static int generate_challenge(char **r_challenge, char **r_response, RSA * rsa) { SHA_CTX ctx; unsigned char secret[CHALLENGE_SECRET_LENGTH], *tmp; unsigned long length; unsigned long e = 0; unsigned long cnt = 0; int ret; if(!rsa) return -1; if(rb_get_random(secret, CHALLENGE_SECRET_LENGTH)) { SHA1_Init(&ctx); SHA1_Update(&ctx, (uint8_t *)secret, CHALLENGE_SECRET_LENGTH); *r_response = malloc(SHA_DIGEST_LENGTH); SHA1_Final((uint8_t *)*r_response, &ctx); length = RSA_size(rsa); tmp = rb_malloc(length); ret = RSA_public_encrypt(CHALLENGE_SECRET_LENGTH, secret, tmp, rsa, RSA_PKCS1_OAEP_PADDING); if(ret >= 0) { *r_challenge = (char *)rb_base64_encode(tmp, ret); rb_free(tmp); return 0; } rb_free(tmp); rb_free(*r_response); *r_response = NULL; } ERR_load_crypto_strings(); while ((cnt < 100) && (e = ERR_get_error())) { ilog(L_MAIN, "SSL error: %s", ERR_error_string(e, 0)); cnt++; } return (-1); }
int rb_get_pseudo_random(void *buf, size_t length) { return rb_get_random(buf, length); }