static int extract_cmp_data (gcry_sexp_t sexp, const char *name, const char *expected, const char *description) { gcry_sexp_t l1; const void *a; size_t alen; void *b; size_t blen; int rc = 0; l1 = gcry_sexp_find_token (sexp, name, 0); a = gcry_sexp_nth_data (l1, 1, &alen); b = data_from_hex (expected, &blen); if (!a) { info ("%s: parameter \"%s\" missing in key\n", description, name); rc = 1; } else if ( alen != blen || memcmp (a, b, alen) ) { info ("%s: parameter \"%s\" does not match expected value\n", description, name); rc = 1; } gcry_free (b); gcry_sexp_release (l1); return rc; }
/** * Decode the public key from the data-format back * to the "normal", internal format. * * @param buf the buffer where the public key data is stored * @param len the length of the data in @a buf * @return NULL on error */ struct GNUNET_CRYPTO_rsa_PublicKey * GNUNET_CRYPTO_rsa_public_key_decode (const char *buf, size_t len) { struct GNUNET_CRYPTO_rsa_PublicKey *key; gcry_mpi_t n; int ret; key = GNUNET_new (struct GNUNET_CRYPTO_rsa_PublicKey); if (0 != gcry_sexp_new (&key->sexp, buf, len, 0)) { GNUNET_break_op (0); GNUNET_free (key); return NULL; } /* verify that this is an RSA public key */ ret = key_from_sexp (&n, key->sexp, "public-key", "n"); if (0 != ret) ret = key_from_sexp (&n, key->sexp, "rsa", "n"); if (0 != ret) { /* this is no public RSA key */ GNUNET_break (0); gcry_sexp_release (key->sexp); GNUNET_free (key); return NULL; } gcry_mpi_release (n); return key; }
/* Return true if KEYPARMS holds an EdDSA key. */ static int is_eddsa (gcry_sexp_t keyparms) { int result = 0; gcry_sexp_t list; const char *s; size_t n; int i; list = gcry_sexp_find_token (keyparms, "flags", 0); for (i = list ? gcry_sexp_length (list)-1 : 0; i > 0; i--) { s = gcry_sexp_nth_data (list, i, &n); if (!s) continue; /* Not a data element. */ if (n == 5 && !memcmp (s, "eddsa", 5)) { result = 1; break; } } gcry_sexp_release (list); return result; }
/** * @brief clean up the key and deallocate all existing keys * @param[in] key ssh_key to clean */ void ssh_key_clean (ssh_key key){ if(key == NULL) return; #ifdef HAVE_LIBGCRYPT if(key->dsa) gcry_sexp_release(key->dsa); if(key->rsa) gcry_sexp_release(key->rsa); #elif defined HAVE_LIBCRYPTO if(key->dsa) DSA_free(key->dsa); if(key->rsa) RSA_free(key->rsa); #endif key->flags=SSH_KEY_FLAG_EMPTY; key->type=SSH_KEYTYPE_UNKNOWN; key->type_c=NULL; key->dsa = NULL; key->rsa = NULL; }
static void extract_cmp_data (gcry_sexp_t sexp, const char *name, const char *expected) { gcry_sexp_t l1; const void *a; size_t alen; void *b; size_t blen; l1 = gcry_sexp_find_token (sexp, name, 0); a = gcry_sexp_nth_data (l1, 1, &alen); b = data_from_hex (expected, &blen); if (!a) fail ("parameter \"%s\" missing in key\n", name); else if ( alen != blen || memcmp (a, b, alen) ) { fail ("parameter \"%s\" does not match expected value\n", name); if (verbose) { info ("expected: %s\n", expected); show_sexp ("sexp: ", sexp); } } gcry_free (b); gcry_sexp_release (l1); }
