goto out;
ct->challenge_hash = alloc(HASH2_SIZE);
if (has_feature("sha256", ct)) {
- hash2_function((char *)crypt_buf, APC_CHALLENGE_SIZE, ct->challenge_hash);
+ hash2_function((char *)crypt_buf, APC_CHALLENGE_SIZE,
+ ct->challenge_hash);
hash2_to_asc(ct->challenge_hash, buf);
} else {
- hash_function((char *)crypt_buf, APC_CHALLENGE_SIZE, ct->challenge_hash);
+ hash_function((char *)crypt_buf, APC_CHALLENGE_SIZE,
+ ct->challenge_hash);
hash_to_asc(ct->challenge_hash, buf);
}
- ct->scc.send = sc_new(crypt_buf + APC_CHALLENGE_SIZE, SESSION_KEY_LEN);
- ct->scc.recv = sc_new(crypt_buf + APC_CHALLENGE_SIZE + SESSION_KEY_LEN,
- SESSION_KEY_LEN);
+ ct->scc.send = sc_new(crypt_buf + APC_CHALLENGE_SIZE,
+ SESSION_KEY_LEN);
+ ct->scc.recv = sc_new(crypt_buf + APC_CHALLENGE_SIZE
+ + SESSION_KEY_LEN, SESSION_KEY_LEN);
PARA_INFO_LOG("--> %s\n", buf);
ct->status = CL_RECEIVED_CHALLENGE;
return 0;
struct asymmetric_key {
gcry_sexp_t sexp;
- int num_bytes;
};
static const char *gcrypt_strerror(gcry_error_t gret)
}
PARA_INFO_LOG("successfully read %u bit ssh public key\n", bits);
key = alloc(sizeof(*key));
- key->num_bytes = ret;
key->sexp = sexp;
*result = key;
ret = bits / 8;
size_t nbytes;
int ret;
- PARA_INFO_LOG("encrypting %u byte input with %d-byte key\n", len, pub->num_bytes);
-
/* get pub key */
pub_key = gcry_sexp_find_token(pub->sexp, "public-key", 0);
if (!pub_key)
}
/*
- * Read 64 bytes from /dev/urandom and add them to the SSL PRNG. Seed the PRNG
- * used by random(3) with a random seed obtained from SSL. If /dev/urandom is
- * not readable, the function calls exit().
- *
- * \sa RAND_load_file(3), \ref get_random_bytes_or_die(), srandom(3),
- * random(3), \ref para_random().
+ * Read 64 bytes from /dev/urandom and add them to the SSL PRNG. Then seed the
+ * PRNG used by random(3) with a random seed obtained from SSL.
*/
void crypt_init(void)
{
return bnsize + 4;
}
-static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result)
+static int read_public_key(const unsigned char *blob, int blen, RSA **result)
{
int ret;
RSA *rsa;
return *rsa? RSA_size(*rsa) : -E_PRIVATE_KEY;
}
-static int read_private_rsa_params(const unsigned char *blob,
+static int read_openssh_private_key(const unsigned char *blob,
const unsigned char *end, RSA **result)
{
int ret;
rsa->n = n;
rsa->e = e;
rsa->d = d;
+ rsa->iqmp = iqmp;
rsa->p = p;
rsa->q = q;
rsa->dmp1 = dmp1;
rsa->dmq1 = dmq1;
- rsa->iqmp = iqmp;
#endif
*result = rsa;
ret = 1;
if (ret < 0)
goto free_blob;
PARA_INFO_LOG("reading RSA params at offset %d\n", ret);
- ret = read_private_rsa_params(blob + ret, end, rsa);
+ ret = read_openssh_private_key(blob + ret, end, rsa);
} else
ret = read_pem_private_key(path, rsa);
free_blob:
unsigned char *blob;
size_t decoded_size;
int ret;
- struct asymmetric_key *key = alloc(sizeof(*key));
+ struct asymmetric_key *pub = alloc(sizeof(*pub));
ret = decode_public_key(key_file, &blob, &decoded_size);
if (ret < 0)
goto out;
- ret = read_rsa_bignums(blob + ret, decoded_size - ret, &key->rsa);
+ ret = read_public_key(blob + ret, decoded_size - ret, &pub->rsa);
if (ret < 0)
goto free_blob;
- ret = RSA_size(key->rsa);
+ ret = RSA_size(pub->rsa);
assert(ret > 0);
- *result = key;
+ *result = pub;
free_blob:
free(blob);
out:
if (ret < 0) {
- free(key);
+ free(pub);
*result = NULL;
PARA_ERROR_LOG("can not load key %s\n", key_file);
}
return ret;
}
-void apc_free_pubkey(struct asymmetric_key *key)
+void apc_free_pubkey(struct asymmetric_key *pub)
{
- if (!key)
+ if (!pub)
return;
- RSA_free(key->rsa);
- free(key);
+ RSA_free(pub->rsa);
+ free(pub);
}
int apc_priv_decrypt(const char *key_file, unsigned char *outbuf,