OpenVAS Scanner
7.0.1~git
|
This file contains all the crypto functionality needed by the SSH protocol. More...
#include "nasl_crypto2.h"
#include "../misc/strutils.h"
#include "nasl_debug.h"
#include "nasl_func.h"
#include "nasl_global_ctxt.h"
#include "nasl_lex_ctxt.h"
#include "nasl_misc_funcs.h"
#include "nasl_packet_forgery.h"
#include "nasl_tree.h"
#include "nasl_var.h"
#include <gcrypt.h>
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include <gvm/base/logging.h>
Go to the source code of this file.
Data Structures | |
struct | cipher_table_item |
Struct holding a cipher handler. More... | |
Macros | |
#define | INTBLOB_LEN 20 |
#define | SIGBLOB_LEN (2 * INTBLOB_LEN) |
#define | MAX_CIPHER_ID 32 |
#define | G_LOG_DOMAIN "lib nasl" |
GLib logging domain. More... | |
#define | NUM_RSA_PARAMS 6 |
Creates a libgcryt s-expression from a GnuTLS private RSA key. More... | |
Typedefs | |
typedef struct cipher_table_item | cipher_table_item_t |
Functions | |
void | print_tls_error (lex_ctxt *lexic, char *txt, int err) |
Prints a GnuTLS error. More... | |
void | print_gcrypt_error (lex_ctxt *lexic, char *function, int err) |
Prints a libgcrypt error. More... | |
static int | find_cipher_hd (cipher_table_item_t *cipher_elem, int *id) |
Helper function to find cipher id in the table. More... | |
static int | get_new_cipher_id (void) |
Helper function to get a free id for a new cipher. More... | |
static gcry_cipher_hd_t | verify_cipher_id (lex_ctxt *lexic, int cipher_id) |
Helper function to validate the cipher id. More... | |
static cipher_table_item_t * | cipher_table_item_new (void) |
Create a new cipher handler item parameter. More... | |
static void | delete_cipher_item (int cipher_id) |
Free and remove a cipher handler from the cipher table. More... | |
static int | mpi_from_string (lex_ctxt *lexic, gcry_mpi_t *dest, void *data, size_t len, const char *parameter, const char *function) |
Converts a string to a gcry_mpi_t. More... | |
static int | mpi_from_named_parameter (lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function) |
Converts a named nasl parameter to a gcry_mpi_t. More... | |
static int | set_mpi_retc (tree_cell *retc, gcry_mpi_t mpi) |
Sets the return value in retc from the MPI mpi. More... | |
tree_cell * | nasl_bn_cmp (lex_ctxt *lexic) |
tree_cell * | nasl_bn_random (lex_ctxt *lexic) |
static gnutls_x509_privkey_t | nasl_load_privkey_param (lex_ctxt *lexic, const char *priv_name, const char *passphrase_name) |
Loads a private key from a string. More... | |
tree_cell * | nasl_pem_to (lex_ctxt *lexic, int type) |
Implements the nasl functions pem_to_rsa and pem_to_dsa. More... | |
tree_cell * | nasl_pem_to_rsa (lex_ctxt *lexic) |
tree_cell * | nasl_pem_to_dsa (lex_ctxt *lexic) |
static gcry_mpi_t | calc_dh_public (gcry_mpi_t g, gcry_mpi_t prime, gcry_mpi_t priv) |
compute the diffie hellman public key. More... | |
static gcry_mpi_t | calc_dh_key (gcry_mpi_t pub, gcry_mpi_t prime, gcry_mpi_t priv) |
Compute the diffie hellman shared secret key. More... | |
tree_cell * | nasl_dh_generate_key (lex_ctxt *lexic) |
tree_cell * | nasl_dh_compute_key (lex_ctxt *lexic) |
static gcry_mpi_t | extract_mpi_from_sexp (gcry_sexp_t sexp, const char *token) |
