diff options
| author | Jakub Jelen <jjelen@redhat.com> | 2018-08-07 15:04:45 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2018-08-31 14:18:34 +0200 |
| commit | 1f08aabe430676653c584eb29a28e56555ea5314 (patch) | |
| tree | 7b3a08490d1a7bc66a5c8a9ae516ac77edf1786c /src/pki_gcrypt.c | |
| parent | 3ca7e1eea9afc30bf4dd8fdeaad007b46a3a8cf7 (diff) | |
| download | libssh-1f08aabe430676653c584eb29a28e56555ea5314.tar.gz libssh-1f08aabe430676653c584eb29a28e56555ea5314.tar.xz libssh-1f08aabe430676653c584eb29a28e56555ea5314.zip | |
pki: RSA signatures with SHA2 hash algorithms (RFC 8332)
* This change introduces a new API to request signature using
one key and different hash algorithms. This is used only with
RSA keys, that used to have SHA1 hardcoded, but the new
algorithsms allow to use the SHA2 hashes, if the extension
is negotiated.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/pki_gcrypt.c')
| -rw-r--r-- | src/pki_gcrypt.c | 35 |
1 files changed, 31 insertions, 4 deletions
diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c index 9a8e8622..c0395e9d 100644 --- a/src/pki_gcrypt.c +++ b/src/pki_gcrypt.c @@ -2079,19 +2079,29 @@ int pki_signature_verify(ssh_session session, return SSH_OK; } -ssh_signature pki_do_sign(const ssh_key privkey, - const unsigned char *hash, - size_t hlen) { +ssh_signature pki_do_sign_hash(const ssh_key privkey, + const unsigned char *hash, + size_t hlen, + enum ssh_digest_e hash_type) +{ unsigned char ghash[hlen + 1]; + const char *hash_c = NULL; ssh_signature sig; gcry_sexp_t sexp; gcry_error_t err; + /* Only RSA supports different signature algorithm types now */ + if (privkey->type != SSH_KEYTYPE_RSA && hash_type != SSH_DIGEST_AUTO) { + SSH_LOG(SSH_LOG_WARN, "Incompatible signature algorithm passed"); + return NULL; + } + sig = ssh_signature_new(); if (sig == NULL) { return NULL; } sig->type = privkey->type; + sig->hash_type = hash_type; sig->type_c = privkey->type_c; switch (privkey->type) { case SSH_KEYTYPE_DSS: @@ -2117,9 +2127,26 @@ ssh_signature pki_do_sign(const ssh_key privkey, } break; case SSH_KEYTYPE_RSA: + sig->type_c = ssh_key_signature_to_char(privkey->type, hash_type); + switch (hash_type) { + case SSH_DIGEST_SHA1: + case SSH_DIGEST_AUTO: + hash_c = "sha1"; + break; + case SSH_DIGEST_SHA256: + hash_c = "sha256"; + break; + case SSH_DIGEST_SHA512: + hash_c = "sha512"; + break; + default: + SSH_LOG(SSH_LOG_WARN, "Incomplatible key algorithm"); + return NULL; + } err = gcry_sexp_build(&sexp, NULL, - "(data(flags pkcs1)(hash sha1 %b))", + "(data(flags pkcs1)(hash %s %b))", + hash_c, hlen, hash); if (err) { |