aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/libssh/keys.h1
-rw-r--r--src/keys.c95
2 files changed, 0 insertions, 96 deletions
diff --git a/include/libssh/keys.h b/include/libssh/keys.h
index 4a9f9ab..85194f1 100644
--- a/include/libssh/keys.h
+++ b/include/libssh/keys.h
@@ -80,6 +80,5 @@ ssh_string ssh_do_sign_with_agent(struct ssh_session_struct *session,
struct ssh_buffer_struct *buf, struct ssh_public_key_struct *publickey);
ssh_string ssh_do_sign(ssh_session session,ssh_buffer sigbuf,
ssh_private_key privatekey);
-ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey);
#endif /* KEYS_H_ */
diff --git a/src/keys.c b/src/keys.c
index eb14169..1ab02a9 100644
--- a/src/keys.c
+++ b/src/keys.c
@@ -484,101 +484,6 @@ ssh_string ssh_do_sign(ssh_session session, ssh_buffer sigbuf,
return signature;
}
-
-/* this function signs the session id */
-ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey) {
- struct ssh_crypto_struct *crypto=session->current_crypto ? session->current_crypto :
- session->next_crypto;
- unsigned char hash[SHA_DIGEST_LEN + 1] = {0};
- ssh_string signature = NULL;
- SIGNATURE *sign = NULL;
- SHACTX ctx = NULL;
-#ifdef HAVE_LIBGCRYPT
- gcry_sexp_t data_sexp;
-#endif
-
- ctx = sha1_init();
- if (ctx == NULL) {
- return NULL;
- }
- sha1_update(ctx,crypto->session_id,SHA_DIGEST_LEN);
- sha1_final(hash + 1,ctx);
- hash[0] = 0;
-
-#ifdef DEBUG_CRYPTO
- ssh_print_hexa("Hash being signed with dsa",hash+1,SHA_DIGEST_LEN);
-#endif
-
- sign = malloc(sizeof(SIGNATURE));
- if (sign == NULL) {
- return NULL;
- }
-
- switch(privatekey->type) {
- case SSH_KEYTYPE_DSS:
-#ifdef HAVE_LIBGCRYPT
- if (gcry_sexp_build(&data_sexp, NULL, "%b", SHA_DIGEST_LEN + 1, hash) ||
- gcry_pk_sign(&sign->dsa_sign, data_sexp, privatekey->dsa_priv)) {
- ssh_set_error(session, SSH_FATAL, "Signing: libgcrypt error");
- gcry_sexp_release(data_sexp);
- signature_free(sign);
- return NULL;
- }
-#elif defined HAVE_LIBCRYPTO
- sign->dsa_sign = DSA_do_sign(hash + 1, SHA_DIGEST_LEN,
- privatekey->dsa_priv);
- if (sign->dsa_sign == NULL) {
- ssh_set_error(session, SSH_FATAL, "Signing: openssl error");
- signature_free(sign);
- return NULL;
- }
-
-#ifdef DEBUG_CRYPTO
- ssh_print_bignum("r",sign->dsa_sign->r);
- ssh_print_bignum("s",sign->dsa_sign->s);
-#endif
-
-#endif /* HAVE_LIBCRYPTO */
- sign->rsa_sign = NULL;
- break;
- case SSH_KEYTYPE_RSA:
-#ifdef HAVE_LIBGCRYPT
- if (gcry_sexp_build(&data_sexp, NULL, "(data(flags pkcs1)(hash sha1 %b))",
- SHA_DIGEST_LEN, hash + 1) ||
- gcry_pk_sign(&sign->rsa_sign, data_sexp, privatekey->rsa_priv)) {
- ssh_set_error(session, SSH_FATAL, "Signing: libgcrypt error");
- gcry_sexp_release(data_sexp);
- signature_free(sign);
- return NULL;
- }
-#elif defined HAVE_LIBCRYPTO
- sign->rsa_sign = RSA_do_sign(hash + 1, SHA_DIGEST_LEN,
- privatekey->rsa_priv);
- if (sign->rsa_sign == NULL) {
- ssh_set_error(session, SSH_FATAL, "Signing: openssl error");
- signature_free(sign);
- return NULL;
- }
-#endif
- sign->dsa_sign = NULL;
- break;
- default:
- signature_free(sign);
- return NULL;
- }
-
-#ifdef HAVE_LIBGCRYPT
- gcry_sexp_release(data_sexp);
-#endif
-
- sign->type = privatekey->type;
-
- signature = signature_to_string(sign);
- signature_free(sign);
-
- return signature;
-}
-
/** @} */
/* vim: set ts=4 sw=4 et cindent: */