+ /*
+ * RSA is vulnerable to timing attacks. Generate a random blinding
+ * factor to protect against this kind of attack.
+ */
+ ret = -E_BLINDING;
+ if (RSA_blinding_on(priv->rsa, NULL) == 0)
+ goto out;
+ ret = RSA_private_decrypt(inlen, inbuf, outbuf, priv->rsa,
+ RSA_PKCS1_OAEP_PADDING);
+ RSA_blinding_off(priv->rsa);
+ if (ret <= 0)
+ ret = -E_DECRYPT;
+out:
+ free_asymmetric_key(priv);
+ return ret;
+}
+
+/**
+ * Encrypt a buffer using an RSA key
+ *
+ * \param pub: The public key.
+ * \param inbuf The input buffer.
+ * \param len The length of \a inbuf.
+ * \param outbuf The output buffer.
+ *
+ * \return The size of the encrypted data on success, negative on errors.
+ *
+ * \sa RSA_public_encrypt(3)
+ */
+int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf,
+ unsigned len, unsigned char *outbuf)
+{
+ int ret, flen = len; /* RSA_public_encrypt expects a signed int */
+
+ if (flen < 0)
+ return -E_ENCRYPT;
+ ret = RSA_public_encrypt(flen, inbuf, outbuf, pub->rsa,
+ RSA_PKCS1_OAEP_PADDING);
+ return ret < 0? -E_ENCRYPT : ret;
+}
+
+struct stream_cipher {
+ RC4_KEY key;
+};
+
+/**
+ * Allocate and initialize a stream cipher structure.
+ *
+ * \param data The key.
+ * \param len The size of the key.
+ *
+ * \return A new stream cipher structure.
+ */
+struct stream_cipher *sc_new(const unsigned char *data, int len)
+{
+ struct stream_cipher *sc = para_malloc(sizeof(*sc));
+ RC4_set_key(&sc->key, len, data);
+ return sc;
+}
+
+/**
+ * Deallocate a stream cipher structure.
+ *
+ * \param sc A stream cipher previously obtained by sc_new().
+ */
+void sc_free(struct stream_cipher *sc)
+{
+ free(sc);