diff --git a/src/internal.c b/src/internal.c index 9de8d32..064dbf1 100644 --- a/src/internal.c +++ b/src/internal.c @@ -35,9 +35,8 @@ #include #include #include +#include #include -#include -#include /* convert opaque to 32 bit integer */ @@ -1104,7 +1103,6 @@ static int DoDisconnect(WOLFSSH* ssh, uint8_t* buf, uint32_t len, uint32_t* idx) WLOG(WS_LOG_DEBUG, "DISCONNECT: (%u) %s", reason, reasonStr); #endif - *idx = begin; return WS_SUCCESS; @@ -1604,25 +1602,30 @@ int SendKexDhReply(WOLFSSH* ssh) } /* Sign h with the server's RSA private key. */ - if (1) { + { Sha sha; - CYASSL_RSA* altKey = CyaSSL_RSA_new(); uint8_t digest[SHA_DIGEST_SIZE]; - /* The message we want to sign is the exhange hash, h. - * According to RFC 3447, the first step in signing the message - * is to hash it, then apply DER encoding around it, then the - * RSA encryption. I looked at the client code, and that is - * definitely happening. - * - * wolfCrypt needs a function to do what CyaSSL_RSA_sign() is doing. - */ + uint8_t encSig[512]; + uint32_t encSigSz; InitSha(&sha); ShaUpdate(&sha, ssh->h, ssh->hSz); ShaFinal(&sha, digest); - ret = CyaSSL_RSA_LoadDer(altKey, ssh->ctx->privateKey, (int)ssh->ctx->privateKeySz); - ret = CyaSSL_RSA_sign(NID_sha1, digest, SHA_DIGEST_SIZE, sig, &sigSz, altKey); - CyaSSL_RSA_free(altKey); + + encSigSz = EncodeSignature(encSig, digest, sizeof(digest), SHAh); + if (encSigSz <= 0) { + WLOG(WS_LOG_DEBUG, "SendKexDhReply: Bad Encode Sig"); + } + else { + /* At this point, sigSz should already be sizeof(sig) */ + sigSz = RsaSSL_Sign(encSig, encSigSz, sig, sigSz, &rsaKey, ssh->rng); + if (sigSz <= 0) { + WLOG(WS_LOG_DEBUG, "SendKexDhReply: Bad RSA Sign"); + } + else { + /* Success */ + } + } } FreeRsaKey(&rsaKey); sigBlockSz = (LENGTH_SZ * 2) + 7 + sigSz;