• R/O
  • SSH
  • HTTPS

ttssh2: Commit


Commit MetaInfo

Revision6567 (tree)
Time2017-01-09 22:04:00
Author(del#24082)

Log Message

DSA構造体のメンバーアクセスを関数アクセスに変更した。
ssh_rsa_verify関数でのRSA構造体の変更漏れを修正した。

Change Summary

Incremental Difference

--- branches/openssl_1_1_0/ttssh2/ttxssh/hosts.c (revision 6566)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/hosts.c (revision 6567)
@@ -984,6 +984,8 @@
984984 Key *a, *b;
985985 BIGNUM *e = NULL, *n = NULL;
986986 BIGNUM *se = NULL, *sn = NULL;
987+ BIGNUM *p, *q, *g, *pub_key;
988+ BIGNUM *sp, *sq, *sg, *spub_key;
987989
988990 if (src->type != key->type) {
989991 return -1;
@@ -1011,11 +1013,15 @@
10111013 BN_cmp(n, sn) == 0;
10121014
10131015 case KEY_DSA: // SSH2 DSA host public key
1016+ DSA_get0_pqg(key->dsa, &p, &q, &g);
1017+ DSA_get0_pqg(src->dsa, &sp, &sq, &sg);
1018+ DSA_get0_key(key->dsa, &pub_key, NULL);
1019+ DSA_get0_key(src->dsa, &spub_key, NULL);
10141020 return key->dsa != NULL && src->dsa &&
1015- BN_cmp(key->dsa->p, src->dsa->p) == 0 &&
1016- BN_cmp(key->dsa->q, src->dsa->q) == 0 &&
1017- BN_cmp(key->dsa->g, src->dsa->g) == 0 &&
1018- BN_cmp(key->dsa->pub_key, src->dsa->pub_key) == 0;
1021+ BN_cmp(p, sp) == 0 &&
1022+ BN_cmp(q, sq) == 0 &&
1023+ BN_cmp(g, sg) == 0 &&
1024+ BN_cmp(pub_key, spub_key) == 0;
10191025
10201026 case KEY_ECDSA256:
10211027 case KEY_ECDSA384:
--- branches/openssl_1_1_0/ttssh2/ttxssh/key.c (revision 6566)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/key.c (revision 6567)
@@ -258,6 +258,7 @@
258258 // int rlen, ret, nid;
259259 int ret = -1, nid;
260260 char *ptr;
261+ BIGNUM *n;
261262
262263 OpenSSL_add_all_digests();
263264
@@ -268,7 +269,8 @@
268269 if (key == NULL) {
269270 return -2;
270271 }
271- if (BN_num_bits(key->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
272+ RSA_get0_key(key, &n, NULL, NULL);
273+ if (BN_num_bits(n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
272274 return -3;
273275 }
274276 //debug_print(41, signature, signaturelen);
@@ -552,27 +554,34 @@
552554 DSA *duplicate_DSA(DSA *src)
553555 {
554556 DSA *dsa = NULL;
557+ BIGNUM *p, *q, *g, *pub_key;
558+ BIGNUM *sp, *sq, *sg, *spub_key;
555559
556560 dsa = DSA_new();
557561 if (dsa == NULL)
558562 goto error;
559- dsa->p = BN_new();
560- dsa->q = BN_new();
561- dsa->g = BN_new();
562- dsa->pub_key = BN_new();
563- if (dsa->p == NULL ||
564- dsa->q == NULL ||
565- dsa->g == NULL ||
566- dsa->pub_key == NULL) {
563+ p = BN_new();
564+ q = BN_new();
565+ g = BN_new();
566+ pub_key = BN_new();
567+ DSA_set0_pqg(dsa, p, q, g);
568+ DSA_set0_key(dsa, pub_key, NULL);
569+
570+ if (p == NULL ||
571+ q == NULL ||
572+ g == NULL ||
573+ pub_key == NULL) {
567574 DSA_free(dsa);
568575 goto error;
569576 }
570577
571578 // 深いコピー(deep copy)を行う。浅いコピー(shallow copy)はNG。
572- BN_copy(dsa->p, src->p);
573- BN_copy(dsa->q, src->q);
574- BN_copy(dsa->g, src->g);
575- BN_copy(dsa->pub_key, src->pub_key);
579+ DSA_get0_pqg(src, &sp, &sq, &sg);
580+ DSA_get0_key(src, &spub_key, NULL);
581+ BN_copy(p, sp);
582+ BN_copy(q, sq);
583+ BN_copy(g, sg);
584+ BN_copy(pub_key, spub_key);
576585
577586 error:
578587 return (dsa);
@@ -734,6 +743,7 @@
