pki: Add ssh_srv_pki_do_sign_sessionid().

author: Andreas Schneider <asn@cryptomilk.org> 2011-08-22 13:48:25 +0200
committer: Andreas Schneider <asn@cryptomilk.org> 2011-08-22 13:48:25 +0200
commit: 79ffd49940a526d647320c9b7ca6b26f3693e8ba (patch)
tree: ddf360c9cce0efda78634aaa13e600c216cc49eb /src/pki_gcrypt.c
parent: a2e08697b1a24066c9870fe4bd61133de7f2663c (diff)
download: libssh-79ffd49940a526d647320c9b7ca6b26f3693e8ba.tar.gz
libssh-79ffd49940a526d647320c9b7ca6b26f3693e8ba.tar.xz
libssh-79ffd49940a526d647320c9b7ca6b26f3693e8ba.zip
1 files changed, 58 insertions, 0 deletions
diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c
index 1bcfae2c..9e554677 100644
--- a/src/pki_gcrypt.c
+++ b/src/pki_gcrypt.c
@@ -1355,6 +1355,64 @@ struct signature_struct *pki_do_sign(ssh_key privatekey,
     return sign;
 }
 
+#ifdef WITH_SERVER
+ssh_signature pki_do_sign_sessionid(const ssh_key key,
+                                    const unsigned char *hash)
+{
+    ssh_signature sig;
+    gcry_sexp_t sexp;
+    gcry_error_t err;
+
+    sig = ssh_signature_new();
+    if (sig == NULL) {
+        return NULL;
+    }
+    sig->type = key->type;
+
+    switch(key->type) {
+        case SSH_KEYTYPE_DSS:
+            err = gcry_sexp_build(&sexp,
+                                  NULL,
+                                  "%b",
+                                  SHA_DIGEST_LEN + 1,
+                                  hash);
+            if (err) {
+                ssh_signature_free(sig);
+                return NULL;
+            }
+            err = gcry_pk_sign(&sig->dsa_sig, sexp, key->dsa);
+            gcry_sexp_release(sexp);
+            if (err) {
+                ssh_signature_free(sig);
+                return NULL;
+            }
+            break;
+        case SSH_KEYTYPE_RSA:
+        case SSH_KEYTYPE_RSA1:
+            err = gcry_sexp_build(&sexp,
+                                  NULL,
+                                  "(data(flags pkcs1)(hash sha1 %b))",
+                                  SHA_DIGEST_LEN,
+                                  hash + 1);
+            if (err) {
+                ssh_signature_free(sig);
+                return NULL;
+            }
+            err = gcry_pk_sign(&sig->rsa_sig, sexp, key->rsa);
+            gcry_sexp_release(sexp);
+            if (err) {
+                ssh_signature_free(sig);
+                return NULL;
+            }
+            break;
+        case SSH_KEYTYPE_ECDSA:
+        case SSH_KEYTYPE_UNKNOWN:
+            return NULL;
+    }
+
+    return sig;
+}
+#endif /* WITH_SERVER */
 #endif /* HAVE_LIBGCRYPT */
 
 /**
author	Andreas Schneider <asn@cryptomilk.org>	2011-08-22 13:48:25 +0200
committer	Andreas Schneider <asn@cryptomilk.org>	2011-08-22 13:48:25 +0200
commit	79ffd49940a526d647320c9b7ca6b26f3693e8ba (patch)
tree	ddf360c9cce0efda78634aaa13e600c216cc49eb /src/pki_gcrypt.c
parent	a2e08697b1a24066c9870fe4bd61133de7f2663c (diff)
download	libssh-79ffd49940a526d647320c9b7ca6b26f3693e8ba.tar.gz libssh-79ffd49940a526d647320c9b7ca6b26f3693e8ba.tar.xz libssh-79ffd49940a526d647320c9b7ca6b26f3693e8ba.zip