X-Git-Url: http://git.tuebingen.mpg.de/?a=blobdiff_plain;f=gcrypt.c;h=e5f64688cbbc6ef5aa907fb7336675bdc9818e61;hb=43b7fd1994faccc511b24b6f80690f5ce6c9d156;hp=dbe4900862fef83a552d9c60d9ac21d4c8253d5e;hpb=0d1918752a18755bf701b82cf57fad79d9b18bc9;p=paraslash.git diff --git a/gcrypt.c b/gcrypt.c index dbe49008..e5f64688 100644 --- a/gcrypt.c +++ b/gcrypt.c @@ -46,6 +46,22 @@ void hash_function(const char *data, unsigned long len, unsigned char *hash) gcry_md_close(handle); } +void hash2_function(const char *data, unsigned long len, unsigned char *hash) +{ + gcry_error_t gret; + gcry_md_hd_t handle; + unsigned char *md; + + gret = gcry_md_open(&handle, GCRY_MD_SHA256, 0); + assert(gret == 0); + gcry_md_write(handle, data, (size_t)len); + gcry_md_final(handle); + md = gcry_md_read(handle, GCRY_MD_SHA256); + assert(md); + memcpy(hash, md, HASH2_SIZE); + gcry_md_close(handle); +} + void get_random_bytes_or_die(unsigned char *buf, int num) { gcry_randomize(buf, (size_t)num, GCRY_STRONG_RANDOM); @@ -98,7 +114,7 @@ void crypt_shutdown(void) struct asymmetric_key { gcry_sexp_t sexp; - int num_bytes; + int bits; }; static const char *gcrypt_strerror(gcry_error_t gret) @@ -390,7 +406,7 @@ static int get_private_key(const char *key_file, struct asymmetric_key **result) ret = -E_SEXP_BUILD; goto free_params; } - key = para_malloc(sizeof(*key)); + key = alloc(sizeof(*key)); key->sexp = sexp; *result = key; ret = bits; @@ -440,11 +456,11 @@ int apc_get_pubkey(const char *key_file, struct asymmetric_key **result) goto release_n; } PARA_INFO_LOG("successfully read %u bit ssh public key\n", bits); - key = para_malloc(sizeof(*key)); - key->num_bytes = ret; + key = alloc(sizeof(*key)); key->sexp = sexp; + key->bits = bits; *result = key; - ret = bits; + ret = bits / 8; release_n: gcry_mpi_release(n); release_e: @@ -462,17 +478,20 @@ void apc_free_pubkey(struct asymmetric_key *key) free(key); } -static int decode_rsa(gcry_sexp_t sexp, unsigned char *outbuf, size_t *nbytes) +static int decode_rsa(gcry_sexp_t sexp, unsigned char **outbuf, size_t *nbytes) { const char *p = gcry_sexp_nth_data(sexp, 1, nbytes); - if (!p) + if (!p) { + *outbuf = NULL; return -E_RSA_DECODE; - memcpy(outbuf, p, *nbytes); + } + *outbuf = alloc(*nbytes); + memcpy(*outbuf, p, *nbytes); return 1; } -int apc_priv_decrypt(const char *key_file, unsigned char *outbuf, +int apc_priv_decrypt(const char *key_file, unsigned char **outbuf, unsigned char *inbuf, int inlen) { gcry_error_t gret; @@ -482,6 +501,7 @@ int apc_priv_decrypt(const char *key_file, unsigned char *outbuf, gcry_sexp_t in, out, priv_key; size_t nbytes; + *outbuf = NULL; ret = check_private_key_file(key_file); if (ret < 0) return ret; @@ -540,7 +560,7 @@ free_key: } int apc_pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, - unsigned len, unsigned char *outbuf) + unsigned len, unsigned char **outbuf) { gcry_error_t gret; gcry_sexp_t pub_key, in, out, out_a; @@ -548,8 +568,7 @@ int apc_pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, size_t nbytes; int ret; - PARA_INFO_LOG("encrypting %u byte input with %d-byte key\n", len, pub->num_bytes); - + *outbuf = NULL; /* get pub key */ pub_key = gcry_sexp_find_token(pub->sexp, "public-key", 0); if (!pub_key) @@ -578,14 +597,18 @@ int apc_pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, ret = -E_SEXP_FIND; goto out_a_release; } - gret = gcry_mpi_print(GCRYMPI_FMT_USG, outbuf, 512 /* FIXME */, &nbytes, out_mpi); + *outbuf = alloc(pub->bits); + gret = gcry_mpi_print(GCRYMPI_FMT_USG, *outbuf, pub->bits, &nbytes, + out_mpi); if (gret) { + free(*outbuf); + *outbuf = NULL; PARA_ERROR_LOG("%s\n", gcrypt_strerror(gret)); ret = -E_SEXP_ENCRYPT; goto out_mpi_release; } PARA_INFO_LOG("encrypted buffer is %zu bytes\n", nbytes); - dump_buffer("enc buf", outbuf, nbytes); + dump_buffer("enc buf", *outbuf, nbytes); ret = nbytes; out_mpi_release: @@ -608,7 +631,7 @@ struct stream_cipher { struct stream_cipher *sc_new(const unsigned char *data, int len) { gcry_error_t gret; - struct stream_cipher *sc = para_malloc(sizeof(*sc)); + struct stream_cipher *sc = alloc(sizeof(*sc)); assert(len >= 2 * AES_CRT128_BLOCK_SIZE); gret = gcry_cipher_open(&sc->handle, GCRY_CIPHER_AES128,