734743 key_size(const Key *k)
735744 {
736745 BIGNUM *n = NULL;
746+ BIGNUM *p = NULL;
737747
738748 switch (k->type) {
739749 case KEY_RSA1:
@@ -743,7 +753,8 @@
743753 RSA_get0_key(k->rsa, &n, NULL, NULL);
744754 return BN_num_bits(n);
745755 case KEY_DSA:
746- return BN_num_bits(k->dsa->p);
756+ DSA_get0_pqg(k->dsa, &p, NULL, NULL);
757+ return BN_num_bits(p);
747758 case KEY_ECDSA256:
748759 return 256;
749760 case KEY_ECDSA384:
@@ -961,6 +972,7 @@
961972 static void key_add_private(Key *k)
962973 {
963974 BIGNUM *d, *iqmp, *q, *p, *dmq1, *dmp1;
975+ BIGNUM *priv_key = NULL;
964976
965977 d = iqmp = q = p = dmq1 = dmp1 = NULL;
966978
@@ -985,8 +997,9 @@
985997 break;
986998
987999 case KEY_DSA:
988- k->dsa->priv_key = BN_new();
989- if (k->dsa->priv_key == NULL)
1000+ priv_key = BN_new();
1001+ DSA_set0_key(k->dsa, NULL, priv_key);
1002+ if (priv_key == NULL)
9901003 goto error;
9911004 break;
9921005
@@ -1031,9 +1044,9 @@
10311044 }
10321045
10331046
1034- if (k->dsa->priv_key == NULL) {
1035- BN_free(k->dsa->priv_key);
1036- k->dsa->priv_key = NULL;
1047+ if (priv_key == NULL) {
1048+ BN_free(priv_key);
1049+ // DSA_set0_key関数ではメンバーにNULLをセットすることはできない。
10371050 }
10381051
10391052 }
@@ -1054,6 +1067,7 @@
10541067 RSA *rsa;
10551068 DSA *dsa;
10561069 BIGNUM *e = NULL, *n = NULL;
1070+ BIGNUM *p, *q, *g, *pub_key, *priv_key;
10571071
10581072 k = calloc(1, sizeof(Key));
10591073 if (k == NULL)
@@ -1083,11 +1097,13 @@
10831097 dsa = DSA_new();
10841098 if (dsa == NULL)
10851099 goto error;
1086- dsa->p = BN_new();
1087- dsa->q = BN_new();
1088- dsa->g = BN_new();
1089- dsa->pub_key = BN_new();
1090- if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL || dsa->pub_key == NULL)
1100+ p = BN_new();
1101+ q = BN_new();
1102+ g = BN_new();
1103+ DSA_set0_pqg(dsa, p, q, g);
1104+ pub_key = BN_new();
1105+ DSA_set0_key(dsa, pub_key, NULL);
1106+ if (p == NULL || q == NULL || g == NULL || pub_key == NULL)
10911107 goto error;
10921108 k->dsa = dsa;
10931109 break;
@@ -1255,6 +1271,7 @@
12551271 int len;
12561272 int ret = 1; // success
12571273 BIGNUM *e = NULL, *n = NULL;
1274+ BIGNUM *p, *q, *g, *pub_key;
12581275
12591276 b = buffer_init();
12601277 sshname = get_sshname_from_key(key);
@@ -1267,11 +1284,13 @@
12671284 buffer_put_bignum2(b, n);
12681285 break;
12691286 case KEY_DSA:
1287+ DSA_get0_pqg(key->dsa, &p, &q, &g);
1288+ DSA_get0_key(key->dsa, &pub_key, NULL);
12701289 buffer_put_string(b, sshname, strlen(sshname));
1271- buffer_put_bignum2(b, key->dsa->p);
1272- buffer_put_bignum2(b, key->dsa->q);
1273- buffer_put_bignum2(b, key->dsa->g);
1274- buffer_put_bignum2(b, key->dsa->pub_key);
1290+ buffer_put_bignum2(b, p);
1291+ buffer_put_bignum2(b, q);
1292+ buffer_put_bignum2(b, g);
1293+ buffer_put_bignum2(b, pub_key);
12751294 break;
12761295 case KEY_ECDSA256:
12771296 case KEY_ECDSA384:
@@ -1328,6 +1347,7 @@
13281347 ssh_keytype type;
13291348 unsigned char *pk = NULL;
13301349 BIGNUM *e = NULL, *n = NULL;
1350+ BIGNUM *p, *dsa_q, *g, *pub_key;
13311351
13321352 if (data == NULL)
13331353 goto error;
@@ -1374,21 +1394,23 @@
13741394 if (dsa == NULL) {
13751395 goto error;
13761396 }
1377- dsa->p = BN_new();