Extracts an MPI value from a libgcryt s-expression. More... | |
static int | set_retc_from_sexp (tree_cell *retc, gcry_sexp_t sexp, const char *token) |
Sets the return value in retc from an sexpression. More... | |
static int | strip_pkcs1_padding (tree_cell *retc) |
Strips PKCS#1 padding from the string in retc. More... | |
tree_cell * | nasl_rsa_public_encrypt (lex_ctxt *lexic) |
tree_cell * | nasl_rsa_private_decrypt (lex_ctxt *lexic) |
tree_cell * | nasl_rsa_public_decrypt (lex_ctxt *lexic) |
static gcry_sexp_t | nasl_sexp_from_privkey (lex_ctxt *lexic, gnutls_x509_privkey_t privkey) |
tree_cell * | nasl_rsa_sign (lex_ctxt *lexic) |
tree_cell * | nasl_dsa_do_verify (lex_ctxt *lexic) |
tree_cell * | nasl_dsa_do_sign (lex_ctxt *lexic) |
tree_cell * | nasl_bf_cbc (lex_ctxt *lexic, int enc) |
Implements the nasl functions bf_cbc_encrypt and bf_cbc_decrypt. More... | |
tree_cell * | nasl_bf_cbc_encrypt (lex_ctxt *lexic) |
tree_cell * | nasl_bf_cbc_decrypt (lex_ctxt *lexic) |
static tree_cell * | nasl_open_stream_cipher (lex_ctxt *lexic, int cipher, int mode) |
Open a stream cipher. This function creates a context handle and stores it in a cipher table. Open cipher must be deleted with delete_cipher_item() at the end of the stream encryption. More... | |
static tree_cell * | encrypt_stream_data (lex_ctxt *lexic, int cipher) |
Encrypt data using an existent cipher handle. As the handler is not close, the key is updated to encrypt the next block of the stream data. More... | |
tree_cell * | nasl_close_stream_cipher (lex_ctxt *lexic) |
Nasl function to delete a cipher item from the cipher table. More... | |
static tree_cell * | encrypt_data (lex_ctxt *lexic, int cipher, int mode) |
tree_cell * | nasl_rc4_encrypt (lex_ctxt *lexic) |
Nasl function to encrypt data with a RC4 cipher. If an hd param exist in the lexix context, it will use this handler to encrypt the data as part of a stream data. e.g.: rc4_encypt(data: data, hd: hd) More... | |
tree_cell * | nasl_open_rc4_cipher (lex_ctxt *lexic) |
Nasl function to open RC4 cipher to encrypt a stream of data. The handler can be used to encrypt stream data. Open cipher must be close with close_stream_cipher() when it is not useful anymore. More... | |
tree_cell * | nasl_aes128_cbc_encrypt (lex_ctxt *lexic) |
tree_cell * | nasl_aes256_cbc_encrypt (lex_ctxt *lexic) |
tree_cell * | nasl_aes128_ctr_encrypt (lex_ctxt *lexic) |
tree_cell * | nasl_aes256_ctr_encrypt (lex_ctxt *lexic) |
tree_cell * | nasl_des_ede_cbc_encrypt (lex_ctxt *lexic) |
tree_cell * | nasl_aes128_gcm_encrypt (lex_ctxt *lexic) |
tree_cell * | nasl_aes256_gcm_encrypt (lex_ctxt *lexic) |
Variables | |
static GList * | cipher_table = NULL |
List of open cipher handler. More... | |
This file contains all the crypto functionality needed by the SSH protocol.
Definition in file nasl_crypto2.c.
#define G_LOG_DOMAIN "lib nasl" |
GLib logging domain.
Definition at line 50 of file nasl_crypto2.c.
#define INTBLOB_LEN 20 |
Definition at line 42 of file nasl_crypto2.c.
#define MAX_CIPHER_ID 32 |
Definition at line 44 of file nasl_crypto2.c.
#define NUM_RSA_PARAMS 6 |
Creates a libgcryt s-expression from a GnuTLS private RSA key.
