[ActiveLock-Development] CVS: alcrypto RSA.C,1.1,1.2
Brought to you by:
ialkan
Menu
▾
▴
[ActiveLock-Development] CVS: alcrypto RSA.C,1.1,1.2
|
From: Thanh H. T. <th...@us...> - 2003-09-18 03:47:05
|
Update of /cvsroot/activelock/alcrypto
In directory sc8-pr-cvs1:/tmp/cvs-serv21234
Modified Files:
RSA.C
Log Message:
Fixed bug in byte count calculation for key blob generation that resulted in crashing when the blobs are used to recreate the key
Index: RSA.C
===================================================================
RCS file: /cvsroot/activelock/alcrypto/RSA.C,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- RSA.C 7 Aug 2003 17:30:32 -0000 1.1
+++ RSA.C 18 Sep 2003 03:46:59 -0000 1.2
@@ -32,30 +32,30 @@
* PuTTY License
* =============
*
- * PuTTY is copyright 1997-2001 Simon Tatham.
+ * PuTTY is copyright 1997-2001 Simon Tatham.
*
- * Portions copyright Robert de Bath, Joris van Rantwijk, Delian
- * Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
- * Justin Bradford, and CORE SDI S.A.
+ * Portions copyright Robert de Bath, Joris van Rantwijk, Delian
+ * Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
+ * Justin Bradford, and CORE SDI S.A.
*
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation files
- * (the "Software"), to deal in the Software without restriction,
- * including without limitation the rights to use, copy, modify, merge,
- * publish, distribute, sublicense, and/or sell copies of the Software,
- * and to permit persons to whom the Software is furnished to do so,
- * subject to the following conditions:
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation files
+ * (the "Software"), to deal in the Software without restriction,
+ * including without limitation the rights to use, copy, modify, merge,
+ * publish, distribute, sublicense, and/or sell copies of the Software,
+ * and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
*
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
*
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
- * FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
- * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
- * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
+ * FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
+ * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
*/
@@ -71,9 +71,11 @@
* Change Log
* ==========
*
- * Date (MM/DD/YY) Author Description
+ * Date (MM/DD/YY) Author Description
* --------------- ----------- --------------------------------------------------------------
- * 07/27/03 th2tran Adapted from PuTTY project for used by the ActiveLock project.
+ * 07/27/03 th2tran Adapted from PuTTY project for used by the ActiveLock project.
+ * 09/14/03 th2tran Fixed bug in byte count calculation for key blob generation that
+ * resulted in crashing when the blobs are used to recreate the key.
*
***********************************************************************************************/
@@ -105,17 +107,17 @@
(cp)[3] = (unsigned char)(value); }
int makekey(unsigned char *data, struct RSAKey *result,
- unsigned char **keystr, int order)
+ unsigned char **keystr, int order)
{
unsigned char *p = data;
int i;
if (result) {
- result->bits = 0;
- for (i = 0; i < 4; i++)
- result->bits = (result->bits << 8) + *p++;
+ result->bits = 0;
+ for (i = 0; i < 4; i++)
+ result->bits = (result->bits << 8) + *p++;
} else
- p += 4;
+ p += 4;
/*
* order=0 means exponent then modulus (the keys sent by the
@@ -124,14 +126,14 @@
*/
if (order == 0)
- p += ssh1_read_bignum(p, result ? &result->exponent : NULL);
+ p += ssh1_read_bignum(p, result ? &result->exponent : NULL);
if (result)
- result->bytes = (((p[0] << 8) + p[1]) + 7) / 8;
+ result->bytes = (((p[0] << 8) + p[1]) + 7) / 8;
if (keystr)
- *keystr = p + 2;
+ *keystr = p + 2;
