diff options
Diffstat (limited to 'src/kex.c')
| -rw-r--r-- | src/kex.c | 66 |
1 files changed, 66 insertions, 0 deletions
@@ -570,6 +570,72 @@ static int modulus_smaller(ssh_public_key k1, ssh_public_key k2){ } +static ssh_string ssh_encrypt_rsa1(ssh_session session, + ssh_string data, + ssh_public_key key) { + ssh_string str = NULL; + size_t len = ssh_string_len(data); + size_t size = 0; +#ifdef HAVE_LIBGCRYPT + const char *tmp = NULL; + gcry_sexp_t ret_sexp; + gcry_sexp_t data_sexp; + + if (gcry_sexp_build(&data_sexp, NULL, "(data(flags pkcs1)(value %b))", + len, ssh_string_data(data))) { + ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error"); + return NULL; + } + if (gcry_pk_encrypt(&ret_sexp, data_sexp, key->rsa_pub)) { + gcry_sexp_release(data_sexp); + ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error"); + return NULL; + } + + gcry_sexp_release(data_sexp); + + data_sexp = gcry_sexp_find_token(ret_sexp, "a", 0); + if (data_sexp == NULL) { + ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error"); + gcry_sexp_release(ret_sexp); + return NULL; + } + tmp = gcry_sexp_nth_data(data_sexp, 1, &size); + if (*tmp == 0) { + size--; + tmp++; + } + + str = ssh_string_new(size); + if (str == NULL) { + ssh_set_error(session, SSH_FATAL, "Not enough space"); + gcry_sexp_release(data_sexp); + gcry_sexp_release(ret_sexp); + return NULL; + } + ssh_string_fill(str, tmp, size); + + gcry_sexp_release(data_sexp); + gcry_sexp_release(ret_sexp); +#elif defined HAVE_LIBCRYPTO + size = RSA_size(key->rsa_pub); + + str = ssh_string_new(size); + if (str == NULL) { + ssh_set_error(session, SSH_FATAL, "Not enough space"); + return NULL; + } + + if (RSA_public_encrypt(len, ssh_string_data(data), ssh_string_data(str), key->rsa_pub, + RSA_PKCS1_PADDING) < 0) { + ssh_string_free(str); + return NULL; + } +#endif + + return str; +} + #define ABS(A) ( (A)<0 ? -(A):(A) ) static ssh_string encrypt_session_key(ssh_session session, ssh_public_key srvkey, ssh_public_key hostkey, int slen, int hlen) { |