Definition at line 1020 of file nasl_crypto2.c.
#define SIGBLOB_LEN (2 * INTBLOB_LEN) |
Definition at line 43 of file nasl_crypto2.c.
typedef struct cipher_table_item cipher_table_item_t |
Definition at line 67 of file nasl_crypto2.c.
|
static |
Compute the diffie hellman shared secret key.
Neither GnuTLS nor libgcrypt contain a direct counterpart to OpenSSL's DH_compute_key, so we implement it ourselves. This function was copied from from gnutls and adapted to use gcrypt directly and to use a private key given as parameter to the function.
Definition at line 549 of file nasl_crypto2.c.
Referenced by nasl_dh_compute_key().
|
static |
compute the diffie hellman public key.
Neither GnuTLS nor Libgcrypt contain a direct counterpart to OpenSSL's DH_generate_key, so we implement it ourselves. This function was copied from from gnutls and adapted to use gcrypt directly and to use a private key given as parameter to the function.
Definition at line 522 of file nasl_crypto2.c.
Referenced by nasl_dh_generate_key().
|
static |
Create a new cipher handler item parameter.
Definition at line 157 of file nasl_crypto2.c.
Referenced by nasl_open_stream_cipher().
|
static |
Free and remove a cipher handler from the cipher table.
[in] | cipher_id | ID of the cipher handler to free and remove. |
Definition at line 169 of file nasl_crypto2.c.
References cipher_table, find_cipher_hd(), and cipher_table_item::hd.
Referenced by encrypt_stream_data(), and nasl_close_stream_cipher().
Definition at line 1680 of file nasl_crypto2.c.
References alloc_typed_cell(), CONST_DATA, get_str_var_by_name(), get_var_size_by_name(), cipher_table_item::hd, nasl_perror(), TC::size, TC::str_val, and TC::x.
Referenced by nasl_aes128_cbc_encrypt(), nasl_aes128_ctr_encrypt(), nasl_aes128_gcm_encrypt(), nasl_aes256_cbc_encrypt(), nasl_aes256_ctr_encrypt(), nasl_aes256_gcm_encrypt(), nasl_des_ede_cbc_encrypt(), and nasl_rc4_encrypt().
Encrypt data using an existent cipher handle. As the handler is not close, the key is updated to encrypt the next block of the stream data.
[in] | cipher | The cipher algorithm. It must be the same used for the handler. It is used to prepare the data. Only GCRY_CIPHER_ARCFOUR is currently supported. |
Definition at line 1605 of file nasl_crypto2.c.
References alloc_typed_cell(), CONST_DATA, delete_cipher_item(), get_int_var_by_name(), get_str_var_by_name(), get_var_size_by_name(), cipher_table_item::hd, nasl_perror(), TC::size, TC::str_val, verify_cipher_id(), and TC::x.
Referenced by nasl_rc4_encrypt().
|
static |
Extracts an MPI value from a libgcryt s-expression.
The return value is the cadr of the subexpression whose car is given by token. The function returns NULL if the token doesn't occur in the expression or on other errors.
Definition at line 672 of file nasl_crypto2.c.
Referenced by nasl_dsa_do_sign(), and set_retc_from_sexp().
|
static |
Helper function to find cipher id in the table.
Definition at line 98 of file nasl_crypto2.c.
References cipher_table_item::id.
Referenced by delete_cipher_item(), get_new_cipher_id(), and verify_cipher_id().
|
static |
Helper function to get a free id for a new cipher.
Definition at line 112 of file nasl_crypto2.c.
References cipher_table, find_cipher_hd(), and MAX_CIPHER_ID.
Referenced by nasl_open_stream_cipher().
|
static |
Converts a named nasl parameter to a gcry_mpi_t.
The new MPI object is stored in dest. The parameter parameter is the name of the parameter to be taken from lexic. The parameter function is used in error messages to indicate the name of the nasl function.
