WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #634 from ejohnstown/rsa-check 

RSA Verify Check
pull/636/head
JacobBarthelmeh 2023-12-21 14:55:45 -07:00 committed by GitHub
parent 7f52e23a5a b97b6c73b8
commit 7f5f9299c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 82 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/agent.c
View File

@ -701,6 +701,10 @@ static int SignHashRsa(WOLFSSH_AGENT_KEY_RSA* rawKey, enum wc_HashType hashType,
WLOG(WS_LOG_DEBUG, "Bad RSA Sign"); WLOG(WS_LOG_DEBUG, "Bad RSA Sign");
ret = WS_RSA_E; ret = WS_RSA_E;
} }
else {
ret = wolfSSH_RsaVerify(sig, *sigSz,
encSig, encSigSz, &key, heap, "SignHashRsa");
}
} }
wc_FreeRsaKey(&key); wc_FreeRsaKey(&key);

63
src/internal.c
View File

@ -9422,6 +9422,47 @@ static INLINE byte SigTypeForId(byte id)
} }
#ifndef WOLFSSH_NO_RSA
/*
* wolfSSH_RsaVerify
* sig - signature to verify
* sigSz - signature to verify size
* digest - encoded digest for verification
* digestSz - encoded digest size
* key - key used to sign and verify signature
* heap - allocation heap
* loc - calling function for logging
*/
int wolfSSH_RsaVerify(byte *sig, word32 sigSz,
const byte* digest, word32 digestSz,
RsaKey* key, void* heap, const char* loc)
{
byte* checkSig;
int ret = WS_SUCCESS;
checkSig = (byte*)WMALLOC(sigSz, heap, DYNTYPE_TEMP);
if (checkSig == NULL) {
ret = WS_MEMORY_E;
}
else {
int checkSz;
checkSz = wc_RsaSSL_VerifyInline(sig, sigSz, &checkSig, key);
if (checkSz < 0
|| (word32)checkSz != digestSz
|| WMEMCMP(digest, checkSig, digestSz) != 0) {
WLOG(WS_LOG_DEBUG, "%s: %s", loc, "Bad RSA Sign Verify");
ret = WS_RSA_E;
}
ForceZero(checkSig, sigSz);
WFREE(checkSig, heap, DYNTYPE_TEMP);
}
return ret;
}
#endif /* WOLFSSH_NO_RSA */
/* SendKexDhReply() /* SendKexDhReply()
* It is also the funciton used for MSGID_KEXECDH_REPLY. The parameters * It is also the funciton used for MSGID_KEXECDH_REPLY. The parameters
* are analogous between the two messages. Where MSGID_KEXDH_REPLY has * are analogous between the two messages. Where MSGID_KEXDH_REPLY has
@ -9932,7 +9973,7 @@ int SendKexDhReply(WOLFSSH* ssh)
encSigSz = wc_EncodeSignature(encSig, digest, encSigSz = wc_EncodeSignature(encSig, digest,
wc_HashGetDigestSize(sigHashId), wc_HashGetDigestSize(sigHashId),
wc_HashGetOID(sigHashId)); wc_HashGetOID(sigHashId));
if (encSigSz <= 0) { if (encSigSz == 0) {
WLOG(WS_LOG_DEBUG, "SendKexDhReply: Bad Encode Sig"); WLOG(WS_LOG_DEBUG, "SendKexDhReply: Bad Encode Sig");
ret = WS_CRYPTO_FAILED; ret = WS_CRYPTO_FAILED;
} }
@ -9946,6 +9987,12 @@ int SendKexDhReply(WOLFSSH* ssh)
WLOG(WS_LOG_DEBUG, "SendKexDhReply: Bad RSA Sign"); WLOG(WS_LOG_DEBUG, "SendKexDhReply: Bad RSA Sign");
ret = WS_RSA_E; ret = WS_RSA_E;
} }
else {
ret = wolfSSH_RsaVerify(sig_ptr, sigSz,
encSig, encSigSz,
&sigKeyBlock_ptr->sk.rsa.key,
heap, "SendKexDhReply");
}
} }
#ifdef WOLFSSH_SMALL_STACK #ifdef WOLFSSH_SMALL_STACK
WFREE(encSig, heap, DYNTYPE_TEMP); WFREE(encSig, heap, DYNTYPE_TEMP);
@ -11175,6 +11222,11 @@ static int BuildUserAuthRequestRsa(WOLFSSH* ssh,
WLOG(WS_LOG_DEBUG, "SUAR: Bad RSA Sign"); WLOG(WS_LOG_DEBUG, "SUAR: Bad RSA Sign");
ret = WS_RSA_E; ret = WS_RSA_E;
} }
else {
ret = wolfSSH_RsaVerify(output + begin, keySig->sigSz,
encDigest, encDigestSz, &keySig->ks.rsa.key,
ssh->ctx->heap, "SUAR");
}
} }
} }
@ -11324,6 +11376,7 @@ static int BuildUserAuthRequestRsaCert(WOLFSSH* ssh,
if (ret == WS_SUCCESS) if (ret == WS_SUCCESS)
ret = wc_HashFinal(&hash, hashId, digest); ret = wc_HashFinal(&hash, hashId, digest);
if (ret == WS_SUCCESS) {
c32toa(keySig->sigSz + 7 + LENGTH_SZ * 2, output + begin); c32toa(keySig->sigSz + 7 + LENGTH_SZ * 2, output + begin);
begin += LENGTH_SZ; begin += LENGTH_SZ;
c32toa(7, output + begin); c32toa(7, output + begin);
@ -11338,7 +11391,8 @@ static int BuildUserAuthRequestRsaCert(WOLFSSH* ssh,
WLOG(WS_LOG_DEBUG, "SUAR: Bad Encode Sig"); WLOG(WS_LOG_DEBUG, "SUAR: Bad Encode Sig");
ret = WS_CRYPTO_FAILED; ret = WS_CRYPTO_FAILED;
} }
else { }
if (ret == WS_SUCCESS) {
int sigSz; int sigSz;
WLOG(WS_LOG_INFO, "Signing hash with RSA."); WLOG(WS_LOG_INFO, "Signing hash with RSA.");
sigSz = wc_RsaSSL_Sign(encDigest, encDigestSz, sigSz = wc_RsaSSL_Sign(encDigest, encDigestSz,
@ -11348,6 +11402,11 @@ static int BuildUserAuthRequestRsaCert(WOLFSSH* ssh,
WLOG(WS_LOG_DEBUG, "SUAR: Bad RSA Sign"); WLOG(WS_LOG_DEBUG, "SUAR: Bad RSA Sign");
ret = WS_RSA_E; ret = WS_RSA_E;
} }
else {
ret = wolfSSH_RsaVerify(output + begin, keySig->sigSz,
encDigest, encDigestSz, &keySig->ks.rsa.key,
ssh->ctx->heap, "SUAR");
}
} }
if (ret == WS_SUCCESS) if (ret == WS_SUCCESS)

