OpenVAS Scanner  7.0.1~git
nasl_crypto2.c
Go to the documentation of this file.
1 /* Based on work Copyright (C) 2002 - 2004 Tenable Network Security
2  *
3  * SPDX-License-Identifier: GPL-2.0-only
4  *
5  * This program is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU General Public License
7  * version 2 as published by the Free Software Foundation.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
17  */
18 
25 #include "nasl_crypto2.h"
26 
27 #include "../misc/strutils.h"
28 #include "nasl_debug.h"
29 #include "nasl_func.h"
30 #include "nasl_global_ctxt.h"
31 #include "nasl_lex_ctxt.h"
32 #include "nasl_misc_funcs.h"
33 #include "nasl_packet_forgery.h"
34 #include "nasl_tree.h"
35 #include "nasl_var.h"
36 
37 #include <gcrypt.h>
38 #include <gnutls/gnutls.h>
39 #include <gnutls/x509.h>
40 #include <gvm/base/logging.h>
41 
42 #define INTBLOB_LEN 20
43 #define SIGBLOB_LEN (2 * INTBLOB_LEN)
44 #define MAX_CIPHER_ID 32
45 
46 #undef G_LOG_DOMAIN
47 
50 #define G_LOG_DOMAIN "lib nasl"
51 
55 static GList *cipher_table = NULL;
56 
61 {
62  gcry_cipher_hd_t hd;
63  int id;
64 };
65 
66 /* Type definitions */
68 
74 void
75 print_tls_error (lex_ctxt *lexic, char *txt, int err)
76 {
77  nasl_perror (lexic, "%s: %s (%d)\n", txt, gnutls_strerror (err), err);
78 }
79 
85 void
86 print_gcrypt_error (lex_ctxt *lexic, char *function, int err)
87 {
88  nasl_perror (lexic, "%s failed: %s/%s\n", function, gcry_strsource (err),
89  gcry_strerror (err));
90 }
91 
97 static int
98 find_cipher_hd (cipher_table_item_t *cipher_elem, int *id)
99 {
100  if (cipher_elem->id == *id)
101  return 0;
102 
103  return -1;
104 }
105 
111 static int
113 {
114  int cipher_id;
115 
116  for (cipher_id = 0; cipher_id < MAX_CIPHER_ID; cipher_id++)
117  {
118  if (g_list_find_custom (cipher_table, &cipher_id,
119  (GCompareFunc) find_cipher_hd)
120  == NULL)
121  return cipher_id;
122  }
123 
124  return -1;
125 }
126 
133 static gcry_cipher_hd_t
134 verify_cipher_id (lex_ctxt *lexic, int cipher_id)
135 {
137  GList *hd_aux;
138 
139  hd_aux = g_list_find_custom (cipher_table, &cipher_id,
140  (GCompareFunc) find_cipher_hd);
141  if (!hd_aux)
142  {
143  nasl_perror (lexic, "Cipher handle %d not found.\n", cipher_id);
144  return NULL;
145  }
146  hd = (cipher_table_item_t *) hd_aux->data;
147 
148  return hd->hd;
149 }
150 
156 static cipher_table_item_t *
158 {
159  return g_malloc0 (sizeof (cipher_table_item_t));
160 }
161 
168 static void
169 delete_cipher_item (int cipher_id)
170 {
171  GList *hd_item;
173 
174  hd_item = g_list_find_custom (cipher_table, &cipher_id,
175  (GCompareFunc) find_cipher_hd);
176  hd = (cipher_table_item_t *) hd_item->data;
177  gcry_cipher_close ((gcry_cipher_hd_t) hd->hd);
178  g_free (hd_item->data);
179  cipher_table = g_list_remove (cipher_table, hd_item->data);
180 }
181 
194 static int
195 mpi_from_string (lex_ctxt *lexic, gcry_mpi_t *dest, void *data, size_t len,
196  const char *parameter, const char *function)
197 {
198  gcry_error_t err;
199  unsigned char *buffer = data;
200 
201  err = gcry_mpi_scan (dest, GCRYMPI_FMT_USG, buffer, len, NULL);
202  if (err)
203  {
204  nasl_perror (lexic, "%s(): gcry_mpi_scan failed for %s: %s/%s\n",
205  function, parameter, gcry_strsource (err),
206  gcry_strerror (err));
207  return -1;
208  }
209 
210  return 0;
211 }
212 
223 static int
224 mpi_from_named_parameter (lex_ctxt *lexic, gcry_mpi_t *dest,
225  const char *parameter, const char *function)
226 {
227  long size;
228  char *s;
229 
230  s = get_str_var_by_name (lexic, parameter);
231  size = get_var_size_by_name (lexic, parameter);
232 
233  if (!s)
234  return -1;
235 
236  return mpi_from_string (lexic, dest, s, size, parameter, function);
237 }
238 
257 static int
258 set_mpi_retc (tree_cell *retc, gcry_mpi_t mpi)
259 {
260  unsigned char *buffer = NULL;
261  size_t size;
262 
263  gcry_mpi_aprint (GCRYMPI_FMT_USG, &buffer, &size, mpi);
264  if (!buffer)
265  return -1;
266 
267  retc->x.str_val = g_malloc0 (size);
268  memcpy (retc->x.str_val, buffer, size);
269  retc->size = size;
270 
271  gcry_free (buffer);
272 
273  return 0;
274 }
275 
284 tree_cell *
286 {
287  tree_cell *retc = NULL;
288  gcry_mpi_t key1 = NULL, key2 = NULL;
289 
290  retc = g_malloc0 (sizeof (tree_cell));
291  retc->ref_count = 1;
292  retc->type = CONST_INT;
293  retc->x.i_val = 1;
294 
295  if (mpi_from_named_parameter (lexic, &key1, "key1", "nasl_bn_cmp") < 0)
296  goto fail;
297  if (mpi_from_named_parameter (lexic, &key2, "key2", "nasl_bn_cmp") < 0)
298  goto fail;
299 
300  retc->x.i_val = gcry_mpi_cmp (key1, key2);
301 
302  /* make sure the return value is one of -1, 0, +1 */
303  if (retc->x.i_val > 0)
304  retc->x.i_val = 1;
305  if (retc->x.i_val < 0)
306  retc->x.i_val = -1;
307 
308 fail:
309  gcry_mpi_release (key1);
310  gcry_mpi_release (key2);
311  return retc;
312 }
313 
321 tree_cell *
323 {
324  tree_cell *retc = NULL;
325  gcry_mpi_t key = NULL;
326  long need;
327 
328  retc = alloc_typed_cell (CONST_DATA);
329 
330  /* number of random bits */
331  need = get_int_var_by_name (lexic, "need", 0);
332 
333  key = gcry_mpi_new (0);
334  if (!key)
335  goto fail;
336 
337  gcry_mpi_randomize (key, need, GCRY_STRONG_RANDOM);
338 
339  if (set_mpi_retc (retc, key) >= 0)
340  goto ret;
341 
342 fail:
343  retc->size = 0;
344  retc->x.str_val = g_malloc0 (1);
345 ret:
346  gcry_mpi_release (key);
347  return retc;
348 }
349 
360 static gnutls_x509_privkey_t
361 nasl_load_privkey_param (lex_ctxt *lexic, const char *priv_name,
362  const char *passphrase_name)
363 {
364  char *priv = NULL, *passphrase = NULL;
365  long privlen;
366  gnutls_x509_privkey_t privkey = NULL;
367  gnutls_datum_t pem;
368  int err;
369 
370  /* PEM encoded privkey */
371  priv = get_str_var_by_name (lexic, priv_name);
372  privlen = get_var_size_by_name (lexic, priv_name);
373 
374  /* passphrase */
375  passphrase = get_str_var_by_name (lexic, passphrase_name);
376  pem.data = (unsigned char *) priv;
377  pem.size = privlen;
378 
