diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2011-08-28 22:07:10 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2011-08-28 22:25:33 +0200 |
commit | 246d20ef231ee6564237b7e492177d9226549df7 (patch) | |
tree | 1131dd3e69db8db02563e15fe9152917c24f9ed4 | |
parent | f803538d21dad3d6d0fdfa5e6176a5e16737bc99 (diff) | |
download | libssh-246d20ef231ee6564237b7e492177d9226549df7.tar.gz libssh-246d20ef231ee6564237b7e492177d9226549df7.tar.xz libssh-246d20ef231ee6564237b7e492177d9226549df7.zip |
pki: Refactor _RSA_do_sign().
-rw-r--r-- | src/pki_crypto.c | 46 |
1 files changed, 31 insertions, 15 deletions
diff --git a/src/pki_crypto.c b/src/pki_crypto.c index 9767f09d..2e66c0e4 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -488,34 +488,50 @@ fail: return NULL; } -static ssh_string _RSA_do_sign(const unsigned char *payload, - int len, +/** + * @internal + * + * @brief Compute a digital signature. + * + * @param[in] digest The message digest. + * + * @param[in] dlen The length of the digest. + * + * @param[in] privkey The private rsa key to use for signing. + * + * @return A newly allocated rsa sig blob or NULL on error. + */ +static ssh_string _RSA_do_sign(const unsigned char *digest, + int dlen, RSA *privkey) { - ssh_string sign = NULL; - unsigned char *buffer = NULL; - unsigned int size; + ssh_string sig_blob; + unsigned char *sig; + unsigned int slen; + int ok; - buffer = malloc(RSA_size(privkey)); - if (buffer == NULL) { + sig = malloc(RSA_size(privkey)); + if (sig == NULL) { return NULL; } - if (RSA_sign(NID_sha1, payload, len, buffer, &size, privkey) == 0) { - SAFE_FREE(buffer); + ok = RSA_sign(NID_sha1, digest, dlen, sig, &slen, privkey); + if (!ok) { + SAFE_FREE(sig); return NULL; } - sign = ssh_string_new(size); - if (sign == NULL) { - SAFE_FREE(buffer); + sig_blob = ssh_string_new(slen); + if (sig_blob == NULL) { + SAFE_FREE(sig); return NULL; } - ssh_string_fill(sign, buffer, size); - SAFE_FREE(buffer); + ssh_string_fill(sig_blob, sig, slen); + memset(sig, 'd', slen); + SAFE_FREE(sig); - return sign; + return sig_blob; } ssh_string pki_signature_to_blob(const ssh_signature sig) |