mirror of
https://salsa.debian.org/gnuk-team/gnuk/gnuk.git
synced 2024-09-20 10:50:09 +00:00
SHA1 for external authentication
This commit is contained in:
parent
2215a6dd2c
commit
fa2ae42e69
@ -1,6 +1,6 @@
|
|||||||
2012-05-31 Niibe Yutaka <gniibe@fsij.org>
|
2012-05-31 Niibe Yutaka <gniibe@fsij.org>
|
||||||
|
|
||||||
* src/call-rsa.c (rsa_verify): It's SIG_RSA_MD5.
|
* src/call-rsa.c (rsa_verify): It's SIG_RSA_SHA1.
|
||||||
* src/openpgp.c (cmd_external_authenticate): Follow the change of
|
* src/openpgp.c (cmd_external_authenticate): Follow the change of
|
||||||
rsa_verify.
|
rsa_verify.
|
||||||
|
|
||||||
|
@ -196,7 +196,7 @@ rsa_verify (const uint8_t *pubkey, const uint8_t *hash, const uint8_t *sig)
|
|||||||
|
|
||||||
DEBUG_INFO ("RSA verify...");
|
DEBUG_INFO ("RSA verify...");
|
||||||
|
|
||||||
r = rsa_pkcs1_verify (&rsa_ctx, RSA_PUBLIC, SIG_RSA_MD5, 16, hash, sig);
|
r = rsa_pkcs1_verify (&rsa_ctx, RSA_PUBLIC, SIG_RSA_SHA1, 20, hash, sig);
|
||||||
|
|
||||||
rsa_free (&rsa_ctx);
|
rsa_free (&rsa_ctx);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -900,9 +900,9 @@ cmd_external_authenticate (void)
|
|||||||
{
|
{
|
||||||
const uint8_t *pubkey;
|
const uint8_t *pubkey;
|
||||||
const uint8_t *signature = apdu.cmd_apdu_data;
|
const uint8_t *signature = apdu.cmd_apdu_data;
|
||||||
|
const uint8_t *hash = apdu.cmd_apdu_data + 256;
|
||||||
int len = apdu.cmd_apdu_data_len;
|
int len = apdu.cmd_apdu_data_len;
|
||||||
uint8_t keyno = P2 (apdu);
|
uint8_t keyno = P2 (apdu);
|
||||||
int r;
|
|
||||||
|
|
||||||
DEBUG_INFO (" - EXTERNAL AUTHENTICATE\r\n");
|
DEBUG_INFO (" - EXTERNAL AUTHENTICATE\r\n");
|
||||||
|
|
||||||
@ -920,11 +920,13 @@ cmd_external_authenticate (void)
|
|||||||
GPG_CONDITION_NOT_SATISFIED ();
|
GPG_CONDITION_NOT_SATISFIED ();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = rsa_verify (pubkey, challenge, signature);
|
memcpy (hash, unique_device_id (), 4);
|
||||||
|
memcpy (hash+4, challenge, CHALLENGE_LEN);
|
||||||
random_bytes_free (challenge);
|
random_bytes_free (challenge);
|
||||||
challenge = NULL;
|
challenge = NULL;
|
||||||
if (r < 0)
|
|
||||||
|
if (rsa_verify (pubkey, hash, signature) < 0)
|
||||||
{
|
{
|
||||||
GPG_SECURITY_FAILURE ();
|
GPG_SECURITY_FAILURE ();
|
||||||
return;
|
return;
|
||||||
@ -944,8 +946,9 @@ cmd_get_challenge (void)
|
|||||||
random_bytes_free (challenge);
|
random_bytes_free (challenge);
|
||||||
|
|
||||||
challenge = random_bytes_get ();
|
challenge = random_bytes_get ();
|
||||||
memcpy (res_APDU, challenge, CHALLENGE_LEN);
|
memcpy (res_APDU, unique_device_id (), 4);
|
||||||
res_APDU_size = CHALLENGE_LEN;
|
memcpy (res_APDU+4, challenge, CHALLENGE_LEN);
|
||||||
|
res_APDU_size = CHALLENGE_LEN + 4;
|
||||||
GPG_SUCCESS ();
|
GPG_SUCCESS ();
|
||||||
DEBUG_INFO ("GET CHALLENGE done.\r\n");
|
DEBUG_INFO ("GET CHALLENGE done.\r\n");
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user