1378- dsa->q = BN_new();
1379- dsa->g = BN_new();
1380- dsa->pub_key = BN_new();
1381- if (dsa->p == NULL ||
1382- dsa->q == NULL ||
1383- dsa->g == NULL ||
1384- dsa->pub_key == NULL) {
1397+ p = BN_new();
1398+ dsa_q = BN_new();
1399+ g = BN_new();
1400+ pub_key = BN_new();
1401+ DSA_set0_pqg(dsa, p, dsa_q, g);
1402+ DSA_set0_key(dsa, pub_key, NULL);
1403+ if (p == NULL ||
1404+ dsa_q == NULL ||
1405+ g == NULL ||
1406+ pub_key == NULL) {
13851407 goto error;
13861408 }
13871409
1388- buffer_get_bignum2(&data, dsa->p);
1389- buffer_get_bignum2(&data, dsa->q);
1390- buffer_get_bignum2(&data, dsa->g);
1391- buffer_get_bignum2(&data, dsa->pub_key);
1410+ buffer_get_bignum2(&data, p);
1411+ buffer_get_bignum2(&data, dsa_q);
1412+ buffer_get_bignum2(&data, g);
1413+ buffer_get_bignum2(&data, pub_key);
13921414
13931415 hostkey->type = type;
13941416 hostkey->dsa = dsa;
@@ -1697,6 +1719,7 @@
16971719 Key *keypair;
16981720 char *s, *tmp;
16991721 BIGNUM *e = NULL, *n = NULL;
1722+ BIGNUM *p, *q, *g, *pub_key;
17001723
17011724 msg = buffer_init();
17021725 if (msg == NULL) {
@@ -1715,12 +1738,14 @@
17151738 buffer_put_bignum2(msg, n); // p×q
17161739 break;
17171740 case KEY_DSA: // DSA
1741+ DSA_get0_pqg(keypair->dsa, &p, &q, &g);
1742+ DSA_get0_key(keypair->dsa, &pub_key, NULL);
17181743 s = get_sshname_from_key(keypair);
17191744 buffer_put_string(msg, s, strlen(s));
1720- buffer_put_bignum2(msg, keypair->dsa->p); // 素数
1721- buffer_put_bignum2(msg, keypair->dsa->q); // (p-1)の素因数
1722- buffer_put_bignum2(msg, keypair->dsa->g); // 整数
1723- buffer_put_bignum2(msg, keypair->dsa->pub_key); // 公開鍵
1745+ buffer_put_bignum2(msg, p); // 素数
1746+ buffer_put_bignum2(msg, q); // (p-1)の素因数
1747+ buffer_put_bignum2(msg, g); // 整数
1748+ buffer_put_bignum2(msg, pub_key); // 公開鍵
17241749 break;
17251750 case KEY_ECDSA256: // ECDSA
17261751 case KEY_ECDSA384:
@@ -1803,6 +1828,7 @@
18031828 {
18041829 char *s;
18051830 BIGNUM *e, *n, *d, *iqmp, *p, *q;
1831+ BIGNUM *g, *pub_key, *priv_key;
18061832
18071833 s = get_sshname_from_key(key);
18081834 buffer_put_cstring(b, s);
@@ -1822,11 +1848,14 @@
18221848 break;
18231849
18241850 case KEY_DSA:
1825- buffer_put_bignum2(b, key->dsa->p);
1826- buffer_put_bignum2(b, key->dsa->q);
1827- buffer_put_bignum2(b, key->dsa->g);
1828- buffer_put_bignum2(b, key->dsa->pub_key);
1829- buffer_put_bignum2(b, key->dsa->priv_key);
1851+ DSA_get0_pqg(key->dsa, &p, &q, &g);
1852+ DSA_get0_key(key->dsa, &pub_key, &priv_key);
1853+
1854+ buffer_put_bignum2(b, p);
1855+ buffer_put_bignum2(b, q);
1856+ buffer_put_bignum2(b, g);
1857+ buffer_put_bignum2(b, pub_key);
1858+ buffer_put_bignum2(b, priv_key);
18301859 break;
18311860
18321861 case KEY_ECDSA256:
@@ -1921,6 +1950,7 @@
19211950 unsigned int pklen, sklen;
19221951 int type;
19231952 BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
1953+ BIGNUM *g, *pub_key, *priv_key;
19241954
19251955 type_name = buffer_get_string_msg(blob, NULL);
19261956 if (type_name == NULL)
@@ -1947,11 +1977,13 @@
19471977 break;
19481978
19491979 case KEY_DSA:
1950- buffer_get_bignum2_msg(blob, k->dsa->p);
1951- buffer_get_bignum2_msg(blob, k->dsa->q);