379  err = gnutls_x509_privkey_init (&privkey);
380  if (err)
381  {
382  print_tls_error (lexic, "gnutls_x509_privkey_init", err);
383  goto fail;
384  }
385 
386  if (passphrase && !*passphrase)
387  passphrase = NULL;
388  err =
389  gnutls_x509_privkey_import2 (privkey, &pem, GNUTLS_X509_FMT_PEM, passphrase,
390  passphrase ? 0 : GNUTLS_PKCS_PLAIN);
391  if (err)
392  {
393  print_tls_error (lexic, "gnutls_x509_privkey_import_pkcs8", err);
394  goto fail;
395  }
396  return privkey;
397 
398 fail:
399  gnutls_x509_privkey_deinit (privkey);
400  return NULL;
401 }
402 
406 tree_cell *
407 nasl_pem_to (lex_ctxt *lexic, int type)
408 {
409  tree_cell *retc = NULL;
410  gnutls_x509_privkey_t privkey = NULL;
411  gcry_mpi_t key = NULL;
412  int err;
413 
414  retc = alloc_typed_cell (CONST_DATA);
415 
416  privkey = nasl_load_privkey_param (lexic, "priv", "passphrase");
417  if (!privkey)
418  goto fail;
419 
420  if (!type)
421  {
422  gnutls_datum_t m, e, d, p, q, u;
423  err =
424  gnutls_x509_privkey_export_rsa_raw (privkey, &m, &e, &d, &p, &q, &u);
425  if (err)
426  {
427  print_tls_error (lexic, "gnutls_x509_privkey_export_rsa_raw", err);
428  goto fail;
429  }
430 
431  err =
432  mpi_from_string (lexic, &key, d.data, d.size, "rsa d", "nasl_pem_to");
433  gnutls_free (m.data);
434  gnutls_free (e.data);
435  gnutls_free (d.data);
436  gnutls_free (p.data);
437  gnutls_free (q.data);
438  gnutls_free (u.data);
439 
440  if (err < 0)
441  goto fail;
442  }
443  else
444  {
445  gnutls_datum_t p, q, g, y, x;
446  err = gnutls_x509_privkey_export_dsa_raw (privkey, &p, &q, &g, &y, &x);
447  if (err)
448  {
449  print_tls_error (lexic, "gnutls_x509_privkey_export_dsa_raw", err);
450  goto fail;
451  }
452 
453  err =
454  mpi_from_string (lexic, &key, x.data, x.size, "dsa x", "nasl_pem_to");
455 
456  gnutls_free (p.data);
457  gnutls_free (q.data);
458  gnutls_free (g.data);
459  gnutls_free (y.data);
460  gnutls_free (x.data);
461 
462  if (err < 0)
463  goto fail;
464  }
465 
466  if (set_mpi_retc (retc, key) >= 0)
467  goto ret;
468 
469 fail:
470  retc->size = 0;
471  retc->x.str_val = g_malloc0 (1);
472 ret:
473  gcry_mpi_release (key);
474  gnutls_x509_privkey_deinit (privkey);
475  return retc;
476 }
477 
488 tree_cell *
490 {
491  return nasl_pem_to (lexic, 0);
492 }
493 
504 tree_cell *
506 {
507  return nasl_pem_to (lexic, 1);
508 }
509 
521 static gcry_mpi_t
522 calc_dh_public (gcry_mpi_t g, gcry_mpi_t prime, gcry_mpi_t priv)
523 {
524  gcry_mpi_t e;
525 
526  e = gcry_mpi_new (gcry_mpi_get_nbits (prime));
527  if (e == NULL)
528  {
529  return NULL;
530  }
531 
532  gcry_mpi_powm (e, g, priv, prime);
533 
534  return e;
535 }
536 
548 static gcry_mpi_t
549 calc_dh_key (gcry_mpi_t pub, gcry_mpi_t prime, gcry_mpi_t priv)
550 {
551  gcry_mpi_t e;
552 
553  e = gcry_mpi_new (gcry_mpi_get_nbits (prime));
554  if (e == NULL)
555  {
556  return NULL;
557  }
558 
559  gcry_mpi_powm (e, pub, priv, prime);
560 
561  return e;
562 }
563 
573 tree_cell *
575 {
576  tree_cell *retc = NULL;
577  gcry_mpi_t p = NULL, g = NULL, priv = NULL, pub_mpi = NULL;
578 
579  retc = alloc_typed_cell (CONST_DATA);
580 
581  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dh_generate_key") < 0)
582  goto fail;
583  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dh_generate_key") < 0)
584  goto fail;
585  if (mpi_from_named_parameter (lexic, &priv, "priv", "nasl_dh_generate_key")
586  < 0)
587  goto fail;
588 
589  pub_mpi = calc_dh_public (g, p, priv);
590  if (pub_mpi == NULL)
591  goto fail;
592 
593  if (set_mpi_retc (retc, pub_mpi) >= 0)
594  goto ret;
595 
596 fail:
597  retc->x.str_val = g_malloc0 (1);
598  retc->size = 0;
599 ret:
600  gcry_mpi_release (p);
601  gcry_mpi_release (g);
602  gcry_mpi_release (priv);
603  gcry_mpi_release (pub_mpi);
604  return retc;
605 }
606 
618 tree_cell *
620 {
621  tree_cell *retc = NULL;
622  gcry_mpi_t p = NULL, g = NULL, dh_server_pub = NULL;
623  gcry_mpi_t pub_key = NULL, priv_key = NULL;
624  gcry_mpi_t shared = NULL;
625 
626  retc = alloc_typed_cell (CONST_DATA);
627 
628  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dh_compute_key") < 0)
629  goto fail;
630  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dh_compute_key") < 0)
631  goto fail;
632  if (mpi_from_named_parameter (lexic, &dh_server_pub, "dh_server_pub",
633  "nasl_dh_compute_key")
634  < 0)
635  goto fail;
636  if (mpi_from_named_parameter (lexic, &pub_key, "pub_key",
637  "nasl_dh_compute_key")
638  < 0)
639  goto fail;
640  if (mpi_from_named_parameter (lexic, &priv_key, "priv_key",
641  "nasl_dh_compute_key")
642  < 0)
643  goto fail;
644 
645  shared = calc_dh_key (dh_server_pub, p, priv_key);
646 
647  if (set_mpi_retc (retc, shared) >= 0)
648  goto ret;
649 
650 fail:
651  retc->size = 0;
652  retc->x.str_val = g_malloc0 (1);
653 ret:
654  gcry_mpi_release (p);
655  gcry_mpi_release (g);
656  gcry_mpi_release (dh_server_pub);
657  gcry_mpi_release (priv_key);
658  gcry_mpi_release (pub_key);
659  gcry_mpi_release (shared);
660  return retc;
661 }
662 
671 static gcry_mpi_t
672 extract_mpi_from_sexp (gcry_sexp_t sexp, const char *token)
673 {
674  gcry_sexp_t child = NULL;
675  gcry_mpi_t mpi = NULL;
676 
677  child = gcry_sexp_find_token (sexp, token, strlen (token));
678  if (!child)
679  {
680  g_message ("set_retc_from_sexp: no subexpression with token <%s>", token);
681  }
682  else
683  {
684  mpi = gcry_sexp_nth_mpi (child, 1, GCRYMPI_FMT_USG);
685  }
686 
687  gcry_sexp_release (child);
688 
689  return mpi;
690 }
691 
701 static int
702 set_retc_from_sexp (tree_cell *retc, gcry_sexp_t sexp, const char *token)
703 {
704  int ret = 0;
705  gcry_mpi_t mpi = extract_mpi_from_sexp (sexp, token);
706  if (mpi)
707  {
708  ret = set_mpi_retc (retc, mpi);
709 
710  gcry_mpi_release (mpi);
711  }
712 
713  return ret;
714 }
715 
719 static int
721 {
722  char *p;
723 
724  if (retc->x.str_val == NULL || retc->size < 1)
725  return -1;
726 
727  /* Find type of padding. PKCS#1 padding normally starts with a 0 byte.
