/** * * @param hex_encoded The hex_encoded encrypted data * The plaintext is stored in hex_encoded */ int decrypt(char* plaintext, int max_plaintext_len, char* hex_encoded_ciphertext) { const size_t len = 256; uint8_t buf[len]; hex_decode(buf, len, hex_encoded_ciphertext); // reuse the hex encoded buffer int plaintext_len = decrypt_rsa(buf, fetch_device_private_key(), (uint8_t*)plaintext, max_plaintext_len); return plaintext_len; }
int pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt) { int ver; int algo; int res; uint8 key_id[8]; PGP_PubKey *pk; uint8 *msg; int msglen; PGP_MPI *m; pk = ctx->pub_key; if (pk == NULL) { px_debug("no pubkey?"); return PXE_BUG; } GETBYTE(pkt, ver); if (ver != 3) { px_debug("unknown pubenc_sesskey pkt ver=%d", ver); return PXE_PGP_CORRUPT_DATA; } /* * check if keyid's match - user-friendly msg */ res = pullf_read_fixed(pkt, 8, key_id); if (res < 0) return res; if (memcmp(key_id, any_key, 8) != 0 && memcmp(key_id, pk->key_id, 8) != 0) { px_debug("key_id's does not match"); return PXE_PGP_WRONG_KEY; } /* * Decrypt */ GETBYTE(pkt, algo); switch (algo) { case PGP_PUB_ELG_ENCRYPT: res = decrypt_elgamal(pk, pkt, &m); break; case PGP_PUB_RSA_ENCRYPT: case PGP_PUB_RSA_ENCRYPT_SIGN: res = decrypt_rsa(pk, pkt, &m); break; default: res = PXE_PGP_UNKNOWN_PUBALGO; } if (res < 0) return res; /* * extract message */ msg = check_eme_pkcs1_v15(m->data, m->bytes); if (msg == NULL) { px_debug("check_eme_pkcs1_v15 failed"); res = PXE_PGP_WRONG_KEY; goto out; } msglen = m->bytes - (msg - m->data); res = control_cksum(msg, msglen); if (res < 0) goto out; /* * got sesskey */ ctx->cipher_algo = *msg; ctx->sess_key_len = msglen - 3; memcpy(ctx->sess_key, msg + 1, ctx->sess_key_len); out: pgp_mpi_free(m); if (res < 0) return res; return pgp_expect_packet_end(pkt); }