/** * Verify whether the given hash corresponds to the given signature and the * signature is valid with respect to the given public key. * * @param hash hash of the message to verify to match the @a sig * @param sig signature that is being validated * @param public_key public key of the signer * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid */ int GNUNET_CRYPTO_rsa_verify (const struct GNUNET_HashCode *hash, const struct GNUNET_CRYPTO_rsa_Signature *sig, const struct GNUNET_CRYPTO_rsa_PublicKey *public_key) { gcry_sexp_t data; int rc; data = data_to_sexp (hash, sizeof (struct GNUNET_HashCode)); rc = gcry_pk_verify (sig->sexp, data, public_key->sexp); gcry_sexp_release (data); if (0 != rc) { LOG (GNUNET_ERROR_TYPE_WARNING, _("RSA signature verification failed at %s:%d: %s\n"), __FILE__, __LINE__, gcry_strerror (rc)); return GNUNET_SYSERR; } return GNUNET_OK; }
void serialize_point(struct gotr_point *buf, const size_t len, const gcry_mpi_point_t p) { gcry_sexp_t s; gcry_ctx_t ctx; gcry_error_t rc; gcry_mpi_t q; gotr_assert(buf && len >= SERIALIZED_POINT_LEN); rc = gcry_sexp_build(&s, NULL, "(public-key(ecc(curve " CURVE ")))"); gotr_assert_gpgerr(rc); gotr_assert(NULL != s); rc = gcry_mpi_ec_new(&ctx, s, NULL); gotr_assert_gpgerr(rc); gcry_sexp_release(s); rc = gcry_mpi_ec_set_point("q", p, ctx); gotr_assert_gpgerr(rc); q = gcry_mpi_ec_get_mpi("q@eddsa", ctx, 0); gotr_assert(NULL != q); gcry_ctx_release(ctx); gotr_mpi_print_unsigned(buf, len, q); gcry_mpi_release(q); }
/* Return the public key algorithm number if S_KEY is a DSA style key. If it is not a DSA style key, return 0. */ int agent_is_dsa_key (gcry_sexp_t s_key) { int result; gcry_sexp_t list; char algoname[6]; if (!s_key) return 0; if (key_parms_from_sexp (s_key, &list, algoname, sizeof algoname, NULL, 0)) return 0; /* Error - assume it is not an DSA key. */ if (!strcmp (algoname, "dsa")) result = GCRY_PK_DSA; else if (!strcmp (algoname, "ecc")) { if (is_eddsa (list)) result = 0; else result = GCRY_PK_ECDSA; } else if (!strcmp (algoname, "ecdsa")) result = GCRY_PK_ECDSA; else result = 0; gcry_sexp_release (list); return result; }
static void on_ca_certificate_public_key_info (GQuark type, const guchar *data, gsize n_data, GHashTable *headers, gpointer user_data) { GNode *asn1 = NULL; GkmDataResult res; gpointer keydata; gsize n_keydata; gcry_sexp_t sexp; g_assert (g_quark_try_string ("CERTIFICATE") == type); /* Parse the ASN1 data */ res = gkm_data_der_read_certificate (data, n_data, &asn1); g_assert (res == GKM_DATA_SUCCESS); /* Generate a raw public key from our certificate */ keydata = egg_asn1x_encode (egg_asn1x_node (asn1, "tbsCertificate", "subjectPublicKeyInfo", NULL), NULL, &n_keydata); g_assert (keydata); /* Now create us a nice public key with that identifier */ res = gkm_data_der_read_public_key_info (keydata, n_keydata, &sexp); g_assert (res == GKM_DATA_SUCCESS || res == GKM_DATA_UNRECOGNIZED); if (res == GKM_DATA_SUCCESS) gcry_sexp_release (sexp); g_free (keydata); }
/** * Decode the signature from the data-format back to the "normal", internal * format. * * @param buf the buffer where the public key data is stored * @param len the length of the data in @a buf * @return NULL on error */ struct GNUNET_CRYPTO_rsa_Signature * GNUNET_CRYPTO_rsa_signature_decode (const char *buf, size_t len) { struct GNUNET_CRYPTO_rsa_Signature *sig; int ret; gcry_mpi_t s; sig = GNUNET_new (struct GNUNET_CRYPTO_rsa_Signature); if (0 != gcry_sexp_new (&sig->sexp, buf, len, 0)) { GNUNET_break_op (0); GNUNET_free (sig); return NULL; } /* verify that this is an RSA signature */ ret = key_from_sexp (&s, sig->sexp, "sig-val", "s"); if (0 != ret) ret = key_from_sexp (&s, sig->sexp, "rsa", "s"); if (0 != ret) { /* this is no RSA Signature */ GNUNET_break_op (0); gcry_sexp_release (sig->sexp); GNUNET_free (sig); return NULL; } gcry_mpi_release (s); return sig; }