Definition at line 224 of file nasl_crypto2.c.
References get_str_var_by_name(), get_var_size_by_name(), and mpi_from_string().
Referenced by nasl_bn_cmp(), nasl_dh_compute_key(), nasl_dh_generate_key(), nasl_dsa_do_sign(), nasl_dsa_do_verify(), nasl_rsa_private_decrypt(), nasl_rsa_public_decrypt(), and nasl_rsa_public_encrypt().
|
static |
Converts a string to a gcry_mpi_t.
The string of len bytes at data should contain the MPI as an unsigned int in bigendian form (libgcrypt's GCRYMPI_FMT_USG). The new MPI object is stored in dest. The parameters function and parameter are used in error messages to indicate the nasl function and nasl parameter name of the MPI. The lexic parameter is passed through to the error reporting functions.
The function return 0 on success and -1 on failure.
Definition at line 195 of file nasl_crypto2.c.
References nasl_perror().
Referenced by mpi_from_named_parameter(), nasl_pem_to(), and nasl_sexp_from_privkey().
Definition at line 1829 of file nasl_crypto2.c.
References encrypt_data().
Definition at line 1841 of file nasl_crypto2.c.
References encrypt_data().
Definition at line 1859 of file nasl_crypto2.c.
References encrypt_data().
Definition at line 1835 of file nasl_crypto2.c.
References encrypt_data().
Definition at line 1847 of file nasl_crypto2.c.
References encrypt_data().
Definition at line 1865 of file nasl_crypto2.c.
References encrypt_data().
Implements the nasl functions bf_cbc_encrypt and bf_cbc_decrypt.
Definition at line 1362 of file nasl_crypto2.c.
References add_var_to_list(), alloc_typed_cell(), CONST_DATA, DYN_ARRAY, get_str_var_by_name(), get_var_size_by_name(), cipher_table_item::hd, nasl_perror(), print_gcrypt_error(), TC::ref_val, st_nasl_string::s_siz, st_nasl_string::s_val, TC::size, TC::str_val, TC::type, st_a_nasl_var::v, st_a_nasl_var::v_str, VAR2_DATA, st_a_nasl_var::var_type, and TC::x.
Referenced by nasl_bf_cbc_decrypt(), and nasl_bf_cbc_encrypt().
nasl function
bf_cbc_decrypt(key:key, iv:iv, data:data)
Decrypt the cipher text data using the blowfish algorithm in CBC mode with the key key and the initialization vector iv. The key must be 16 bytes long. The iv must be at least 8 bytes long. data must be a multiple of 8 bytes long.
The return value is an array a with a[0] being the plaintext data and a[1] the new initialization vector to use for the next part of the data.
Definition at line 1518 of file nasl_crypto2.c.
References nasl_bf_cbc().
nasl function
bf_cbc_encrypt(key:key, iv:iv, data:data)
Encrypt the plaintext data using the blowfish algorithm in CBC mode with the key key and the initialization vector iv. The key must be 16 bytes long. The iv must be at least 8 bytes long. data must be a multiple of 8 bytes long.
The return value is an array a with a[0] being the encrypted data and a[1] the new initialization vector to use for the next part of the data.
Definition at line 1498 of file nasl_crypto2.c.
References nasl_bf_cbc().
nasl function
bn_cmp(key1:MPI1, key2:MPI2)
Compares the MPIs key1 and key2 (given as binary strings). Returns -1 if key1 < key2, 0 if key1 == key2 and +1 if key1 > key2.
Definition at line 285 of file nasl_crypto2.c.
References CONST_INT, TC::i_val, mpi_from_named_parameter(), TC::ref_count, TC::type, and TC::x.
nasl function
bn_random(need:numBits)
Definition at line 322 of file nasl_crypto2.c.
References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), set_mpi_retc(), TC::size, TC::str_val, and TC::x.
Nasl function to delete a cipher item from the cipher table.
