Tera Term

[Ttssh2-commit] [5536] Host keyに ED25519 を指定すると、key verifyで失敗する問題を修正した。

svnno****@sourc***** svnno****@sourc*****
2014年 3月 15日 (土) 18:28:15 JST

• 前の記事 [Ttssh2-commit] [5535] 接続処理の ED25519 対応を更新中。
• 次の記事 [Ttssh2-commit] [5537] Host key orderに ED25519 を追加した。
• 記事の並び順: [ 日付 ] [ スレッド ] [ 件名 ] [ 著者 ]

Revision: 5536
          http://sourceforge.jp/projects/ttssh2/scm/svn/commits/5536
Author:   yutakapon
Date:     2014-03-15 18:28:14 +0900 (Sat, 15 Mar 2014)
Log Message:
-----------
Host keyに ED25519 を指定すると、key verifyで失敗する問題を修正した。

Modified Paths:
--------------
    branches/ssh_ed25519/ttssh2/ttxssh/key.c

-------------- next part --------------
Modified: branches/ssh_ed25519/ttssh2/ttxssh/key.c
===================================================================
--- branches/ssh_ed25519/ttssh2/ttxssh/key.c	2014-03-15 09:06:31 UTC (rev 5535)
+++ branches/ssh_ed25519/ttssh2/ttxssh/key.c	2014-03-15 09:28:14 UTC (rev 5536)
@@ -355,11 +355,12 @@
 							  unsigned char *data, unsigned int datalen)
 {
 	buffer_t *b;
-	char *ktype = NULL;
-	unsigned char *sigblob = NULL, *sm = NULL, *m = NULL;
-	unsigned int len;
-	unsigned long long smlen, mlen;
-	int rlen, ret;
+	char *ktype = NULL;
+	unsigned char *sigblob = NULL, *sm = NULL, *m = NULL;
+	unsigned int len;
+	unsigned long long smlen, mlen;
+	int rlen, ret;
+	char *bptr;
 
 	ret = -1;
 	b = buffer_init();
@@ -367,38 +368,39 @@
 		goto error;
 
 	buffer_append(b, signature, signaturelen);
-	ktype = buffer_get_string_msg(b, NULL);
-	if (strcmp("ssh-ed25519", ktype) != 0) {
-		goto error;
-	}
-	sigblob = buffer_get_string_msg(b, &len);
-	rlen = buffer_remain_len(b);
-	if (rlen != 0) {
-		goto error;
-	}
-	if (len > crypto_sign_ed25519_BYTES) {
-		goto error;
-	}
-
-	smlen = len + datalen;
-	sm = malloc((size_t)smlen);
-	memcpy(sm, sigblob, len);
-	memcpy(sm+len, data, datalen);
-	mlen = smlen;
-	m = malloc((size_t)mlen);
-
-	if ((ret = crypto_sign_ed25519_open(m, &mlen, sm, smlen,
-	    key->ed25519_pk)) != 0) {
-		//debug2("%s: crypto_sign_ed25519_open failed: %d",
-		//    __func__, ret);
-	}
-	if (ret == 0 && mlen != datalen) {
-		//debug2("%s: crypto_sign_ed25519_open "
-		//    "mlen != datalen (%llu != %u)", __func__, mlen, datalen);
-		ret = -1;
-	}
-	/* XXX compare 'm' and 'data' ? */
+	bptr = buffer_ptr(b);
+	ktype = buffer_get_string(&bptr, NULL);
+	if (strcmp("ssh-ed25519", ktype) != 0) {
+		goto error;
+	}
+	sigblob = buffer_get_string(&bptr, &len);
+	rlen = buffer_remain_len(b);
+	if (rlen != 0) {
+		goto error;
+	}
+	if (len > crypto_sign_ed25519_BYTES) {
+		goto error;
+	}
 
