shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 09:54:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

Improve gcrypt private_key functions.

Browse Source 
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@554 7dcaeef0-15fb-0310-b436-a5af3365683c
This commit is contained in:
Andreas Schneider
2009-04-18 15:22:59 +00:00
parent 5ef5841f99
commit 460969a9ce
1 changed files with 24 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
libssh/keyfiles.c
View File

@@ -198,7 +198,7 @@ static int passphrase_to_key(char *data, unsigned int datalen,
for (j = 0, md_not_empty = 0; j < keylen; ) { for (j = 0, md_not_empty = 0; j < keylen; ) {
md = md5_init(); md = md5_init();
if (md == NULL) { if (md == NULL) {
return 0; return -1;
} }
if (md_not_empty) { if (md_not_empty) {
@@ -220,7 +220,7 @@ static int passphrase_to_key(char *data, unsigned int datalen,
} }
} }
return 1; return 0;
} }
static int privatekey_decrypt(int algo, int mode, unsigned int key_len, static int privatekey_decrypt(int algo, int mode, unsigned int key_len,
@@ -229,39 +229,45 @@ static int privatekey_decrypt(int algo, int mode, unsigned int key_len,
void *userdata, void *userdata,
char *desc) char *desc)
{ {
gcry_cipher_hd_t cipher;
int rc = -1;
char passphrase[MAX_PASSPHRASE_SIZE] = {0}; char passphrase[MAX_PASSPHRASE_SIZE] = {0};
unsigned char key[MAX_KEY_SIZE] = {0}; unsigned char key[MAX_KEY_SIZE] = {0};
unsigned char *tmp; unsigned char *tmp = NULL;
gcry_error_t err; gcry_cipher_hd_t cipher;
int rc = -1;
if (!algo) if (!algo) {
return 1; return -1;
}
if (cb) { if (cb) {
rc = (*cb)(desc, passphrase, MAX_PASSPHRASE_SIZE, 0, 0, userdata); rc = (*cb)(desc, passphrase, MAX_PASSPHRASE_SIZE, 0, 0, userdata);
if (rc < 0) { if (rc < 0) {
return 0; return -1;
} }
} else if (cb == NULL && userdata != NULL) { } else if (cb == NULL && userdata != NULL) {
snprintf(passphrase, MAX_PASSPHRASE_SIZE, "%s", (char *) userdata); snprintf(passphrase, MAX_PASSPHRASE_SIZE, "%s", (char *) userdata);
} }
passphrase_to_key(passphrase, strlen(passphrase), iv, key, key_len);
if (passphrase_to_key(passphrase, strlen(passphrase), iv, key, key_len) < 0) {
return -1;
}
if (gcry_cipher_open(&cipher, algo, mode, 0) if (gcry_cipher_open(&cipher, algo, mode, 0)
|| gcry_cipher_setkey(cipher, key, key_len) || gcry_cipher_setkey(cipher, key, key_len)
|| gcry_cipher_setiv(cipher, iv, iv_len) || gcry_cipher_setiv(cipher, iv, iv_len)
|| !(tmp = malloc(buffer_get_len(data) * sizeof (char))) || (tmp = malloc(buffer_get_len(data) * sizeof (char)) == NULL)
|| (err = gcry_cipher_decrypt(cipher, tmp, buffer_get_len(data), || gcry_cipher_decrypt(cipher, tmp, buffer_get_len(data),
buffer_get(data), buffer_get_len(data)))) buffer_get(data), buffer_get_len(data))) {
{
gcry_cipher_close(cipher); gcry_cipher_close(cipher);
return 0; return -1;
} }
memcpy(buffer_get(data), tmp, buffer_get_len(data)); memcpy(buffer_get(data), tmp, buffer_get_len(data));
SAFE_FREE(tmp); SAFE_FREE(tmp);
gcry_cipher_close(cipher); gcry_cipher_close(cipher);
return 1;
return 0;
} }
static int privatekey_dek_header(char *header, unsigned int header_len, static int privatekey_dek_header(char *header, unsigned int header_len,
@@ -398,8 +404,8 @@ static BUFFER *privatekey_file_to_buffer(FILE *fp, int type,
buffer_free(buffer); buffer_free(buffer);
if (algo) if (algo)
{ {
if (!privatekey_decrypt(algo, mode, key_len, iv, iv_len, ret, cb, userdata, desc)) if (privatekey_decrypt(algo, mode, key_len, iv, iv_len, ret,
{ cb, userdata, desc) < 0) {
free(iv); free(iv);
return NULL; return NULL;
} }