[in] | cipher | The cipher algorithm. It must be the same used for the handler. It is used to prepare the data. Only GCRY_CIPHER_ARCFOUR is currently supported. |
Definition at line 1661 of file nasl_crypto2.c.
References alloc_typed_cell(), CONST_INT, delete_cipher_item(), get_int_var_by_name(), cipher_table_item::hd, TC::i_val, verify_cipher_id(), and TC::x.
Definition at line 1853 of file nasl_crypto2.c.
References encrypt_data().
nasl function
DH_compute_key(p:mpi_p, g:mpi_g, dh_server_pub:mpi_server_pub, pub_key:mpi_client_pub, priv_key:mpi_client_priv)
Computes the Diffie-Hellman shared secret key from the shared parameters p and g, the server's public key dh_server_pub and the client's public and private keys pub_key an priv_key. The return value is the shared secret key as an MPI.
Definition at line 619 of file nasl_crypto2.c.
References alloc_typed_cell(), calc_dh_key(), CONST_DATA, mpi_from_named_parameter(), set_mpi_retc(), TC::size, TC::str_val, and TC::x.
nasl function
dh_generate_key(p:mpi_p, g:mpi_g, priv:mpi_priv)
Generates a Diffie-Hellman public key from the shared parameters p and g and the private parameter priv. The return value is the public key as an MPI.
Definition at line 574 of file nasl_crypto2.c.
References alloc_typed_cell(), calc_dh_public(), CONST_DATA, mpi_from_named_parameter(), set_mpi_retc(), TC::size, TC::str_val, and TC::x.
nasl function
dsa_do_sign(p:mpi_p, g:mpi_g, q:mpi_q, pub:mpi_pub, priv:mpi_priv, data:hash)
Computes the DSA signature of the hash in data using the private DSA key given by p, g, q, pub and priv. The return value is a 40 byte string encoding the two MPIs r and s of the DSA signature. The first 20 bytes are the value of r and the last 20 bytes are the value of s.
Definition at line 1251 of file nasl_crypto2.c.
References CONST_DATA, extract_mpi_from_sexp(), TC::i_val, INTBLOB_LEN, mpi_from_named_parameter(), nasl_perror(), print_gcrypt_error(), TC::ref_count, SIGBLOB_LEN, TC::size, TC::str_val, TC::type, and TC::x.
nasl function
dsa_do_verify(p:mpi_p, g:mpi_g, q:mpi_q, pub:mpi_pub, r:mpi_r, s:mpi_s, data:hash)
Verify that the DSA signature given by r and s matches the hash given in data using the public DSA key given by p, g, q and pub. Returns 1 if the signature is valid and 0 if it's invalid.
Definition at line 1162 of file nasl_crypto2.c.
References CONST_INT, TC::i_val, mpi_from_named_parameter(), print_gcrypt_error(), TC::ref_count, TC::type, and TC::x.
|
static |
Loads a private key from a string.
The string is taken from the nasl parameter whose name is given by priv_name. The passphrase_name is the name of the parameter holding the passphrase if any. The string with the key must be in PEM format.
Definition at line 361 of file nasl_crypto2.c.
References get_str_var_by_name(), get_var_size_by_name(), and print_tls_error().
Referenced by nasl_pem_to(), and nasl_rsa_sign().
Nasl function to open RC4 cipher to encrypt a stream of data. The handler can be used to encrypt stream data. Open cipher must be close with close_stream_cipher() when it is not useful anymore.
Definition at line 1822 of file nasl_crypto2.c.
References nasl_open_stream_cipher().
Open a stream cipher. This function creates a context handle and stores it in a cipher table. Open cipher must be deleted with delete_cipher_item() at the end of the stream encryption.
[in] | cipher | The cipher algorithm. |
[in] | mode | The cipher mode. Must be compatible with the algorithm. |
Definition at line 1533 of file nasl_crypto2.c.