CK_RV gkm_rsa_mechanism_decrypt (gcry_sexp_t sexp, EggPadding padding, CK_BYTE_PTR encrypted, CK_ULONG n_encrypted, CK_BYTE_PTR data, CK_ULONG_PTR n_data) { gcry_sexp_t splain, sdata; gcry_error_t gcry; guint nbits; CK_RV rv; g_return_val_if_fail (sexp, CKR_GENERAL_ERROR); g_return_val_if_fail (n_data, CKR_ARGUMENTS_BAD); g_return_val_if_fail (encrypted, CKR_ARGUMENTS_BAD); nbits = gcry_pk_get_nbits (sexp); g_return_val_if_fail (nbits > 0, CKR_GENERAL_ERROR); /* Just want to know the length */ if (!data) { *n_data = (nbits + 7) / 8; return CKR_OK; } if (n_encrypted != (nbits + 7) / 8) return CKR_DATA_LEN_RANGE; /* Prepare the input s expression */ rv = gkm_crypto_data_to_sexp ("(enc-val (flags) (rsa (a %m)))", nbits, NULL, encrypted, n_encrypted, &sdata); if (rv != CKR_OK) return rv; /* Do the magic */ gcry = gcry_pk_decrypt (&splain, sdata, sexp); gcry_sexp_release (sdata); /* TODO: Certain codes should be returned (data too big etc... ) */ if (gcry) { g_message ("decrypting of the data failed: %s", gcry_strerror (gcry)); return CKR_FUNCTION_FAILED; } /* Now extract and send it back out */ rv = gkm_crypto_sexp_to_data (splain, nbits, data, n_data, padding, "value", NULL); gcry_sexp_release (splain); return rv; }
static void check_dsa_keys (void) { gcry_sexp_t keyparm, key; int rc; int i; /* Check that DSA generation works and that it can grok the qbits argument. */ if (verbose) show ("creating 5 1024 bit DSA keys\n"); for (i=0; i < 5; i++) { rc = gcry_sexp_new (&keyparm, "(genkey\n" " (dsa\n" " (nbits 4:1024)\n" " ))", 0, 1); if (rc) die ("error creating S-expression: %s\n", gpg_strerror (rc)); rc = gcry_pk_genkey (&key, keyparm); gcry_sexp_release (keyparm); if (rc) die ("error generating DSA key: %s\n", gpg_strerror (rc)); if (!i && verbose > 1) show_sexp ("1024 bit DSA key:\n", key); gcry_sexp_release (key); } if (verbose) show ("creating 1536 bit DSA key\n"); rc = gcry_sexp_new (&keyparm, "(genkey\n" " (dsa\n" " (nbits 4:1536)\n" " (qbits 3:224)\n" " ))", 0, 1); if (rc) die ("error creating S-expression: %s\n", gpg_strerror (rc)); rc = gcry_pk_genkey (&key, keyparm); gcry_sexp_release (keyparm); if (rc) die ("error generating DSA key: %s\n", gpg_strerror (rc)); if (verbose > 1) show_sexp ("1536 bit DSA key:\n", key); gcry_sexp_release (key); }
void test_genkey ( int argc, char **argv ) { int rc, nbits = 1024; gcry_sexp_t s_parms, s_key; gcry_control( GCRYCTL_INIT_SECMEM, 16384, 0 ); rc = gcry_sexp_build ( &s_parms, NULL, "(genkey(dsa(nbits %d)))", nbits ); rc = gcry_pk_genkey( &s_key, s_parms ); if ( rc ) { fprintf ( stderr, "genkey failed: %s\n", gpg_strerror (rc) ); return; } gcry_sexp_release( s_parms ); gcry_sexp_dump ( s_key ); gcry_sexp_release( s_key ); }
