diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2011-08-07 18:22:19 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2011-08-08 15:28:31 +0200 |
commit | f81444bd57095cf8ff8e76b50f662aad0757f574 (patch) | |
tree | 70a1acb7b15be082cf66456b97b252fe6fb5f4dd /src/pki_gcrypt.c | |
parent | 38d00c0e7aa9d9104c7d3453bf57fde9678ff75b (diff) | |
download | libssh-f81444bd57095cf8ff8e76b50f662aad0757f574.tar.gz libssh-f81444bd57095cf8ff8e76b50f662aad0757f574.tar.xz libssh-f81444bd57095cf8ff8e76b50f662aad0757f574.zip |
pki: Add pki_do_sign().
Diffstat (limited to 'src/pki_gcrypt.c')
-rw-r--r-- | src/pki_gcrypt.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c index 30448c2..9c6cd67 100644 --- a/src/pki_gcrypt.c +++ b/src/pki_gcrypt.c @@ -856,6 +856,49 @@ fail: return NULL; } +struct signature_struct *pki_do_sign(ssh_key privatekey, + const unsigned char *hash) { + struct signature_struct *sign; + gcry_sexp_t gcryhash; + + sign = malloc(sizeof(SIGNATURE)); + if (sign == NULL) { + return NULL; + } + sign->type = privatekey->type; + + switch(privatekey->type) { + case SSH_KEYTYPE_DSS: + if (gcry_sexp_build(&gcryhash, NULL, "%b", SHA_DIGEST_LEN + 1, hash) || + gcry_pk_sign(&sign->dsa_sign, gcryhash, privatekey->dsa)) { + gcry_sexp_release(gcryhash); + signature_free(sign); + return NULL; + } + sign->rsa_sign = NULL; + break; + case SSH_KEYTYPE_RSA: + case SSH_KEYTYPE_RSA1: + if (gcry_sexp_build(&gcryhash, NULL, "(data(flags pkcs1)(hash sha1 %b))", + SHA_DIGEST_LEN, hash + 1) || + gcry_pk_sign(&sign->rsa_sign, gcryhash, privatekey->rsa)) { + gcry_sexp_release(gcryhash); + signature_free(sign); + return NULL; + } + sign->dsa_sign = NULL; + break; + case SSH_KEYTYPE_ECDSA: + case SSH_KEYTYPE_UNKNOWN: + signature_free(sign); + return NULL; + } + + gcry_sexp_release(gcryhash); + + return sign; +} + #endif /* HAVE_LIBGCRYPT */ /** |