p += ssh1_read_bignum(p, result ? &result->modulus : NULL);
if (order == 1)
- p += ssh1_read_bignum(p, result ? &result->exponent : NULL);
+ p += ssh1_read_bignum(p, result ? &result->exponent : NULL);
return p - data;
}
@@ -152,9 +154,9 @@
data[1] = 2;
for (i = 2; i < key->bytes - length - 1; i++) {
- do {
- data[i] = random_byte();
- } while (data[i] == 0);
+ do {
+ data[i] = random_byte();
+ } while (data[i] == 0);
}
*/
/* data[key->bytes - *length - 1] = '\0'; */
@@ -164,11 +166,11 @@
#ifdef _DEBUG
diagbn("un-encrypted bn: ", b1);
#endif
- if (type == 0)
- /* public encrypt */
- b2 = modpow(b1, key->exponent, key->modulus);
- else /* private encrypt */
- b2 = modpow(b1, key->private_exponent, key->modulus);
+ if (type == 0)
+ /* public encrypt */
+ b2 = modpow(b1, key->exponent, key->modulus);
+ else /* private encrypt */
+ b2 = modpow(b1, key->private_exponent, key->modulus);
#ifdef _DEBUG
diagbn("encrypted bn: ", b2);
@@ -177,11 +179,11 @@
p = data;
for (i = key->bytes; i--;) {
- *p++ = bignum_byte(b2, i);
+ *p++ = bignum_byte(b2, i);
}
- /* calculate encrypted length */
- *length = (bignum_bitcount(b2) + 8)/8;
+ /* calculate encrypted length */
+ *length = (bignum_bitcount(b2) + 8)/8;
freebn(b1);
freebn(b2);
@@ -194,11 +196,11 @@
diagbn("encrypted input: ", input);
debug(("encrypted input bitcount: %d\n", bignum_bitcount(input)));
#endif
- if (type == 0)
- /* public decrypt */
- ret = modpow(input, key->exponent, key->modulus);
- else
- ret = modpow(input, key->private_exponent, key->modulus);
+ if (type == 0)
+ /* public decrypt */
+ ret = modpow(input, key->exponent, key->modulus);
+ else
+ ret = modpow(input, key->private_exponent, key->modulus);
#ifdef _DEBUG
diagbn("decrypted bn: ", ret);
#endif
@@ -230,17 +232,17 @@
nibbles = (3 + bignum_bitcount(ex)) / 4;
if (nibbles < 1)
- nibbles = 1;
+ nibbles = 1;
for (i = nibbles; i--;)
- str[len++] = hex[(bignum_byte(ex, i / 2) >> (4 * (i % 2))) & 0xF];
+ str[len++] = hex[(bignum_byte(ex, i / 2) >> (4 * (i % 2))) & 0xF];
len += sprintf(str + len, ",0x");
nibbles = (3 + bignum_bitcount(md)) / 4;
if (nibbles < 1)
- nibbles = 1;
+ nibbles = 1;
for (i = nibbles; i--;)
- str[len++] = hex[(bignum_byte(md, i / 2) >> (4 * (i % 2))) & 0xF];
+ str[len++] = hex[(bignum_byte(md, i / 2) >> (4 * (i % 2))) & 0xF];
str[len] = '\0';
}
@@ -259,27 +261,27 @@
MD5Init(&md5c);
numlen = ssh1_bignum_length(key->modulus) - 2;
for (i = numlen; i--;) {
- unsigned char c = bignum_byte(key->modulus, i);
- MD5Update(&md5c, &c, 1);
+ unsigned char c = bignum_byte(key->modulus, i);
+ MD5Update(&md5c, &c, 1);
}
numlen = ssh1_bignum_length(key->exponent) - 2;
for (i = numlen; i--;) {
- unsigned char c = bignum_byte(key->exponent, i);
- MD5Update(&md5c, &c, 1);
+ unsigned char c = bignum_byte(key->exponent, i);
+ MD5Update(&md5c, &c, 1);
}
MD5Final(digest, &md5c);
sprintf(buffer, "%d ", bignum_bitcount(key->modulus));
for (i = 0; i < 16; i++)
- sprintf(buffer + strlen(buffer), "%s%02x", i ? ":" : "",
- digest[i]);
+ sprintf(buffer + strlen(buffer), "%s%02x", i ? ":" : "",
+ digest[i]);
strncpy(str, buffer, len);
str[len - 1] = '\0';
slen = strlen(str);
if (key->comment && slen < len - 1) {
- str[slen] = ' ';
- strncpy(str + slen + 1, key->comment, len - slen - 1);
- str[len - 1] = '\0';
+ str[slen] = ' ';
+ strncpy(str + slen + 1, key->comment, len - slen - 1);
+ str[len - 1] = '\0';
}
}
@@ -298,7 +300,7 @@
cmp = bignum_cmp(n, key->modulus);
freebn(n);
if (cmp != 0)
- return 0;
+ return 0;
/* e * d must be congruent to 1, modulo (p-1) and modulo (q-1). */
pm1 = copybn(key->p);
@@ -307,7 +309,7 @@
cmp = bignum_cmp(ed, One);
sfree(ed);
if (cmp != 0)
- return 0;
+ return 0;
qm1 = copybn(key->q);
decbn(qm1);
@@ -315,13 +317,13 @@
cmp = bignum_cmp(ed, One);
sfree(ed);
if (cmp != 0)
- return 0;
+ return 0;
/*
* Ensure p > q.