728  * However, due to the way the value in retc has been created, any
729  * leading zeros have already been stripped. So the byte that
730  * describes the type of padding is the first byte in str_val. Also,
731  * the only padding types we can actually find are 1 and 2. padding
732  * type 0 means that the padding is done with zeros and those will
733  * have been already stripped too. */
734  p = retc->x.str_val;
735  if (p[0] == 1 || p[0] == 2)
736  {
737  /* for padding type 1 and 2 we simply have to strip all non-zero
738  * bytes at the beginning of the value */
739  int i = 0;
740  char *temp;
741  while (i < retc->size && p[i])
742  i++;
743  /* skip the zero byte */
744  i++;
745  if (i <= retc->size)
746  {
747  int rest = retc->size - i;
748  temp = g_malloc0 (rest);
749  memcpy (temp, p + i, rest);
750  g_free (retc->x.str_val);
751  retc->x.str_val = temp;
752  retc->size = rest;
753  }
754  else
755  return -1;
756  }
757 
758  return 0;
759 }
760 
769 tree_cell *
771 {
772  tree_cell *retc = NULL;
773  gcry_mpi_t e = NULL, n = NULL, dt = NULL;
774  gcry_sexp_t key = NULL, data = NULL, encrypted = NULL;
775  gcry_error_t err;
776  int type = get_var_type_by_name (lexic, "pad");
777  int pad = 0;
778 
779  if (type == VAR2_INT)
780  pad = get_int_var_by_name (lexic, "pad", 0);
782  else if (type == VAR2_STRING)
783  {
784  if (!strcmp (get_str_var_by_name (lexic, "pad"), "TRUE"))
785  pad = 1;
786  }
787  else
788  {
789  nasl_perror (lexic, "Syntax : rsa_public_encrypt(data:<d>,"
790  "n:<n>, e:<e>, pad:<TRUE:FALSE>)");
791  return NULL;
792  }
793 
794  retc = alloc_typed_cell (CONST_DATA);
795 
796  if (mpi_from_named_parameter (lexic, &dt, "data", "nasl_rsa_public_encrypt")
797  < 0)
798  goto fail;
799  if (mpi_from_named_parameter (lexic, &e, "e", "nasl_rsa_public_encrypt") < 0)
800  goto fail;
801  if (mpi_from_named_parameter (lexic, &n, "n", "nasl_rsa_public_encrypt") < 0)
802  goto fail;
803 
804  err = gcry_sexp_build (&key, NULL, "(public-key (rsa (n %m) (e %m)))", n, e);
805  if (err)
806  {
807  print_gcrypt_error (lexic, "gcry_sexp_build pubkey", err);
808  goto fail;
809  }
810 
811  if (pad == 1)
812  err = gcry_sexp_build (&data, NULL, "(data (flags pkcs1) (value %m))", dt);
813  else
814  err = gcry_sexp_build (&data, NULL, "(data (flags raw) (value %m))", dt);
815  if (err)
816  {
817  print_gcrypt_error (lexic, "gcry_sexp_build data", err);
818  goto fail;
819  }
820 
821  err = gcry_pk_encrypt (&encrypted, data, key);
822  if (err)
823  {
824  print_gcrypt_error (lexic, "gcry_pk_encrypt", err);
825  goto fail;
826  }
827 
828  if (pad == 1)
829  {
830  if (set_retc_from_sexp (retc, encrypted, "a") >= 0
831  && strip_pkcs1_padding (retc) >= 0)
832  goto ret;
833  }
834  else
835  {
836  if (set_retc_from_sexp (retc, encrypted, "a") >= 0)
837  goto ret;
838  }
839 
840 fail:
841  retc->size = 0;
842  retc->x.str_val = g_malloc0 (1);
843 ret:
844  gcry_sexp_release (encrypted);
845  gcry_sexp_release (key);
846  gcry_sexp_release (data);
847  gcry_mpi_release (dt);
848  gcry_mpi_release (e);
849  gcry_mpi_release (n);
850  return retc;
851 }
852 
861 tree_cell *
863 {
864  tree_cell *retc = NULL;
865  gcry_mpi_t e = NULL, n = NULL, d = NULL, dt = NULL;
866  gcry_sexp_t key = NULL, data = NULL, decrypted = NULL;
867  gcry_error_t err;
868  int type = get_var_type_by_name (lexic, "pad");
869  int pad = 0;
870 
871  if (type == VAR2_INT)
872  pad = get_int_var_by_name (lexic, "pad", 0);
874  else if (type == VAR2_STRING)
875  {
876  if (!strcmp (get_str_var_by_name (lexic, "pad"), "TRUE"))
877  pad = 1;
878  }
879  else
880  {
881  nasl_perror (lexic, "Syntax : rsa_public_encrypt(data:<d>,"
882  "n:<n>, e:<e>, pad:<TRUE:FALSE>)");
883  return NULL;
884  }
885 
886  retc = alloc_typed_cell (CONST_DATA);
887 
888  if (mpi_from_named_parameter (lexic, &dt, "data", "nasl_rsa_private_decrypt")
889  < 0)
890  goto fail;
891  if (mpi_from_named_parameter (lexic, &e, "e", "nasl_rsa_private_decrypt") < 0)
892  goto fail;
893  if (mpi_from_named_parameter (lexic, &n, "n", "nasl_rsa_private_decrypt") < 0)
894  goto fail;
895  if (mpi_from_named_parameter (lexic, &d, "d", "nasl_rsa_private_decrypt") < 0)
896  goto fail;
897 
898  err = gcry_sexp_build (&key, NULL, "(private-key (rsa (n %m) (e %m) (d %m)))",
899  n, e, d);
900  if (err)
901  {
902  print_gcrypt_error (lexic, "gcry_sexp_build privkey", err);
903  goto fail;
904  }
905 
906  if (pad == 1)
907  err =
908  gcry_sexp_build (&data, NULL, "(enc-val (flags pkcs1) (rsa (a %m)))", dt);
909  else
910  err =
911  gcry_sexp_build (&data, NULL, "(enc-val (flags raw) (rsa (a %m)))", dt);
912  if (err)
913  {
914  print_gcrypt_error (lexic, "gcry_sexp_build data", err);
915  goto fail;
916  }
917 
918  err = gcry_pk_decrypt (&decrypted, data, key);
919  if (err)
920  {
921  print_gcrypt_error (lexic, "gcry_pk_decrypt", err);
922  goto fail;
923  }
924 
925  if (pad == 1)
926  {
927  if (set_retc_from_sexp (retc, decrypted, "value") >= 0
928  && strip_pkcs1_padding (retc) >= 0)
929  goto ret;
930  }
931  else
932  {
933  if (set_retc_from_sexp (retc, decrypted, "value") >= 0)
934  goto ret;
935  }
936 
937 fail:
938  retc->size = 0;
939  retc->x.str_val = g_malloc0 (1);
940 ret:
941  gcry_sexp_release (decrypted);
942  gcry_sexp_release (key);
943  gcry_sexp_release (data);
944  gcry_mpi_release (dt);
945  gcry_mpi_release (e);
946  gcry_mpi_release (n);
947  gcry_mpi_release (d);
948  return retc;
949 }
950 
960 tree_cell *
962 {
963  tree_cell *retc = NULL;
964  gcry_mpi_t e = NULL, n = NULL, s = NULL;
965  gcry_sexp_t key = NULL, sig = NULL, decrypted = NULL;
966  gcry_error_t err;
967 
968  retc = alloc_typed_cell (CONST_DATA);
969 
970  if (mpi_from_named_parameter (lexic, &s, "sig", "nasl_rsa_public_decrypt")
971  < 0)
972  goto fail;
973  if (mpi_from_named_parameter (lexic, &e, "e", "nasl_rsa_public_decrypt") < 0)
974  goto fail;
975  if (mpi_from_named_parameter (lexic, &n, "n", "nasl_rsa_public_decrypt") < 0)
976  goto fail;
977 
978  err = gcry_sexp_build (&key, NULL, "(public-key (rsa (n %m) (e %m)))", n, e);
979  if (err)
980  {
981  print_gcrypt_error (lexic, "gcry_sexp_build pubkey", err);
982  goto fail;
983  }
984  err = gcry_sexp_build (&sig, NULL, "(data (flags raw) (value %m))", s);