References alloc_typed_cell(), cipher_table, cipher_table_item_new(), CONST_INT, get_new_cipher_id(), get_str_var_by_name(), get_var_size_by_name(), cipher_table_item::hd, TC::i_val, cipher_table_item::id, nasl_perror(), and TC::x.
Referenced by nasl_open_rc4_cipher().
Implements the nasl functions pem_to_rsa and pem_to_dsa.
Definition at line 407 of file nasl_crypto2.c.
References alloc_typed_cell(), CONST_DATA, mpi_from_string(), nasl_load_privkey_param(), print_tls_error(), set_mpi_retc(), TC::size, TC::str_val, and TC::x.
Referenced by nasl_pem_to_dsa(), and nasl_pem_to_rsa().
nasl function
pem_to_dsa(priv:PEM, passphrase:PASSPHRASE)
Reads the private key from the string priv which contains a private DSA key in PEM format. Passphrase is the passphrase needed to decrypt the private key. The function returns the parameter "x" of the DSA key as an MPI.
Definition at line 505 of file nasl_crypto2.c.
References nasl_pem_to().
nasl function
pem_to_rsa(priv:PEM, passphrase:PASSPHRASE)
Reads the private key from the string priv which contains a private RSA key in PEM format. Passphrase is the passphrase needed to decrypt the private key. The function returns the parameter "d" of the RSA key as an MPI.
Definition at line 489 of file nasl_crypto2.c.
References nasl_pem_to().
Nasl function to encrypt data with a RC4 cipher. If an hd param exist in the lexix context, it will use this handler to encrypt the data as part of a stream data. e.g.: rc4_encypt(data: data, hd: hd)
Otherwise encrypts the data as block and the key is mandatory: e.g.: rc4_encypt(data: data, key: key)
Definition at line 1796 of file nasl_crypto2.c.
References encrypt_data(), encrypt_stream_data(), get_int_var_by_name(), cipher_table_item::hd, and verify_cipher_id().
nasl function
rsa_private_decrypt(data:data, d:mpi_d, e:mpi_e, n:mpi_n, padd:<TRUE:FALSE>)
Decrypt the provided data with the private RSA key given by its parameters d, e and n. The return value is the decrypted data in plaintext format.
TODO: In future releases, string support for padding should be removed
Definition at line 862 of file nasl_crypto2.c.
References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), get_var_type_by_name(), mpi_from_named_parameter(), nasl_perror(), print_gcrypt_error(), set_retc_from_sexp(), TC::size, TC::str_val, strip_pkcs1_padding(), VAR2_INT, VAR2_STRING, and TC::x.
nasl function
rsa_public_decrypt(sig:signature, e:mpi_e, n:mpi_n)
Decrypt the data in signature (usually an rsa-encrypted hash) with the public RSA key given by its parameters e and n. The return value is the decrypted data.
Definition at line 961 of file nasl_crypto2.c.
References alloc_typed_cell(), CONST_DATA, mpi_from_named_parameter(), print_gcrypt_error(), set_retc_from_sexp(), TC::size, TC::str_val, strip_pkcs1_padding(), and TC::x.
nasl function
rsa_public_encrypt(data:data, e:mpi_e, n:mpi_n, padd:<TRUE:FALSE>)
Encrypt the provided data with the public RSA key given by its parameters e and n. The return value is the encrypted data.
TODO: In future releases, string support for padding should be removed
Definition at line 770 of file nasl_crypto2.c.
References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), get_var_type_by_name(), mpi_from_named_parameter(), nasl_perror(), print_gcrypt_error(), set_retc_from_sexp(), TC::size, TC::str_val, strip_pkcs1_padding(), VAR2_INT, VAR2_STRING, and TC::x.
nasl function
rsa_sign(data:hash, priv:pem, passphrase:passphrase)
Signs the data with the private RSA key priv given in PEM format. The passphrase is the passphrase needed to decrypt the private key. Returns the signed data.
In the OpenSSL based nasl, the key was not given in PEM form and with a passphrase. Instead it was given as the RSA parameters e, n and d. libgcrypt always requires all the parameters (including p, g, and u), so this function was changed to simply accept the full private key in PEM form. The one place where it was called had that the key available in that form.
Definition at line 1098 of file nasl_crypto2.c.
References alloc_typed_cell(), CONST_DATA, get_str_var_by_name(), get_var_size_by_name(), nasl_load_privkey_param(), nasl_sexp_from_privkey(), print_gcrypt_error(), set_retc_from_sexp(), TC::size, TC::str_val, and TC::x.
|
static |
Definition at line 1022 of file nasl_crypto2.c.
References mpi_from_string(), NUM_RSA_PARAMS, print_gcrypt_error(), and print_tls_error().
Referenced by nasl_rsa_sign().
void print_gcrypt_error | ( | lex_ctxt * | lexic, |
char * | function, | ||
int | err | ||
) |
Prints a libgcrypt error.
The parameter err should be the libgcrypt error code
Definition at line 86 of file nasl_crypto2.c.
References nasl_perror().
Referenced by nasl_bf_cbc(), nasl_dsa_do_sign(), nasl_dsa_do_verify(), nasl_rsa_private_decrypt(), nasl_rsa_public_decrypt(), nasl_rsa_public_encrypt(), nasl_rsa_sign(), and nasl_sexp_from_privkey().
void print_tls_error | ( | lex_ctxt * | lexic, |
char * | txt, | ||
int | err | ||
) |
Prints a GnuTLS error.
The parameter err should be the GnuTLS error code
Definition at line 75 of file nasl_crypto2.c.
References nasl_perror().
Referenced by nasl_load_privkey_param(), nasl_pem_to(), and nasl_sexp_from_privkey().
|
static |
Sets the return value in retc from the MPI mpi.
The MPI is converted to a byte string as an unsigned int in bigendian form (libgcrypts GCRYMPI_FMT_USG format).
In an earlier implementation of this function, if first byte in the string had it's most significant bit set, i.e. if it would be considered negative when interpreted as two's-complement representation, a null-byte was prepended to make sure the number is always considered positive.
However, this behavior caused problems during certain SSH operations because the buffer returned by this function would be one byte larger than expected. For now, the str_val of retc will always have the content and size returned by gcry_mpi_aprint ().
Definition at line 258 of file nasl_crypto2.c.
References TC::size, TC::str_val, and TC::x.
Referenced by nasl_bn_random(), nasl_dh_compute_key(), nasl_dh_generate_key(), nasl_pem_to(), and set_retc_from_sexp().
|
static |
Sets the return value in retc from an sexpression.
The function uses extract_mpi_from_sexp to extract an MPI from the sexpression sexp and the subexpression given by token. The function return 1 on success and 0 on failure.
Definition at line 702 of file nasl_crypto2.c.
References extract_mpi_from_sexp(), and set_mpi_retc().
Referenced by nasl_rsa_private_decrypt(), nasl_rsa_public_decrypt(), nasl_rsa_public_encrypt(), and nasl_rsa_sign().
|
static |
Strips PKCS#1 padding from the string in retc.
Definition at line 720 of file nasl_crypto2.c.
References TC::size, TC::str_val, and TC::x.
Referenced by nasl_rsa_private_decrypt(), nasl_rsa_public_decrypt(), and nasl_rsa_public_encrypt().
|
static |
Helper function to validate the cipher id.
[in] | cipher_id | The cipher ID to validate. |
Definition at line 134 of file nasl_crypto2.c.
References cipher_table, find_cipher_hd(), cipher_table_item::hd, and nasl_perror().
Referenced by encrypt_stream_data(), nasl_close_stream_cipher(), and nasl_rc4_encrypt().
|
static |
List of open cipher handler.
Definition at line 55 of file nasl_crypto2.c.
Referenced by delete_cipher_item(), get_new_cipher_id(), nasl_open_stream_cipher(), and verify_cipher_id().