/**
*
* @param hex_encoded The hex_encoded encrypted data
* The plaintext is stored in hex_encoded
*/
int decrypt(char* plaintext, int max_plaintext_len, char* hex_encoded_ciphertext) {
const size_t len = 256;
uint8_t buf[len];
hex_decode(buf, len, hex_encoded_ciphertext);
// reuse the hex encoded buffer
int plaintext_len = decrypt_rsa(buf, fetch_device_private_key(), (uint8_t*)plaintext, max_plaintext_len);
return plaintext_len;
}
int
pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt)
{
int ver;
int algo;
int res;
uint8 key_id[8];
PGP_PubKey *pk;
uint8 *msg;
int msglen;
PGP_MPI *m;
pk = ctx->pub_key;
if (pk == NULL)
{
px_debug("no pubkey?");
return PXE_BUG;
}
GETBYTE(pkt, ver);
if (ver != 3)
{
px_debug("unknown pubenc_sesskey pkt ver=%d", ver);
return PXE_PGP_CORRUPT_DATA;
}
/*
* check if keyid's match - user-friendly msg
*/
res = pullf_read_fixed(pkt, 8, key_id);
if (res < 0)
return res;
if (memcmp(key_id, any_key, 8) != 0
&& memcmp(key_id, pk->key_id, 8) != 0)
{
px_debug("key_id's does not match");
return PXE_PGP_WRONG_KEY;
}
/*
* Decrypt
*/
GETBYTE(pkt, algo);
switch (algo)
{
case PGP_PUB_ELG_ENCRYPT:
res = decrypt_elgamal(pk, pkt, &m);
break;
case PGP_PUB_RSA_ENCRYPT:
case PGP_PUB_RSA_ENCRYPT_SIGN:
res = decrypt_rsa(pk, pkt, &m);
break;
default:
res = PXE_PGP_UNKNOWN_PUBALGO;
}
if (res < 0)
return res;
/*
* extract message
*/
msg = check_eme_pkcs1_v15(m->data, m->bytes);
if (msg == NULL)
{
px_debug("check_eme_pkcs1_v15 failed");
res = PXE_PGP_WRONG_KEY;
goto out;
}
msglen = m->bytes - (msg - m->data);
res = control_cksum(msg, msglen);
if (res < 0)
goto out;
/*
* got sesskey
*/
ctx->cipher_algo = *msg;
ctx->sess_key_len = msglen - 3;
memcpy(ctx->sess_key, msg + 1, ctx->sess_key_len);
out:
pgp_mpi_free(m);
if (res < 0)
return res;
return pgp_expect_packet_end(pkt);
}