*/
if (bignum_cmp(key->p, key->q) <= 0)
- return 0;
+ return 0;
/*
* Ensure iqmp * q is congruent to 1, modulo p.
@@ -330,7 +332,7 @@
cmp = bignum_cmp(n, One);
sfree(n);
if (cmp != 0)
- return 0;
+ return 0;
return 1;
}
@@ -342,7 +344,7 @@
unsigned char *ret;
length = (ssh1_bignum_length(key->modulus) +
- ssh1_bignum_length(key->exponent) + 4);
+ ssh1_bignum_length(key->exponent) + 4);
ret = smalloc(length);
PUT_32BIT(ret, bignum_bitcount(key->modulus));
@@ -359,7 +361,7 @@
{
unsigned char *p = (unsigned char *)data;
- p += 4; /* length word */
+ p += 4; /* length word */
p += ssh1_read_bignum(p, NULL); /* exponent */
p += ssh1_read_bignum(p, NULL); /* modulus */
@@ -369,29 +371,29 @@
void freersakey(struct RSAKey *key)
{
if (key->modulus)
- freebn(key->modulus);
+ freebn(key->modulus);
if (key->exponent)
- freebn(key->exponent);
+ freebn(key->exponent);
if (key->private_exponent)
- freebn(key->private_exponent);
+ freebn(key->private_exponent);
if (key->comment)
- sfree(key->comment);
+ sfree(key->comment);
}
/* ----------------------------------------------------------------------
- * Implementation of the ssh-rsa signing key type.
+ * Implementation of the ssh-rsa signing key type.
*/
static void getstring(char **data, int *datalen, char **p, int *length)
{
*p = NULL;
if (*datalen < 4)
- return;
+ return;
*length = GET_32BIT(*data);
*datalen -= 4;
*data += 4;
if (*datalen < *length)
- return;
+ return;
*p = *data;
*data += *length;
*datalen -= *length;
@@ -404,7 +406,7 @@
getstring(data, datalen, &p, &length);
if (!p)
- return NULL;
+ return NULL;
b = bignum_from_bytes(p, length);
return b;
}
@@ -417,19 +419,19 @@
rsa = smalloc(sizeof(struct RSAKey));
if (!rsa)
- return NULL;
+ return NULL;
getstring(&data, &len, &p, &slen);
if (!p || slen != 7 || memcmp(p, "ssh-rsa", 7)) {
- sfree(rsa);
- return NULL;
+ sfree(rsa);
+ return NULL;
}
rsa->exponent = getmp(&data, &len);
rsa->modulus = getmp(&data, &len);
rsa->private_exponent = NULL;
rsa->comment = NULL;
- rsa->bits = bignum_bitcount(rsa->modulus)+1;
- rsa->bytes = rsa->bits/8;
+ rsa->bits = bignum_bitcount(rsa->modulus)+1;
+ rsa->bytes = rsa->bits/8;
return rsa;
}
@@ -459,8 +461,8 @@
int i;
unsigned char *p;
- elen = (bignum_bitcount(rsa->exponent) + 8) / 8;
- mlen = (bignum_bitcount(rsa->modulus) + 8) / 8;
+ elen = (bignum_bitcount(rsa->exponent) + 7) / 8;
+ mlen = (bignum_bitcount(rsa->modulus) + 7) / 8;
/*
* string "ssh-rsa", mpint exp, mpint mod. Total 19+elen+mlen.
