mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-25 01:02:24 +00:00
Replace more (pointer, length) arg pairs with ptrlen.
The abstract method ssh_key_sign(), and the concrete functions ssh_rsakex_newkey() and rsa_ssh1_public_blob_len(), now each take a ptrlen argument in place of a separate pointer and length pair. Partly that's because I'm generally preferring ptrlens these days and it keeps argument lists short and tidy-looking, but mostly it's because it will make those functions easier to wrap in my upcoming test system.
This commit is contained in:
parent
febef916a5
commit
a2d1c211a7
@ -352,7 +352,7 @@ void pageant_handle_msg(BinarySink *bs,
|
||||
}
|
||||
|
||||
signature = strbuf_new();
|
||||
ssh_key_sign(key->key, sigdata.ptr, sigdata.len, flags,
|
||||
ssh_key_sign(key->key, sigdata, flags,
|
||||
BinarySink_UPCAST(signature));
|
||||
|
||||
put_byte(bs, SSH2_AGENT_SIGN_RESPONSE);
|
||||
@ -1086,7 +1086,8 @@ int pageant_add_keyfile(Filename *filename, const char *passphrase,
|
||||
}
|
||||
/* Now skip over public blob */
|
||||
if (type == SSH_KEYTYPE_SSH1) {
|
||||
int n = rsa_ssh1_public_blob_len(p, keylistlen);
|
||||
int n = rsa_ssh1_public_blob_len(
|
||||
make_ptrlen(p, keylistlen));
|
||||
if (n < 0) {
|
||||
*retstr = dupstr("Received broken key list from agent");
|
||||
sfree(keylist);
|
||||
|
11
ssh.h
11
ssh.h
@ -511,7 +511,7 @@ char *rsa_ssh1_fingerprint(struct RSAKey *key);
|
||||
bool rsa_verify(struct RSAKey *key);
|
||||
void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
|
||||
RsaSsh1Order order);
|
||||
int rsa_ssh1_public_blob_len(void *data, int maxlen);
|
||||
int rsa_ssh1_public_blob_len(ptrlen data);
|
||||
void freersapriv(struct RSAKey *key);
|
||||
void freersakey(struct RSAKey *key);
|
||||
|
||||
@ -532,7 +532,7 @@ struct ssh_hashalg;
|
||||
struct ssh_rsa_kex_extra {
|
||||
int minklen;
|
||||
};
|
||||
struct RSAKey *ssh_rsakex_newkey(const void *data, int len);
|
||||
struct RSAKey *ssh_rsakex_newkey(ptrlen data);
|
||||
void ssh_rsakex_freekey(struct RSAKey *key);
|
||||
int ssh_rsakex_klen(struct RSAKey *key);
|
||||
void ssh_rsakex_encrypt(const struct ssh_hashalg *h,
|
||||
@ -776,8 +776,7 @@ struct ssh_keyalg {
|
||||
|
||||
/* Methods that operate on an existing ssh_key */
|
||||
void (*freekey) (ssh_key *key);
|
||||
void (*sign) (ssh_key *key, const void *data, int datalen,
|
||||
unsigned flags, BinarySink *);
|
||||
void (*sign) (ssh_key *key, ptrlen data, unsigned flags, BinarySink *);
|
||||
bool (*verify) (ssh_key *key, ptrlen sig, ptrlen data);
|
||||
void (*public_blob)(ssh_key *key, BinarySink *);
|
||||
void (*private_blob)(ssh_key *key, BinarySink *);
|
||||
@ -799,8 +798,8 @@ struct ssh_keyalg {
|
||||
#define ssh_key_new_priv_openssh(alg, bs) ((alg)->new_priv_openssh(alg, bs))
|
||||
|
||||
#define ssh_key_free(key) ((key)->vt->freekey(key))
|
||||
#define ssh_key_sign(key, data, len, flags, bs) \
|
||||
((key)->vt->sign(key, data, len, flags, bs))
|
||||
#define ssh_key_sign(key, data, flags, bs) \
|
||||
((key)->vt->sign(key, data, flags, bs))
|
||||
#define ssh_key_verify(key, sig, data) ((key)->vt->verify(key, sig, data))
|
||||
#define ssh_key_public_blob(key, bs) ((key)->vt->public_blob(key, bs))
|
||||
#define ssh_key_private_blob(key, bs) ((key)->vt->private_blob(key, bs))
|
||||
|
@ -537,7 +537,7 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted)
|
||||
|
||||
rsakeydata = get_string(pktin);
|
||||
|
||||
s->rsa_kex_key = ssh_rsakex_newkey(rsakeydata.ptr, rsakeydata.len);
|
||||
s->rsa_kex_key = ssh_rsakex_newkey(rsakeydata);
|
||||
if (!s->rsa_kex_key) {
|
||||
ssh_proto_error(s->ppl.ssh,
|
||||
"Unable to parse RSA public key packet");
