if (rc < 0) { SSH_LOG( SSH_LOG_PACKET, diff --git a/src/packet_cb.c b/src/packet_cb.c index 7e2902d3..e655c88d 100644 --- a/src/packet_cb.c +++ b/src/packet_cb.c @@ -138,6 +138,7 @@ error: SSH_PACKET_CALLBACK(ssh_packet_newkeys){ ssh_string sig_blob = NULL; + ssh_signature sig = NULL; int rc; (void)packet; (void)user; @@ -185,7 +186,12 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){ /* get the server public key */ server_key = ssh_dh_get_next_server_publickey(session); if (server_key == NULL) { - return SSH_ERROR; + goto error; + } + + rc = ssh_pki_import_signature_blob(sig_blob, server_key, &sig); + if (rc != SSH_OK) { + goto error; } /* check if public key from server matches user preferences */ @@ -202,13 +208,14 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){ } } - rc = ssh_pki_signature_verify_blob(session, - sig_blob, - server_key, - session->next_crypto->secret_hash, - session->next_crypto->digest_len); + rc = ssh_pki_signature_verify(session, + sig, + server_key, + session->next_crypto->secret_hash, + session->next_crypto->digest_len); ssh_string_burn(sig_blob); ssh_string_free(sig_blob); + ssh_signature_free(sig); sig_blob = NULL; if (rc == SSH_ERROR) { goto error; diff --git a/src/pki.c b/src/pki.c index 2bbf813c..0080b539 100644 --- a/src/pki.c +++ b/src/pki.c @@ -1919,20 +1919,14 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob, return SSH_OK; } -int ssh_pki_signature_verify_blob(ssh_session session, - ssh_string sig_blob, - const ssh_key key, - unsigned char *digest, - size_t dlen) +int ssh_pki_signature_verify(ssh_session session, + ssh_signature sig, + const ssh_key key, + unsigned char *digest, + size_t dlen) { - ssh_signature sig; int rc; - rc = ssh_pki_import_signature_blob(sig_blob, key, &sig); - if (rc < 0) { - return SSH_ERROR; - } - SSH_LOG(SSH_LOG_FUNCTIONS, "Going to verify a %s type signature", sig->type_c); @@ -2000,8 +1994,6 @@ int ssh_pki_signature_verify_blob(ssh_session session, hlen); } - ssh_signature_free(sig); - return rc; }