@@ -476,56 +478,56 @@
PUT_32BIT(p, elen);
p += 4;
for (i = elen; i--;)
- *p++ = bignum_byte(rsa->exponent, i);
+ *p++ = bignum_byte(rsa->exponent, i);
PUT_32BIT(p, mlen);
p += 4;
for (i = mlen; i--;)
- *p++ = bignum_byte(rsa->modulus, i);
+ *p++ = bignum_byte(rsa->modulus, i);
assert(p == blob + bloblen);
}
void base64_encode_blob(unsigned char *in, unsigned char *out, int blobLen)
{
- char *p;
- int i;
- i = 0;
- p = (char *)out;
- while (i < blobLen) {
- int n = (blobLen - i < 3 ? blobLen - i : 3);
- base64_encode_atom(in + i, n, p);
- i += n;
- p += 4;
- }
+ char *p;
+ int i;
+ i = 0;
+ p = (char *)out;
+ while (i < blobLen) {
+ int n = (blobLen - i < 3 ? blobLen - i : 3);
+ base64_encode_atom(in + i, n, p);
+ i += n;
+ p += 4;
+ }
}
void base64_decode_blob(unsigned char *in, unsigned char *out, int len)
{
- int i=0, j, k;
+ int i=0, j, k;
unsigned char *blob;
- blob = out;
- for (j = 0; j < len; j += 4)
- {
- k = base64_decode_atom(in + j, blob + i);
- i += k;
- if (!k) return; /* invalid */
- }
+ blob = out;
+ for (j = 0; j < len; j += 4)
+ {
+ k = base64_decode_atom(in + j, blob + i);
+ i += k;
+ if (!k) return; /* invalid */
+ }
}
void rsa2_public_blob(void *key, unsigned char *blob)
{
- int blobLen;
- unsigned char *buffer; /* holds the public key blob */
- unsigned char *buffer2;
- /* calculate the blob length */
- blobLen = rsa2_public_blob_len(key);
+ int blobLen;
+ unsigned char *buffer; /* holds the public key blob */
+ unsigned char *buffer2;
+ /* calculate the blob length */
+ blobLen = rsa2_public_blob_len(key);
- buffer = (unsigned char *)smalloc(blobLen);
- buffer2 = (unsigned char *)smalloc(blobLen);
- rsa2_public_blob_internal(key, buffer);
+ buffer = (unsigned char *)smalloc(blobLen);
+ buffer2 = (unsigned char *)smalloc(blobLen);
+ rsa2_public_blob_internal(key, buffer);
- /* base-64 encode the blob */
+ /* base-64 encode the blob */
base64_encode_blob(buffer, blob, blobLen);
- base64_decode_blob(blob, buffer2, blobLen);
- sfree(buffer);
- sfree(buffer2);
+ base64_decode_blob(blob, buffer2, blobLen);
+ sfree(buffer);
+ sfree(buffer2);
}
@@ -534,15 +536,15 @@
struct RSAKey *rsa = (struct RSAKey *) key;
int elen, mlen, bloblen;
- elen = (bignum_bitcount(rsa->exponent) + 8) / 8;
- mlen = (bignum_bitcount(rsa->modulus) + 8) / 8;
+ elen = (bignum_bitcount(rsa->exponent) + 7) / 8;
+ mlen = (bignum_bitcount(rsa->modulus) + 7) / 8;
/*
* string "ssh-rsa", mpint exp, mpint mod. Total 19+elen+mlen.
* (three length fields, 12+7=19).
*/
bloblen = 19 + elen + mlen;
- return bloblen;
+ return bloblen;
}
void rsa2_private_blob_internal(void *key, unsigned char *blob)
@@ -553,9 +555,9 @@
unsigned char *p;
dlen = (bignum_bitcount(rsa->private_exponent) + 8) / 8;
- plen = (bignum_bitcount(rsa->p) + 8) / 8;
- qlen = (bignum_bitcount(rsa->q) + 8) / 8;
- ulen = (bignum_bitcount(rsa->iqmp) + 8) / 8;
+ plen = (bignum_bitcount(rsa->p) + 7) / 8;
+ qlen = (bignum_bitcount(rsa->q) + 7) / 8;
+ ulen = (bignum_bitcount(rsa->iqmp) + 7) / 8;
/*
* mpint private_exp, mpint p, mpint q, mpint iqmp. Total 16 +
@@ -567,35 +569,35 @@
PUT_32BIT(p, dlen);
p += 4;
for (i = dlen; i--;)
- *p++ = bignum_byte(rsa->private_exponent, i);
+ *p++ = bignum_byte(rsa->private_exponent, i);
PUT_32BIT(p, plen);
p += 4;
for (i = plen; i--;)
- *p++ = bignum_byte(rsa->p, i);
+ *p++ = bignum_byte(rsa->p, i);