985  if (err)
986  {
987  print_gcrypt_error (lexic, "gcry_sexp_build sig", err);
988  goto fail;
989  }
990 
991  /* gcry_pk_encrypt is equivalent to the public key decryption at least
992  * for RSA keys. */
993  err = gcry_pk_encrypt (&decrypted, sig, key);
994  if (err)
995  {
996  print_gcrypt_error (lexic, "gcry_pk_encrypt", err);
997  goto fail;
998  }
999 
1000  if (set_retc_from_sexp (retc, decrypted, "a") >= 0
1001  && strip_pkcs1_padding (retc) >= 0)
1002  goto ret;
1003 
1004 fail:
1005  retc->size = 0;
1006  retc->x.str_val = g_malloc0 (1);
1007 ret:
1008  gcry_sexp_release (decrypted);
1009  gcry_sexp_release (key);
1010  gcry_sexp_release (sig);
1011  gcry_mpi_release (s);
1012  gcry_mpi_release (e);
1013  gcry_mpi_release (n);
1014  return retc;
1015 }
1016 
1020 #define NUM_RSA_PARAMS 6
1021 static gcry_sexp_t
1022 nasl_sexp_from_privkey (lex_ctxt *lexic, gnutls_x509_privkey_t privkey)
1023 {
1024  gnutls_datum_t datums[NUM_RSA_PARAMS]; /* m/n, e, d, p, q, u */
1025  gcry_mpi_t mpis[NUM_RSA_PARAMS]; /* m/n, e, d, p, q, u */
1026  gcry_sexp_t key = NULL;
1027  int err;
1028  gcry_error_t gerr;
1029  int i;
1030 
1031  for (i = 0; i < NUM_RSA_PARAMS; i++)
1032  {
1033  datums[i].data = NULL;
1034  mpis[i] = NULL;
1035  }
1036 
1037  err = gnutls_x509_privkey_export_rsa_raw (privkey, datums + 0, datums + 1,
1038  datums + 2, datums + 3, datums + 4,
1039  datums + 5);
1040  if (err)
1041  {
1042  print_tls_error (lexic, "gnutls_x509_privkey_export_rsa_raw", err);
1043  goto fail;
1044  }
1045 
1046  for (i = 0; i < NUM_RSA_PARAMS; i++)
1047  {
1048  err = mpi_from_string (lexic, mpis + i, datums[i].data, datums[i].size,
1049  "rsa parameter", "nasl_sexp_from_privkey");
1050  if (err < 0)
1051  goto fail;
1052  }
1053 
1054  /* make sure that p < q. libgcrypt requires this. */
1055  if (gcry_mpi_cmp (mpis[3], mpis[4]) > 0)
1056  {
1057  gcry_mpi_swap (mpis[3], mpis[4]);
1058  gcry_mpi_invm (mpis[5], mpis[3], mpis[4]);
1059  }
1060 
1061  gerr = gcry_sexp_build (&key, NULL,
1062  "(private-key (rsa (n %m) (e %m) (d %m)"
1063  " (p %m) (q %m) (u %m)))",
1064  mpis[0], mpis[1], mpis[2], mpis[3], mpis[4], mpis[5]);
1065  if (gerr)
1066  {
1067  print_gcrypt_error (lexic, "gcry_sexp_build", gerr);
1068  goto fail;
1069  }
1070 
1071 fail:
1072  for (i = 0; i < NUM_RSA_PARAMS; i++)
1073  {
1074  gnutls_free (datums[i].data);
1075  gcry_mpi_release (mpis[i]);
1076  }
1077 
1078  return key;
1079 }
1080 
1097 tree_cell *
1099 {
1100  tree_cell *retc = NULL;
1101  char *data;
1102  int data_size;
1103  gcry_sexp_t ssig = NULL, sdata = NULL, skey = NULL;
1104  gnutls_x509_privkey_t priv_key = NULL;
1105  gcry_error_t err;
1106 
1107  retc = alloc_typed_cell (CONST_DATA);
1108 
1109  data = get_str_var_by_name (lexic, "data");
1110  data_size = get_var_size_by_name (lexic, "data");
1111  if (!data)
1112  goto fail;
1113 
1114  priv_key = nasl_load_privkey_param (lexic, "priv", "passphrase");
1115  if (!priv_key)
1116  goto fail;
1117 
1118  err = gcry_sexp_build (&sdata, NULL, "(data (flags pkcs1) (hash sha1 %b))",
1119  data_size, data);
1120  if (err)
1121  {
1122  print_gcrypt_error (lexic, "gcry_sexp_build for data", err);
1123  goto fail;
1124  }
1125 
1126  skey = nasl_sexp_from_privkey (lexic, priv_key);
1127  if (!skey)
1128  goto fail;
1129 
1130  err = gcry_pk_sign (&ssig, sdata, skey);
1131  if (err)
1132  {
1133  print_gcrypt_error (lexic, "gcry_pk_sign", err);
1134  goto fail;
1135  }
1136 
1137  if (set_retc_from_sexp (retc, ssig, "s") >= 0)
1138  goto ret;
1139 
1140 fail:
1141  retc->size = 0;
1142  retc->x.str_val = g_malloc0 (1);
1143 ret:
1144  gcry_sexp_release (ssig);
1145  gcry_sexp_release (sdata);
1146  gcry_sexp_release (skey);
1147  gnutls_x509_privkey_deinit (priv_key);
1148  return retc;
1149 }
1150 
1161 tree_cell *
1163 {
1164  tree_cell *retc = NULL;
1165  gcry_mpi_t p = NULL, g = NULL, q = NULL, pub = NULL, data = NULL;
1166  gcry_mpi_t r = NULL, s = NULL;
1167  gcry_sexp_t ssig = NULL, skey = NULL, sdata = NULL;
1168  gcry_error_t err;
1169 
1170  retc = g_malloc0 (sizeof (tree_cell));
1171  retc->ref_count = 1;
1172  retc->type = CONST_INT;
1173  retc->x.i_val = 0;
1174 
1175  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dsa_do_sign") < 0)
1176  goto fail;
1177  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dsa_do_sign") < 0)
1178  goto fail;
1179  if (mpi_from_named_parameter (lexic, &q, "q", "nasl_dsa_do_sign") < 0)
1180  goto fail;
1181  if (mpi_from_named_parameter (lexic, &pub, "pub", "nasl_dsa_do_sign") < 0)
1182  goto fail;
1183  if (mpi_from_named_parameter (lexic, &r, "r", "nasl_dsa_do_sign") < 0)
1184  goto fail;
1185  if (mpi_from_named_parameter (lexic, &s, "s", "nasl_dsa_do_sign") < 0)
1186  goto fail;
1187  if (mpi_from_named_parameter (lexic, &data, "data", "nasl_dsa_do_sign") < 0)
1188  goto fail;
1189 
1190  err = gcry_sexp_build (&sdata, NULL, "(data (flags raw) (value %m))", data);
1191  if (err)
1192  {
1193  print_gcrypt_error (lexic, "gcry_sexp_build for data", err);
1194  goto fail;
1195  }
1196 
1197  err = gcry_sexp_build (&skey, NULL,
1198  "(public-key (dsa (p %m) (q %m) (g %m) (y %m)))", p, q,
1199  g, pub);
1200  if (err)
1201  {
1202  print_gcrypt_error (lexic, "gcry_sexp_build for private key", err);
1203  goto fail;
1204  }
1205 
1206  err = gcry_sexp_build (&ssig, NULL, "(sig-val (dsa (r %m) (s %m)))", r, s);
1207  if (err)
1208  {
1209  print_gcrypt_error (lexic, "gcry_sexp_build for signature", err);
1210  goto fail;
1211  }
1212 
1213  err = gcry_pk_verify (ssig, sdata, skey);
1214  if (err == 0)
1215  retc->x.i_val = 1;
1216  else if (gcry_err_code (err) == GPG_ERR_BAD_SIGNATURE)
1217  retc->x.i_val = 0;
1218  else
1219  {
1220  print_gcrypt_error (lexic, "gcry_pk_sign", err);
1221  goto fail;
1222  }
1223 
1224 fail:
1225  gcry_mpi_release (p);
1226  gcry_mpi_release (g);
1227  gcry_mpi_release (q);
1228  gcry_mpi_release (pub);
1229  gcry_mpi_release (r);
1230  gcry_mpi_release (s);
1231  gcry_mpi_release (data);
1232  gcry_sexp_release (ssig);
1233  gcry_sexp_release (skey);
1234  gcry_sexp_release (sdata);
1235 
1236  return retc;
1237 }
1238 
1250 tree_cell *
1252 {
1253  tree_cell *retc = NULL;
1254  gcry_mpi_t p = NULL, g = NULL, q = NULL, pub = NULL, priv = NULL, data = NULL;
