1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
From 36a03132634a17c667c0fac0a8e1519b3d1b71c6 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Mon, 28 Nov 2022 21:12:23 +0800
Subject: Add #if DROPBEAR_RSA guards
Fixes building with DROPBEAR_RSA disabled.
Closes #197
---
signkey.c | 8 +++++++-
signkey.h | 2 ++
sysoptions.h | 5 +----
3 files changed, 10 insertions(+), 5 deletions(-)
--- a/signkey.c
+++ b/signkey.c
@@ -120,6 +120,7 @@ enum signkey_type signkey_type_from_name
/* Special case for rsa-sha2-256. This could be generalised if more
signature names are added that aren't 1-1 with public key names */
const char* signature_name_from_type(enum signature_type type, unsigned int *namelen) {
+#if DROPBEAR_RSA
#if DROPBEAR_RSA_SHA256
if (type == DROPBEAR_SIGNATURE_RSA_SHA256) {
if (namelen) {
@@ -136,11 +137,13 @@ const char* signature_name_from_type(enu
return SSH_SIGNKEY_RSA;
}
#endif
+#endif /* DROPBEAR_RSA */
return signkey_name_from_type((enum signkey_type)type, namelen);
}
/* Returns DROPBEAR_SIGNATURE_NONE if none match */
enum signature_type signature_type_from_name(const char* name, unsigned int namelen) {
+#if DROPBEAR_RSA
#if DROPBEAR_RSA_SHA256
if (namelen == strlen(SSH_SIGNATURE_RSA_SHA256)
&& memcmp(name, SSH_SIGNATURE_RSA_SHA256, namelen) == 0) {
@@ -153,10 +156,11 @@ enum signature_type signature_type_from_
return DROPBEAR_SIGNATURE_RSA_SHA1;
}
#endif
+#endif /* DROPBEAR_RSA */
return (enum signature_type)signkey_type_from_name(name, namelen);
}
-/* Returns the signature type from a key type. Must not be called
+/* Returns the signature type from a key type. Must not be called
with RSA keytype */
enum signature_type signature_type_from_signkey(enum signkey_type keytype) {
#if DROPBEAR_RSA
@@ -167,6 +171,7 @@ enum signature_type signature_type_from_
}
enum signkey_type signkey_type_from_signature(enum signature_type sigtype) {
+#if DROPBEAR_RSA
#if DROPBEAR_RSA_SHA256
if (sigtype == DROPBEAR_SIGNATURE_RSA_SHA256) {
return DROPBEAR_SIGNKEY_RSA;
@@ -177,6 +182,7 @@ enum signkey_type signkey_type_from_sign
return DROPBEAR_SIGNKEY_RSA;
}
#endif
+#endif /* DROPBEAR_RSA */
assert((int)sigtype < (int)DROPBEAR_SIGNKEY_NUM_NAMED);
return (enum signkey_type)sigtype;
}
--- a/signkey.h
+++ b/signkey.h
@@ -79,12 +79,14 @@ enum signature_type {
DROPBEAR_SIGNATURE_SK_ED25519 = DROPBEAR_SIGNKEY_SK_ED25519,
#endif
#endif
+#if DROPBEAR_RSA
#if DROPBEAR_RSA_SHA1
DROPBEAR_SIGNATURE_RSA_SHA1 = 100, /* ssh-rsa signature (sha1) */
#endif
#if DROPBEAR_RSA_SHA256
DROPBEAR_SIGNATURE_RSA_SHA256 = 101, /* rsa-sha2-256 signature. has a ssh-rsa key */
#endif
+#endif /* DROPBEAR_RSA */
DROPBEAR_SIGNATURE_NONE = DROPBEAR_SIGNKEY_NONE,
};
--- a/sysoptions.h
+++ b/sysoptions.h
@@ -137,7 +137,7 @@
/* Debian doesn't define this in system headers */
#if !defined(LTM_DESC) && (DROPBEAR_ECC)
-#define LTM_DESC
+#define LTM_DESC
#endif
#define DROPBEAR_ECC_256 (DROPBEAR_ECC)
@@ -151,9 +151,6 @@
* signing operations slightly slower. */
#define DROPBEAR_RSA_BLINDING 1
-#ifndef DROPBEAR_RSA_SHA1
-#define DROPBEAR_RSA_SHA1 DROPBEAR_RSA
-#endif
#ifndef DROPBEAR_RSA_SHA256
#define DROPBEAR_RSA_SHA256 DROPBEAR_RSA
#endif
|