#include "crypt.h"
#include "crypt_backend.h"
#include "fd.h"
+#include "base64.h"
//#define GCRYPT_DEBUG 1
key[j++] = begin[i];
}
key[j] = '\0';
- blob_size = key_size * 2;
- blob = para_malloc(blob_size);
- ret = base64_decode(key, blob, blob_size);
+ ret = base64_decode(key, j, (char **)&blob, &blob_size);
free(key);
if (ret < 0)
goto free_unmap;
+ ret = blob_size;
goto unmap;
free_unmap:
free(blob);
for (i = 0; i < num_bytes; i++, cp++)
bn_size = (bn_size << 8) + *cp;
}
- PARA_DEBUG_LOG("bn_size %d (0x%x)\n", bn_size, bn_size);
+ PARA_DEBUG_LOG("bn_size %d (0x%x)\n", bn_size, (unsigned)bn_size);
gret = gcry_mpi_scan(bn, GCRYMPI_FMT_STD, cp, bn_size, NULL);
if (gret) {
PARA_ERROR_LOG("%s while scanning n\n",
key->num_bytes = n_size;
*result = key;
ret = n_size;
- PARA_INFO_LOG("successfully read %u bit asn public key\n", n_size * 8);
+ PARA_INFO_LOG("successfully read %d bit asn public key\n", n_size * 8);
release_e:
gcry_mpi_release(e);
gcry_mpi_t e = NULL, n = NULL;
PARA_DEBUG_LOG("decoding %d byte public rsa-ssh key\n", size);
- if (size > INT_MAX / 4)
- return -ERRNO_TO_PARA_ERROR(EOVERFLOW);
- blob = para_malloc(2 * size);
- ret = uudecode((char *)data, blob, 2 * size);
+ ret = uudecode((char *)data, size, (char **)&blob, &decoded_size);
if (ret < 0)
goto free_blob;
- decoded_size = ret;
end = blob + decoded_size;
dump_buffer("decoded key", blob, decoded_size);
ret = check_ssh_key_header(blob, decoded_size);
goto release_n;
}
ret = nr_scanned / 32 * 32;
- PARA_INFO_LOG("successfully read %u bit ssh public key\n", ret * 8);
+ PARA_INFO_LOG("successfully read %d bit ssh public key\n", ret * 8);
release_n:
gcry_mpi_release(n);
release_e:
gcry_sexp_t in, out, priv_key;
size_t nbytes;
+ ret = check_key_file(key_file, true);
+ if (ret < 0)
+ return ret;
PARA_INFO_LOG("decrypting %d byte input\n", inlen);
/* key_file -> asymmetric key priv */
ret = get_private_key(key_file, &priv);
gcry_cipher_hd_t handle;
};
-struct stream_cipher *sc_new(const unsigned char *data, int len,
- bool use_aes)
+struct stream_cipher *sc_new(const unsigned char *data, int len)
{
gcry_error_t gret;
struct stream_cipher *sc = para_malloc(sizeof(*sc));
- if (use_aes) {
- assert(len >= 2 * AES_CRT128_BLOCK_SIZE);
- gret = gcry_cipher_open(&sc->handle, GCRY_CIPHER_AES128,
- GCRY_CIPHER_MODE_CTR, 0);
- assert(gret == 0);
- gret = gcry_cipher_setkey(sc->handle, data,
- AES_CRT128_BLOCK_SIZE);
- assert(gret == 0);
- gret = gcry_cipher_setctr(sc->handle,
- data + AES_CRT128_BLOCK_SIZE, AES_CRT128_BLOCK_SIZE);
- assert(gret == 0);
- return sc;
- }
- gret = gcry_cipher_open(&sc->handle, GCRY_CIPHER_ARCFOUR,
- GCRY_CIPHER_MODE_STREAM, 0);
- if (gret) {
- PARA_ERROR_LOG("%s\n", gcrypt_strerror(gret));
- free(sc);
- return NULL;
- }
- gret = gcry_cipher_setkey(sc->handle, data, (size_t)len);
+ assert(len >= 2 * AES_CRT128_BLOCK_SIZE);
+ gret = gcry_cipher_open(&sc->handle, GCRY_CIPHER_AES128,
+ GCRY_CIPHER_MODE_CTR, 0);
+ assert(gret == 0);
+ gret = gcry_cipher_setkey(sc->handle, data,
+ AES_CRT128_BLOCK_SIZE);
+ assert(gret == 0);
+ gret = gcry_cipher_setctr(sc->handle,
+ data + AES_CRT128_BLOCK_SIZE, AES_CRT128_BLOCK_SIZE);
assert(gret == 0);
return sc;
}