1255  gcry_mpi_t r = NULL, s = NULL;
1256  gcry_sexp_t ssig = NULL, skey = NULL, sdata = NULL;
1257  long rlen, slen;
1258  unsigned char *sigblob = NULL;
1259  gcry_error_t err;
1260 
1261  retc = g_malloc0 (sizeof (tree_cell));
1262  retc->ref_count = 1;
1263  retc->type = CONST_DATA;
1264  retc->x.i_val = 0;
1265 
1266  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dsa_do_sign") < 0)
1267  goto fail;
1268  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dsa_do_sign") < 0)
1269  goto fail;
1270  if (mpi_from_named_parameter (lexic, &q, "q", "nasl_dsa_do_sign") < 0)
1271  goto fail;
1272  if (mpi_from_named_parameter (lexic, &pub, "pub", "nasl_dsa_do_sign") < 0)
1273  goto fail;
1274  if (mpi_from_named_parameter (lexic, &priv, "priv", "nasl_dsa_do_sign") < 0)
1275  goto fail;
1276  if (mpi_from_named_parameter (lexic, &data, "data", "nasl_dsa_do_sign") < 0)
1277  goto fail;
1278 
1279  err = gcry_sexp_build (&sdata, NULL, "(data (flags raw) (value %m))", data);
1280  if (err)
1281  {
1282  print_gcrypt_error (lexic, "gcry_sexp_build for data", err);
1283  goto fail;
1284  }
1285 
1286  err = gcry_sexp_build (
1287  &skey, NULL, "(private-key (dsa (p %m) (q %m) (g %m) (y %m) (x %m)))", p, q,
1288  g, pub, priv);
1289  if (err)
1290  {
1291  print_gcrypt_error (lexic, "gcry_sexp_build for private-key", err);
1292  goto fail;
1293  }
1294 
1295  err = gcry_pk_sign (&ssig, sdata, skey);
1296  if (err)
1297  {
1298  print_gcrypt_error (lexic, "gcry_pk_sign", err);
1299  goto fail;
1300  }
1301 
1302  r = extract_mpi_from_sexp (ssig, "r");
1303  s = extract_mpi_from_sexp (ssig, "s");
1304  if (!r || !s)
1305  goto fail;
1306 
1307  rlen = (gcry_mpi_get_nbits (r) + 7) / 8;
1308  slen = (gcry_mpi_get_nbits (s) + 7) / 8;
1309  if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN)
1310  {
1311  nasl_perror (lexic, "rlen (%d) or slen (%d) > INTBLOB_LEN (%d)\n", rlen,
1312  slen, INTBLOB_LEN);
1313  goto fail;
1314  }
1315 
1316  sigblob = g_malloc0 (SIGBLOB_LEN);
1317  memset (sigblob, 0, SIGBLOB_LEN);
1318 
1319  err = gcry_mpi_print (
1320  GCRYMPI_FMT_USG,
1321  (unsigned char *) (sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen), rlen, NULL,
1322  r);
1323  if (err)
1324  {
1325  print_gcrypt_error (lexic, "gcry_mpi_print(r)", err);
1326  goto fail;
1327  }
1328  err = gcry_mpi_print (GCRYMPI_FMT_USG,
1329  (unsigned char *) (sigblob + SIGBLOB_LEN - slen), rlen,
1330  NULL, s);
1331  if (err)
1332  {
1333  print_gcrypt_error (lexic, "gcry_mpi_print(s)", err);
1334  goto fail;
1335  }
1336 
1337  retc->x.str_val = (char *) sigblob;
1338  sigblob = NULL;
1339  retc->size = SIGBLOB_LEN;
1340 
1341 fail:
1342  gcry_mpi_release (p);
1343  gcry_mpi_release (g);
1344  gcry_mpi_release (q);
1345  gcry_mpi_release (pub);
1346  gcry_mpi_release (priv);
1347  gcry_mpi_release (data);
1348  gcry_mpi_release (r);
1349  gcry_mpi_release (s);
1350  gcry_sexp_release (ssig);
1351  gcry_sexp_release (skey);
1352  gcry_sexp_release (sdata);
1353  g_free (sigblob);
1354 
1355  return retc;
1356 }
1357 
1361 tree_cell *
1362 nasl_bf_cbc (lex_ctxt *lexic, int enc)
1363 {
1364  tree_cell *retc = NULL;
1365  char *enckey = NULL, *iv = NULL, *data = NULL, *out = NULL;
1366  long enckeylen, ivlen, datalen;
1367  gcry_cipher_hd_t hd = NULL;
1368  anon_nasl_var v;
1369  nasl_array *a;
1370  gcry_error_t err;
1371 
1372  retc = alloc_typed_cell (CONST_DATA);
1373 
1374  /* key */
1375  enckey = get_str_var_by_name (lexic, "key");
1376  enckeylen = get_var_size_by_name (lexic, "key");
1377 
1378  /* initialization vector */
1379  iv = get_str_var_by_name (lexic, "iv");
1380  ivlen = get_var_size_by_name (lexic, "iv");
1381 
1382  /* data to decrypt/encrypt */
1383  data = get_str_var_by_name (lexic, "data");
1384  datalen = get_var_size_by_name (lexic, "data");
1385 
1386  if (enckey == NULL || data == NULL || iv == NULL)
1387  goto fail;
1388  if (enckeylen < 16)
1389  {
1390  /* key length must be at least 16 for compatibility with libnasl
1391  * code from before the OpenSSL -> GnuTLS migration */
1392  nasl_perror (lexic,
1393  "nasl_bf_cbc: unexpected enckeylen = %d; must be >= 16\n",
1394  enckeylen);
1395  goto fail;
1396  }
1397  if (ivlen < 8)
1398  {
1399  nasl_perror (lexic, "nasl_bf_cbc: unexpected ivlen = %d; must >= 8\n",
1400  ivlen);
1401  goto fail;
1402  }
1403  if (datalen < 8)
1404  {
1405  nasl_perror (lexic, "nasl_bf_cbc: unexpected datalen = %d; must >= 8\n",
1406  datalen);
1407  goto fail;
1408  }
1409 
1410  err = gcry_cipher_open (&hd, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CBC, 0);
1411  if (err)
1412  {
1413  print_gcrypt_error (lexic, "gcry_cipher_open", err);
1414  goto fail;
1415  }
1416 
1417  /* Always pass 16 as the length of enckey. The old OpenSSL based code
1418  * did this explicitly. The length cannot be < 16 at this point
1419  * because we checked for this case above. */
1420  err = gcry_cipher_setkey (hd, enckey, 16);
1421  if (err)
1422  {
1423  print_gcrypt_error (lexic, "gcry_cipher_setkey", err);
1424  goto fail;
1425  }
1426  /* Always pass 8 as the length of iv. The old OpenSSL based code did
1427  * this implicitly. The length cannot be < 8 at this point because we
1428  * checked for this case above. */
1429  err = gcry_cipher_setiv (hd, iv, 8);
1430  if (err)
1431  {
1432  print_gcrypt_error (lexic, "gcry_cipher_setiv", err);
1433  goto fail;
1434  }
1435 
1436  out = g_malloc0 (datalen);
1437  if (!out)
1438  goto fail;
1439 
1440  if (enc)
1441  err = gcry_cipher_encrypt (hd, out, datalen, data, datalen);
1442  else
1443  err = gcry_cipher_decrypt (hd, out, datalen, data, datalen);
1444  if (err)
1445  {
1446  print_gcrypt_error (lexic, "gcry_cipher_encrypt", err);
1447  goto fail;
1448  }
1449 
1450  retc->type = DYN_ARRAY;
1451  retc->x.ref_val = a = g_malloc0 (sizeof (nasl_array));
1452 
1453  /* first encrypted */
1454  v.var_type = VAR2_DATA;
1455  v.v.v_str.s_siz = datalen;
1456  v.v.v_str.s_val = (unsigned char *) out;
1457  (void) add_var_to_list (a, 0, &v);
1458 
1459  /* second iv */
1460  /* the iv to use to for the next part of the data is always the last
1461  * eight bytes of the cipher text. When encrypting the cipher text is
1462  * in out when decrypting it's in data.