|
||||
|
@ -28,8 +28,9 @@ static strbuf *finalise_and_sign_exhash(struct ssh2_transport_state *s)
|
||||
strbuf *sb;
|
||||
ssh2transport_finalise_exhash(s);
|
||||
sb = strbuf_new();
|
||||
ssh_key_sign(s->hkey, s->exchange_hash, s->kex_alg->hash->hlen, 0,
|
||||
BinarySink_UPCAST(sb));
|
||||
ssh_key_sign(
|
||||
s->hkey, make_ptrlen(s->exchange_hash, s->kex_alg->hash->hlen),
|
||||
0, BinarySink_UPCAST(sb));
|
||||
return sb;
|
||||
}
|
||||
|
||||
|
@ -890,7 +890,7 @@ static void ssh2_userauth_process_queue(PacketProtocolLayer *ppl)
|
||||
put_data(sigdata, s->pktout->data + 5,
|
||||
s->pktout->length - 5);
|
||||
sigblob = strbuf_new();
|
||||
ssh_key_sign(key->key, sigdata->s, sigdata->len, 0,
|
||||
ssh_key_sign(key->key, ptrlen_from_strbuf(sigdata), 0,
|
||||
BinarySink_UPCAST(sigblob));
|
||||
strbuf_free(sigdata);
|
||||
ssh2_userauth_add_sigblob(
|
||||
|
5
sshdss.c
5
sshdss.c
@ -416,14 +416,13 @@ mp_int *dss_gen_k(const char *id_string, mp_int *modulus,
|
||||
return k;
|
||||
}
|
||||
|
||||
static void dss_sign(ssh_key *key, const void *data, int datalen,
|
||||
unsigned flags, BinarySink *bs)
|
||||
static void dss_sign(ssh_key *key, ptrlen data, unsigned flags, BinarySink *bs)
|
||||
{
|
||||
struct dss_key *dss = container_of(key, struct dss_key, sshk);
|
||||
unsigned char digest[20];
|
||||
int i;
|
||||
|
||||
SHA_Simple(data, datalen, digest);
|
||||
SHA_Simple(data.ptr, data.len, digest);
|
||||
|
||||
mp_int *k = dss_gen_k("DSA deterministic k generator", dss->q, dss->x,
|
||||
digest, sizeof(digest));
|
||||
|
13
sshecc.c
13
sshecc.c
@ -979,7 +979,7 @@ static bool eddsa_verify(ssh_key *key, ptrlen sig, ptrlen data)
|
||||
return valid;
|
||||
}
|
||||
|
||||
static void ecdsa_sign(ssh_key *key, const void *data, int datalen,
|
||||
static void ecdsa_sign(ssh_key *key, ptrlen data,
|
||||
unsigned flags, BinarySink *bs)
|
||||
{
|
||||
struct ecdsa_key *ek = container_of(key, struct ecdsa_key, sshk);
|
||||
@ -987,15 +987,14 @@ static void ecdsa_sign(ssh_key *key, const void *data, int datalen,
|
||||
(const struct ecsign_extra *)ek->sshk.vt->extra;
|
||||
assert(ek->privateKey);
|
||||
|
||||
mp_int *z = ecdsa_signing_exponent_from_data(
|
||||
ek->curve, extra, make_ptrlen(data, datalen));
|
||||
mp_int *z = ecdsa_signing_exponent_from_data(ek->curve, extra, data);
|
||||
|
||||
/* Generate k between 1 and curve->n, using the same deterministic
|
||||
* k generation system we use for conventional DSA. */
|
||||
mp_int *k;
|
||||
{
|
||||
unsigned char digest[20];
|
||||
SHA_Simple(data, datalen, digest);
|
||||
SHA_Simple(data.ptr, data.len, digest);
|
||||
k = dss_gen_k(
|
||||
"ECDSA deterministic k generator", ek->curve->w.G_order,
|
||||
ek->privateKey, digest, sizeof(digest));
|
||||
@ -1033,7 +1032,7 @@ static void ecdsa_sign(ssh_key *key, const void *data, int datalen,
|
||||
mp_free(s);
|
||||
}
|
||||
|
||||
static void eddsa_sign(ssh_key *key, const void *data, int datalen,
|
||||
static void eddsa_sign(ssh_key *key, ptrlen data,
|
||||
unsigned flags, BinarySink *bs)
|
||||
{
|
||||
struct eddsa_key *ek = container_of(key, struct eddsa_key, sshk);
|
||||
@ -1076,7 +1075,7 @@ static void eddsa_sign(ssh_key *key, const void *data, int datalen,
|
||||
h = ssh_hash_new(extra->hash);
|
||||
put_data(h, hash + ek->curve->fieldBytes,
|
||||
extra->hash->hlen - ek->curve->fieldBytes);
|
||||
put_data(h, data, datalen);
|
||||
put_datapl(h, data);
|
||||
ssh_hash_final(h, hash);
|
||||
mp_int *log_r_unreduced = mp_from_bytes_le(
|
||||
make_ptrlen(hash, extra->hash->hlen));
|
||||
@ -1097,7 +1096,7 @@ static void eddsa_sign(ssh_key *key, const void *data, int datalen,
|
||||
* eddsa_verify does.
