summaryrefslogtreecommitdiffstats
path: root/crypto/openssh/auth-rsa.c
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2000-03-26 07:07:24 +0000
committerkris <kris@FreeBSD.org>2000-03-26 07:07:24 +0000
commitb201b15ee1575ab28ed4f9b5a7d430e835a7c7ae (patch)
tree561c850bc04e7b62c9fc641be89ac412589219c1 /crypto/openssh/auth-rsa.c
parentfc557ff7d97438559e69347575f5aa8ef03a5f50 (diff)
downloadFreeBSD-src-b201b15ee1575ab28ed4f9b5a7d430e835a7c7ae.zip
FreeBSD-src-b201b15ee1575ab28ed4f9b5a7d430e835a7c7ae.tar.gz
Virgin import of OpenSSH sources dated 2000/03/25
Diffstat (limited to 'crypto/openssh/auth-rsa.c')
-rw-r--r--crypto/openssh/auth-rsa.c37
1 files changed, 15 insertions, 22 deletions
diff --git a/crypto/openssh/auth-rsa.c b/crypto/openssh/auth-rsa.c
index a04adf6..3d2e84f 100644
--- a/crypto/openssh/auth-rsa.c
+++ b/crypto/openssh/auth-rsa.c
@@ -16,7 +16,7 @@
*/
#include "includes.h"
-RCSID("$Id: auth-rsa.c,v 1.18 2000/02/11 10:59:11 markus Exp $");
+RCSID("$Id: auth-rsa.c,v 1.19 2000/03/23 22:15:33 markus Exp $");
#include "rsa.h"
#include "packet.h"
@@ -24,6 +24,7 @@ RCSID("$Id: auth-rsa.c,v 1.18 2000/02/11 10:59:11 markus Exp $");
#include "ssh.h"
#include "mpaux.h"
#include "uidswap.h"
+#include "match.h"
#include "servconf.h"
#include <ssl/rsa.h>
@@ -60,10 +61,9 @@ extern unsigned char session_id[16];
*/
int
-auth_rsa_challenge_dialog(BIGNUM *e, BIGNUM *n)
+auth_rsa_challenge_dialog(RSA *pk)
{
BIGNUM *challenge, *encrypted_challenge;
- RSA *pk;
BN_CTX *ctx;
unsigned char buf[32], mdbuf[16], response[16];
MD5_CTX md;
@@ -76,19 +76,11 @@ auth_rsa_challenge_dialog(BIGNUM *e, BIGNUM *n)
/* Generate a random challenge. */
BN_rand(challenge, 256, 0, 0);
ctx = BN_CTX_new();
- BN_mod(challenge, challenge, n, ctx);
+ BN_mod(challenge, challenge, pk->n, ctx);
BN_CTX_free(ctx);
- /* Create the public key data structure. */
- pk = RSA_new();
- pk->e = BN_new();
- BN_copy(pk->e, e);
- pk->n = BN_new();
- BN_copy(pk->n, n);
-
/* Encrypt the challenge with the public key. */
rsa_public_encrypt(encrypted_challenge, challenge, pk);
- RSA_free(pk);
/* Send the encrypted challenge to the client. */
packet_start(SSH_SMSG_AUTH_RSA_CHALLENGE);
@@ -140,7 +132,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
FILE *f;
unsigned long linenum = 0;
struct stat st;
- BIGNUM *e, *n;
+ RSA *pk;
/* Temporarily use the user's uid. */
temporarily_use_uid(pw->pw_uid);
@@ -202,8 +194,9 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
/* Flag indicating whether authentication has succeeded. */
authenticated = 0;
- e = BN_new();
- n = BN_new();
+ pk = RSA_new();
+ pk->e = BN_new();
+ pk->n = BN_new();
/*
* Go though the accepted keys, looking for the current key. If
@@ -241,7 +234,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
options = NULL;
/* Parse the key from the line. */
- if (!auth_rsa_read_key(&cp, &bits, e, n)) {
+ if (!auth_rsa_read_key(&cp, &bits, pk->e, pk->n)) {
debug("%.100s, line %lu: bad key syntax",
SSH_USER_PERMITTED_KEYS, linenum);
packet_send_debug("%.100s, line %lu: bad key syntax",
@@ -251,19 +244,20 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
/* cp now points to the comment part. */
/* Check if the we have found the desired key (identified by its modulus). */
- if (BN_cmp(n, client_n) != 0)
+ if (BN_cmp(pk->n, client_n) != 0)
continue;
/* check the real bits */
- if (bits != BN_num_bits(n))
+ if (bits != BN_num_bits(pk->n))
log("Warning: %s, line %ld: keysize mismatch: "
"actual %d vs. announced %d.",
- file, linenum, BN_num_bits(n), bits);
+ file, linenum, BN_num_bits(pk->n), bits);
/* We have found the desired key. */
+
/* Perform the challenge-response dialog for this key. */
- if (!auth_rsa_challenge_dialog(e, n)) {
+ if (!auth_rsa_challenge_dialog(pk)) {
/* Wrong response. */
verbose("Wrong response to RSA authentication challenge.");
packet_send_debug("Wrong response to RSA authentication challenge.");
@@ -466,8 +460,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
/* Close the file. */
fclose(f);
- BN_clear_free(n);
- BN_clear_free(e);
+ RSA_free(pk);
if (authenticated)
packet_send_debug("RSA authentication accepted.");
OpenPOWER on IntegriCloud