aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key/src/pubkey_ssh.erl
diff options
context:
space:
mode:
authorHans Nilsson <[email protected]>2017-04-19 14:10:29 +0200
committerHans Nilsson <[email protected]>2017-04-26 12:15:05 +0200
commit2e55f44545504aa1ba109e072e6833f5c045b58f (patch)
tree33101ba8bbc7c0d9c4cff57be27502435bb4e77f /lib/public_key/src/pubkey_ssh.erl
parenta053401a7a7142d4d2a068b2945ef91cb7957f89 (diff)
downloadotp-2e55f44545504aa1ba109e072e6833f5c045b58f.tar.gz
otp-2e55f44545504aa1ba109e072e6833f5c045b58f.tar.bz2
otp-2e55f44545504aa1ba109e072e6833f5c045b58f.zip
ssh: Implement signature algorithms rsa-sha2-*. draft-ietf-curdle-rsa-sha2
Diffstat (limited to 'lib/public_key/src/pubkey_ssh.erl')
-rw-r--r--lib/public_key/src/pubkey_ssh.erl39
1 files changed, 20 insertions, 19 deletions
diff --git a/lib/public_key/src/pubkey_ssh.erl b/lib/public_key/src/pubkey_ssh.erl
index 90726b1eb3..816d7b3336 100644
--- a/lib/public_key/src/pubkey_ssh.erl
+++ b/lib/public_key/src/pubkey_ssh.erl
@@ -44,11 +44,6 @@
%%====================================================================
%%--------------------------------------------------------------------
--spec decode(binary(), public_key | public_key:ssh_file()) ->
- [{public_key:public_key(), Attributes::list()}]
- ; (binary(), ssh2_pubkey) -> public_key:public_key()
- .
-%%
%% Description: Decodes a ssh file-binary.
%%--------------------------------------------------------------------
decode(Bin, public_key)->
@@ -66,11 +61,6 @@ decode(Bin, Type) ->
openssh_decode(Bin, Type).
%%--------------------------------------------------------------------
--spec encode([{public_key:public_key(), Attributes::list()}], public_key:ssh_file()) ->
- binary()
- ; (public_key:public_key(), ssh2_pubkey) -> binary()
- .
-%%
%% Description: Encodes a list of ssh file entries.
%%--------------------------------------------------------------------
encode(Bin, ssh2_pubkey) ->
@@ -81,10 +71,6 @@ encode(Entries, Type) ->
end, Entries)).
%%--------------------------------------------------------------------
--spec dh_gex_group(integer(), integer(), integer(),
- undefined | [{integer(),[{integer(),integer()}]}]) ->
- {ok,{integer(),{integer(),integer()}}} | {error,any()} .
-%%
%% Description: Returns Generator and Modulus given MinSize, WantedSize
%% and MaxSize
%%--------------------------------------------------------------------
@@ -421,14 +407,21 @@ comma_list_encode([Option | Rest], []) ->
comma_list_encode([Option | Rest], Acc) ->
comma_list_encode(Rest, Acc ++ "," ++ Option).
+
+%% An experimental fix adding the signature algorithm name as the last element in a tuple...
+
ssh2_pubkey_encode(#'RSAPublicKey'{modulus = N, publicExponent = E}) ->
- TypeStr = <<"ssh-rsa">>,
- StrLen = size(TypeStr),
+ ssh2_pubkey_encode({#'RSAPublicKey'{modulus = N, publicExponent = E}, 'ssh-rsa'});
+ssh2_pubkey_encode({#'RSAPublicKey'{modulus = N, publicExponent = E}, SignAlg}) ->
+ SignAlgName = list_to_binary(atom_to_list(SignAlg)),
+ StrLen = size(SignAlgName),
EBin = mpint(E),
NBin = mpint(N),
- <<?UINT32(StrLen), TypeStr:StrLen/binary,
+ <<?UINT32(StrLen), SignAlgName:StrLen/binary,
EBin/binary,
NBin/binary>>;
+ssh2_pubkey_encode({{_,#'Dss-Parms'{}}=Key, _}) ->
+ ssh2_pubkey_encode(Key);
ssh2_pubkey_encode({Y, #'Dss-Parms'{p = P, q = Q, g = G}}) ->
TypeStr = <<"ssh-dss">>,
StrLen = size(TypeStr),
@@ -441,6 +434,8 @@ ssh2_pubkey_encode({Y, #'Dss-Parms'{p = P, q = Q, g = G}}) ->
QBin/binary,
GBin/binary,
YBin/binary>>;
+ssh2_pubkey_encode({{#'ECPoint'{},_}=Key, _}) ->
+ ssh2_pubkey_encode(Key);
ssh2_pubkey_encode(Key={#'ECPoint'{point = Q}, {namedCurve,OID}}) ->
TypeStr = key_type(Key),
StrLen = size(TypeStr),
@@ -453,10 +448,16 @@ ssh2_pubkey_encode(Key={#'ECPoint'{point = Q}, {namedCurve,OID}}) ->
ssh2_pubkey_decode(Bin = <<?UINT32(Len), Type:Len/binary, _/binary>>) ->
ssh2_pubkey_decode(Type, Bin).
-ssh2_pubkey_decode(<<"ssh-rsa">>,
+%% An experimental fix with the Signature Algorithm Name
+ssh2_pubkey_decode(SignAlgName,
<<?UINT32(Len), _:Len/binary,
?UINT32(SizeE), E:SizeE/binary,
- ?UINT32(SizeN), N:SizeN/binary>>) ->
+ ?UINT32(SizeN), N:SizeN/binary>>)
+ when SignAlgName == <<"ssh-rsa">> ;
+ SignAlgName == <<"rsa-sha2-256">> ;
+ SignAlgName == <<"rsa-sha2-384">> ;
+ SignAlgName == <<"rsa-sha2-512">>
+ ->
#'RSAPublicKey'{modulus = erlint(SizeN, N),
publicExponent = erlint(SizeE, E)};