diff options
| author | Martin Willi <martin@revosec.ch> | 2010-08-11 09:53:45 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2010-08-11 09:53:45 +0200 |
| commit | d775af9d187c38a2a30cb52afebbe6eef03a7450 (patch) | |
| tree | d09fa8e74ce5ec0e44e552658f24c2dcad22a8c3 /src/libstrongswan | |
| parent | 133accfcfd9cd7c24cb3980c3b5573911c4c7333 (diff) | |
| download | strongswan-d775af9d187c38a2a30cb52afebbe6eef03a7450.tar.bz2 strongswan-d775af9d187c38a2a30cb52afebbe6eef03a7450.tar.xz | |
Implemented RSA en-/decryption in openssl plugin
Diffstat (limited to 'src/libstrongswan')
| -rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c | 29 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c | 31 |
2 files changed, 55 insertions, 5 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index dbf990e81..e78090638 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -169,8 +169,33 @@ METHOD(private_key_t, decrypt, bool, private_openssl_rsa_private_key_t *this, encryption_scheme_t scheme, chunk_t crypto, chunk_t *plain) { - DBG1(DBG_LIB, "RSA private key decryption not implemented"); - return FALSE; + int padding, len; + char *decrypted; + + switch (scheme) + { + case ENCRYPT_RSA_PKCS1: + padding = RSA_PKCS1_PADDING; + break; + case ENCRYPT_RSA_OAEP_SHA1: + padding = RSA_PKCS1_OAEP_PADDING; + break; + default: + DBG1(DBG_LIB, "encryption scheme %N not supported via openssl", + encryption_scheme_names, scheme); + return FALSE; + } + decrypted = malloc(RSA_size(this->rsa)); + len = RSA_private_decrypt(crypto.len, crypto.ptr, decrypted, + this->rsa, padding); + if (len < 0) + { + DBG1(DBG_LIB, "RSA decryption failed"); + free(decrypted); + return FALSE; + } + *plain = chunk_create(decrypted, len); + return TRUE; } METHOD(private_key_t, get_keysize, int, diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index 80a571058..667ddad1a 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -149,10 +149,35 @@ METHOD(public_key_t, verify, bool, METHOD(public_key_t, encrypt, bool, private_openssl_rsa_public_key_t *this, encryption_scheme_t scheme, - chunk_t crypto, chunk_t *plain) + chunk_t plain, chunk_t *crypto) { - DBG1(DBG_LIB, "RSA public key encryption not implemented"); - return FALSE; + int padding, len; + char *encrypted; + + switch (scheme) + { + case ENCRYPT_RSA_PKCS1: + padding = RSA_PKCS1_PADDING; + break; + case ENCRYPT_RSA_OAEP_SHA1: + padding = RSA_PKCS1_OAEP_PADDING; + break; + default: + DBG1(DBG_LIB, "decryption scheme %N not supported via openssl", + encryption_scheme_names, scheme); + return FALSE; + } + encrypted = malloc(RSA_size(this->rsa)); + len = RSA_public_encrypt(plain.len, plain.ptr, encrypted, + this->rsa, padding); + if (len < 0) + { + DBG1(DBG_LIB, "RSA decryption failed"); + free(encrypted); + return FALSE; + } + *crypto = chunk_create(encrypted, len); + return TRUE; } METHOD(public_key_t, get_keysize, int, |