| 287 |
return ret; |
return ret; |
| 288 |
} |
} |
| 289 |
|
|
| 290 |
int key_verify(RSA *rsa_key, DSA *dsa_key, |
int key_verify(Key *key, |
| 291 |
unsigned char *signature, unsigned int signaturelen, |
unsigned char *signature, unsigned int signaturelen, |
| 292 |
unsigned char *data, unsigned int datalen) |
unsigned char *data, unsigned int datalen) |
| 293 |
{ |
{ |
| 294 |
int ret = 0; |
int ret = 0; |
| 295 |
|
|
| 296 |
if (rsa_key != NULL) { |
if (key->type == KEY_RSA) { |
| 297 |
ret = ssh_rsa_verify(rsa_key, signature, signaturelen, data, datalen); |
ret = ssh_rsa_verify(key->rsa, signature, signaturelen, data, datalen); |
| 298 |
|
|
| 299 |
} else if (dsa_key != NULL) { |
} |
| 300 |
ret = ssh_dss_verify(dsa_key, signature, signaturelen, data, datalen); |
else if (key->type == KEY_DSA) { |
| 301 |
|
ret = ssh_dss_verify(key->dsa, signature, signaturelen, data, datalen); |
| 302 |
|
|
| 303 |
} else { |
} |
| 304 |
|
else { |
| 305 |
return -1; |
return -1; |
| 306 |
} |
} |
| 307 |
|
|
| 622 |
// |
// |
| 623 |
// キー文字列から種別を判定する |
// キー文字列から種別を判定する |
| 624 |
// |
// |
| 625 |
enum hostkey_type get_keytype_from_name(char *name) |
enum ssh_keytype get_keytype_from_name(char *name) |
| 626 |
{ |
{ |
| 627 |
if (strcmp(name, "rsa1") == 0) { |
if (strcmp(name, "rsa1") == 0) { |
| 628 |
return KEY_RSA1; |
return KEY_RSA1; |
| 701 |
RSA *rsa = NULL; |
RSA *rsa = NULL; |
| 702 |
DSA *dsa = NULL; |
DSA *dsa = NULL; |
| 703 |
Key *hostkey; // hostkey |
Key *hostkey; // hostkey |
| 704 |
enum hostkey_type type; |
enum ssh_keytype type; |
| 705 |
|
|
| 706 |
hostkey = malloc(sizeof(Key)); |
hostkey = malloc(sizeof(Key)); |
| 707 |
if (hostkey == NULL) |
if (hostkey == NULL) |
| 720 |
|
|
| 721 |
type = get_keytype_from_name(key); |
type = get_keytype_from_name(key); |
| 722 |
|
|
| 723 |
// RSA key |
if (type == KEY_RSA) { // RSA key |
|
if (type == KEY_RSA) { |
|
| 724 |
rsa = RSA_new(); |
rsa = RSA_new(); |
| 725 |
if (rsa == NULL) { |
if (rsa == NULL) { |
| 726 |
goto error; |
goto error; |
| 737 |
hostkey->type = type; |
hostkey->type = type; |
| 738 |
hostkey->rsa = rsa; |
hostkey->rsa = rsa; |
| 739 |
|
|
| 740 |
} else if (type == KEY_DSA) { // DSA key |
} |
| 741 |
|
else if (type == KEY_DSA) { // DSA key |
| 742 |
dsa = DSA_new(); |
dsa = DSA_new(); |
| 743 |
if (dsa == NULL) { |
if (dsa == NULL) { |
| 744 |
goto error; |
goto error; |
| 779 |
return NULL; |
return NULL; |
| 780 |
} |
} |
| 781 |
|
|
|
char *get_SSH2_keyname(CRYPTKeyPair *keypair) |
|
|
{ |
|
|
char *s; |
|
|
|
|
|
if (keypair->RSA_key != NULL) { |
|
|
s = "ssh-rsa"; |
|
|
} else { |
|
|
s = "ssh-dss"; |
|
|
} |
|
|
|
|
|
return (s); |
|
|
} |
|
|
|
|
| 782 |
|
|
| 783 |
BOOL generate_SSH2_keysign(CRYPTKeyPair *keypair, char **sigptr, int *siglen, char *data, int datalen) |