/* Given the s-expression SEXP with the first element be either * "private-key" or "public-key" return the spec structure for it. We * look through the list to find a list beginning with "private-key" * or "public-key" - the first one found is used. If WANT_PRIVATE is * set the function will only succeed if a private key has been given. * On success the spec is stored at R_SPEC. On error NULL is stored * at R_SPEC and an error code returned. If R_PARMS is not NULL and * the fucntion returns success, the parameter list below * "private-key" or "public-key" is stored there and the caller must * call gcry_sexp_release on it. */ static gcry_err_code_t spec_from_sexp (gcry_sexp_t sexp, int want_private, gcry_pk_spec_t **r_spec, gcry_sexp_t *r_parms) { gcry_sexp_t list, l2; char *name; gcry_pk_spec_t *spec; *r_spec = NULL; if (r_parms) *r_parms = NULL; /* Check that the first element is valid. If we are looking for a public key but a private key was supplied, we allow the use of the private key anyway. The rationale for this is that the private key is a superset of the public key. */ list = gcry_sexp_find_token (sexp, want_private? "private-key":"public-key", 0); if (!list && !want_private) list = gcry_sexp_find_token (sexp, "private-key", 0); if (!list) return GPG_ERR_INV_OBJ; /* Does not contain a key object. */ l2 = gcry_sexp_cadr (list); gcry_sexp_release (list); list = l2; name = _gcry_sexp_nth_string (list, 0); if (!name) { gcry_sexp_release ( list ); return GPG_ERR_INV_OBJ; /* Invalid structure of object. */ } spec = spec_from_name (name); gcry_free (name); if (!spec) { gcry_sexp_release (list); return GPG_ERR_PUBKEY_ALGO; /* Unknown algorithm. */ } *r_spec = spec; if (r_parms) *r_parms = list; else gcry_sexp_release (list); return 0; }
/** Convert X.509 RSA public key into gcrypt internal sexp form. Only RSA public keys are accepted at the moment. The resul is stored in *sexp, which must be freed (using ) when not needed anymore. *sexp must be NULL on entry, since it is overwritten. */ gpg_err_code_t keyutil_get_cert_sexp ( unsigned char *der, size_t len, gcry_sexp_t *p_sexp ) { gpg_err_code_t error = GPG_ERR_GENERAL; gcry_mpi_t n_mpi = NULL; gcry_mpi_t e_mpi = NULL; gcry_sexp_t sexp = NULL; if ( (error = keyutil_get_cert_mpi ( der, len, &n_mpi, &e_mpi )) != GPG_ERR_NO_ERROR ) { goto cleanup; } if ( gcry_sexp_build ( &sexp, NULL, "(public-key (rsa (n %m) (e %m)))", n_mpi, e_mpi ) ) { error = GPG_ERR_BAD_KEY; goto cleanup; } *p_sexp = sexp; sexp = NULL; error = GPG_ERR_NO_ERROR; cleanup: if (n_mpi != NULL) { gcry_mpi_release (n_mpi); n_mpi = NULL; } if (e_mpi != NULL) { gcry_mpi_release (e_mpi); e_mpi = NULL; } if (sexp != NULL) { gcry_sexp_release (sexp); sexp = NULL; } return error; }
/* this function signs the session id */ STRING *ssh_sign_session_id(SSH_SESSION *session, PRIVATE_KEY *privatekey){ SHACTX ctx; unsigned char hash[SHA_DIGEST_LEN+1]; SIGNATURE *sign; STRING *signature; CRYPTO *crypto=session->current_crypto?session->current_crypto:session->next_crypto; #ifdef HAVE_LIBGCRYPT gcry_sexp_t data_sexp; #endif ctx=sha1_init(); sha1_update(ctx,crypto->session_id,SHA_DIGEST_LEN); sha1_final(hash+1,ctx); hash[0]=0; #ifdef DEBUG_CRYPTO ssh_print_hexa("Hash being signed with dsa",hash+1,SHA_DIGEST_LEN); #endif sign=malloc(sizeof(SIGNATURE)); switch(privatekey->type){ case TYPE_DSS: #ifdef HAVE_LIBGCRYPT gcry_sexp_build(&data_sexp,NULL,"%b",SHA_DIGEST_LEN+1,hash); gcry_pk_sign(&sign->dsa_sign,data_sexp,privatekey->dsa_priv); #elif defined HAVE_LIBCRYPTO sign->dsa_sign=DSA_do_sign(hash+1,SHA_DIGEST_LEN,privatekey->dsa_priv); #ifdef DEBUG_CRYPTO ssh_print_bignum("r",sign->dsa_sign->r); ssh_print_bignum("s",sign->dsa_sign->s); #endif #endif sign->rsa_sign=NULL; break; case TYPE_RSA: #ifdef