kex: Move ssh_encrypt_rsa1 to SSHv1 kex code.
Этот коммит содержится в:
родитель
79ffd49940
Коммит
d6829d073c
@ -81,6 +81,5 @@ ssh_string ssh_do_sign_with_agent(struct ssh_session_struct *session,
|
||||
ssh_string ssh_do_sign(ssh_session session,ssh_buffer sigbuf,
|
||||
ssh_private_key privatekey);
|
||||
ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey);
|
||||
ssh_string ssh_encrypt_rsa1(ssh_session session, ssh_string data, ssh_public_key key);
|
||||
|
||||
#endif /* KEYS_H_ */
|
||||
|
66
src/kex.c
66
src/kex.c
@ -570,6 +570,72 @@ static int modulus_smaller(ssh_public_key k1, ssh_public_key k2){
|
||||
|
||||
}
|
||||
|
||||
static ssh_string ssh_encrypt_rsa1(ssh_session session,
|
||||
ssh_string data,
|
||||
ssh_public_key key) {
|
||||
ssh_string str = NULL;
|
||||
size_t len = ssh_string_len(data);
|
||||
size_t size = 0;
|
||||
#ifdef HAVE_LIBGCRYPT
|
||||
const char *tmp = NULL;
|
||||
gcry_sexp_t ret_sexp;
|
||||
gcry_sexp_t data_sexp;
|
||||
|
||||
if (gcry_sexp_build(&data_sexp, NULL, "(data(flags pkcs1)(value %b))",
|
||||
len, ssh_string_data(data))) {
|
||||
ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error");
|
||||
return NULL;
|
||||
}
|
||||
if (gcry_pk_encrypt(&ret_sexp, data_sexp, key->rsa_pub)) {
|
||||
gcry_sexp_release(data_sexp);
|
||||
ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
gcry_sexp_release(data_sexp);
|
||||
|
||||
data_sexp = gcry_sexp_find_token(ret_sexp, "a", 0);
|
||||
if (data_sexp == NULL) {
|
||||
ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error");
|
||||
gcry_sexp_release(ret_sexp);
|
||||
return NULL;
|
||||
}
|
||||
tmp = gcry_sexp_nth_data(data_sexp, 1, &size);
|
||||
if (*tmp == 0) {
|
||||
size--;
|
||||
tmp++;
|
||||
}
|
||||
|
||||
str = ssh_string_new(size);
|
||||
if (str == NULL) {
|
||||
ssh_set_error(session, SSH_FATAL, "Not enough space");
|
||||
gcry_sexp_release(data_sexp);
|
||||
gcry_sexp_release(ret_sexp);
|
||||
return NULL;
|
||||
}
|
||||
ssh_string_fill(str, tmp, size);
|
||||
|
||||
gcry_sexp_release(data_sexp);
|
||||
gcry_sexp_release(ret_sexp);
|
||||
#elif defined HAVE_LIBCRYPTO
|
||||
size = RSA_size(key->rsa_pub);
|
||||
|
||||
str = ssh_string_new(size);
|
||||
if (str == NULL) {
|
||||
ssh_set_error(session, SSH_FATAL, "Not enough space");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (RSA_public_encrypt(len, ssh_string_data(data), ssh_string_data(str), key->rsa_pub,
|
||||
RSA_PKCS1_PADDING) < 0) {
|
||||
ssh_string_free(str);
|
||||
return NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
return str;
|
||||
}
|
||||
|
||||
#define ABS(A) ( (A)<0 ? -(A):(A) )
|
||||
static ssh_string encrypt_session_key(ssh_session session, ssh_public_key srvkey,
|
||||
ssh_public_key hostkey, int slen, int hlen) {
|
||||
|
64
src/keys.c
64
src/keys.c
@ -484,70 +484,6 @@ ssh_string ssh_do_sign(ssh_session session, ssh_buffer sigbuf,
|
||||
return signature;
|
||||
}
|
||||
|
||||
ssh_string ssh_encrypt_rsa1(ssh_session session, ssh_string data, ssh_public_key key) {
|
||||
ssh_string str = NULL;
|
||||
size_t len = ssh_string_len(data);
|
||||
size_t size = 0;
|
||||
#ifdef HAVE_LIBGCRYPT
|
||||
const char *tmp = NULL;
|
||||
gcry_sexp_t ret_sexp;
|
||||
gcry_sexp_t data_sexp;
|
||||
|
||||
if (gcry_sexp_build(&data_sexp, NULL, "(data(flags pkcs1)(value %b))",
|
||||
len, ssh_string_data(data))) {
|
||||
ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error");
|
||||
return NULL;
|
||||
}
|
||||
if (gcry_pk_encrypt(&ret_sexp, data_sexp, key->rsa_pub)) {
|
||||
gcry_sexp_release(data_sexp);
|
||||
ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
gcry_sexp_release(data_sexp);
|
||||
|
||||
data_sexp = gcry_sexp_find_token(ret_sexp, "a", 0);
|
||||
if (data_sexp == NULL) {
|
||||
ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error");
|
||||
gcry_sexp_release(ret_sexp);
|
||||
return NULL;
|
||||
}
|
||||
tmp = gcry_sexp_nth_data(data_sexp, 1, &size);
|
||||
if (*tmp == 0) {
|
||||
size--;
|
||||
tmp++;
|
||||
}
|
||||
|
||||
str = ssh_string_new(size);
|
||||
if (str == NULL) {
|
||||
ssh_set_error(session, SSH_FATAL, "Not enough space");
|
||||
gcry_sexp_release(data_sexp);
|
||||
gcry_sexp_release(ret_sexp);
|
||||
return NULL;
|
||||
}
|
||||
ssh_string_fill(str, tmp, size);
|
||||
|
||||
gcry_sexp_release(data_sexp);
|
||||
gcry_sexp_release(ret_sexp);
|
||||
#elif defined HAVE_LIBCRYPTO
|
||||
size = RSA_size(key->rsa_pub);
|
||||
|
||||
str = ssh_string_new(size);
|
||||
if (str == NULL) {
|
||||
ssh_set_error(session, SSH_FATAL, "Not enough space");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (RSA_public_encrypt(len, ssh_string_data(data), ssh_string_data(str), key->rsa_pub,
|
||||
RSA_PKCS1_PADDING) < 0) {
|
||||
ssh_string_free(str);
|
||||
return NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
return str;
|
||||
}
|
||||
|
||||
|
||||
/* this function signs the session id */
|
||||
ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey) {
|
||||
|
Загрузка…
Ссылка в новой задаче
Block a user