projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge remote-tracking branch 'groxxda/gui-fixes' into 1.1
[tinc]
/
src
/
gcrypt
/
rsa.c
diff --git
a/src/gcrypt/rsa.c
b/src/gcrypt/rsa.c
index
62a2129
..
751f7b6
100644
(file)
--- a/
src/gcrypt/rsa.c
+++ b/
src/gcrypt/rsa.c
@@
-1,6
+1,6
@@
/*
rsa.c -- RSA key handling
/*
rsa.c -- RSA key handling
- Copyright (C) 2007 Guus Sliepen <guus@tinc-vpn.org>
+ Copyright (C) 2007
-2012
Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@
-148,7
+148,7
@@
static size_t ber_read_len(unsigned char **p, size_t *buflen) {
return *(*p)++;
}
}
return *(*p)++;
}
}
-
+
static bool ber_read_sequence(unsigned char **p, size_t *buflen, size_t *result) {
int tag = ber_read_id(p, buflen);
static bool ber_read_sequence(unsigned char **p, size_t *buflen, size_t *result) {
int tag = ber_read_id(p, buflen);
@@
-173,7
+173,7
@@
static bool ber_read_mpi(unsigned char **p, size_t *buflen, gcry_mpi_t *mpi) {
if(mpi)
err = gcry_mpi_scan(mpi, GCRYMPI_FMT_USG, *p, len, NULL);
if(mpi)
err = gcry_mpi_scan(mpi, GCRYMPI_FMT_USG, *p, len, NULL);
-
+
*p += len;
*buflen -= len;
*p += len;
*buflen -= len;
@@
-184,10
+184,10
@@
bool rsa_set_hex_public_key(rsa_t *rsa, char *n, char *e) {
gcry_error_t err = 0;
err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL)
gcry_error_t err = 0;
err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL)
- ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX,
n
, 0, NULL);
+ ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX,
e
, 0, NULL);
if(err) {
if(err) {
- logger(LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno));
+ logger(
DEBUG_ALWAYS,
LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno));
return false;
}
return false;
}
@@
-198,11
+198,11
@@
bool rsa_set_hex_private_key(rsa_t *rsa, char *n, char *e, char *d) {
gcry_error_t err = 0;
err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL)
gcry_error_t err = 0;
err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL)
- ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX,
n
, 0, NULL)
- ?: gcry_mpi_scan(&rsa->d, GCRYMPI_FMT_HEX,
n
, 0, NULL);
+ ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX,
e
, 0, NULL)
+ ?: gcry_mpi_scan(&rsa->d, GCRYMPI_FMT_HEX,
d
, 0, NULL);
if(err) {
if(err) {
- logger(LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno));
+ logger(
DEBUG_ALWAYS,
LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno));
return false;
}
return false;
}
@@
-216,7
+216,7
@@
bool rsa_read_pem_public_key(rsa_t *rsa, FILE *fp) {
size_t derlen;
if(!pem_decode(fp, "RSA PUBLIC KEY", derbuf, sizeof derbuf, &derlen)) {
size_t derlen;
if(!pem_decode(fp, "RSA PUBLIC KEY", derbuf, sizeof derbuf, &derlen)) {
- logger(LOG_ERR, "Unable to read RSA public key: %s", strerror(errno));
+ logger(
DEBUG_ALWAYS,
LOG_ERR, "Unable to read RSA public key: %s", strerror(errno));
return NULL;
}
return NULL;
}
@@
-224,7
+224,7
@@
bool rsa_read_pem_public_key(rsa_t *rsa, FILE *fp) {
|| !ber_read_mpi(&derp, &derlen, &rsa->n)
|| !ber_read_mpi(&derp, &derlen, &rsa->e)
|| derlen) {
|| !ber_read_mpi(&derp, &derlen, &rsa->n)
|| !ber_read_mpi(&derp, &derlen, &rsa->e)
|| derlen) {
- logger(LOG_ERR, "Error while decoding RSA public key");
+ logger(
DEBUG_ALWAYS,
LOG_ERR, "Error while decoding RSA public key");
return NULL;
}
return NULL;
}
@@
-236,7
+236,7
@@
bool rsa_read_pem_private_key(rsa_t *rsa, FILE *fp) {
size_t derlen;
if(!pem_decode(fp, "RSA PRIVATE KEY", derbuf, sizeof derbuf, &derlen)) {
size_t derlen;
if(!pem_decode(fp, "RSA PRIVATE KEY", derbuf, sizeof derbuf, &derlen)) {
- logger(LOG_ERR, "Unable to read RSA private key: %s", strerror(errno));
+ logger(
DEBUG_ALWAYS,
LOG_ERR, "Unable to read RSA private key: %s", strerror(errno));
return NULL;
}
return NULL;
}
@@
-251,7
+251,7
@@
bool rsa_read_pem_private_key(rsa_t *rsa, FILE *fp) {
|| !ber_read_mpi(&derp, &derlen, NULL)
|| !ber_read_mpi(&derp, &derlen, NULL) // u
|| derlen) {
|| !ber_read_mpi(&derp, &derlen, NULL)
|| !ber_read_mpi(&derp, &derlen, NULL) // u
|| derlen) {
- logger(LOG_ERR, "Error while decoding RSA private key");
+ logger(
DEBUG_ALWAYS,
LOG_ERR, "Error while decoding RSA private key");
return NULL;
}
return NULL;
}
@@
-267,7
+267,7
@@
size_t rsa_size(rsa_t *rsa) {
*/
// TODO: get rid of this macro, properly clean up gcry_ structures after use
*/
// TODO: get rid of this macro, properly clean up gcry_ structures after use
-#define check(foo) { gcry_error_t err = (foo); if(err) {logger(
LOG_ERR, "gcrypt error %s/%s at %s:%d\n
", gcry_strsource(err), gcry_strerror(err), __FILE__, __LINE__); return false; }}
+#define check(foo) { gcry_error_t err = (foo); if(err) {logger(
DEBUG_ALWAYS, LOG_ERR, "gcrypt error %s/%s at %s:%d
", gcry_strsource(err), gcry_strerror(err), __FILE__, __LINE__); return false; }}
bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) {
gcry_mpi_t inmpi;
bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) {
gcry_mpi_t inmpi;
@@
-276,6
+276,10
@@
bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) {
gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
gcry_mpi_powm(outmpi, inmpi, rsa->e, rsa->n);
gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
gcry_mpi_powm(outmpi, inmpi, rsa->e, rsa->n);
+ int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
+ while(pad--)
+ *(char *)out++ = 0;
+
check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi));
return true;
check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi));
return true;
@@
-288,6
+292,10
@@
bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) {
gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
gcry_mpi_powm(outmpi, inmpi, rsa->d, rsa->n);
gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
gcry_mpi_powm(outmpi, inmpi, rsa->d, rsa->n);
+ int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
+ while(pad--)
+ *(char *)out++ = 0;
+
check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi));
return true;
check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi));
return true;