HAVE_LIBGCRYPT gcry_sexp_build(&data_sexp,NULL,"(data(flags pkcs1)(hash sha1 %b))",SHA_DIGEST_LEN,hash+1); gcry_pk_sign(&sign->rsa_sign,data_sexp,privatekey->rsa_priv); #elif defined HAVE_LIBCRYPTO sign->rsa_sign=RSA_do_sign(hash+1,SHA_DIGEST_LEN,privatekey->rsa_priv); #endif sign->dsa_sign=NULL; break; } #ifdef HAVE_LIBGCRYPT gcry_sexp_release(data_sexp); #endif sign->type=privatekey->type; if(!sign->dsa_sign && !sign->rsa_sign){ #ifdef HAVE_LIBGCRYPT ssh_set_error(session,SSH_FATAL,"Signing : libgcrypt error"); #elif defined HAVE_LIBCRYPTO ssh_set_error(session,SSH_FATAL,"Signing : openssl error"); #endif signature_free(sign); return NULL; } signature=signature_to_string(sign); signature_free(sign); return signature; }
/** * cdk_keygen_start: kick off the key generation * @hd: the keygen object * **/ cdk_error_t cdk_keygen_start( cdk_keygen_ctx_t hd ) { gcry_sexp_t s_params = NULL, s_key = NULL; size_t n; int rc = 0; if( !hd || !hd->user_id ) return CDK_Inv_Value; if( is_ELG( hd->key[0].algo ) ) return CDK_Inv_Mode; if( !hd->key[0].len ) hd->key[0].len = 1024; n = hd->key[0].len; if( !hd->sym_prefs ) cdk_keygen_set_prefs( hd, CDK_PREFTYPE_SYM, NULL, 0 ); if( !hd->hash_prefs ) cdk_keygen_set_prefs( hd, CDK_PREFTYPE_HASH, NULL, 0 ); if( !hd->zip_prefs ) cdk_keygen_set_prefs( hd, CDK_PREFTYPE_ZIP, NULL, 0 ); if( is_DSA( hd->key[0].algo ) ) rc = gcry_sexp_build( &s_params, NULL, "(genkey(dsa(nbits %d)))", n ); else if( is_RSA( hd->key[0].algo ) ) rc = gcry_sexp_build( &s_params, NULL, "(genkey(rsa(nbits %d)))", n ); else rc = CDK_Inv_Algo; if( !rc ) rc = gcry_pk_genkey( &s_key, s_params ); gcry_sexp_release( s_params ); if( !rc ) { if( is_DSA( hd->key[0].algo ) ) rc = read_dsa_key( s_key, hd->key[0].resarr ); else if( is_RSA( hd->key[0].algo ) ) rc = read_rsa_key( s_key, hd->key[0].resarr ); hd->key[0].n = cdk_pk_get_npkey( hd->key[0].algo ); } gcry_sexp_release( s_key ); if( !rc ) { if( hd->key[1].algo && hd->key[1].len ) rc = generate_subkey( hd ); } return rc; }
/* Generate a private DSA key for a given account, storing it into a * FILE*, and loading it into the given OtrlUserState. Overwrite any * previously generated keys for that account in that OtrlUserState. * The FILE* must be open for reading and writing. */ gcry_error_t otrl_privkey_generate_FILEp(OtrlUserState us, FILE *privf, const char *accountname, const char *protocol) { gcry_error_t err; gcry_sexp_t key, parms, privkey; static const char *parmstr = "(genkey (dsa (nbits 4:1024)))"; OtrlPrivKey *p; if (!privf) return gcry_error(GPG_ERR_NO_ERROR); /* Create a DSA key */ err = gcry_sexp_new(&parms, parmstr, strlen(parmstr), 0); if (err) { return err; } err = gcry_pk_genkey(&key, parms); gcry_sexp_release(parms); if (err) { return err; } /* Extract the privkey */ privkey = gcry_sexp_find_token(key, "private-key", 0); gcry_sexp_release(key); /* Output the other keys we know */ fprintf(privf, "(privkeys\n"); for (p=us->privkey_root; p; p=p->next) { /* Skip this one if our new key replaces it */ if (!strcmp(p->accountname, accountname) && !strcmp(p->protocol, protocol)) { continue; } account_write(privf, p->accountname, p->protocol, p->privkey); } account_write(privf, accountname, protocol, privkey); gcry_sexp_release(privkey); fprintf(privf, ")\n"); fseek(privf, 0, SEEK_SET); return otrl_privkey_read_FILEp(us, privf); }
