Re: Understanding SSH Certificate signatures

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Awesome, thanks!

On Tue, Feb 9, 2021 at 3:38 PM Damien Miller <djm@xxxxxxxxxxx> wrote:

> On Mon, 8 Feb 2021, Digant Kasundra wrote:
>
> > Hello OpenSSH community,
> >
> > I haven't found a good Rust library to verify that a presented OpenSSH
> > public certificate is valid.  My plan is to compare the signature_key to
> my
> > trusted CA certs and verify the signature in the user's public
> certificate.
> >
> > Here is what I tried but it isn't working:
> > * create an openssl RSA public key using the n and e from the
> signature_key
> > * decrypt the signature with that key to get the hash
> > * create a hash from all the base64 bytes up to but not including the
> > signature using SHA1
>
> Current versions of OpenSSH use sha-256 for certificate signatures by
> default, so that's one possile problem.
>
> > * compare the hashes, but they do not match
>
> Your approach seems reasonable. The certificate signature is made using
> exactly the same rules and structure as other SSH signatures. Are you
> following these? If so, then the only other possibility is that you are
> including the wrong bytes in the hash :)
>
> > To create my own hash, I'm skipping the opening text identifier in the
> > cert, but using the "ssh-rsa-cert-v01@xxxxxxxxxxx" string as part of the
> > octet string.
>
> The signed hash definitely includes this (and the four byte length before
> it)
>
> > Am I on the right track?  If so, I'll give some details of what I'm doing
> > so we can hopefully pinpoint where I'm going wrong.  (Or if someone
> knows a
> > rust crate that actually verifies a certificate instead of just parsing
> it,
> > that would be awesome!)
>
> My advice is to take a copy of OpenSSH, insert a
> sshbuf_dump_data(sshbuf_ptr(key->cert->certblob), signed_len, stderr)
> in sshkey.c:cert_parse() right before the sshkey_verify() call and
> compare what is you are including in your hash to what OpenSSH is.
> I've never solved a signature verification bug without printf debugging :)
>
> -d
>


-- 
Digant Chimanlal "DC" Kasundra
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux