deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

challenge/response definition change

Browse Source
This commit is contained in:
NIIBE Yutaka
2012-05-31 12:34:11 +09:00
parent 95f328f94f
commit 2215a6dd2c
4 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@@ -1,5 +1,9 @@
2012-05-31 Niibe Yutaka <gniibe@fsij.org>
* src/call-rsa.c (rsa_verify): It's SIG_RSA_MD5.
* src/openpgp.c (cmd_external_authenticate): Follow the change of
rsa_verify.
Support "firmware update" keys.
* src/flash.c (flash_write_binary): Support update keys.
* src/gnuk.h (FILEID_UPDATE_KEY_0, FILEID_UPDATE_KEY_1)

6
src/call-rsa.c
View File

@@ -185,8 +185,7 @@ rsa_decrypt (const uint8_t *input, uint8_t *output, int msg_len,
}
int
rsa_verify (const uint8_t *pubkey, const uint8_t *hash, int hashlen,
const uint8_t *signature)
rsa_verify (const uint8_t *pubkey, const uint8_t *hash, const uint8_t *sig)
{
int r;
@@ -197,8 +196,7 @@ rsa_verify (const uint8_t *pubkey, const uint8_t *hash, int hashlen,
DEBUG_INFO ("RSA verify...");
r = rsa_pkcs1_verify (&rsa_ctx, RSA_PUBLIC, SIG_RSA_RAW, hashlen,
hash, signature);
r = rsa_pkcs1_verify (&rsa_ctx, RSA_PUBLIC, SIG_RSA_MD5, 16, hash, sig);
rsa_free (&rsa_ctx);
if (r < 0)

2
src/gnuk.h
View File

@@ -230,7 +230,7 @@ extern int rsa_sign (const uint8_t *, uint8_t *, int, struct key_data *);
extern const uint8_t *modulus_calc (const uint8_t *, int);
extern void modulus_free (const uint8_t *);
extern int rsa_decrypt (const uint8_t *, uint8_t *, int, struct key_data *);
extern int rsa_verify (const uint8_t *pubkey, const uint8_t *hash, int hashlen,
extern int rsa_verify (const uint8_t *pubkey, const uint8_t *hash,
const uint8_t *signature);
extern const uint8_t *gpg_do_read_simple (uint8_t);

4
src/openpgp.c
View File

@@ -887,7 +887,7 @@ cmd_write_binary (void)
if (i == 4) /* all update keys are removed */
{
p = gpg_get_firmware_update_key (0)
p = gpg_get_firmware_update_key (0);
flash_erase_page ((uint32_t)p);
}
@@ -921,7 +921,7 @@ cmd_external_authenticate (void)
return;
}
r = rsa_verify (pubkey, challenge, CHALLENGE_LEN, signature);
r = rsa_verify (pubkey, challenge, signature);
random_bytes_free (challenge);
challenge = NULL;
if (r < 0)