int p2p_encrypt(unsigned char *msg, size_t msglen, unsigned char *buf, size_t buflen, gcry_sexp_t r_key) { gcry_sexp_t ciph, data; size_t err; gcry_sexp_build(&data, &err, "(data (flags pkcs1) (value %b))", msglen, msg); gcry_pk_encrypt(&ciph, data, r_key); gcry_sexp_release(data); gcry_sexp_t a = gcry_sexp_find_token(ciph, "a", 0); gcry_sexp_release(ciph); gcry_sexp_t sexp_mpi = gcry_sexp_cdr(a); gcry_sexp_release(a); gcry_mpi_t data_mpi = gcry_sexp_nth_mpi(sexp_mpi, 0, GCRYMPI_FMT_USG); gcry_mpi_print(GCRYMPI_FMT_PGP, buf, buflen, &err, data_mpi); return err; }
static void dsa_public_to_string(gcry_sexp_t key, BUFFER *buffer){ #elif defined HAVE_LIBCRYPTO static void dsa_public_to_string(DSA *key, BUFFER *buffer){ #endif STRING *p,*q,*g,*n; #ifdef HAVE_LIBGCRYPT const char *tmp; size_t size; gcry_sexp_t sexp; sexp=gcry_sexp_find_token(key,"p",0); tmp=gcry_sexp_nth_data(sexp,1,&size); p=string_new(size); string_fill(p,(char *)tmp,size); gcry_sexp_release(sexp); sexp=gcry_sexp_find_token(key,"q",0); tmp=gcry_sexp_nth_data(sexp,1,&size); q=string_new(size); string_fill(q,(char *)tmp,size); gcry_sexp_release(sexp); sexp=gcry_sexp_find_token(key,"g",0); tmp=gcry_sexp_nth_data(sexp,1,&size); g=string_new(size); string_fill(g,(char *)tmp,size); gcry_sexp_release(sexp); sexp=gcry_sexp_find_token(key,"y",0); tmp=gcry_sexp_nth_data(sexp,1,&size); n=string_new(size); string_fill(n,(char *)tmp,size); gcry_sexp_release(sexp); #elif defined HAVE_LIBCRYPTO p=make_bignum_string(key->p); q=make_bignum_string(key->q); g=make_bignum_string(key->g); n=make_bignum_string(key->pub_key); #endif buffer_add_ssh_string(buffer,p); buffer_add_ssh_string(buffer,q); buffer_add_ssh_string(buffer,g); buffer_add_ssh_string(buffer,n); free(p); free(q); free(g); free(n); }
CK_RV gkm_rsa_mechanism_sign (gcry_sexp_t sexp, EggPadding padding, CK_BYTE_PTR data, CK_ULONG n_data, CK_BYTE_PTR signature, CK_ULONG_PTR n_signature) { gcry_sexp_t ssig, sdata; guint nbits; gcry_error_t gcry; CK_RV rv; g_return_val_if_fail (sexp, CKR_GENERAL_ERROR); g_return_val_if_fail (n_signature, CKR_ARGUMENTS_BAD); g_return_val_if_fail (data, CKR_ARGUMENTS_BAD); nbits = gcry_pk_get_nbits (sexp); g_return_val_if_fail (nbits > 0, CKR_GENERAL_ERROR); /* Just want to know the length */ if (!signature) { *n_signature = (nbits + 7) / 8; return CKR_OK; } /* Prepare the input sexp */ rv = gkm_crypto_data_to_sexp ("(data (flags raw) (value %m))", nbits, padding, data, n_data, &sdata); if (rv != CKR_OK) return rv; /* Do the magic */ gcry = gcry_pk_sign (&ssig, sdata, sexp); gcry_sexp_release (sdata); /* TODO: Certain codes should be returned (data too big etc... ) */ if (gcry) { g_message ("signing of the data failed: %s", gcry_strerror (gcry)); return CKR_FUNCTION_FAILED; } /* Now extract and send it back out */ rv = gkm_crypto_sexp_to_data (ssig, nbits, signature, n_signature, NULL, "rsa", "s", NULL); gcry_sexp_release (ssig); return rv; }
gcry_sexp_t gcry_sexp_cadr ( const gcry_sexp_t list ) { gcry_sexp_t a, b; a = gcry_sexp_cdr (list); b = gcry_sexp_car (a); gcry_sexp_release (a); return b; }
static void check_one_pubkey (int n, test_spec_pubkey_t spec) { gcry_error_t err = GPG_ERR_NO_ERROR; gcry_sexp_t skey, pkey; err = gcry_sexp_sscan (&skey, NULL, spec.key.secret, strlen (spec.key.secret)); if (!err) err = gcry_sexp_sscan (&pkey, NULL, spec.key.public, strlen (spec.key.public)); if (err) die ("converting sample key failed: %s\n", gpg_strerror (err)); do_check_one_pubkey (n, skey, pkey, spec.key.grip, spec.flags); gcry_sexp_release (skey); gcry_sexp_release (pkey); }
/* Sign data using a private key. The data must be small enough to be * signed (i.e. already hashed, if necessary). The signature will be * returned in *sigp, which the caller must free(). Its length will be * returned in *siglenp. */ gcry_error_t otrl_privkey_sign(unsigned char **sigp, size_t *siglenp, OtrlPrivKey *privkey, const unsigned char *data, size_t len) { gcry_mpi_t r,s, datampi; gcry_sexp_t dsas, rs, ss, sigs, datas; size_t nr, ns; const enum gcry_mpi_format format = GCRYMPI_FMT_USG; if (privkey->pubkey_type != OTRL_PUBKEY_TYPE_DSA) return gcry_error(GPG_ERR_INV_VALUE); *sigp = malloc(40); if (sigp == NULL) return gcry_error(GPG_ERR_ENOMEM); *siglenp = 40; if (len) { gcry_mpi_scan(&datampi, GCRYMPI_FMT_USG, data, len, NULL); } else { datampi = gcry_mpi_set_ui(NULL, 0); } gcry_sexp_build(&datas, NULL, "(%m)", datampi); gcry_mpi_release(datampi); gcry_pk_sign(&sigs, datas, privkey->privkey); gcry_sexp_release(datas); dsas = gcry_sexp_find_token(sigs, "dsa", 0); gcry_sexp_release(sigs); rs = gcry_sexp_find_token(dsas, "r", 0); ss = gcry_sexp_find_token(dsas, "s", 0); gcry_sexp_release(dsas); r = gcry_sexp_nth_mpi(rs, 1, GCRYMPI_FMT_USG); gcry_sexp_release(rs); s = gcry_sexp_nth_mpi(ss, 1, GCRYMPI_FMT_USG); gcry_sexp_release(ss); gcry_mpi_print(format, NULL, 0, &nr, r); gcry_mpi_print(format, NULL, 0, &ns, s); memset(*sigp, 0, 40); gcry_mpi_print(format, (*sigp)+(20-nr), nr, NULL, r); gcry_mpi_print(format, (*sigp)+20+(20-ns), ns, NULL, s); gcry_mpi_release(r); gcry_mpi_release(s); return gcry_error(GPG_ERR_NO_ERROR); }
int _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, libssh2_rsa_ctx * rsactx, const unsigned char *hash, size_t hash_len, unsigned char **signature, size_t *signature_len) { gcry_sexp_t sig_sexp; gcry_sexp_t data; int rc; const char *tmp; size_t size; if(hash_len != SHA_DIGEST_LENGTH) { return -1; } if(gcry_sexp_build(&data, NULL, "(data (flags pkcs1) (hash sha1 %b))", hash_len, hash)) { return -1; } rc = gcry_pk_sign(&sig_sexp, data, rsactx); gcry_sexp_release(data); if(rc != 0) { return -1; } data = gcry_sexp_find_token(sig_sexp, "s", 0); if(!data) { return -1; } tmp = gcry_sexp_nth_data(data, 1, &size); if(!tmp) { return -1; } if(tmp[0] == '\0') { tmp++; size--; } *signature = LIBSSH2_ALLOC(session, size); if(!*signature) { return -1; } memcpy(*signature, tmp, size); *signature_len = size; return rc; }
/** * Sign the given message. * * @param key private key to use for the signing * @param msg the message to sign * @param msg_len number of bytes in @a msg to sign * @return NULL on error, signature on success */ struct GNUNET_CRYPTO_rsa_Signature * GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_rsa_PrivateKey *key, const void *msg, size_t msg_len) { struct GNUNET_CRYPTO_rsa_Signature *sig; struct GNUNET_CRYPTO_rsa_PublicKey *public_key; gcry_sexp_t result; gcry_sexp_t data; data = data_to_sexp (msg, msg_len); if (0 != gcry_pk_sign (&result, data, key->sexp)) { GNUNET_break (0); return NULL; } /* verify signature (guards against Lenstra's attack with fault injection...) */ public_key = GNUNET_CRYPTO_rsa_private_key_get_public (key); if (0 != gcry_pk_verify (result, data, public_key->sexp)) { GNUNET_break (0); GNUNET_CRYPTO_rsa_public_key_free (public_key); gcry_sexp_release (data); gcry_sexp_release (result); return NULL; } GNUNET_CRYPTO_rsa_public_key_free (public_key); /* return signature */ gcry_sexp_release (data); sig = GNUNET_new (struct GNUNET_CRYPTO_rsa_Signature); sig->sexp = result; return sig; }