BOOL generate_SSH2_keysign(Key *keypair, char **sigptr, int *siglen, char *data, int datalen) |
| 784 |
{ |
{ |
| 785 |
buffer_t *msg = NULL; |
buffer_t *msg = NULL; |
| 786 |
char *s; |
char *s; |
| 791 |
return FALSE; |
return FALSE; |
| 792 |
} |
} |
| 793 |
|
|
| 794 |
if (keypair->RSA_key != NULL) { // RSA |
if (keypair->type == KEY_RSA) { // RSA |
| 795 |
const EVP_MD *evp_md; |
const EVP_MD *evp_md = EVP_sha1(); |
| 796 |
EVP_MD_CTX md; |
EVP_MD_CTX md; |
| 797 |
u_char digest[EVP_MAX_MD_SIZE], *sig; |
u_char digest[EVP_MAX_MD_SIZE], *sig; |
| 798 |
u_int slen, dlen, len; |
u_int slen, dlen, len; |
| 799 |
int ok, nid; |
int ok, nid = NID_sha1; |
|
|
|
|
nid = NID_sha1; |
|
|
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
|
|
goto error; |
|
|
} |
|
| 800 |
|
|
| 801 |
// ダイジェスト値の計算 |
// ダイジェスト値の計算 |
| 802 |
EVP_DigestInit(&md, evp_md); |
EVP_DigestInit(&md, evp_md); |
| 803 |
EVP_DigestUpdate(&md, data, datalen); |
EVP_DigestUpdate(&md, data, datalen); |
| 804 |
EVP_DigestFinal(&md, digest, &dlen); |
EVP_DigestFinal(&md, digest, &dlen); |
| 805 |
|
|
| 806 |
slen = RSA_size(keypair->RSA_key); |
slen = RSA_size(keypair->rsa); |
| 807 |
sig = malloc(slen); |
sig = malloc(slen); |
| 808 |
if (sig == NULL) |
if (sig == NULL) |
| 809 |
goto error; |
goto error; |
| 810 |
|
|
| 811 |
// 電子署名を計算 |
// 電子署名を計算 |
| 812 |
ok = RSA_sign(nid, digest, dlen, sig, &len, keypair->RSA_key); |
ok = RSA_sign(nid, digest, dlen, sig, &len, keypair->rsa); |
| 813 |
memset(digest, 'd', sizeof(digest)); |
memset(digest, 'd', sizeof(digest)); |
| 814 |
if (ok != 1) { // error |
if (ok != 1) { // error |
| 815 |
free(sig); |
free(sig); |
| 830 |
|
|
| 831 |
} |
} |
| 832 |
|
|
| 833 |
s = get_SSH2_keyname(keypair); |
s = get_sshname_from_key(keypair); |
| 834 |
buffer_put_string(msg, s, strlen(s)); |
buffer_put_string(msg, s, strlen(s)); |
| 835 |
buffer_append_length(msg, sig, slen); |
buffer_append_length(msg, sig, slen); |
| 836 |
len = buffer_len(msg); |
len = buffer_len(msg); |
| 845 |
memcpy(*sigptr, buffer_ptr(msg), len); |
memcpy(*sigptr, buffer_ptr(msg), len); |
| 846 |
free(sig); |
free(sig); |
| 847 |
|
|
| 848 |
} else { // DSA |
} |
| 849 |
|
else if (keypair->type == KEY_DSA) { // DSA |
| 850 |
DSA_SIG *sig; |
DSA_SIG *sig; |
| 851 |
const EVP_MD *evp_md = EVP_sha1(); |
const EVP_MD *evp_md = EVP_sha1(); |
| 852 |
EVP_MD_CTX md; |
EVP_MD_CTX md; |
| 859 |
EVP_DigestFinal(&md, digest, &dlen); |
EVP_DigestFinal(&md, digest, &dlen); |
| 860 |
|
|
| 861 |
// DSA電子署名を計算 |
// DSA電子署名を計算 |
| 862 |
sig = DSA_do_sign(digest, dlen, keypair->DSA_key); |
sig = DSA_do_sign(digest, dlen, keypair->dsa); |
| 863 |
memset(digest, 'd', sizeof(digest)); |
