static int
generate_challenge(char **r_challenge, char **r_response, RSA * rsa)
{
SHA_CTX ctx;
unsigned char secret[CHALLENGE_SECRET_LENGTH], *tmp;
unsigned long length;
unsigned long e = 0;
unsigned long cnt = 0;
int ret;
if(!rsa)
return -1;
if(rb_get_random(secret, CHALLENGE_SECRET_LENGTH))
{
SHA1_Init(&ctx);
SHA1_Update(&ctx, (uint8_t *)secret, CHALLENGE_SECRET_LENGTH);
*r_response = malloc(SHA_DIGEST_LENGTH);
SHA1_Final((uint8_t *)*r_response, &ctx);
length = RSA_size(rsa);
tmp = rb_malloc(length);
ret = RSA_public_encrypt(CHALLENGE_SECRET_LENGTH, secret, tmp, rsa, RSA_PKCS1_OAEP_PADDING);
if(ret >= 0)
{
*r_challenge = (char *)rb_base64_encode(tmp, ret);
rb_free(tmp);
return 0;
}
rb_free(tmp);
rb_free(*r_response);
*r_response = NULL;
}
ERR_load_crypto_strings();
while ((cnt < 100) && (e = ERR_get_error()))
{
ilog(L_MAIN, "SSL error: %s", ERR_error_string(e, 0));
cnt++;
}
return (-1);
}
int
rb_get_pseudo_random(void *buf, size_t length)
{
return rb_get_random(buf, length);
}
