diff --git a/src/Makefile.am b/src/Makefile.am index a318dcd5..acbf4193 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -20,7 +20,7 @@ INCLUDES = @INCLUDES@ -I$(top_builddir) -I$(top_srcdir)/lib noinst_HEADERS = cipher.h conf.h connection.h control.h crypto.h device.h digest.h edge.h graph.h logger.h meta.h net.h netutl.h node.h process.h \ protocol.h route.h rsa.h subnet.h -LIBS = @LIBS@ @LIBINTL@ +LIBS = @LIBS@ @LIBGCRYPT_LIBS@ @LIBINTL@ tincd_LDADD = \ $(top_builddir)/lib/libvpn.a diff --git a/src/gcrypt/cipher.c b/src/gcrypt/cipher.c index 8920a706..71add007 100644 --- a/src/gcrypt/cipher.c +++ b/src/gcrypt/cipher.c @@ -173,7 +173,7 @@ bool cipher_set_key(cipher_t *cipher, void *key, bool encrypt) { return true; } -bool cipher_set_key(cipher_t *cipher, void *key, size_t len, bool encrypt) { +bool cipher_set_key_from_rsa(cipher_t *cipher, void *key, size_t len, bool encrypt) { memcpy(cipher->key, key + len - cipher->keylen, cipher->keylen + cipher->blklen); memcpy(cipher->key + cipher->keylen, key + len - cipher->keylen - cipher->blklen, cipher->blklen); diff --git a/src/gcrypt/cipher.h b/src/gcrypt/cipher.h index 593b9857..08a7dc54 100644 --- a/src/gcrypt/cipher.h +++ b/src/gcrypt/cipher.h @@ -37,10 +37,10 @@ extern bool cipher_open_by_nid(struct cipher *, int); extern bool cipher_open_blowfish_ofb(struct cipher *); extern void cipher_close(struct cipher *); extern size_t cipher_keylength(const struct cipher *); -extern void cipher_get_key(const struct cipher *, void *, bool); +extern void cipher_get_key(const struct cipher *, void *); extern bool cipher_set_key(struct cipher *, void *, bool); extern bool cipher_set_key_from_rsa(struct cipher *, void *, size_t, bool); -extern bool cipher_regenerate_key(struct cipher *); +extern bool cipher_regenerate_key(struct cipher *, bool); extern bool cipher_encrypt(struct cipher *, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot); extern bool cipher_decrypt(struct cipher *, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot); extern int cipher_get_nid(const struct cipher *); diff --git a/src/gcrypt/digest.h b/src/gcrypt/digest.h index 6a644c7a..4e3a0c43 100644 --- a/src/gcrypt/digest.h +++ b/src/gcrypt/digest.h @@ -30,14 +30,14 @@ typedef struct digest { uint16_t len; } digest_t; -static bool digest_open_by_name(struct digest *, const char *); -static bool digest_open_by_nid(struct digest *, int); -static bool digest_open_sha1(struct digest *); -static void digest_close(struct digest *); -static bool digest_create(struct digest *, const void *indata, size_t inlen, void *outdata); -static bool digest_verify(struct digest *, const void *indata, size_t inlen, const void *digestdata); -static int digest_get_nid(const struct digest *); -static size_t digest_length(const struct digest *); -static bool digest_active(const struct digest *); +extern bool digest_open_by_name(struct digest *, const char *); +extern bool digest_open_by_nid(struct digest *, int); +extern bool digest_open_sha1(struct digest *); +extern void digest_close(struct digest *); +extern bool digest_create(struct digest *, const void *indata, size_t inlen, void *outdata); +extern bool digest_verify(struct digest *, const void *indata, size_t inlen, const void *digestdata); +extern int digest_get_nid(const struct digest *); +extern size_t digest_length(const struct digest *); +extern bool digest_active(const struct digest *); #endif diff --git a/src/gcrypt/rsa.c b/src/gcrypt/rsa.c index 99ee11b3..bb0f9bb3 100644 --- a/src/gcrypt/rsa.c +++ b/src/gcrypt/rsa.c @@ -82,7 +82,7 @@ static bool pem_decode(FILE *fp, const char *header, uint8_t *buf, size_t size, continue; for(i = 0; line[i] >= ' '; i++) { - if(line[i] >= 128 || line[i] < 0 || b64d[(int)line[i]] == 0xff) + if((signed char)line[i] < 0 || b64d[(int)line[i]] == 0xff) break; word |= b64d[(int)line[i]] << shift; shift -= 6; @@ -187,31 +187,35 @@ static bool ber_read_mpi(unsigned char **p, size_t *buflen, gcry_mpi_t *mpi) { bool rsa_set_hex_public_key(rsa_t *rsa, char *n, char *e) { gcry_error_t err = 0; - err = gcry_mpi_scan(&rsa->n, GCRY_FMT_HEX, n, 0, NULL) - ?: gcry_mpi_scan(&rsa->e, GCRY_FMT_HEX, n, 0, NULL); + err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL) + ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, n, 0, NULL); if(err) { logger(LOG_ERR, _("Error while reading RSA public key: %s"), gcry_strerror(errno)); return false; } + + return true; } bool rsa_set_hex_private_key(rsa_t *rsa, char *n, char *e, char *d) { gcry_error_t err = 0; - err = gcry_mpi_scan(&rsa->n, GCRY_FMT_HEX, n, 0, NULL) - ?: gcry_mpi_scan(&rsa->e, GCRY_FMT_HEX, n, 0, NULL) - ?: gcry_mpi_scan(&rsa->d, GCRY_FMT_HEX, n, 0, NULL); + err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL) + ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, n, 0, NULL) + ?: gcry_mpi_scan(&rsa->d, GCRYMPI_FMT_HEX, n, 0, NULL); if(err) { logger(LOG_ERR, _("Error while reading RSA public key: %s"), gcry_strerror(errno)); return false; } + + return true; } // Read PEM RSA keys -bool read_pem_rsa_public_key(rsa_t *rsa, FILE *fp) { +bool rsa_read_pem_public_key(rsa_t *rsa, FILE *fp) { uint8_t derbuf[8096], *derp = derbuf; size_t derlen; @@ -231,7 +235,7 @@ bool read_pem_rsa_public_key(rsa_t *rsa, FILE *fp) { return true; } -bool read_pem_rsa_private_key(rsa_t *rsa, FILE *fp) { +bool rsa_read_pem_private_key(rsa_t *rsa, FILE *fp) { uint8_t derbuf[8096], *derp = derbuf; size_t derlen; @@ -281,7 +285,7 @@ bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) { return true; } -bool rsa_public_decrypt(rsa_t *rsa, void *in, size_t len, void *out) { +bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) { gcry_mpi_t inmpi; check(gcry_mpi_scan(&inmpi, GCRYMPI_FMT_USG, in, len, NULL));