diff options
| author | dartraiden <wowemuh@gmail.com> | 2019-06-20 22:31:19 +0300 |
|---|---|---|
| committer | dartraiden <wowemuh@gmail.com> | 2019-06-20 22:31:19 +0300 |
| commit | 1d72e07ffb7b349ac9a8f825eae7cce082b5e2cd (patch) | |
| tree | 03a97724b412a04a7a3848dc8c5edb24b2d29c0e /libs/libssh2/src/libgcrypt.c | |
| parent | fdf29bb66f0b9be0b8518db0a827cc2bd20a38ac (diff) | |
iibssh2: update to 1.9.0
Diffstat (limited to 'libs/libssh2/src/libgcrypt.c')
| -rw-r--r-- | libs/libssh2/src/libgcrypt.c | 184 |
1 files changed, 112 insertions, 72 deletions
diff --git a/libs/libssh2/src/libgcrypt.c b/libs/libssh2/src/libgcrypt.c index 366d007a34..0aff176a61 100644 --- a/libs/libssh2/src/libgcrypt.c +++ b/libs/libssh2/src/libgcrypt.c @@ -66,17 +66,18 @@ _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, (void) e2data; (void) e2len; - if (ddata) { + if(ddata) { rc = gcry_sexp_build (rsa, NULL, "(private-key(rsa(n%b)(e%b)(d%b)(q%b)(p%b)(u%b)))", nlen, ndata, elen, edata, dlen, ddata, plen, pdata, qlen, qdata, coefflen, coeffdata); - } else { + } + else { rc = gcry_sexp_build(rsa, NULL, "(public-key(rsa(n%b)(e%b)))", nlen, ndata, elen, edata); } - if (rc) { + if(rc) { *rsa = NULL; return -1; } @@ -99,12 +100,12 @@ _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa, rc = gcry_sexp_build(&s_hash, NULL, "(data (flags pkcs1) (hash sha1 %b))", SHA_DIGEST_LENGTH, hash); - if (rc != 0) { + if(rc != 0) { return -1; } rc = gcry_sexp_build(&s_sig, NULL, "(sig-val(rsa(s %b)))", sig_len, sig); - if (rc != 0) { + if(rc != 0) { gcry_sexp_release(s_hash); return -1; } @@ -130,18 +131,19 @@ _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, { int rc; - if (x_len) { + if(x_len) { rc = gcry_sexp_build (dsactx, NULL, "(private-key(dsa(p%b)(q%b)(g%b)(y%b)(x%b)))", p_len, p, q_len, q, g_len, g, y_len, y, x_len, x); - } else { + } + else { rc = gcry_sexp_build(dsactx, NULL, "(public-key(dsa(p%b)(q%b)(g%b)(y%b)))", p_len, p, q_len, q, g_len, g, y_len, y); } - if (rc) { + if(rc) { *dsactx = NULL; return -1; } @@ -172,84 +174,83 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa, unsigned char *n, *e, *d, *p, *q, *e1, *e2, *coeff; unsigned int nlen, elen, dlen, plen, qlen, e1len, e2len, coefflen; - (void) passphrase; - - fp = fopen(filename, "r"); - if (!fp) { + fp = fopen(filename, FOPEN_READTEXT); + if(!fp) { return -1; } ret = _libssh2_pem_parse(session, "-----BEGIN RSA PRIVATE KEY-----", "-----END RSA PRIVATE KEY-----", + passphrase, fp, &data, &datalen); fclose(fp); - if (ret) { + if(ret) { return -1; } save_data = data; - if (_libssh2_pem_decode_sequence(&data, &datalen)) { + if(_libssh2_pem_decode_sequence(&data, &datalen)) { ret = -1; goto fail; } /* First read Version field (should be 0). */ ret = _libssh2_pem_decode_integer(&data, &datalen, &n, &nlen); - if (ret != 0 || (nlen != 1 && *n != '\0')) { + if(ret != 0 || (nlen != 1 && *n != '\0')) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &n, &nlen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &e, &elen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &d, &dlen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &p, &plen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &q, &qlen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &e1, &e1len); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &e2, &e2len); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &coeff, &coefflen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } - if (_libssh2_rsa_new(rsa, e, elen, n, nlen, d, dlen, p, plen, + if(_libssh2_rsa_new(rsa, e, elen, n, nlen, d, dlen, p, plen, q, qlen, e1, e1len, e2, e2len, coeff, coefflen)) { ret = -1; goto fail; @@ -285,72 +286,71 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa, unsigned char *p, *q, *g, *y, *x; unsigned int plen, qlen, glen, ylen, xlen; - (void) passphrase; - - fp = fopen(filename, "r"); - if (!fp) { + fp = fopen(filename, FOPEN_READTEXT); + if(!fp) { return -1; } ret = _libssh2_pem_parse(session, "-----BEGIN DSA PRIVATE KEY-----", "-----END DSA PRIVATE KEY-----", + passphrase, fp, &data, &datalen); fclose(fp); - if (ret) { + if(ret) { return -1; } save_data = data; - if (_libssh2_pem_decode_sequence(&data, &datalen)) { + if(_libssh2_pem_decode_sequence(&data, &datalen)) { ret = -1; goto fail; } /* First read Version field (should be 0). */ ret = _libssh2_pem_decode_integer(&data, &datalen, &p, &plen); - if (ret != 0 || (plen != 1 && *p != '\0')) { + if(ret != 0 || (plen != 1 && *p != '\0')) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &p, &plen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &q, &qlen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &g, &glen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &y, &ylen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } ret = _libssh2_pem_decode_integer(&data, &datalen, &x, &xlen); - if (ret != 0) { + if(ret != 0) { ret = -1; goto fail; } - if (datalen != 0) { + if(datalen != 0) { ret = -1; goto fail; } - if (_libssh2_dsa_new(dsa, p, plen, q, qlen, g, glen, y, ylen, x, xlen)) { + if(_libssh2_dsa_new(dsa, p, plen, q, qlen, g, glen, y, ylen, x, xlen)) { ret = -1; goto fail; } @@ -375,11 +375,11 @@ _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, const char *tmp; size_t size; - if (hash_len != SHA_DIGEST_LENGTH) { + if(hash_len != SHA_DIGEST_LENGTH) { return -1; } - if (gcry_sexp_build(&data, NULL, + if(gcry_sexp_build(&data, NULL, "(data (flags pkcs1) (hash sha1 %b))", hash_len, hash)) { return -1; @@ -389,32 +389,36 @@ _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, gcry_sexp_release(data); - if (rc != 0) { + if(rc != 0) { return -1; } data = gcry_sexp_find_token(sig_sexp, "s", 0); - if (!data) { + if(!data) { return -1; } tmp = gcry_sexp_nth_data(data, 1, &size); - if (!tmp) { + if(!tmp) { + gcry_sexp_release(data); return -1; } - if (tmp[0] == '\0') { + if(tmp[0] == '\0') { tmp++; size--; } *signature = LIBSSH2_ALLOC(session, size); - if (!*signature) { + if(!*signature) { + gcry_sexp_release(data); return -1; } memcpy(*signature, tmp, size); *signature_len = size; + gcry_sexp_release(data); + return rc; } @@ -430,14 +434,15 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, const char *tmp; size_t size; - if (hash_len != SHA_DIGEST_LENGTH) { + if(hash_len != SHA_DIGEST_LENGTH) { return -1; } memcpy(zhash + 1, hash, hash_len); zhash[0] = 0; - if (gcry_sexp_build(&data, NULL, "(data (value %b))", hash_len + 1, zhash)) { + if(gcry_sexp_build(&data, NULL, "(data (value %b))", + hash_len + 1, zhash)) { return -1; } @@ -445,7 +450,7 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, gcry_sexp_release(data); - if (ret != 0) { + if(ret != 0) { return -1; } @@ -454,19 +459,19 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, /* Extract R. */ data = gcry_sexp_find_token(sig_sexp, "r", 0); - if (!data) + if(!data) goto err; tmp = gcry_sexp_nth_data(data, 1, &size); - if (!tmp) + if(!tmp) goto err; - if (tmp[0] == '\0') { + if(tmp[0] == '\0') { tmp++; size--; } - if (size < 1 || size > 20) + if(size < 1 || size > 20) goto err; memcpy(sig + (20 - size), tmp, size); @@ -476,19 +481,19 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, /* Extract S. */ data = gcry_sexp_find_token(sig_sexp, "s", 0); - if (!data) + if(!data) goto err; tmp = gcry_sexp_nth_data(data, 1, &size); - if (!tmp) + if(!tmp) goto err; - if (tmp[0] == '\0') { + if(tmp[0] == '\0') { tmp++; size--; } - if (size < 1 || size > 20) + if(size < 1 || size > 20) goto err; memcpy(sig + 20 + (20 - size), tmp, size); @@ -498,10 +503,10 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, ret = -1; out: - if (sig_sexp) { + if(sig_sexp) { gcry_sexp_release(sig_sexp); } - if (data) { + if(data) { gcry_sexp_release(data); } return ret; @@ -519,12 +524,12 @@ _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx, libssh2_sha1(m, m_len, hash + 1); hash[0] = 0; - if (gcry_sexp_build(&s_hash, NULL, "(data(flags raw)(value %b))", + if(gcry_sexp_build(&s_hash, NULL, "(data(flags raw)(value %b))", SHA_DIGEST_LENGTH + 1, hash)) { return -1; } - if (gcry_sexp_build(&s_sig, NULL, "(sig-val(dsa(r %b)(s %b)))", + if(gcry_sexp_build(&s_sig, NULL, "(sig-val(dsa(r %b)(s %b)))", 20, sig, 20, sig + 20)) { gcry_sexp_release(s_hash); return -1; @@ -543,30 +548,30 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h, unsigned char *iv, unsigned char *secret, int encrypt) { int ret; - int cipher = _libssh2_gcry_cipher (algo); - int mode = _libssh2_gcry_mode (algo); + int cipher = _libssh2_gcry_cipher(algo); + int mode = _libssh2_gcry_mode(algo); int keylen = gcry_cipher_get_algo_keylen(cipher); (void) encrypt; ret = gcry_cipher_open(h, cipher, mode, 0); - if (ret) { + if(ret) { return -1; } ret = gcry_cipher_setkey(*h, secret, keylen); - if (ret) { + if(ret) { gcry_cipher_close(*h); return -1; } - if (mode != GCRY_CIPHER_MODE_STREAM) { + if(mode != GCRY_CIPHER_MODE_STREAM) { int blklen = gcry_cipher_get_algo_blklen(cipher); - if (mode == GCRY_CIPHER_MODE_CTR) + if(mode == GCRY_CIPHER_MODE_CTR) ret = gcry_cipher_setctr(*h, iv, blklen); else ret = gcry_cipher_setiv(*h, iv, blklen); - if (ret) { + if(ret) { gcry_cipher_close(*h); return -1; } @@ -580,12 +585,13 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx, _libssh2_cipher_type(algo), int encrypt, unsigned char *block, size_t blklen) { - int cipher = _libssh2_gcry_cipher (algo); + int cipher = _libssh2_gcry_cipher(algo); int ret; - if (encrypt) { + if(encrypt) { ret = gcry_cipher_encrypt(*ctx, block, blklen, block, blklen); - } else { + } + else { ret = gcry_cipher_decrypt(*ctx, block, blklen, block, blklen); } return ret; @@ -602,8 +608,9 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, const char *passphrase) { return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED, - "Unable to extract public key from private key in memory: " - "Method unimplemented in libgcrypt backend"); + "Unable to extract public key from private " + "key in memory: " + "Method unimplemented in libgcrypt backend"); } int @@ -624,4 +631,37 @@ void _libssh2_init_aes_ctr(void) { /* no implementation */ } + +void +_libssh2_dh_init(_libssh2_dh_ctx *dhctx) +{ + *dhctx = gcry_mpi_new(0); /* Random from client */ +} + +int +_libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, + _libssh2_bn *g, _libssh2_bn *p, int group_order) +{ + /* Generate x and e */ + gcry_mpi_randomize(*dhctx, group_order * 8 - 1, GCRY_WEAK_RANDOM); + gcry_mpi_powm(public, g, *dhctx, p); + return 0; +} + +int +_libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret, + _libssh2_bn *f, _libssh2_bn *p) +{ + /* Compute the shared secret */ + gcry_mpi_powm(secret, f, *dhctx, p); + return 0; +} + +void +_libssh2_dh_dtor(_libssh2_dh_ctx *dhctx) +{ + gcry_mpi_release(*dhctx); + *dhctx = NULL; +} + #endif /* LIBSSH2_LIBGCRYPT */ |