1952- buffer_get_bignum2_msg(blob, k->dsa->g);
1953- buffer_get_bignum2_msg(blob, k->dsa->pub_key);
1954- buffer_get_bignum2_msg(blob, k->dsa->priv_key);
1980+ DSA_get0_pqg(k->dsa, &p, &q, &g);
1981+ DSA_get0_key(k->dsa, &pub_key, &priv_key);
1982+ buffer_get_bignum2_msg(blob, p);
1983+ buffer_get_bignum2_msg(blob, q);
1984+ buffer_get_bignum2_msg(blob, g);
1985+ buffer_get_bignum2_msg(blob, pub_key);
1986+ buffer_get_bignum2_msg(blob, priv_key);
19551987 break;
19561988
19571989 case KEY_ECDSA256:
--- branches/openssl_1_1_0/ttssh2/ttxssh/keyfiles.c (revision 6566)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/keyfiles.c (revision 6567)
@@ -1092,6 +1092,8 @@
10921092 case KEY_DSA:
10931093 {
10941094 char *pubkey_type, *pub, *pri;
1095+ BIGNUM *p, *q, *g, *pub_key, *priv_key;
1096+
10951097 pub = pubkey->buf;
10961098 pri = prikey->buf;
10971099 pubkey_type = buffer_get_string(&pub, NULL);
@@ -1107,26 +1109,30 @@
11071109 strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
11081110 goto error;
11091111 }
1110- result->dsa->p = BN_new();
1111- result->dsa->q = BN_new();
1112- result->dsa->g = BN_new();
1113- result->dsa->pub_key = BN_new();
1114- result->dsa->priv_key = BN_new();
1115- if (result->dsa->p == NULL ||
1116- result->dsa->q == NULL ||
1117- result->dsa->g == NULL ||
1118- result->dsa->pub_key == NULL ||
1119- result->dsa->priv_key == NULL) {
1112+ p = BN_new();
1113+ q = BN_new();
1114+ g = BN_new();
1115+ DSA_set0_pqg(result->dsa, p, q, g);
1116+
1117+ pub_key = BN_new();
1118+ priv_key = BN_new();
1119+ DSA_set0_key(result->dsa, pub_key, priv_key);
1120+
1121+ if (p == NULL ||
1122+ q == NULL ||
1123+ g == NULL ||
1124+ pub_key == NULL ||
1125+ priv_key == NULL) {
11201126 strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
11211127 goto error;
11221128 }
11231129
1124- buffer_get_bignum2(&pub, result->dsa->p);
1125- buffer_get_bignum2(&pub, result->dsa->q);
1126- buffer_get_bignum2(&pub, result->dsa->g);
1127- buffer_get_bignum2(&pub, result->dsa->pub_key);
1130+ buffer_get_bignum2(&pub, p);
1131+ buffer_get_bignum2(&pub, q);
1132+ buffer_get_bignum2(&pub, g);
1133+ buffer_get_bignum2(&pub, pub_key);
11281134
1129- buffer_get_bignum2(&pri, result->dsa->priv_key);
1135+ buffer_get_bignum2(&pri, priv_key);
11301136
11311137 break;
11321138 }
@@ -1439,6 +1445,7 @@
14391445 case KEY_DSA:
14401446 {
14411447 int param;
1448+ BIGNUM *p, *q, *g, *pub_key, *priv_key;
14421449
14431450 result->dsa = DSA_new();
14441451 if (result->dsa == NULL) {
@@ -1445,16 +1452,20 @@
14451452 strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
14461453 goto error;
14471454 }
1448- result->dsa->p = BN_new();
1449- result->dsa->q = BN_new();
1450- result->dsa->g = BN_new();
1451- result->dsa->pub_key = BN_new();
1452- result->dsa->priv_key = BN_new();
1453- if (result->dsa->p == NULL ||
1454- result->dsa->q == NULL ||
1455- result->dsa->g == NULL ||
1456- result->dsa->pub_key == NULL ||
1457- result->dsa->priv_key == NULL) {
1455+ p = BN_new();
1456+ q = BN_new();
1457+ g = BN_new();
1458+ DSA_set0_pqg(result->dsa, p, q, g);
1459+
1460+ pub_key = BN_new();
1461+ priv_key = BN_new();
1462+ DSA_set0_key(result->dsa, pub_key, priv_key);
