- if(rsa_priv) {
- if(!rsa_pub) {
- fprintf(stderr, "WARNING: No (usable) public RSA key found.\n");
- if(ask_fix()) {
- FILE *f = fopen(fname, "a");
- if(f) {
- if(rsa_write_pem_public_key(rsa_priv, f))
- fprintf(stderr, "Wrote RSA public key to %s.\n", fname);
- else
- fprintf(stderr, "ERROR: could not write RSA public key to %s.\n", fname);
- fclose(f);
- } else {
- fprintf(stderr, "ERROR: could not append to %s: %s\n", fname, strerror(errno));
- }
- }
- } else {
- // TODO: suggest remedies
- size_t len = rsa_size(rsa_priv);
- if(len != rsa_size(rsa_pub)) {
- fprintf(stderr, "ERROR: public and private RSA keys do not match.\n");
- return 1;
- }
- char buf1[len], buf2[len], buf3[len];
- randomize(buf1, sizeof buf1);
- buf1[0] &= 0x7f;
- memset(buf2, 0, sizeof buf2);
- memset(buf3, 0, sizeof buf2);
- if(!rsa_public_encrypt(rsa_pub, buf1, sizeof buf1, buf2)) {
- fprintf(stderr, "ERROR: public RSA key does not work.\n");
- return 1;
- }
- if(!rsa_private_decrypt(rsa_priv, buf2, sizeof buf2, buf3)) {
- fprintf(stderr, "ERROR: private RSA key does not work.\n");
- return 1;
- }
- if(memcmp(buf1, buf3, sizeof buf1)) {
+static bool test_rsa_keypair(rsa_t *rsa_priv, rsa_t *rsa_pub, const char *host_file) {
+ size_t len = rsa_size(rsa_priv);
+
+ if(len != rsa_size(rsa_pub)) {
+ fprintf(stderr, "ERROR: public and private RSA key lengths do not match.\n");
+ return false;
+ }
+
+ bool success = false;
+ uint8_t *plaintext = xmalloc(len);
+ uint8_t *encrypted = xzalloc(len);
+ uint8_t *decrypted = xzalloc(len);
+
+ randomize(plaintext, len);
+ plaintext[0] &= 0x7f;
+
+ if(rsa_public_encrypt(rsa_pub, plaintext, len, encrypted)) {
+ if(rsa_private_decrypt(rsa_priv, encrypted, len, decrypted)) {
+ if(memcmp(plaintext, decrypted, len) == 0) {
+ success = true;
+ } else {