1463  */
1464  v.var_type = VAR2_DATA;
1465  v.v.v_str.s_siz = 8;
1466  v.v.v_str.s_val = (unsigned char *) ((enc ? out : data) + datalen - 8);
1467  (void) add_var_to_list (a, 1, &v);
1468 
1469  goto ret;
1470 
1471 fail:
1472  retc->type = CONST_DATA;
1473  retc->x.str_val = g_malloc0 (1);
1474  retc->size = 0;
1475 
1476 ret:
1477  g_free (out);
1478  gcry_cipher_close (hd);
1479 
1480  return retc;
1481 }
1482 
1497 tree_cell *
1499 {
1500  return nasl_bf_cbc (lexic, 1);
1501 }
1502 
1517 tree_cell *
1519 {
1520  return nasl_bf_cbc (lexic, 0);
1521 }
1522 
1532 static tree_cell *
1533 nasl_open_stream_cipher (lex_ctxt *lexic, int cipher, int mode)
1534 {
1535  gcry_cipher_hd_t hd;
1536  gcry_error_t error;
1537  void *key, *iv;
1538  size_t keylen, ivlen;
1539  tree_cell *retc;
1540  cipher_table_item_t *hd_item;
1541  int cipher_id;
1542 
1543  key = get_str_var_by_name (lexic, "key");
1544  keylen = get_var_size_by_name (lexic, "key");
1545  iv = get_str_var_by_name (lexic, "iv");
1546  ivlen = get_var_size_by_name (lexic, "iv");
1547 
1548  if (!key || keylen <= 0)
1549  {
1550  nasl_perror (lexic, "Syntax: encrypt_data: Missing data or key argument");
1551  return NULL;
1552  }
1553 
1554  if ((error = gcry_cipher_open (&hd, cipher, mode, 0)))
1555  {
1556  nasl_perror (lexic, "gcry_cipher_open: %s", gcry_strerror (error));
1557  gcry_cipher_close (hd);
1558  return NULL;
1559  }
1560  if ((error = gcry_cipher_setkey (hd, key, keylen)))
1561  {
1562  nasl_perror (lexic, "gcry_cipher_setkey: %s", gcry_strerror (error));
1563  gcry_cipher_close (hd);
1564  return NULL;
1565  }
1566 
1567  if (iv && ivlen)
1568  {
1569  if ((error = gcry_cipher_setiv (hd, iv, ivlen)))
1570  {
1571  nasl_perror (lexic, "gcry_cipher_setiv: %s", gcry_strerror (error));
1572  gcry_cipher_close (hd);
1573  return NULL;
1574  }
1575  }
1576 
1577  cipher_id = get_new_cipher_id ();
1578  if (cipher_id == -1)
1579  {
1580  nasl_perror (lexic, "%s: No available slot for a new cipher.", __func__);
1581  gcry_cipher_close (hd);
1582  return NULL;
1583  }
1584 
1585  hd_item = cipher_table_item_new ();
1586  hd_item->hd = hd;
1587  hd_item->id = cipher_id;
1588  cipher_table = g_list_append (cipher_table, hd_item);
1589 
1590  retc = alloc_typed_cell (CONST_INT);
1591  retc->x.i_val = hd_item->id;
1592  return retc;
1593 }
1594 
1604 static tree_cell *
1605 encrypt_stream_data (lex_ctxt *lexic, int cipher)
1606 {
1607  gcry_cipher_hd_t hd;
1608  gcry_error_t error;
1609  void *result, *data, *tmp;
1610  size_t resultlen, datalen, tmplen;
1611  tree_cell *retc;
1612  int cipher_id;
1613 
1614  cipher_id = get_int_var_by_name (lexic, "hd", -1);
1615  data = get_str_var_by_name (lexic, "data");
1616  datalen = get_var_size_by_name (lexic, "data");
1617 
1618  if (!data || datalen <= 0)
1619  {
1620  nasl_perror (lexic, "Syntax: encrypt_data: Missing data or key argument");
1621  return NULL;
1622  }
1623 
1624  hd = verify_cipher_id (lexic, cipher_id);
1625  if (hd == NULL)
1626  return NULL;
1627 
1628  if (cipher == GCRY_CIPHER_ARCFOUR)
1629  {
1630  resultlen = datalen;
1631  tmp = g_memdup (data, datalen);
1632  tmplen = datalen;
1633  }
1634 
1635  result = g_malloc0 (resultlen);
1636  if ((error = gcry_cipher_encrypt (hd, result, resultlen, tmp, tmplen)))
1637  {
1638  g_message ("gcry_cipher_encrypt: %s", gcry_strerror (error));
1639  delete_cipher_item (cipher_id);
1640  g_free (result);
1641  g_free (tmp);
1642  return NULL;
1643  }
1644 
1645  g_free (tmp);
1646  retc = alloc_typed_cell (CONST_DATA);
1647  retc->x.str_val = result;
1648  retc->size = resultlen;
1649  return retc;
1650 }
1651 
1660 tree_cell *
1662 {
1663  tree_cell *retc;
1664  int cipher_id;
1665  gcry_cipher_hd_t hd;
1666 
1667  cipher_id = get_int_var_by_name (lexic, "hd", 0);
1668 
1669  hd = verify_cipher_id (lexic, cipher_id);
1670  if (hd == NULL)
1671  return NULL;
1672 
1673  delete_cipher_item (cipher_id);
1674  retc = alloc_typed_cell (CONST_INT);
1675  retc->x.i_val = 0;
1676  return retc;
1677 }
1678 
1679 static tree_cell *
1680 encrypt_data (lex_ctxt *lexic, int cipher, int mode)
1681 {
1682  gcry_cipher_hd_t hd;
1683  gcry_error_t error;
1684  void *result, *data, *key, *tmp, *iv;
1685  size_t resultlen, datalen, keylen, tmplen, ivlen;
1686  tree_cell *retc;
1687 
1688  data = get_str_var_by_name (lexic, "data");
1689  datalen = get_var_size_by_name (lexic, "data");
1690  key = get_str_var_by_name (lexic, "key");
1691  keylen = get_var_size_by_name (lexic, "key");
1692  iv = get_str_var_by_name (lexic, "iv");
1693  ivlen = get_var_size_by_name (lexic, "iv");
1694 
1695  if (!data || datalen <= 0 || !key || keylen <= 0)
1696  {
1697  nasl_perror (lexic, "Syntax: encrypt_data: Missing data or key argument");
1698  return NULL;
1699  }
1700 
1701  if ((error = gcry_cipher_open (&hd, cipher, mode, 0)))
1702  {
1703  nasl_perror (lexic, "gcry_cipher_open: %s", gcry_strerror (error));
1704  gcry_cipher_close (hd);
1705  return NULL;
1706  }
1707  if ((error = gcry_cipher_setkey (hd, key, keylen)))
1708  {
1709  nasl_perror (lexic, "gcry_cipher_setkey: %s", gcry_strerror (error));
1710  gcry_cipher_close (hd);
1711  return NULL;
1712  }
1713 
1714  if (cipher == GCRY_CIPHER_ARCFOUR)
1715  {
1716  resultlen = datalen;
1717  tmp = g_memdup (data, datalen);
1718  tmplen = datalen;
1719  }
1720  else if (cipher == GCRY_CIPHER_3DES)
1721  {
1722  if (datalen % 8 == 0)
1723  resultlen = datalen;
1724  else
