aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/libssh/keys.h5
-rw-r--r--src/keys.c140
2 files changed, 0 insertions, 145 deletions
diff --git a/include/libssh/keys.h b/include/libssh/keys.h
index f9f683f..1fdc8af 100644
--- a/include/libssh/keys.h
+++ b/include/libssh/keys.h
@@ -71,12 +71,7 @@ ssh_public_key publickey_make_dss(ssh_session session, ssh_buffer buffer);
ssh_public_key publickey_make_rsa(ssh_session session, ssh_buffer buffer, int type);
ssh_public_key publickey_from_string(ssh_session session, ssh_string pubkey_s);
ssh_string signature_to_string(SIGNATURE *sign);
-#if defined HAVE_LIBCRYPTO
-ssh_string RSA_do_sign(const unsigned char *payload, int len, RSA *privkey);
-#endif
SIGNATURE *signature_from_string(ssh_session session, ssh_string signature,ssh_public_key pubkey,int needed_type);
void signature_free(SIGNATURE *sign);
-ssh_string ssh_do_sign(ssh_session session,ssh_buffer sigbuf,
- ssh_private_key privatekey);
#endif /* KEYS_H_ */
diff --git a/src/keys.c b/src/keys.c
index 78b0616..e12fb39 100644
--- a/src/keys.c
+++ b/src/keys.c
@@ -295,146 +295,6 @@ void signature_free(SIGNATURE *sign) {
SAFE_FREE(sign);
}
-#ifdef HAVE_LIBCRYPTO
-/*
- * Maybe the missing function from libcrypto
- *
- * I think now, maybe it's a bad idea to name it has it should have be
- * named in libcrypto
- */
-ssh_string RSA_do_sign(const unsigned char *payload, int len, RSA *privkey) {
- ssh_string sign = NULL;
- unsigned char *buffer = NULL;
- unsigned int size;
-
- buffer = malloc(RSA_size(privkey));
- if (buffer == NULL) {
- return NULL;
- }
-
- if (RSA_sign(NID_sha1, payload, len, buffer, &size, privkey) == 0) {
- SAFE_FREE(buffer);
- return NULL;
- }
-
- sign = ssh_string_new(size);
- if (sign == NULL) {
- SAFE_FREE(buffer);
- return NULL;
- }
-
- ssh_string_fill(sign, buffer, size);
- SAFE_FREE(buffer);
-
- return sign;
-}
-#endif
-
-/*
- * This function signs the session id (known as H) as a string then
- * the content of sigbuf */
-ssh_string ssh_do_sign(ssh_session session, ssh_buffer sigbuf,
- ssh_private_key privatekey) {
- struct ssh_crypto_struct *crypto = session->current_crypto ? session->current_crypto :
- session->next_crypto;
- unsigned char hash[SHA_DIGEST_LEN + 1] = {0};
- ssh_string session_str = NULL;
- ssh_string signature = NULL;
- SIGNATURE *sign = NULL;
- SHACTX ctx = NULL;
-#ifdef HAVE_LIBGCRYPT
- gcry_sexp_t gcryhash;
-#endif
-
- session_str = ssh_string_new(crypto->digest_len);
- if (session_str == NULL) {
- return NULL;
- }
- ssh_string_fill(session_str, crypto->session_id, crypto->digest_len);
-
- ctx = sha1_init();
- if (ctx == NULL) {
- ssh_string_free(session_str);
- return NULL;
- }
-
- sha1_update(ctx, session_str, ssh_string_len(session_str) + 4);
- ssh_string_free(session_str);
- sha1_update(ctx, buffer_get_rest(sigbuf), buffer_get_rest_len(sigbuf));
- sha1_final(hash + 1,ctx);
- hash[0] = 0;
-
-#ifdef DEBUG_CRYPTO
- ssh_print_hexa("Hash being signed with dsa", hash + 1, SHA_DIGEST_LEN);
-#endif
-
- sign = malloc(sizeof(SIGNATURE));
- if (sign == NULL) {
- return NULL;
- }
-
- switch(privatekey->type) {
- case SSH_KEYTYPE_DSS:
-#ifdef HAVE_LIBGCRYPT
- if (gcry_sexp_build(&gcryhash, NULL, "%b", SHA_DIGEST_LEN + 1, hash) ||
- gcry_pk_sign(&sign->dsa_sign, gcryhash, privatekey->dsa_priv)) {
- ssh_set_error(session, SSH_FATAL, "Signing: libcrypt error");
- gcry_sexp_release(gcryhash);
- signature_free(sign);
- return NULL;
- }
-#elif defined HAVE_LIBCRYPTO
- sign->dsa_sign = DSA_do_sign(hash + 1, SHA_DIGEST_LEN,
- privatekey->dsa_priv);
- if (sign->dsa_sign == NULL) {
- ssh_set_error(session, SSH_FATAL, "Signing: openssl error");
- signature_free(sign);
- return NULL;
- }
-#ifdef DEBUG_CRYPTO
- ssh_print_bignum("r", sign->dsa_sign->r);
- ssh_print_bignum("s", sign->dsa_sign->s);
-#endif
-#endif /* HAVE_LIBCRYPTO */
- sign->rsa_sign = NULL;
- break;
- case SSH_KEYTYPE_RSA:
-#ifdef HAVE_LIBGCRYPT
- if (gcry_sexp_build(&gcryhash, NULL, "(data(flags pkcs1)(hash sha1 %b))",
- SHA_DIGEST_LEN, hash + 1) ||
- gcry_pk_sign(&sign->rsa_sign, gcryhash, privatekey->rsa_priv)) {
- ssh_set_error(session, SSH_FATAL, "Signing: libcrypt error");
- gcry_sexp_release(gcryhash);
- signature_free(sign);
- return NULL;
- }
-#elif defined HAVE_LIBCRYPTO
- sign->rsa_sign = RSA_do_sign(hash + 1, SHA_DIGEST_LEN,
- privatekey->rsa_priv);
- if (sign->rsa_sign == NULL) {
- ssh_set_error(session, SSH_FATAL, "Signing: openssl error");
- signature_free(sign);
- return NULL;
- }
-#endif
- sign->dsa_sign = NULL;
- break;
- default:
- signature_free(sign);
- return NULL;
- }
-#ifdef HAVE_LIBGCRYPT
- gcry_sexp_release(gcryhash);
-#endif
-
- sign->type = privatekey->type;
-
- signature = signature_to_string(sign);
- signature_free(sign);
-
- return signature;
-}
-
/** @} */
/* vim: set ts=4 sw=4 et cindent: */