diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2011-12-30 11:06:10 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2012-02-04 18:37:04 +0100 |
commit | 9070b041843f0850f13947f7994264aab263557e (patch) | |
tree | f7bed3309831399c137d807e797e18d1b108e12b | |
parent | b309dd8fb72d1deaa16536f6d3391711594bbca5 (diff) | |
download | libssh-9070b041843f0850f13947f7994264aab263557e.tar.gz libssh-9070b041843f0850f13947f7994264aab263557e.tar.xz libssh-9070b041843f0850f13947f7994264aab263557e.zip |
pki: Add ecdsa support for signature_to_blob.
-rw-r--r-- | include/libssh/pki.h | 14 | ||||
-rw-r--r-- | src/pki_crypto.c | 29 |
2 files changed, 42 insertions, 1 deletions
diff --git a/include/libssh/pki.h b/include/libssh/pki.h index ad8bdb0e..b9da5fb6 100644 --- a/include/libssh/pki.h +++ b/include/libssh/pki.h @@ -22,6 +22,13 @@ #ifndef PKI_H_ #define PKI_H_ +#ifdef HAVE_OPENSSL_EC_H +#include <openssl/ec.h> +#endif +#ifdef HAVE_OPENSSL_ECDSA_H +#include <openssl/ecdsa.h> +#endif + #include "libssh/crypto.h" #define SSH_KEY_FLAG_EMPTY 0x0 @@ -54,11 +61,16 @@ struct ssh_signature_struct { #ifdef HAVE_LIBGCRYPT gcry_sexp_t dsa_sig; gcry_sexp_t rsa_sig; + void *ecdsa_sig; #elif defined HAVE_LIBCRYPTO DSA_SIG *dsa_sig; ssh_string rsa_sig; +# ifdef HAVE_OPENSSL_ECC + ECDSA_SIG *ecdsa_sig; +# else + void *ecdsa_sig; +# endif #endif - void *ecdsa; }; typedef struct ssh_signature_struct *ssh_signature; diff --git a/src/pki_crypto.c b/src/pki_crypto.c index e07008cc..981e4102 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -1003,6 +1003,35 @@ ssh_string pki_signature_to_blob(const ssh_signature sig) sig_blob = ssh_string_copy(sig->rsa_sig); break; case SSH_KEYTYPE_ECDSA: +#ifdef HAVE_OPENSSL_ECC + r = make_bignum_string(sig->ecdsa_sig->r); + if (r == NULL) { + return NULL; + } + s = make_bignum_string(sig->ecdsa_sig->s); + if (s == NULL) { + ssh_string_free(r); + return NULL; + } + + memcpy(buffer, + ((char *)ssh_string_data(r)) + ssh_string_len(r) - 20, + 20); + memcpy(buffer + 20, + ((char *)ssh_string_data(s)) + ssh_string_len(s) - 20, + 20); + + ssh_string_free(r); + ssh_string_free(s); + + sig_blob = ssh_string_new(40); + if (sig_blob == NULL) { + return NULL; + } + + ssh_string_fill(sig_blob, buffer, 40); + break; +#endif case SSH_KEYTYPE_UNKNOWN: ssh_pki_log("Unknown signature key type: %d", sig->type); return NULL; |