Merge branch 'master' of https://github.com/Jakuje/yubico-piv-tool into Jakuje-master

This commit is contained in:
Trevor Bentley
2017-11-20 14:03:48 +01:00
7 changed files with 292 additions and 42 deletions
+19 -16
View File
@@ -37,6 +37,7 @@
#include <windows.h>
#endif
#include "openssl-compat.h"
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/rsa.h>
@@ -80,7 +81,7 @@ FILE *open_file(const char *file_name, enum file_mode mode) {
}
unsigned char get_algorithm(EVP_PKEY *key) {
int type = EVP_PKEY_type(key->type);
int type = EVP_PKEY_type(EVP_PKEY_id(key));
switch(type) {
case EVP_PKEY_RSA:
{
@@ -333,23 +334,23 @@ bool set_component(unsigned char *in_ptr, const BIGNUM *bn, int element_len) {
}
bool prepare_rsa_signature(const unsigned char *in, unsigned int in_len, unsigned char *out, unsigned int *out_len, int nid) {
X509_SIG digestInfo;
X509_ALGOR algor;
X509_SIG *digestInfo;
X509_ALGOR *algor;
ASN1_TYPE parameter;
ASN1_OCTET_STRING digest;
ASN1_OCTET_STRING *digest;
unsigned char data[1024];
memcpy(data, in, in_len);
digestInfo.algor = &algor;
digestInfo.algor->algorithm = OBJ_nid2obj(nid);
digestInfo.algor->parameter = &parameter;
digestInfo.algor->parameter->type = V_ASN1_NULL;
digestInfo.algor->parameter->value.ptr = NULL;
digestInfo.digest = &digest;
digestInfo.digest->data = data;
digestInfo.digest->length = (int)in_len;
*out_len = (unsigned int)i2d_X509_SIG(&digestInfo, &out);
digestInfo = X509_SIG_new();
X509_SIG_getm(digestInfo, &algor, &digest);
algor = X509_ALGOR_new();
X509_ALGOR_set0(algor, OBJ_nid2obj(nid), V_ASN1_NULL, &parameter);
parameter.type = V_ASN1_NULL;
parameter.value.ptr = NULL;
digest->data = data;
digest->length = (int)in_len;
*out_len = (unsigned int)i2d_X509_SIG(digestInfo, &out);
return true;
}
@@ -532,22 +533,24 @@ int SSH_write_X509(FILE *fp, X509 *x) {
return ret;
}
switch (pkey->type) {
switch (EVP_PKEY_id(pkey)) {
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2: {
RSA *rsa;
unsigned char n[256];
const BIGNUM *bn_n;
char rsa_id[] = "\x00\x00\x00\x07ssh-rsa";
char rsa_f4[] = "\x00\x00\x00\x03\x01\x00\x01";
rsa = EVP_PKEY_get1_RSA(pkey);
RSA_get0_key(rsa, &bn_n, NULL, NULL);
if (!set_component(n, rsa->n, RSA_size(rsa))) {
if (!set_component(n, bn_n, RSA_size(rsa))) {
break;
}
uint32_t bytes = BN_num_bytes(rsa->n);
uint32_t bytes = BN_num_bytes(bn_n);
char len_buf[5];
int len = 4;