1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
use openssl::bn::BigNum;
use openssl::hash::MessageDigest;
use openssl::pkey::PKey;
use openssl::rsa;
use openssl::sign::Verifier;
use crate::encryption::PublicKey;
use crate::error::SshErrorKind;
use crate::packet::Data;
use crate::SshError;
pub(crate) struct RSA;
impl PublicKey for RSA {
fn new() -> Self where Self: Sized {
Self
}
fn verify_signature(&self, ks: &[u8], message: &[u8], sig: &[u8]) -> Result<bool, SshError> {
let mut data = Data((&ks[4..]).to_vec());
data.get_u8s();
let e = match BigNum::from_slice(&(data.get_u8s())) {
Ok(e) => e,
Err(_) => return Err(SshError::from(SshErrorKind::SignatureError))
};
let n = match BigNum::from_slice(&(data.get_u8s())) {
Ok(n) => n,
Err(_) => return Err(SshError::from(SshErrorKind::SignatureError))
};
let puk = match rsa::Rsa::from_public_components(n, e) {
Ok(v) => v,
Err(_) => return Err(SshError::from(SshErrorKind::SignatureError))
};
let pkey = match PKey::from_rsa(puk) {
Ok(v) => v,
Err(_) => return Err(SshError::from(SshErrorKind::SignatureError))
};
let mut verifier = match Verifier::new(MessageDigest::sha1(), &pkey) {
Ok(v) => v,
Err(_) => return Err(SshError::from(SshErrorKind::SignatureError))
};
match verifier.verify_oneshot(sig, message) {
Ok(ok) => Ok(ok),
Err(_) => Ok(false)
}
}
}