X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fgcrypt%2Frsa.c;h=923b2a40ddda091ec2f11f4981d5ab9e4360852d;hb=d917c8cb6b69475d568ccbe82389b9f2b3eb5e80;hp=bb0f9bb3479fc863e42244d08e9a3bc33885b9cf;hpb=86358fabfedca395b60310799a648b4875596efb;p=tinc diff --git a/src/gcrypt/rsa.c b/src/gcrypt/rsa.c index bb0f9bb3..923b2a40 100644 --- a/src/gcrypt/rsa.c +++ b/src/gcrypt/rsa.c @@ -12,11 +12,9 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - $Id$ + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ #include "system.h" @@ -26,7 +24,7 @@ #include "logger.h" #include "rsa.h" -// Base64 encoding/decoding tables +// Base64 decoding table static const uint8_t b64d[128] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, @@ -53,8 +51,6 @@ static const uint8_t b64d[128] = { 0xff, 0xff }; -static const char b64e[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - // PEM encoding/decoding functions static bool pem_decode(FILE *fp, const char *header, uint8_t *buf, size_t size, size_t *outsize) { @@ -152,7 +148,7 @@ static size_t ber_read_len(unsigned char **p, size_t *buflen) { return *(*p)++; } } - + static bool ber_read_sequence(unsigned char **p, size_t *buflen, size_t *result) { int tag = ber_read_id(p, buflen); @@ -177,7 +173,7 @@ static bool ber_read_mpi(unsigned char **p, size_t *buflen, gcry_mpi_t *mpi) { if(mpi) err = gcry_mpi_scan(mpi, GCRYMPI_FMT_USG, *p, len, NULL); - + *p += len; *buflen -= len; @@ -188,10 +184,10 @@ bool rsa_set_hex_public_key(rsa_t *rsa, char *n, char *e) { gcry_error_t err = 0; err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL) - ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, n, 0, NULL); + ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, e, 0, NULL); if(err) { - logger(LOG_ERR, _("Error while reading RSA public key: %s"), gcry_strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno)); return false; } @@ -202,11 +198,11 @@ bool rsa_set_hex_private_key(rsa_t *rsa, char *n, char *e, char *d) { gcry_error_t err = 0; err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL) - ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, n, 0, NULL) - ?: gcry_mpi_scan(&rsa->d, GCRYMPI_FMT_HEX, n, 0, NULL); + ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, e, 0, NULL) + ?: gcry_mpi_scan(&rsa->d, GCRYMPI_FMT_HEX, d, 0, NULL); if(err) { - logger(LOG_ERR, _("Error while reading RSA public key: %s"), gcry_strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno)); return false; } @@ -220,7 +216,7 @@ bool rsa_read_pem_public_key(rsa_t *rsa, FILE *fp) { size_t derlen; if(!pem_decode(fp, "RSA PUBLIC KEY", derbuf, sizeof derbuf, &derlen)) { - logger(LOG_ERR, _("Unable to read RSA public key: %s"), strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA public key: %s", strerror(errno)); return NULL; } @@ -228,7 +224,7 @@ bool rsa_read_pem_public_key(rsa_t *rsa, FILE *fp) { || !ber_read_mpi(&derp, &derlen, &rsa->n) || !ber_read_mpi(&derp, &derlen, &rsa->e) || derlen) { - logger(LOG_ERR, _("Error while decoding RSA public key")); + logger(DEBUG_ALWAYS, LOG_ERR, "Error while decoding RSA public key"); return NULL; } @@ -240,7 +236,7 @@ bool rsa_read_pem_private_key(rsa_t *rsa, FILE *fp) { size_t derlen; if(!pem_decode(fp, "RSA PRIVATE KEY", derbuf, sizeof derbuf, &derlen)) { - logger(LOG_ERR, _("Unable to read RSA private key: %s"), strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA private key: %s", strerror(errno)); return NULL; } @@ -255,7 +251,7 @@ bool rsa_read_pem_private_key(rsa_t *rsa, FILE *fp) { || !ber_read_mpi(&derp, &derlen, NULL) || !ber_read_mpi(&derp, &derlen, NULL) // u || derlen) { - logger(LOG_ERR, _("Error while decoding RSA private key")); + logger(DEBUG_ALWAYS, LOG_ERR, "Error while decoding RSA private key"); return NULL; } @@ -271,7 +267,7 @@ size_t rsa_size(rsa_t *rsa) { */ // TODO: get rid of this macro, properly clean up gcry_ structures after use -#define check(foo) { gcry_error_t err = (foo); if(err) {logger(LOG_ERR, "gcrypt error %s/%s at %s:%d\n", gcry_strsource(err), gcry_strerror(err), __FILE__, __LINE__); return false; }} +#define check(foo) { gcry_error_t err = (foo); if(err) {logger(DEBUG_ALWAYS, LOG_ERR, "gcrypt error %s/%s at %s:%d", gcry_strsource(err), gcry_strerror(err), __FILE__, __LINE__); return false; }} bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) { gcry_mpi_t inmpi; @@ -280,6 +276,10 @@ bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) { gcry_mpi_t outmpi = gcry_mpi_new(len * 8); gcry_mpi_powm(outmpi, inmpi, rsa->e, rsa->n); + int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8; + while(pad--) + *(char *)out++ = 0; + check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi)); return true; @@ -292,6 +292,10 @@ bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) { gcry_mpi_t outmpi = gcry_mpi_new(len * 8); gcry_mpi_powm(outmpi, inmpi, rsa->d, rsa->n); + int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8; + while(pad--) + *(char *)out++ = 0; + check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi)); return true;