diff options
author | Jon Simons <jon@jonsimons.org> | 2014-12-07 16:41:31 -0800 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2014-12-09 19:21:47 +0100 |
commit | b35f1f488c022e08a905f94e582de3d6f0b1881b (patch) | |
tree | 3b864e6718f1d6e05328fccf90219ec7ad891b53 /src/pki_gcrypt.c | |
parent | 10f71c67690cf3c0e1b6a733c3641407df2224e2 (diff) | |
download | libssh-b35f1f488c022e08a905f94e582de3d6f0b1881b.tar.gz libssh-b35f1f488c022e08a905f94e582de3d6f0b1881b.tar.xz libssh-b35f1f488c022e08a905f94e582de3d6f0b1881b.zip |
pki_gcrypt: fix DSA signature extraction
Fix DSA signature extraction for the LIBGCRYPT build. Here, the same fix
that was applied to the LIBCRYPTO build for https://red.libssh.org/issues/144
is now adapted for pki_gcrypt. Additionally, ensure to set the resulting
output sig_blob buffer before returning.
Before this fix, one can observe the failure with the pkd test on a LIBGCRYPT
build as so:
# ./pkd_hello -i 1 -t torture_pkd_openssh_dsa_dsa_default
After, runs of 10000 back-to-back iterations of the same test are passing.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/pki_gcrypt.c')
-rw-r--r-- | src/pki_gcrypt.c | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c index cac341e2..e6db518f 100644 --- a/src/pki_gcrypt.c +++ b/src/pki_gcrypt.c @@ -1357,9 +1357,14 @@ int pki_export_pubkey_rsa1(const ssh_key key, ssh_string pki_signature_to_blob(const ssh_signature sig) { - char buffer[40] = {0}; + char buffer[40] = { 0 }; + const char *r = NULL; + size_t r_len, r_offset_in, r_offset_out; + const char *s = NULL; + size_t s_len, s_offset_in, s_offset_out; + gcry_sexp_t sexp; size_t size = 0; ssh_string sig_blob = NULL; @@ -1376,7 +1381,14 @@ ssh_string pki_signature_to_blob(const ssh_signature sig) size--; r++; } - memcpy(buffer, r + size - 20, 20); + + r_len = size; + r_offset_in = (r_len > 20) ? (r_len - 20) : 0; + r_offset_out = (r_len < 20) ? (20 - r_len) : 0; + memcpy(buffer + r_offset_out, + r + r_offset_in, + r_len - r_offset_in); + gcry_sexp_release(sexp); sexp = gcry_sexp_find_token(sig->dsa_sig, "s", 0); @@ -1388,8 +1400,22 @@ ssh_string pki_signature_to_blob(const ssh_signature sig) size--; s++; } - memcpy(buffer+ 20, s + size - 20, 20); + + s_len = size; + s_offset_in = (s_len > 20) ? (s_len - 20) : 0; + s_offset_out = (s_len < 20) ? (20 - s_len) : 0; + memcpy(buffer + 20 + s_offset_out, + s + s_offset_in, + s_len - s_offset_in); + gcry_sexp_release(sexp); + + sig_blob = ssh_string_new(40); + if (sig_blob == NULL) { + return NULL; + } + + ssh_string_fill(sig_blob, buffer, 40); break; case SSH_KEYTYPE_RSA: case SSH_KEYTYPE_RSA1: |