4
wolfssh/internal.h
View File

@ -36,6 +36,7 @@
#include <wolfssl/wolfcrypt/aes.h> #include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/dh.h> #include <wolfssl/wolfcrypt/dh.h>
#include <wolfssl/wolfcrypt/ecc.h> #include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/rsa.h>
#ifdef WOLFSSH_SCP #ifdef WOLFSSH_SCP
#include <wolfssh/wolfscp.h> #include <wolfssh/wolfscp.h>
#endif #endif
@ -1195,6 +1196,9 @@ WOLFSSH_LOCAL int wsScpSendCallback(WOLFSSH*, int, const char*, char*, word32,
WOLFSSH_LOCAL int wolfSSH_CleanPath(WOLFSSH* ssh, char* in); WOLFSSH_LOCAL int wolfSSH_CleanPath(WOLFSSH* ssh, char* in);
WOLFSSH_LOCAL int wolfSSH_RsaVerify(byte *sig, word32 sigSz,
const byte* digest, word32 digestSz,
RsaKey* key, void* heap, const char* loc);
WOLFSSH_LOCAL void DumpOctetString(const byte*, word32); WOLFSSH_LOCAL void DumpOctetString(const byte*, word32);
WOLFSSH_LOCAL int wolfSSH_oct2dec(WOLFSSH* ssh, byte* oct, word32 octSz); WOLFSSH_LOCAL int wolfSSH_oct2dec(WOLFSSH* ssh, byte* oct, word32 octSz);
WOLFSSH_LOCAL void AddAssign64(word32*, word32); WOLFSSH_LOCAL void AddAssign64(word32*, word32);