+	smlen = len + datalen;
+	sm = malloc((size_t)smlen);
+	memcpy(sm, sigblob, len);
+	memcpy(sm+len, data, datalen);
+	mlen = smlen;
+	m = malloc((size_t)mlen);
+
+	if ((ret = crypto_sign_ed25519_open(m, &mlen, sm, smlen,
+	    key->ed25519_pk)) != 0) {
+		//debug2("%s: crypto_sign_ed25519_open failed: %d",
+		//    __func__, ret);
+	}
+	if (ret == 0 && mlen != datalen) {
+		//debug2("%s: crypto_sign_ed25519_open "
+		//    "mlen != datalen (%llu != %u)", __func__, mlen, datalen);
+		ret = -1;
+	}
+	/* XXX compare 'm' and 'data' ? */
+
 error:
 	buffer_free(b);
 	free(ktype);
@@ -408,16 +410,16 @@
 		free(sigblob);
 	}
 	if (sm) {
-		memset(sm, 'S', (size_t)smlen);
+		memset(sm, 'S', (size_t)smlen);
 		free(sm);
 	}
 	if (m) {
-		memset(m, 'm', (size_t)smlen); /* NB. mlen may be invalid if ret != 0 */
+		memset(m, 'm', (size_t)smlen); /* NB. mlen may be invalid if ret != 0 */
 		free(m);
 	}
 
-	/* translate return code carefully */
-	return (ret == 0) ? 1 : -1;
+	/* translate return code carefully */
+	return (ret == 0) ? 1 : -1;
 }
 
 int key_verify(Key *key,
@@ -1081,37 +1083,37 @@
 
 static int ssh_ed25519_sign(Key *key, char **sigp, int *lenp, char *data, int datalen)
 {
-	char *sig;
-	int slen, len;
-	unsigned long long smlen;
-	int ret;
-	buffer_t *b;
-
-	smlen = slen = datalen + crypto_sign_ed25519_BYTES;
-	sig = malloc(slen);
-
-	if ((ret = crypto_sign_ed25519(sig, &smlen, data, datalen,
-	    key->ed25519_sk)) != 0 || smlen <= datalen) {
-		//error("%s: crypto_sign_ed25519 failed: %d", __func__, ret);
-		free(sig);
-		return -1;
-	}
-	/* encode signature */
-	b = buffer_init();
-	buffer_put_cstring(b, "ssh-ed25519");
-	buffer_put_string(b, sig, (int)(smlen - datalen));
-	len = buffer_len(b);
-	if (lenp != NULL)
-		*lenp = len;
-	if (sigp != NULL) {
-		*sigp = malloc(len);
-		memcpy(*sigp, buffer_ptr(b), len);
-	}
-	buffer_free(b);
-	memset(sig, 's', slen);
-	free(sig);
-
-	return 0;
+	char *sig;
+	int slen, len;
+	unsigned long long smlen;
+	int ret;
+	buffer_t *b;
+
+	smlen = slen = datalen + crypto_sign_ed25519_BYTES;
+	sig = malloc(slen);
+
+	if ((ret = crypto_sign_ed25519(sig, &smlen, data, datalen,
+	    key->ed25519_sk)) != 0 || smlen <= datalen) {
+		//error("%s: crypto_sign_ed25519 failed: %d", __func__, ret);
+		free(sig);
+		return -1;
+	}
+	/* encode signature */
+	b = buffer_init();
+	buffer_put_cstring(b, "ssh-ed25519");
+	buffer_put_string(b, sig, (int)(smlen - datalen));
+	len = buffer_len(b);
+	if (lenp != NULL)
+		*lenp = len;
+	if (sigp != NULL) {
+		*sigp = malloc(len);
+		memcpy(*sigp, buffer_ptr(b), len);
+	}
+	buffer_free(b);
+	memset(sig, 's', slen);
+	free(sig);
+
+	return 0;
 }
 
 

• 前の記事 [Ttssh2-commit] [5535] 接続処理の ED25519 対応を更新中。
• 次の記事 [Ttssh2-commit] [5537] Host key orderに ED25519 を追加した。
• 記事の並び順: [ 日付 ] [ スレッド ] [ 件名 ] [ 著者 ]