/* Print the S-Expression in BUF to extended STREAM, which has a valid length of BUFLEN, as a human readable string in one line to FP. */ static void pretty_es_print_sexp (estream_t fp, const unsigned char *buf, size_t buflen) { size_t len; gcry_sexp_t sexp; char *result, *p; if ( gcry_sexp_sscan (&sexp, NULL, (const char*)buf, buflen) ) { es_fputs (_("[Error - invalid encoding]"), fp); return; } len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0); assert (len); result = xtrymalloc (len); if (!result) { es_fputs (_("[Error - out of core]"), fp); gcry_sexp_release (sexp); return; } len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, result, len); assert (len); for (p = result; len; len--, p++) { if (*p == '\n') { if (len > 1) /* Avoid printing the trailing LF. */ es_fputs ("\\n", fp); } else if (*p == '\r') es_fputs ("\\r", fp); else if (*p == '\v') es_fputs ("\\v", fp); else if (*p == '\t') es_fputs ("\\t", fp); else es_putc (*p, fp); } xfree (result); gcry_sexp_release (sexp); }
/* This function frees a KSP object. */ void kmocrypt_signature_free2(struct kmocrypt_signature2 *self) { int i; /* Free the gcrypt things used to validate the signature. */ gcry_sexp_release(self->sig_sexp); gcry_mpi_release(self->sig_mpi); gcry_sexp_release(self->sig_hash); /* Free the subpackets. */ for (i = 1; i < KMO_SP_NB_TYPE; i++) { struct kmocrypt_subpacket_list2 *current = self->subpacket_array[i]; while (current) { struct kmocrypt_subpacket_list2 *next = current->next; if (subpackets_ops[i].clean) subpackets_ops[i].clean(current->data); free(current); current = next; } } }
/**************** * Pass list through except when it is an empty list - in that case * return NULL and release the passed list. */ static gcry_sexp_t normalize ( gcry_sexp_t list ) { char *p; if ( !list ) return NULL; p = list->d; if ( *p == ST_STOP ) { /* this is "" */ gcry_sexp_release ( list ); return NULL; } if( *p == ST_OPEN && p[1] == ST_CLOSE ) { /* this is "()" */ gcry_sexp_release ( list ); return NULL; } return list; }
static void check_generated_rsa_key (gcry_sexp_t key, unsigned long expected_e) { gcry_sexp_t skey, pkey, list; pkey = gcry_sexp_find_token (key, "public-key", 0); if (!pkey) fail ("public part missing in return value\n"); else { gcry_mpi_t e = NULL; list = gcry_sexp_find_token (pkey, "e", 0); if (!list || !(e=gcry_sexp_nth_mpi (list, 1, 0)) ) fail ("public exponent not found\n"); else if (!expected_e) { if (verbose) show_mpi ("public exponent: ", e); } else if ( gcry_mpi_cmp_ui (e, expected_e)) { show_mpi ("public exponent: ", e); fail ("public exponent is not %lu\n", expected_e); } gcry_sexp_release (list); gcry_mpi_release (e); gcry_sexp_release (pkey); } skey = gcry_sexp_find_token (key, "private-key", 0); if (!skey) fail ("private part missing in return value\n"); else { int rc = gcry_pk_testkey (skey); if (rc) fail ("gcry_pk_testkey failed: %s\n", gpg_strerror (rc)); gcry_sexp_release (skey); } }