j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Parse PEM RSA keys ourself, and use libgcrypt to do RSA encryption and decryption.

Browse source
This commit is contained in:
Guus Sliepen 2007-05-20 22:28:49 +00:00
parent fbf305c09d
commit 465837dd7f
7 changed files with 355 additions and 129 deletions
Download patch file Download diff file Expand all files Collapse all files

22
src/protocol_auth.c
View file

@ -37,6 +37,7 @@
#include "netutl.h"
#include "node.h"
#include "protocol.h"
#include "rsa.h"
#include "utils.h"
#include "xalloc.h"
@ -116,12 +117,12 @@ bool id_h(connection_t *c, char *request) {
bool send_metakey(connection_t *c) {
char *buffer;
int len;
unsigned int len;
bool x;
cp();
len = RSA_size(c->rsa_key);
len = get_rsa_size(&c->rsa_key);
/* Allocate buffers for the meta key */
@ -163,7 +164,7 @@ bool send_metakey(connection_t *c) {
with a length equal to that of the modulus of the RSA key.
*/
if(RSA_public_encrypt(len, (unsigned char *)c->outkey, (unsigned char *)buffer, c->rsa_key, RSA_NO_PADDING) != len) {
if(!rsa_public_encrypt(len, (unsigned char *)c->outkey, (unsigned char *)buffer, &c->rsa_key)) {
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
@ -212,7 +213,7 @@ bool metakey_h(connection_t *c, char *request) {
return false;
}
len = RSA_size(myself->connection->rsa_key);
len = get_rsa_size(&myself->connection->rsa_key);
/* Check if the length of the meta key is all right */
@ -235,9 +236,8 @@ bool metakey_h(connection_t *c, char *request) {
/* Decrypt the meta key */
if(RSA_private_decrypt(len, (unsigned char *)buffer, (unsigned char *)c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) { /* See challenge() */
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
if(!rsa_private_decrypt(len, (unsigned char *)buffer, (unsigned char *)c->inkey, &myself->connection->rsa_key)) {
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"), c->name, c->hostname);
return false;
}
@ -306,7 +306,7 @@ bool send_challenge(connection_t *c) {
/* CHECKME: what is most reasonable value for len? */
len = RSA_size(c->rsa_key);
len = get_rsa_size(&c->rsa_key);
/* Allocate buffers for the challenge */
@ -341,7 +341,7 @@ bool challenge_h(connection_t *c, char *request) {
return false;
}
len = RSA_size(myself->connection->rsa_key);
len = get_rsa_size(&myself->connection->rsa_key);
/* Check if the length of the challenge is all right */
@ -376,7 +376,7 @@ bool send_chal_reply(connection_t *c) {
/* Calculate the hash from the challenge we received */
if(!EVP_DigestInit(&ctx, c->indigest)
|| !EVP_DigestUpdate(&ctx, c->mychallenge, RSA_size(myself->connection->rsa_key))
|| !EVP_DigestUpdate(&ctx, c->mychallenge, get_rsa_size(&myself->connection->rsa_key))
|| !EVP_DigestFinal(&ctx, (unsigned char *)hash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
@ -421,7 +421,7 @@ bool chal_reply_h(connection_t *c, char *request) {
/* Calculate the hash from the challenge we sent */
if(!EVP_DigestInit(&ctx, c->outdigest)
|| !EVP_DigestUpdate(&ctx, c->hischallenge, RSA_size(c->rsa_key))
|| !EVP_DigestUpdate(&ctx, c->hischallenge, get_rsa_size(&c->rsa_key))
|| !EVP_DigestFinal(&ctx, (unsigned char *)myhash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));