PUT_32BIT(p, qlen);
p += 4;
for (i = qlen; i--;)
- *p++ = bignum_byte(rsa->q, i);
+ *p++ = bignum_byte(rsa->q, i);
PUT_32BIT(p, ulen);
p += 4;
for (i = ulen; i--;)
- *p++ = bignum_byte(rsa->iqmp, i);
+ *p++ = bignum_byte(rsa->iqmp, i);
assert(p == blob + bloblen);
}
void rsa2_private_blob(void *key, unsigned char *blob)
{
- int blobLen;
- unsigned char *buffer; /* holds the private key blob */
- /* calculate the blob length */
- blobLen = rsa2_private_blob_len(key);
+ int blobLen;
+ unsigned char *buffer; /* holds the private key blob */
+ /* calculate the blob length */
+ blobLen = rsa2_private_blob_len(key);
- buffer = (unsigned char *)smalloc(blobLen);
- rsa2_private_blob_internal(key, buffer);
+ buffer = (unsigned char *)smalloc(blobLen);
+ rsa2_private_blob_internal(key, buffer);
- /* base-64 encode the blob */
+ /* base-64 encode the blob */
base64_encode_blob(buffer, blob, blobLen);
- sfree(buffer);
+ sfree(buffer);
}
int rsa2_private_blob_len(void *key)
@@ -603,77 +605,77 @@
struct RSAKey *rsa = (struct RSAKey *) key;
int dlen, plen, qlen, ulen, bloblen;
- dlen = (bignum_bitcount(rsa->private_exponent) + 8) / 8;
- plen = (bignum_bitcount(rsa->p) + 8) / 8;
- qlen = (bignum_bitcount(rsa->q) + 8) / 8;
- ulen = (bignum_bitcount(rsa->iqmp) + 8) / 8;
+ dlen = (bignum_bitcount(rsa->private_exponent) + 7) / 8;
+ plen = (bignum_bitcount(rsa->p) + 7) / 8;
+ qlen = (bignum_bitcount(rsa->q) + 7) / 8;
+ ulen = (bignum_bitcount(rsa->iqmp) + 7) / 8;
/*
* mpint private_exp, mpint p, mpint q, mpint iqmp. Total 16 +
* sum of lengths.
*/
bloblen = 16 + dlen + plen + qlen + ulen;
- return bloblen;
+ return bloblen;
}
static void *rsa2_createkey_internal(unsigned char *pub_blob, int pub_len,
- unsigned char *priv_blob, int priv_len)
+ unsigned char *priv_blob, int priv_len)
{
struct RSAKey *rsa;
unsigned char *pb = priv_blob;
rsa = rsa2_newkey(pub_blob, pub_len);
#ifdef _DEBUG
- diagbn("exponent: ", rsa->exponent);
- diagbn("modulus: ", rsa->modulus);
+ diagbn("exponent: ", rsa->exponent);
+ diagbn("modulus: ", rsa->modulus);
#endif
- if (pb != NULL) {
- rsa->private_exponent = getmp(&pb, &priv_len);
- }
+ if (pb != NULL) {
+ rsa->private_exponent = getmp(&pb, &priv_len);
+ }
/*
rsa->p = getmp(&pb, &priv_len);
rsa->q = getmp(&pb, &priv_len);
rsa->iqmp = getmp(&pb, &priv_len);
if (!rsa_verify(rsa)) {
- rsa2_freekey(rsa);
- return NULL;
+ rsa2_freekey(rsa);
+ return NULL;
}
*/
return rsa;
}
void rsa2_createkey(unsigned char *pub_blob, int pub_len,
- unsigned char *priv_blob, int priv_len, struct RSAKey *key)
+ unsigned char *priv_blob, int priv_len, struct RSAKey *key)
{
- /* base64-decode the blobs */
- unsigned char *pub_blob_decoded = NULL, *priv_blob_decoded = NULL; /* holds the private key blob */
- int pub_decoded_len, priv_decoded_len;
- struct RSAKey *key2;
+ /* base64-decode the blobs */
+ unsigned char *pub_blob_decoded = NULL, *priv_blob_decoded = NULL; /* holds the private key blob */
+ int pub_decoded_len, priv_decoded_len;
+ struct RSAKey *key2;
- /* calculate the blob length */
- /* encoded_length = 4 * ((decoded_length + 2) / 3) */
- if (pub_blob != NULL)
- {
- pub_decoded_len = (pub_len * 3)/4 - 2;
- pub_blob_decoded = (unsigned char *)smalloc(pub_decoded_len);
- /* decode the blob */
- base64_decode_blob(pub_blob, pub_blob_decoded, pub_len);
- }
- if (priv_blob != NULL)
- {