1725  resultlen = ((datalen / 8) + 1) * 8;
1726  tmp = g_malloc0 (resultlen);
1727  tmplen = resultlen;
1728  memcpy (tmp, data, datalen);
1729  }
1730  else if (cipher == GCRY_CIPHER_AES128)
1731  {
1732  if (datalen % 16 == 0)
1733  resultlen = datalen;
1734  else
1735  resultlen = ((datalen / 16) + 1) * 16;
1736  tmp = g_malloc0 (resultlen);
1737  tmplen = resultlen;
1738  memcpy (tmp, data, datalen);
1739  }
1740  else if (cipher == GCRY_CIPHER_AES256)
1741  {
1742  if (datalen % 32 == 0)
1743  resultlen = datalen;
1744  else
1745  resultlen = ((datalen / 32) + 1) * 32;
1746  tmp = g_malloc0 (resultlen);
1747  tmplen = resultlen;
1748  memcpy (tmp, data, datalen);
1749  }
1750  else
1751  {
1752  nasl_perror (lexic, "encrypt_data: Unknown cipher %d", cipher);
1753  gcry_cipher_close (hd);
1754  return NULL;
1755  }
1756 
1757  if (iv && ivlen)
1758  {
1759  if ((error = gcry_cipher_setiv (hd, iv, ivlen)))
1760  {
1761  nasl_perror (lexic, "gcry_cipher_setiv: %s", gcry_strerror (error));
1762  return NULL;
1763  }
1764  }
1765 
1766  result = g_malloc0 (resultlen);
1767  if ((error = gcry_cipher_encrypt (hd, result, resultlen, tmp, tmplen)))
1768  {
1769  g_message ("gcry_cipher_encrypt: %s", gcry_strerror (error));
1770  gcry_cipher_close (hd);
1771  g_free (result);
1772  g_free (tmp);
1773  return NULL;
1774  }
1775 
1776  g_free (tmp);
1777  gcry_cipher_close (hd);
1778  retc = alloc_typed_cell (CONST_DATA);
1779  retc->x.str_val = result;
1780  retc->size = resultlen;
1781  return retc;
1782 }
1783 
1795 tree_cell *
1797 {
1798  int cipher_id;
1799  gcry_cipher_hd_t hd;
1800  cipher_id = get_int_var_by_name (lexic, "hd", -1);
1801 
1802  if (cipher_id >= 0)
1803  {
1804  hd = verify_cipher_id (lexic, cipher_id);
1805  if (hd == NULL)
1806  return NULL;
1807  return encrypt_stream_data (lexic, GCRY_CIPHER_ARCFOUR);
1808  }
1809 
1810  return encrypt_data (lexic, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM);
1811 }
1812 
1821 tree_cell *
1823 {
1824  return nasl_open_stream_cipher (lexic, GCRY_CIPHER_ARCFOUR,
1825  GCRY_CIPHER_MODE_STREAM);
1826 }
1827 
1828 tree_cell *
1830 {
1831  return encrypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC);
1832 }
1833 
1834 tree_cell *
1836 {
1837  return encrypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC);
1838 }
1839 
1840 tree_cell *
1842 {
1843  return encrypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR);
1844 }
1845 
1846 tree_cell *
1848 {
1849  return encrypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CTR);
1850 }
1851 
1852 tree_cell *
1854 {
1855  return encrypt_data (lexic, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC);
1856 }
1857 
1858 tree_cell *
1860 {
1861  return encrypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM);
1862 }
1863 
1864 tree_cell *
1866 {
1867  return encrypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM);
1868 }
st_a_nasl_var
Definition: nasl_var.h:50
nasl_misc_funcs.h
nasl_open_stream_cipher
static tree_cell * nasl_open_stream_cipher(lex_ctxt *lexic, int cipher, int mode)
Open a stream cipher. This function creates a context handle and stores it in a cipher table....
Definition: nasl_crypto2.c:1533
set_mpi_retc
static int set_mpi_retc(tree_cell *retc, gcry_mpi_t mpi)
Sets the return value in retc from the MPI mpi.
Definition: nasl_crypto2.c:258
nasl_sexp_from_privkey
static gcry_sexp_t nasl_sexp_from_privkey(lex_ctxt *lexic, gnutls_x509_privkey_t privkey)
Definition: nasl_crypto2.c:1022
MAX_CIPHER_ID
#define MAX_CIPHER_ID
Definition: nasl_crypto2.c:44
nasl_bf_cbc_decrypt
tree_cell * nasl_bf_cbc_decrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1518
nasl_rc4_encrypt
tree_cell * nasl_rc4_encrypt(lex_ctxt *lexic)
Nasl function to encrypt data with a RC4 cipher. If an hd param exist in the lexix context,...
Definition: nasl_crypto2.c:1796
CONST_DATA
@ CONST_DATA
Definition: nasl_tree.h:93
nasl_close_stream_cipher
tree_cell * nasl_close_stream_cipher(lex_ctxt *lexic)
Nasl function to delete a cipher item from the cipher table.
Definition: nasl_crypto2.c:1661
get_var_size_by_name
int get_var_size_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1147
set_retc_from_sexp
static int set_retc_from_sexp(tree_cell *retc, gcry_sexp_t sexp, const char *token)
Sets the return value in retc from an sexpression.
Definition: nasl_crypto2.c:702
TC::str_val
char * str_val
Definition: nasl_tree.h:112
nasl_aes256_ctr_encrypt
tree_cell * nasl_aes256_ctr_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1847
nasl_rsa_public_encrypt
tree_cell * nasl_rsa_public_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:770
print_gcrypt_error
void print_gcrypt_error(lex_ctxt *lexic, char *function, int err)
Prints a libgcrypt error.
Definition: nasl_crypto2.c:86
DYN_ARRAY
@ DYN_ARRAY
Definition: nasl_tree.h:101
nasl_dsa_do_sign
tree_cell * nasl_dsa_do_sign(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1251
nasl_rsa_sign
tree_cell * nasl_rsa_sign(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1098
TC::x
union TC::@2 x
nasl_aes256_gcm_encrypt
tree_cell * nasl_aes256_gcm_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1865
get_str_var_by_name
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1127
st_a_nasl_var::v_str
nasl_string_t v_str
Definition: nasl_var.h:58
mpi_from_named_parameter
static int mpi_from_named_parameter(lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function)
Converts a named nasl parameter to a gcry_mpi_t.