1463+
1464+ if (p == NULL ||
1465+ q == NULL ||
1466+ g == NULL ||
1467+ pub_key == NULL ||
1468+ priv_key == NULL) {
14581469 strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
14591470 goto error;
14601471 }
@@ -1464,11 +1475,11 @@
14641475 strncpy_s(errmsg, errmsg_len, "predefined DSA parameters not supported", _TRUNCATE);
14651476 goto error;
14661477 }
1467- buffer_get_bignum_SECSH(blob2, result->dsa->p);
1468- buffer_get_bignum_SECSH(blob2, result->dsa->g);
1469- buffer_get_bignum_SECSH(blob2, result->dsa->q);
1470- buffer_get_bignum_SECSH(blob2, result->dsa->pub_key);
1471- buffer_get_bignum_SECSH(blob2, result->dsa->priv_key);
1478+ buffer_get_bignum_SECSH(blob2, p);
1479+ buffer_get_bignum_SECSH(blob2, g);
1480+ buffer_get_bignum_SECSH(blob2, q);
1481+ buffer_get_bignum_SECSH(blob2, pub_key);
1482+ buffer_get_bignum_SECSH(blob2, priv_key);
14721483
14731484 break;
14741485 }
--- branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c (revision 6566)
+++ branches/openssl_1_1_0/ttssh2/ttxssh/ttxssh.c (revision 6567)
@@ -3688,6 +3688,8 @@
36883688 {
36893689 DSA *priv = NULL;
36903690 DSA *pub = NULL;
3691+ BIGNUM *p, *q, *g, *pub_key;
3692+ BIGNUM *sp, *sq, *sg, *spub_key;
36913693
36923694 // private key
36933695 priv = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, cbfunc, cbarg);
@@ -3703,19 +3705,25 @@
37033705 pub = DSA_new();
37043706 if (pub == NULL)
37053707 goto error;
3706- pub->p = BN_new();
3707- pub->q = BN_new();
3708- pub->g = BN_new();
3709- pub->pub_key = BN_new();
3710- if (pub->p == NULL || pub->q == NULL || pub->g == NULL || pub->pub_key == NULL) {
3708+ p = BN_new();
3709+ q = BN_new();
3710+ g = BN_new();
3711+ DSA_set0_pqg(pub, p, q, g);
3712+
3713+ pub_key = BN_new();
3714+ DSA_set0_key(pub, pub_key, NULL);
3715+ if (p == NULL || q == NULL || g == NULL || pub_key == NULL) {
37113716 DSA_free(pub);
37123717 goto error;
37133718 }
37143719
3715- BN_copy(pub->p, priv->p);
3716- BN_copy(pub->q, priv->q);
3717- BN_copy(pub->g, priv->g);
3718- BN_copy(pub->pub_key, priv->pub_key);
3720+ DSA_get0_pqg(priv, &sp, &sq, &sg);
3721+ DSA_get0_key(priv, &spub_key, NULL);
3722+
3723+ BN_copy(p, sp);
3724+ BN_copy(q, sq);
3725+ BN_copy(g, sg);
3726+ BN_copy(pub_key, spub_key);
37193727 public_key.dsa = pub;
37203728 break;
37213729 }
@@ -4906,6 +4914,7 @@
49064914 char *uuenc; // uuencode data
49074915 int uulen;
49084916 BIGNUM *e, *n;
4917+ BIGNUM *p, *q, *g, *pub_key, *priv_key;
49094918
49104919 b = buffer_init();
49114920 if (b == NULL)
@@ -4913,12 +4922,15 @@
49134922
49144923 switch (public_key.type) {
49154924 case KEY_DSA: // DSA
4925+ DSA_get0_pqg(dsa, &p, &q, &g);
4926+ DSA_get0_key(dsa, &pub_key, NULL);
4927+
49164928 keyname = "ssh-dss";
49174929 buffer_put_string(b, keyname, strlen(keyname));
4918- buffer_put_bignum2(b, dsa->p);
4919- buffer_put_bignum2(b, dsa->q);
4920- buffer_put_bignum2(b, dsa->g);
4921- buffer_put_bignum2(b, dsa->pub_key);
4930+ buffer_put_bignum2(b, p);
4931+ buffer_put_bignum2(b, q);
4932+ buffer_put_bignum2(b, g);
4933+ buffer_put_bignum2(b, pub_key);
49224934 break;
49234935
49244936 case KEY_RSA: // RSA
Show on old repository browser