shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-12 11:10:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

Add more error checks to ssh_encrypt_rsa1().

Browse Source 
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@535 7dcaeef0-15fb-0310-b436-a5af3365683c
This commit is contained in:
Andreas Schneider
2009-04-18 08:50:40 +00:00
parent b9e91ce95a
commit 57a6388b82
1 changed files with 56 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
libssh/keys.c
View File

@@ -1066,38 +1066,68 @@ STRING *ssh_do_sign(SSH_SESSION *session, BUFFER *sigbuf,
return signature; return signature;
} }
STRING *ssh_encrypt_rsa1(SSH_SESSION *session, STRING *data, PUBLIC_KEY *key){ STRING *ssh_encrypt_rsa1(SSH_SESSION *session, STRING *data, PUBLIC_KEY *key) {
int len=string_len(data); STRING *str = NULL;
size_t len = string_len(data);
int size = 0;
#ifdef HAVE_LIBGCRYPT #ifdef HAVE_LIBGCRYPT
STRING *ret; const char *tmp = NULL;
gcry_sexp_t ret_sexp; gcry_sexp_t ret_sexp;
gcry_sexp_t data_sexp; gcry_sexp_t data_sexp;
const char *tmp;
size_t size; if (gcry_sexp_build(&data_sexp, NULL, "(data(flags pkcs1)(value %b))",
gcry_sexp_build(&data_sexp,NULL,"(data(flags pkcs1)(value %b))",len,data->string); len, data->string)) {
gcry_pk_encrypt(&ret_sexp,data_sexp,key->rsa_pub); ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error");
return NULL;
}
if (gcry_pk_encrypt(&ret_sexp, data_sexp, key->rsa_pub)) {
gcry_sexp_release(data_sexp); gcry_sexp_release(data_sexp);
data_sexp=gcry_sexp_find_token(ret_sexp,"a",0); ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error");
tmp=gcry_sexp_nth_data(data_sexp,1,&size); return NULL;
if (*tmp == 0) }
{
gcry_sexp_release(data_sexp);
data_sexp = gcry_sexp_find_token(ret_sexp, "a", 0);
if (data_sexp == NULL) {
ssh_set_error(session, SSH_FATAL, "RSA1 encrypt: libgcrypt error");
gcry_sexp_release(ret_sexp);
return NULL;
}
tmp = gcry_sexp_nth_data(data_sexp, 1, &size);
if (*tmp == 0) {
size--; size--;
tmp++; tmp++;
} }
ret=string_new(size);
string_fill(ret,(char *)tmp,size); str = string_new(size);
if (str == NULL) {
ssh_set_error(session, SSH_FATAL, "Not enough space");
gcry_sexp_release(data_sexp);
gcry_sexp_release(ret_sexp);
return NULL;
}
string_fill(str, tmp, size);
gcry_sexp_release(data_sexp);
gcry_sexp_release(ret_sexp); gcry_sexp_release(ret_sexp);
#elif defined HAVE_LIBCRYPTO #elif defined HAVE_LIBCRYPTO
int flen=RSA_size(key->rsa_pub); size = RSA_size(key->rsa_pub);
STRING *ret=string_new(flen);
RSA_public_encrypt(len,data->string,ret->string,key->rsa_pub, str = string_new(size);
RSA_PKCS1_PADDING); if (str == NULL) {
ssh_set_error(session, SSH_FATAL, "Not enough space");
return NULL;
}
if (RSA_public_encrypt(len, data->string, str->string, key->rsa_pub,
RSA_PKCS1_PADDING) < 0) {
string_free(str);
return NULL;
}
#endif #endif
/* unused member variable */ return str;
(void) session;
return ret;
} }