Definition: nasl_crypto2.c:224
st_nasl_string::s_siz
int s_siz
Definition: nasl_var.h:38
st_nasl_array
Definition: nasl_var.h:43
cipher_table_item::hd
gcry_cipher_hd_t hd
Definition: nasl_crypto2.c:62
nasl_des_ede_cbc_encrypt
tree_cell * nasl_des_ede_cbc_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1853
nasl_rsa_public_decrypt
tree_cell * nasl_rsa_public_decrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:961
nasl_dh_generate_key
tree_cell * nasl_dh_generate_key(lex_ctxt *lexic)
Definition: nasl_crypto2.c:574
nasl_open_rc4_cipher
tree_cell * nasl_open_rc4_cipher(lex_ctxt *lexic)
Nasl function to open RC4 cipher to encrypt a stream of data. The handler can be used to encrypt stre...
Definition: nasl_crypto2.c:1822
cipher_table_item::id
int id
Definition: nasl_crypto2.c:63
nasl_debug.h
encrypt_stream_data
static tree_cell * encrypt_stream_data(lex_ctxt *lexic, int cipher)
Encrypt data using an existent cipher handle. As the handler is not close, the key is updated to encr...
Definition: nasl_crypto2.c:1605
nasl_bf_cbc
tree_cell * nasl_bf_cbc(lex_ctxt *lexic, int enc)
Implements the nasl functions bf_cbc_encrypt and bf_cbc_decrypt.
Definition: nasl_crypto2.c:1362
nasl_pem_to_dsa
tree_cell * nasl_pem_to_dsa(lex_ctxt *lexic)
Definition: nasl_crypto2.c:505
nasl_perror
void nasl_perror(lex_ctxt *lexic, char *msg,...)
Definition: nasl_debug.c:120
get_var_type_by_name
int get_var_type_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1171
TC::size
int size
Definition: nasl_tree.h:109
NUM_RSA_PARAMS
#define NUM_RSA_PARAMS
Creates a libgcryt s-expression from a GnuTLS private RSA key.
Definition: nasl_crypto2.c:1020
nasl_lex_ctxt.h
nasl_crypto2.h
nasl_pem_to_rsa
tree_cell * nasl_pem_to_rsa(lex_ctxt *lexic)
Definition: nasl_crypto2.c:489
SIGBLOB_LEN
#define SIGBLOB_LEN
Definition: nasl_crypto2.c:43
get_new_cipher_id
static int get_new_cipher_id(void)
Helper function to get a free id for a new cipher.
Definition: nasl_crypto2.c:112
get_int_var_by_name
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1113
nasl_aes128_ctr_encrypt
tree_cell * nasl_aes128_ctr_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1841
VAR2_DATA
@ VAR2_DATA
Definition: nasl_var.h:29
calc_dh_public
static gcry_mpi_t calc_dh_public(gcry_mpi_t g, gcry_mpi_t prime, gcry_mpi_t priv)
compute the diffie hellman public key.
Definition: nasl_crypto2.c:522
nasl_dsa_do_verify
tree_cell * nasl_dsa_do_verify(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1162
nasl_func.h
TC::ref_val
void * ref_val
Definition: nasl_tree.h:114
TC::ref_count
short ref_count
Definition: nasl_tree.h:108
st_a_nasl_var::var_type
int var_type
Definition: nasl_var.h:52
cipher_table_item_new
static cipher_table_item_t * cipher_table_item_new(void)
Create a new cipher handler item parameter.
Definition: nasl_crypto2.c:157
TC
Definition: nasl_tree.h:104
struct_lex_ctxt
Definition: nasl_lex_ctxt.h:33
TC::type
short type
Definition: nasl_tree.h:106
nasl_var.h
nasl_packet_forgery.h
delete_cipher_item
static void delete_cipher_item(int cipher_id)
Free and remove a cipher handler from the cipher table.
Definition: nasl_crypto2.c:169
nasl_dh_compute_key
tree_cell * nasl_dh_compute_key(lex_ctxt *lexic)
Definition: nasl_crypto2.c:619
nasl_bf_cbc_encrypt
tree_cell * nasl_bf_cbc_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1498
nasl_aes128_cbc_encrypt
tree_cell * nasl_aes128_cbc_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1829
nasl_pem_to
tree_cell * nasl_pem_to(lex_ctxt *lexic, int type)
Implements the nasl functions pem_to_rsa and pem_to_dsa.
Definition: nasl_crypto2.c:407
nasl_global_ctxt.h
CONST_INT
@ CONST_INT
Definition: nasl_tree.h:90
nasl_load_privkey_param
static gnutls_x509_privkey_t nasl_load_privkey_param(lex_ctxt *lexic, const char *priv_name, const char *passphrase_name)
Loads a private key from a string.
Definition: nasl_crypto2.c:361
print_tls_error
void print_tls_error(lex_ctxt *lexic, char *txt, int err)
Prints a GnuTLS error.
Definition: nasl_crypto2.c:75
mpi_from_string
static int mpi_from_string(lex_ctxt *lexic, gcry_mpi_t *dest, void *data, size_t len, const char *parameter, const char *function)
Converts a string to a gcry_mpi_t.
Definition: nasl_crypto2.c:195
add_var_to_list
int add_var_to_list(nasl_array *a, int i, const anon_nasl_var *v)
Definition: nasl_var.c:1254
find_cipher_hd
static int find_cipher_hd(cipher_table_item_t *cipher_elem, int *id)
Helper function to find cipher id in the table.
Definition: nasl_crypto2.c:98
st_a_nasl_var::v
union st_a_nasl_var::@4 v
VAR2_STRING
@ VAR2_STRING
Definition: nasl_var.h:28
encrypt_data
static tree_cell * encrypt_data(lex_ctxt *lexic, int cipher, int mode)
Definition: nasl_crypto2.c:1680
nasl_bn_random
tree_cell * nasl_bn_random(lex_ctxt *lexic)
Definition: nasl_crypto2.c:322
cipher_table
static GList * cipher_table
List of open cipher handler.
Definition: nasl_crypto2.c:55
nasl_rsa_private_decrypt
tree_cell * nasl_rsa_private_decrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:862
alloc_typed_cell
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:40
strip_pkcs1_padding
static int strip_pkcs1_padding(tree_cell *retc)
Strips PKCS#1 padding from the string in retc.
Definition: nasl_crypto2.c:720
nasl_aes256_cbc_encrypt
tree_cell * nasl_aes256_cbc_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1835
VAR2_INT
@ VAR2_INT
Definition: nasl_var.h:27
nasl_bn_cmp
tree_cell * nasl_bn_cmp(lex_ctxt *lexic)
Definition: nasl_crypto2.c:285
nasl_tree.h
verify_cipher_id
static gcry_cipher_hd_t verify_cipher_id(lex_ctxt *lexic, int cipher_id)
Helper function to validate the cipher id.
Definition: nasl_crypto2.c:134
nasl_aes128_gcm_encrypt
tree_cell * nasl_aes128_gcm_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:1859
st_nasl_string::s_val
unsigned char * s_val
Definition: nasl_var.h:37
cipher_table_item
Struct holding a cipher handler.
Definition: nasl_crypto2.c:60
INTBLOB_LEN
#define INTBLOB_LEN
Definition: nasl_crypto2.c:42
calc_dh_key
static gcry_mpi_t calc_dh_key(gcry_mpi_t pub, gcry_mpi_t prime, gcry_mpi_t priv)
Compute the diffie hellman shared secret key.
Definition: nasl_crypto2.c:549
TC::i_val
long int i_val
Definition: nasl_tree.h:113
extract_mpi_from_sexp
static gcry_mpi_t extract_mpi_from_sexp(gcry_sexp_t sexp, const char *token)
Extracts an MPI value from a libgcryt s-expression.
Definition: nasl_crypto2.c:672