- priv_decoded_len = (priv_len * 3)/4 - 2;
- priv_blob_decoded = (unsigned char *)smalloc(priv_decoded_len);
- /* decode the blob */
- base64_decode_blob(priv_blob, priv_blob_decoded, priv_decoded_len);
- }
-
- key2 = (struct RSAKey *)rsa2_createkey_internal(pub_blob_decoded, pub_decoded_len, priv_blob_decoded, priv_decoded_len);
- memcpy((void *)key, (void *)key2, sizeof(struct RSAKey));
- /* release temp memory */
- sfree((void *)key2);
- sfree(pub_blob_decoded);
- sfree(priv_blob_decoded);
+ /* calculate the blob length */
+ /* encoded_length = 4 * ((decoded_length + 2) / 3) */
+ if (pub_blob != NULL)
+ {
+ pub_decoded_len = (pub_len * 3)/4 - 2;
+ pub_blob_decoded = (unsigned char *)smalloc(pub_decoded_len);
+ /* decode the blob */
+ base64_decode_blob(pub_blob, pub_blob_decoded, pub_len);
+ }
+ if (priv_blob != NULL)
+ {
+ priv_decoded_len = (priv_len * 3)/4 - 2;
+ priv_blob_decoded = (unsigned char *)smalloc(priv_decoded_len);
+ /* decode the blob */
+ base64_decode_blob(priv_blob, priv_blob_decoded, priv_decoded_len);
+ }
+
+ key2 = (struct RSAKey *)rsa2_createkey_internal(pub_blob_decoded, pub_decoded_len, priv_blob_decoded, priv_decoded_len);
+ memcpy((void *)key, (void *)key2, sizeof(struct RSAKey));
+ /* release temp memory */
+ sfree((void *)key2);
+ sfree(pub_blob_decoded);
+ sfree(priv_blob_decoded);
}
static void *rsa2_openssh_createkey(unsigned char **blob, int *len)
@@ -683,7 +685,7 @@
rsa = smalloc(sizeof(struct RSAKey));
if (!rsa)
- return NULL;
+ return NULL;
rsa->comment = NULL;
rsa->modulus = getmp(b, len);
@@ -694,15 +696,15 @@
rsa->q = getmp(b, len);
if (!rsa->modulus || !rsa->exponent || !rsa->private_exponent ||
- !rsa->iqmp || !rsa->p || !rsa->q) {
- sfree(rsa->modulus);
- sfree(rsa->exponent);
- sfree(rsa->private_exponent);
- sfree(rsa->iqmp);
- sfree(rsa->p);
- sfree(rsa->q);
- sfree(rsa);
- return NULL;
+ !rsa->iqmp || !rsa->p || !rsa->q) {
+ sfree(rsa->modulus);
+ sfree(rsa->exponent);
+ sfree(rsa->private_exponent);
+ sfree(rsa->iqmp);
+ sfree(rsa->p);
+ sfree(rsa->q);
+ sfree(rsa);
+ return NULL;
}
return rsa;
@@ -735,11 +737,11 @@
sprintf(buffer, "ssh-rsa %d ", bignum_bitcount(rsa->modulus));
for (i = 0; i < 16; i++)
- sprintf(buffer + strlen(buffer), "%s%02x", i ? ":" : "",
- digest[i]);
+ sprintf(buffer + strlen(buffer), "%s%02x", i ? ":" : "",
+ digest[i]);
ret = smalloc(strlen(buffer) + 1);
if (ret)
- strcpy(ret, buffer);
+ strcpy(ret, buffer);
return ret;
}
@@ -747,9 +749,9 @@
* This is the magic ASN.1/DER prefix that goes in the decoded
* signature, between the string of FFs and the actual SHA hash
* value. The meaning of it is:
- *
+ *
* 00 -- this marks the end of the FFs; not part of the ASN.1 bit itself
- *
+ *
* 30 21 -- a constructed SEQUENCE of length 0x21
* 30 09 -- a constructed sub-SEQUENCE of length 9
* 06 05 -- an object identifier, length 5
@@ -758,11 +760,11 @@
* 05 00 -- NULL
* 04 14 -- a primitive OCTET STRING of length 0x14
* [0x14 bytes of hash data follows]
- *
+ *
* The object id in the middle there is listed as `id-sha1' in
* ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1d2.asn (the
* ASN module for PKCS #1) and its expanded form is as follows:
- *
+ *
* id-sha1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) oiw(14) secsig(3)
* algorithms(2) 26 }
@@ -779,7 +781,7 @@
* Returns 0 if verification passes; 1 otherwise.
