version 1.13, 2019/01/20 22:54:30 |
version 1.14, 2019/01/20 22:57:45 |
|
|
static int |
static int |
rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding) |
rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding) |
{ |
{ |
struct sshkey key; /* XXX */ |
struct sshkey *key = NULL; |
u_char *blob, *signature = NULL; |
struct sshbuf *msg = NULL; |
|
u_char *blob = NULL, *signature = NULL; |
size_t blen, slen = 0; |
size_t blen, slen = 0; |
int r, ret = -1; |
int r, ret = -1; |
struct sshbuf *msg; |
|
|
|
if (padding != RSA_PKCS1_PADDING) |
if (padding != RSA_PKCS1_PADDING) |
return (-1); |
goto fail; |
key.type = KEY_RSA; |
key = sshkey_new(KEY_UNSPEC); |
key.rsa = rsa; |
if (key == NULL) { |
if ((r = sshkey_to_blob(&key, &blob, &blen)) != 0) { |
error("%s: sshkey_new failed", __func__); |
|
goto fail; |
|
} |
|
key->type = KEY_RSA; |
|
RSA_up_ref(rsa); |
|
key->rsa = rsa; |
|
if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { |
error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); |
error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); |
return -1; |
goto fail; |
} |
} |
if ((msg = sshbuf_new()) == NULL) |
if ((msg = sshbuf_new()) == NULL) |
fatal("%s: sshbuf_new failed", __func__); |
fatal("%s: sshbuf_new failed", __func__); |
|
|
(r = sshbuf_put_string(msg, from, flen)) != 0 || |
(r = sshbuf_put_string(msg, from, flen)) != 0 || |
(r = sshbuf_put_u32(msg, 0)) != 0) |
(r = sshbuf_put_u32(msg, 0)) != 0) |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
free(blob); |
|
send_msg(msg); |
send_msg(msg); |
sshbuf_reset(msg); |
sshbuf_reset(msg); |
|
|
|
|
} |
} |
free(signature); |
free(signature); |
} |
} |
|
fail: |
|
free(blob); |
|
sshkey_free(key); |
sshbuf_free(msg); |
sshbuf_free(msg); |
return (ret); |
return (ret); |
} |
} |
|
|
ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, |
ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, |
const BIGNUM *rp, EC_KEY *ec) |
const BIGNUM *rp, EC_KEY *ec) |
{ |
{ |
struct sshkey key; /* XXX */ |
struct sshkey *key = NULL; |
u_char *blob, *signature = NULL; |
struct sshbuf *msg = NULL; |
|
ECDSA_SIG *ret = NULL; |
const u_char *cp; |
const u_char *cp; |
|
u_char *blob = NULL, *signature = NULL; |
size_t blen, slen = 0; |
size_t blen, slen = 0; |
ECDSA_SIG *ret = NULL; |
int r, nid; |
struct sshbuf *msg; |
|
int r; |
|
|
|
key.type = KEY_ECDSA; |
nid = sshkey_ecdsa_key_to_nid(ec); |
key.ecdsa = ec; |
if (nid < 0) { |
key.ecdsa_nid = sshkey_ecdsa_key_to_nid(ec); |
|
if (key.ecdsa_nid < 0) { |
|
error("%s: couldn't get curve nid", __func__); |
error("%s: couldn't get curve nid", __func__); |
return (NULL); |
goto fail; |
} |
} |
if ((r = sshkey_to_blob(&key, &blob, &blen)) != 0) { |
|
|
key = sshkey_new(KEY_UNSPEC); |
|
if (key == NULL) { |
|
error("%s: sshkey_new failed", __func__); |
|
goto fail; |
|
} |
|
key->ecdsa = ec; |
|
key->ecdsa_nid = nid; |
|
key->type = KEY_ECDSA; |
|
EC_KEY_up_ref(ec); |
|
|
|
if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { |
error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); |
error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); |
return (NULL); |
goto fail; |
} |
} |
if ((msg = sshbuf_new()) == NULL) |
if ((msg = sshbuf_new()) == NULL) |
fatal("%s: sshbuf_new failed", __func__); |
fatal("%s: sshbuf_new failed", __func__); |
|
|
(r = sshbuf_put_string(msg, dgst, dgst_len)) != 0 || |
(r = sshbuf_put_string(msg, dgst, dgst_len)) != 0 || |
(r = sshbuf_put_u32(msg, 0)) != 0) |
(r = sshbuf_put_u32(msg, 0)) != 0) |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
free(blob); |
|
send_msg(msg); |
send_msg(msg); |
sshbuf_reset(msg); |
sshbuf_reset(msg); |
|
|
|
|
free(signature); |
free(signature); |
} |
} |
|
|
|
fail: |
|
free(blob); |
|
sshkey_free(key); |
sshbuf_free(msg); |
sshbuf_free(msg); |
return (ret); |
return (ret); |
} |
} |