|
||||
*/
|
||||
mp_int *H = eddsa_signing_exponent_from_data(
|
||||
ek, extra, ptrlen_from_strbuf(r_enc), make_ptrlen(data, datalen));
|
||||
ek, extra, ptrlen_from_strbuf(r_enc), data);
|
||||
|
||||
/* And then s = (log(r) + H*a) mod order(G). */
|
||||
mp_int *Ha = mp_modmul(H, a, ek->curve->e.G_order);
|
||||
|
13
sshrsa.c
13
sshrsa.c
@ -315,11 +315,11 @@ void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
|
||||
}
|
||||
|
||||
/* Given an SSH-1 public key blob, determine its length. */
|
||||
int rsa_ssh1_public_blob_len(void *data, int maxlen)
|
||||
int rsa_ssh1_public_blob_len(ptrlen data)
|
||||
{
|
||||
BinarySource src[1];
|
||||
|
||||
BinarySource_BARE_INIT(src, data, maxlen);
|
||||
BinarySource_BARE_INIT(src, data.ptr, data.len);
|
||||
|
||||
/* Expect a length word, then exponent and modulus. (It doesn't
|
||||
* even matter which order.) */
|
||||
@ -638,7 +638,7 @@ static bool rsa2_verify(ssh_key *key, ptrlen sig, ptrlen data)
|
||||
return diff == 0;
|
||||
}
|
||||
|
||||
static void rsa2_sign(ssh_key *key, const void *data, int datalen,
|
||||
static void rsa2_sign(ssh_key *key, ptrlen data,
|
||||
unsigned flags, BinarySink *bs)
|
||||
{
|
||||
struct RSAKey *rsa = container_of(key, struct RSAKey, sshk);
|
||||
@ -661,8 +661,7 @@ static void rsa2_sign(ssh_key *key, const void *data, int datalen,
|
||||
|
||||
nbytes = (mp_get_nbits(rsa->modulus) + 7) / 8;
|
||||
|
||||
bytes = rsa_pkcs1_signature_string(
|
||||
nbytes, halg, make_ptrlen(data, datalen));
|
||||
bytes = rsa_pkcs1_signature_string(nbytes, halg, data);
|
||||
in = mp_from_bytes_be(make_ptrlen(bytes, nbytes));
|
||||
smemclr(bytes, nbytes);
|
||||
sfree(bytes);
|
||||
@ -700,9 +699,9 @@ const ssh_keyalg ssh_rsa = {
|
||||
SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512,
|
||||
};
|
||||
|
||||
struct RSAKey *ssh_rsakex_newkey(const void *data, int len)
|
||||
struct RSAKey *ssh_rsakex_newkey(ptrlen data)
|
||||
{
|
||||
ssh_key *sshk = rsa2_new_pub(&ssh_rsa, make_ptrlen(data, len));
|
||||
ssh_key *sshk = rsa2_new_pub(&ssh_rsa, data);
|
||||
if (!sshk)
|
||||
return NULL;
|
||||
return container_of(sshk, struct RSAKey, sshk);
|
||||
|
Loading…
Reference in New Issue
Block a user