*/
static int rsa2_verifysig(void *key, char *sig, int siglen,
- char *data, int datalen)
+ char *data, int datalen)
{
struct RSAKey *rsa = (struct RSAKey *) key;
Bignum in, out;
@@ -790,7 +792,7 @@
getstring(&sig, &siglen, &p, &slen);
if (!p || slen != 7 || memcmp(p, "ssh-rsa", 7)) {
- return 1;
+ return 1;
}
in = getmp(&sig, &siglen);
out = modpow(in, rsa->exponent, rsa->modulus);
@@ -805,21 +807,21 @@
if (bignum_byte(out, bytes - 2) != 1) goto exit_label;
/* Most of the rest should be FF. */
for (i = bytes - 3; i >= 20 + ASN1_LEN; i--) {
- if (bignum_byte(out, i) != 0xFF) goto exit_label;
+ if (bignum_byte(out, i) != 0xFF) goto exit_label;
}
/* Then we expect to see the asn1_weird_stuff. */
for (i = 20 + ASN1_LEN - 1, j = 0; i >= 20; i--, j++) {
- if (bignum_byte(out, i) != asn1_weird_stuff[j]) goto exit_label;
+ if (bignum_byte(out, i) != asn1_weird_stuff[j]) goto exit_label;
}
/* Finally, we expect to see the SHA-1 hash of the signed data. */
SHA_Simple(data, datalen, hash);
for (i = 19, j = 0; i >= 0; i--, j++) {
- if (bignum_byte(out, i) != hash[j]) goto exit_label;
+ if (bignum_byte(out, i) != hash[j]) goto exit_label;
}
- /* all invalid possibilities exhausted. Return success! */
- ret = 0;
+ /* all invalid possibilities exhausted. Return success! */
+ ret = 0;
exit_label:
- freebn(out);
+ freebn(out);
return ret;
}
@@ -840,11 +842,11 @@
bytes[0] = 1;
for (i = 1; i < nbytes - 20 - ASN1_LEN; i++)
- bytes[i] = 0xFF;
+ bytes[i] = 0xFF;
for (i = nbytes - 20 - ASN1_LEN, j = 0; i < nbytes - 20; i++, j++)
- bytes[i] = asn1_weird_stuff[j];
+ bytes[i] = asn1_weird_stuff[j];
for (i = nbytes - 20, j = 0; i < nbytes; i++, j++)
- bytes[i] = hash[j];
+ bytes[i] = hash[j];
in = bignum_from_bytes(bytes, nbytes);
sfree(bytes);
@@ -858,25 +860,25 @@
memcpy(bytes + 4, "ssh-rsa", 7);
PUT_32BIT(bytes + 4 + 7, nbytes);
for (i = 0; i < nbytes; i++)
- bytes[4 + 7 + 4 + i] = bignum_byte(out, nbytes - 1 - i);
+ bytes[4 + 7 + 4 + i] = bignum_byte(out, nbytes - 1 - i);
freebn(out);
*siglen = 4 + 7 + 4 + nbytes;
return bytes;
}
-BOOL APIENTRY DllMain( HANDLE hModule,
- DWORD ul_reason_for_call,
+BOOL APIENTRY DllMain( HANDLE hModule,
+ DWORD ul_reason_for_call,
LPVOID lpReserved
- )
-{
+ )
+{
switch (ul_reason_for_call)
- {
- case DLL_PROCESS_ATTACH:
- case DLL_THREAD_ATTACH:
- case DLL_THREAD_DETACH:
- case DLL_PROCESS_DETACH:
- break;
+ {
+ case DLL_PROCESS_ATTACH:
+ case DLL_THREAD_ATTACH:
+ case DLL_THREAD_DETACH:
+ case DLL_PROCESS_DETACH:
+ break;
}
return TRUE;
}
@@ -888,88 +890,88 @@
// This is an example of an exported function.
ALCRYPTO_API LRESULT WINAPI fnRSA(struct RSAKey *key, int p1, void* p2, struct t_progress *p3)
{
- return 42;
+ return 42;
}
/**
* Retrieves the public key blob.
