diff options
| author | Andreas Schneider <asn@cryptomilk.org> | 2011-08-22 13:58:02 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2011-08-22 13:58:02 +0200 |
| commit | d6829d073c47040664f0174588b90f937c58871a (patch) | |
| tree | 1aa66fa57e18ac4f464afb87ad74720897f5afe0 /src/kex.c | |
| parent | 79ffd49940a526d647320c9b7ca6b26f3693e8ba (diff) | |
| download | libssh-d6829d073c47040664f0174588b90f937c58871a.tar.gz libssh-d6829d073c47040664f0174588b90f937c58871a.tar.xz libssh-d6829d073c47040664f0174588b90f937c58871a.zip | |
kex: Move ssh_encrypt_rsa1 to SSHv1 kex code.
Diffstat (limited to 'src/kex.c')
| -rw-r--r-- | src/kex.c | 66 |
1 files changed, 66 insertions, 0 deletions
@@ -570,6 +570,72 @@ static int modulus_smaller(ssh_public_key k1, ssh_public_key k2){ } +static ssh_string ssh_encrypt_rsa1(ssh_session session, + ssh_string data, + ssh_public_key key) { + ssh_string str = NULL; + size_t len = ssh_string_len(data); + size_t size = 0; +#ifdef HAVE_LIBGCRYPT + const char *tmp = NULL; + gcry_sexp_t ret_sexp; + gcry_sexp_t data_sexp; + + if (gcry_sexp_build(&data_sexp, NULL, "(data(flags pkcs1)(value %b))", + len, ssh_string_data(data))) { + ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error"); + return NULL; + } + if (gcry_pk_encrypt(&ret_sexp, data_sexp, key->rsa_pub)) { + gcry_sexp_release(data_sexp); + ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error"); + return NULL; + } + + gcry_sexp_release(data_sexp); + + data_sexp = gcry_sexp_find_token(ret_sexp, "a", 0); + if (data_sexp == NULL) { + ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error"); + gcry_sexp_release(ret_sexp); + return NULL; + } + tmp = gcry_sexp_nth_data(data_sexp, 1, &size); + if (*tmp == 0) { + size--; + tmp++; + } + + str = ssh_string_new(size); + if (str == NULL) { + ssh_set_error(session, SSH_FATAL, "Not enough space"); + gcry_sexp_release(data_sexp); + gcry_sexp_release(ret_sexp); + return NULL; + } + ssh_string_fill(str, tmp, size); + + gcry_sexp_release(data_sexp); + gcry_sexp_release(ret_sexp); +#elif defined HAVE_LIBCRYPTO + size = RSA_size(key->rsa_pub); + + str = ssh_string_new(size); + if (str == NULL) { + ssh_set_error(session, SSH_FATAL, "Not enough space"); + return NULL; + } + + if (RSA_public_encrypt(len, ssh_string_data(data), ssh_string_data(str), key->rsa_pub, + RSA_PKCS1_PADDING) < 0) { + ssh_string_free(str); + return NULL; + } +#endif + + return str; +} + #define ABS(A) ( (A)<0 ? -(A):(A) ) static ssh_string encrypt_session_key(ssh_session session, ssh_public_key srvkey, ssh_public_key hostkey, int slen, int hlen) { |