diff options
-rw-r--r-- | include/libssh/keys.h | 1 | ||||
-rw-r--r-- | src/keys.c | 95 |
2 files changed, 0 insertions, 96 deletions
diff --git a/include/libssh/keys.h b/include/libssh/keys.h index 4a9f9ab..85194f1 100644 --- a/include/libssh/keys.h +++ b/include/libssh/keys.h @@ -80,6 +80,5 @@ ssh_string ssh_do_sign_with_agent(struct ssh_session_struct *session, struct ssh_buffer_struct *buf, struct ssh_public_key_struct *publickey); ssh_string ssh_do_sign(ssh_session session,ssh_buffer sigbuf, ssh_private_key privatekey); -ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey); #endif /* KEYS_H_ */ @@ -484,101 +484,6 @@ ssh_string ssh_do_sign(ssh_session session, ssh_buffer sigbuf, return signature; } - -/* this function signs the session id */ -ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey) { - struct ssh_crypto_struct *crypto=session->current_crypto ? session->current_crypto : - session->next_crypto; - unsigned char hash[SHA_DIGEST_LEN + 1] = {0}; - ssh_string signature = NULL; - SIGNATURE *sign = NULL; - SHACTX ctx = NULL; -#ifdef HAVE_LIBGCRYPT - gcry_sexp_t data_sexp; -#endif - - ctx = sha1_init(); - if (ctx == NULL) { - return NULL; - } - sha1_update(ctx,crypto->session_id,SHA_DIGEST_LEN); - sha1_final(hash + 1,ctx); - hash[0] = 0; - -#ifdef DEBUG_CRYPTO - ssh_print_hexa("Hash being signed with dsa",hash+1,SHA_DIGEST_LEN); -#endif - - sign = malloc(sizeof(SIGNATURE)); - if (sign == NULL) { - return NULL; - } - - switch(privatekey->type) { - case SSH_KEYTYPE_DSS: -#ifdef HAVE_LIBGCRYPT - if (gcry_sexp_build(&data_sexp, NULL, "%b", SHA_DIGEST_LEN + 1, hash) || - gcry_pk_sign(&sign->dsa_sign, data_sexp, privatekey->dsa_priv)) { - ssh_set_error(session, SSH_FATAL, "Signing: libgcrypt error"); - gcry_sexp_release(data_sexp); - signature_free(sign); - return NULL; - } -#elif defined HAVE_LIBCRYPTO - sign->dsa_sign = DSA_do_sign(hash + 1, SHA_DIGEST_LEN, - privatekey->dsa_priv); - if (sign->dsa_sign == NULL) { - ssh_set_error(session, SSH_FATAL, "Signing: openssl error"); - signature_free(sign); - return NULL; - } - -#ifdef DEBUG_CRYPTO - ssh_print_bignum("r",sign->dsa_sign->r); - ssh_print_bignum("s",sign->dsa_sign->s); -#endif - -#endif /* HAVE_LIBCRYPTO */ - sign->rsa_sign = NULL; - break; - case SSH_KEYTYPE_RSA: -#ifdef HAVE_LIBGCRYPT - if (gcry_sexp_build(&data_sexp, NULL, "(data(flags pkcs1)(hash sha1 %b))", - SHA_DIGEST_LEN, hash + 1) || - gcry_pk_sign(&sign->rsa_sign, data_sexp, privatekey->rsa_priv)) { - ssh_set_error(session, SSH_FATAL, "Signing: libgcrypt error"); - gcry_sexp_release(data_sexp); - signature_free(sign); - return NULL; - } -#elif defined HAVE_LIBCRYPTO - sign->rsa_sign = RSA_do_sign(hash + 1, SHA_DIGEST_LEN, - privatekey->rsa_priv); - if (sign->rsa_sign == NULL) { - ssh_set_error(session, SSH_FATAL, "Signing: openssl error"); - signature_free(sign); - return NULL; - } -#endif - sign->dsa_sign = NULL; - break; - default: - signature_free(sign); - return NULL; - } - -#ifdef HAVE_LIBGCRYPT - gcry_sexp_release(data_sexp); -#endif - - sign->type = privatekey->type; - - signature = signature_to_string(sign); - signature_free(sign); - - return signature; -} - /** @} */ /* vim: set ts=4 sw=4 et cindent: */ |