Cross Reference: /freebsd-11-stable/crypto/openssh/ssh-dss.c

Deleted Added

sdiff udiff text old ( 261320 ) new ( 263712 )

full compact

ssh-dss.c (261320)	ssh-dss.c (263712)
1/* $OpenBSD: ssh-dss.c,v 1.30 2014/01/09 23:20:00 djm Exp $ */	1/* $OpenBSD: ssh-dss.c,v 1.31 2014/02/02 03:44:31 djm Exp $ */
2/* 3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. --- 50 unchanged lines hidden (view full) --- 60 61 if (ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, 62 digest, sizeof(digest)) != 0) { 63 error("%s: ssh_digest_memory failed", __func__); 64 return -1; 65 } 66 67 sig = DSA_do_sign(digest, dlen, key->dsa);	2/* 3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. --- 50 unchanged lines hidden (view full) --- 60 61 if (ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, 62 digest, sizeof(digest)) != 0) { 63 error("%s: ssh_digest_memory failed", __func__); 64 return -1; 65 } 66 67 sig = DSA_do_sign(digest, dlen, key->dsa);
68 memset(digest, 'd', sizeof(digest));	68 explicit_bzero(digest, sizeof(digest));
69 70 if (sig == NULL) { 71 error("ssh_dss_sign: sign failed"); 72 return -1; 73 } 74 75 rlen = BN_num_bytes(sig->r); 76 slen = BN_num_bytes(sig->s); 77 if (rlen > INTBLOB_LEN \|\| slen > INTBLOB_LEN) { 78 error("bad sig size %u %u", rlen, slen); 79 DSA_SIG_free(sig); 80 return -1; 81 }	69 70 if (sig == NULL) { 71 error("ssh_dss_sign: sign failed"); 72 return -1; 73 } 74 75 rlen = BN_num_bytes(sig->r); 76 slen = BN_num_bytes(sig->s); 77 if (rlen > INTBLOB_LEN \|\| slen > INTBLOB_LEN) { 78 error("bad sig size %u %u", rlen, slen); 79 DSA_SIG_free(sig); 80 return -1; 81 }
82 memset(sigblob, 0, SIGBLOB_LEN);	82 explicit_bzero(sigblob, SIGBLOB_LEN);
83 BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen); 84 BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen); 85 DSA_SIG_free(sig); 86 87 if (datafellows & SSH_BUG_SIGBLOB) { 88 if (lenp != NULL) 89 lenp = SIGBLOB_LEN; 90 if (sigp != NULL) { --- 72 unchanged lines hidden* (view full) --- 163 fatal("%s: BN_new failed", __func__); 164 if ((sig->s = BN_new()) == NULL) 165 fatal("ssh_dss_verify: BN_new failed"); 166 if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) \|\| 167 (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL)) 168 fatal("%s: BN_bin2bn failed", __func__); 169 170 /* clean up */	83 BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen); 84 BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen); 85 DSA_SIG_free(sig); 86 87 if (datafellows & SSH_BUG_SIGBLOB) { 88 if (lenp != NULL) 89 lenp = SIGBLOB_LEN; 90 if (sigp != NULL) { --- 72 unchanged lines hidden* (view full) --- 163 fatal("%s: BN_new failed", __func__); 164 if ((sig->s = BN_new()) == NULL) 165 fatal("ssh_dss_verify: BN_new failed"); 166 if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) \|\| 167 (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL)) 168 fatal("%s: BN_bin2bn failed", __func__); 169 170 /* clean up */
171 memset(sigblob, 0, len);	171 explicit_bzero(sigblob, len);
172 free(sigblob); 173 174 /* sha1 the data / 175* if (ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, 176 digest, sizeof(digest)) != 0) { 177 error("%s: digest_memory failed", __func__); 178 return -1; 179 } 180 181 ret = DSA_do_verify(digest, dlen, sig, key->dsa);	172 free(sigblob); 173 174 /* sha1 the data / 175* if (ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, 176 digest, sizeof(digest)) != 0) { 177 error("%s: digest_memory failed", __func__); 178 return -1; 179 } 180 181 ret = DSA_do_verify(digest, dlen, sig, key->dsa);
182 memset(digest, 'd', sizeof(digest));	182 explicit_bzero(digest, sizeof(digest));
183 184 DSA_SIG_free(sig); 185 186 debug("%s: signature %s", __func__, 187 ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error"); 188 return ret; 189}	183 184 DSA_SIG_free(sig); 185 186 debug("%s: signature %s", __func__, 187 ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error"); 188 return ret; 189}