*/
ALCRYPTO_API LRESULT WINAPI rsa_get_public_blob(struct RSAKey *key, char *blob, int *len) {
- unsigned char *public_blob;
- public_blob = rsa_public_blob(key, len);
- if (blob == NULL) return 0;
- memcpy(blob, public_blob, *len);
- sfree(public_blob);
- return 0;
+ unsigned char *public_blob;
+ public_blob = rsa_public_blob(key, len);
+ if (blob == NULL) return 0;
+ memcpy(blob, public_blob, *len);
+ sfree(public_blob);
+ return 0;
}
ALCRYPTO_API LRESULT WINAPI rsa_encrypt(int type, unsigned char *data, int *len, struct RSAKey *key) {
- rsaencrypt(type, data, len, key);
- return 0;
+ rsaencrypt(type, data, len, key);
+ return 0;
}
ALCRYPTO_API LRESULT WINAPI rsa_decrypt(int type, unsigned char *data, int *outlen, struct RSAKey *key) {
- Bignum input, output;
+ Bignum input, output;
- input = bignum_from_bytes(data, key->bytes);
- output = rsadecrypt(type, input, key);
- bignum_to_bytes(output, data);
- *outlen = strlen(data);
+ input = bignum_from_bytes(data, key->bytes);
+ output = rsadecrypt(type, input, key);
+ bignum_to_bytes(output, data);
+ *outlen = strlen(data);
freebn(input);
freebn(output);
- return 0;
+ return 0;
}
ALCRYPTO_API LRESULT WINAPI rsa_public_key_blob(struct RSAKey *key, unsigned char *pub_blob, int *len) {
- int blobLen;
- if (pub_blob == NULL) {
- /* calculate the blob length */
- blobLen = rsa2_public_blob_len(key);
- /* calculate base-64 encoded length */
- *len = 4 * ((blobLen + 2) / 3);
- return 0;
- }
- rsa2_public_blob(key, pub_blob);
+ int blobLen;
+ if (pub_blob == NULL) {
+ /* calculate the blob length */
+ blobLen = rsa2_public_blob_len(key);
+ /* calculate base-64 encoded length */
+ *len = 4 * ((blobLen + 2) / 3);
+ return 0;
+ }
+ rsa2_public_blob(key, pub_blob);
- return 0;
+ return 0;
}
ALCRYPTO_API LRESULT WINAPI rsa_private_key_blob( struct RSAKey *key, unsigned char *priv_blob, int *len) {
- int blobLen;
- if (priv_blob == NULL) {
- /* calculate the blob length */
- blobLen = rsa2_private_blob_len(key);
- /* calculate base-64 encoded length */
- *len = 4 * ((blobLen + 2) / 3);
- return 0;
- }
- rsa2_private_blob(key, priv_blob);
- return 0;
+ int blobLen;
+ if (priv_blob == NULL) {
+ /* calculate the blob length */
+ blobLen = rsa2_private_blob_len(key);
+ /* calculate base-64 encoded length */
+ *len = 4 * ((blobLen + 2) / 3);
+ return 0;
+ }
+ rsa2_private_blob(key, priv_blob);
+ return 0;
}
ALCRYPTO_API LRESULT WINAPI rsa_createkey(unsigned char *pub_blob, int pub_len, unsigned char *priv_blob, int priv_len, struct RSAKey *key) {
- rsa2_createkey(pub_blob, pub_len, priv_blob, priv_len, key);
- return 0;
+ rsa2_createkey(pub_blob, pub_len, priv_blob, priv_len, key);
+ return 0;
}
ALCRYPTO_API LRESULT WINAPI rsa_freekey(struct RSAKey *key) {
- freersakey(key);
- return 0;
+ freersakey(key);
+ return 0;
}
ALCRYPTO_API LRESULT WINAPI rsa_sign(struct RSAKey *key, char *data, int datalen, char *sig, int *siglen) {
- char *sigtemp;
- sigtemp = rsa2_sign(key, data, datalen, siglen);
- if (sig == NULL) {
- sfree(sigtemp);
- return 0;
- }
- memcpy(sig, sigtemp, *siglen);
- sig[*siglen] = '\0';
- sfree((void *)sigtemp);
- return 0;
+ char *sigtemp;
+ sigtemp = rsa2_sign(key, data, datalen, siglen);
+ if (sig == NULL) {
+ sfree(sigtemp);
+ return 0;
+ }
+ memcpy(sig, sigtemp, *siglen);
+ sig[*siglen] = '\0';
+ sfree((void *)sigtemp);
+ return 0;
}
ALCRYPTO_API LRESULT WINAPI rsa_verifysig(void *key, char *sig, int siglen, char *data, int datalen) {
- return rsa2_verifysig(key, sig, siglen, data, datalen);
+ return rsa2_verifysig(key, sig, siglen, data, datalen);
}
|