memset(digest, 'd', sizeof(digest)); |
| 864 |
if (sig == NULL) { |
if (sig == NULL) { |
| 865 |
goto error; |
goto error; |
| 878 |
DSA_SIG_free(sig); |
DSA_SIG_free(sig); |
| 879 |
|
|
| 880 |
// setting |
// setting |
| 881 |
s = get_SSH2_keyname(keypair); |
s = get_sshname_from_key(keypair); |
| 882 |
buffer_put_string(msg, s, strlen(s)); |
buffer_put_string(msg, s, strlen(s)); |
| 883 |
buffer_append_length(msg, sigblob, sizeof(sigblob)); |
buffer_append_length(msg, sigblob, sizeof(sigblob)); |
| 884 |
len = buffer_len(msg); |
len = buffer_len(msg); |
| 892 |
memcpy(*sigptr, buffer_ptr(msg), len); |
memcpy(*sigptr, buffer_ptr(msg), len); |
| 893 |
|
|
| 894 |
} |
} |
| 895 |
|
else { |
| 896 |
|
buffer_free(msg); |
| 897 |
|
return FALSE; |
| 898 |
|
} |
| 899 |
|
|
| 900 |
buffer_free(msg); |
buffer_free(msg); |
| 901 |
return TRUE; |
return TRUE; |
| 910 |
BOOL get_SSH2_publickey_blob(PTInstVar pvar, buffer_t **blobptr, int *bloblen) |
BOOL get_SSH2_publickey_blob(PTInstVar pvar, buffer_t **blobptr, int *bloblen) |
| 911 |
{ |
{ |
| 912 |
buffer_t *msg = NULL; |
buffer_t *msg = NULL; |
| 913 |
CRYPTKeyPair *keypair; |
Key *keypair; |
| 914 |
char *s; |
char *s; |
| 915 |
|
|
| 916 |
msg = buffer_init(); |
msg = buffer_init(); |
| 921 |
|
|
| 922 |
keypair = pvar->auth_state.cur_cred.key_pair; |
keypair = pvar->auth_state.cur_cred.key_pair; |
| 923 |
|
|
| 924 |
if (keypair->RSA_key != NULL) { // RSA |
if (keypair->type == KEY_RSA) { // RSA |
| 925 |
s = get_SSH2_keyname(keypair); |
s = get_sshname_from_key(keypair); |
| 926 |
buffer_put_string(msg, s, strlen(s)); |
buffer_put_string(msg, s, strlen(s)); |
| 927 |
buffer_put_bignum2(msg, keypair->RSA_key->e); // 公開指数 |
buffer_put_bignum2(msg, keypair->rsa->e); // 公開指数 |
| 928 |
buffer_put_bignum2(msg, keypair->RSA_key->n); // p×q |
buffer_put_bignum2(msg, keypair->rsa->n); // p×q |
| 929 |
|
|
| 930 |
} else { // DSA |
} |
| 931 |
s = get_SSH2_keyname(keypair); |
else if (keypair->type == KEY_RSA) { // DSA |
| 932 |
|
s = get_sshname_from_key(keypair); |
| 933 |
buffer_put_string(msg, s, strlen(s)); |
buffer_put_string(msg, s, strlen(s)); |
| 934 |
buffer_put_bignum2(msg, keypair->DSA_key->p); // 素数 |
buffer_put_bignum2(msg, keypair->dsa->p); // 素数 |
| 935 |
buffer_put_bignum2(msg, keypair->DSA_key->q); // (p-1)の素因数 |
buffer_put_bignum2(msg, keypair->dsa->q); // (p-1)の素因数 |
| 936 |
buffer_put_bignum2(msg, keypair->DSA_key->g); // 整数 |
buffer_put_bignum2(msg, keypair->dsa->g); // 整数 |
| 937 |
buffer_put_bignum2(msg, keypair->DSA_key->pub_key); // 公開鍵 |
buffer_put_bignum2(msg, keypair->dsa->pub_key); // 公開鍵 |
| 938 |
|
|
| 939 |
|
} |
| 940 |
|
else { |
| 941 |
|
return FALSE; |
| 942 |
|
|
| 943 |
} |
} |
| 944 |
|
|
Tera Term
Parent Directory
Revision Log
Patch