OpenVAS Scanner  7.0.1~git
nasl_crypto2.h File Reference
#include "nasl_lex_ctxt.h"
Include dependency graph for nasl_crypto2.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

tree_cellnasl_bn_random (lex_ctxt *)
 
tree_cellnasl_dh_generate_key (lex_ctxt *)
 
tree_cellnasl_bn_cmp (lex_ctxt *)
 
tree_cellnasl_dh_compute_key (lex_ctxt *)
 
tree_cellnasl_rsa_public_encrypt (lex_ctxt *)
 
tree_cellnasl_rsa_private_decrypt (lex_ctxt *)
 
tree_cellnasl_open_rc4_cipher (lex_ctxt *)
 Nasl function to open RC4 cipher to encrypt a stream of data. The handler can be used to encrypt stream data. Open cipher must be close with close_stream_cipher() when it is not useful anymore. More...
 
tree_cellnasl_close_stream_cipher (lex_ctxt *)
 Nasl function to delete a cipher item from the cipher table. More...
 
tree_cellnasl_rsa_public_decrypt (lex_ctxt *)
 
tree_cellnasl_bf_cbc_encrypt (lex_ctxt *)
 
tree_cellnasl_bf_cbc_decrypt (lex_ctxt *)
 
tree_cellnasl_dsa_do_verify (lex_ctxt *lexic)
 
tree_cellnasl_pem_to_rsa (lex_ctxt *lexic)
 
tree_cellnasl_pem_to_dsa (lex_ctxt *lexic)
 
tree_cellnasl_rsa_sign (lex_ctxt *lexic)
 
tree_cellnasl_dsa_do_sign (lex_ctxt *lexic)
 
tree_cellnasl_rc4_encrypt (lex_ctxt *lexic)
 Nasl function to encrypt data with a RC4 cipher. If an hd param exist in the lexix context, it will use this handler to encrypt the data as part of a stream data. e.g.: rc4_encypt(data: data, hd: hd) More...
 
tree_cellnasl_aes128_cbc_encrypt (lex_ctxt *lexic)
 
tree_cellnasl_aes256_cbc_encrypt (lex_ctxt *lexic)
 
tree_cellnasl_aes128_ctr_encrypt (lex_ctxt *lexic)
 
tree_cellnasl_aes256_ctr_encrypt (lex_ctxt *lexic)
 
tree_cellnasl_des_ede_cbc_encrypt (lex_ctxt *lexic)
 
tree_cellnasl_aes128_gcm_encrypt (lex_ctxt *lexic)
 
tree_cellnasl_aes256_gcm_encrypt (lex_ctxt *lexic)
 
int generate_script_signature (char *)
 

Function Documentation

◆ generate_script_signature()

int generate_script_signature ( char *  )

◆ nasl_aes128_cbc_encrypt()

tree_cell* nasl_aes128_cbc_encrypt ( lex_ctxt lexic)

Definition at line 1829 of file nasl_crypto2.c.

References encrypt_data().

1830 {
1831  return encrypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC);
1832 }
static tree_cell * encrypt_data(lex_ctxt *lexic, int cipher, int mode)
Here is the call graph for this function:

◆ nasl_aes128_ctr_encrypt()

tree_cell* nasl_aes128_ctr_encrypt ( lex_ctxt lexic)

Definition at line 1841 of file nasl_crypto2.c.

References encrypt_data().

1842 {
1843  return encrypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR);
1844 }
static tree_cell * encrypt_data(lex_ctxt *lexic, int cipher, int mode)
Here is the call graph for this function:

◆ nasl_aes128_gcm_encrypt()

tree_cell* nasl_aes128_gcm_encrypt ( lex_ctxt lexic)

Definition at line 1859 of file nasl_crypto2.c.

References encrypt_data().

1860 {
1861  return encrypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM);
1862 }
static tree_cell * encrypt_data(lex_ctxt *lexic, int cipher, int mode)
Here is the call graph for this function:

◆ nasl_aes256_cbc_encrypt()

tree_cell* nasl_aes256_cbc_encrypt ( lex_ctxt lexic)

Definition at line 1835 of file nasl_crypto2.c.

References encrypt_data().

1836 {
1837  return encrypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC);
1838 }
static tree_cell * encrypt_data(lex_ctxt *lexic, int cipher, int mode)
Here is the call graph for this function:

◆ nasl_aes256_ctr_encrypt()

tree_cell* nasl_aes256_ctr_encrypt ( lex_ctxt lexic)

Definition at line 1847 of file nasl_crypto2.c.

References encrypt_data().

1848 {
1849  return encrypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CTR);
1850 }
static tree_cell * encrypt_data(lex_ctxt *lexic, int cipher, int mode)
Here is the call graph for this function:

◆ nasl_aes256_gcm_encrypt()

tree_cell* nasl_aes256_gcm_encrypt ( lex_ctxt lexic)

Definition at line 1865 of file nasl_crypto2.c.

References encrypt_data().

1866 {
1867  return encrypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM);
1868 }
static tree_cell * encrypt_data(lex_ctxt *lexic, int cipher, int mode)
Here is the call graph for this function:

◆ nasl_bf_cbc_decrypt()

tree_cell* nasl_bf_cbc_decrypt ( lex_ctxt lexic)

nasl function

bf_cbc_decrypt(key:key, iv:iv, data:data)

Decrypt the cipher text data using the blowfish algorithm in CBC mode with the key key and the initialization vector iv. The key must be 16 bytes long. The iv must be at least 8 bytes long. data must be a multiple of 8 bytes long.

The return value is an array a with a[0] being the plaintext data and a[1] the new initialization vector to use for the next part of the data.

Definition at line 1518 of file nasl_crypto2.c.

References nasl_bf_cbc().

1519 {
1520  return nasl_bf_cbc (lexic, 0);
1521 }
tree_cell * nasl_bf_cbc(lex_ctxt *lexic, int enc)
Implements the nasl functions bf_cbc_encrypt and bf_cbc_decrypt.
Here is the call graph for this function:

◆ nasl_bf_cbc_encrypt()

tree_cell* nasl_bf_cbc_encrypt ( lex_ctxt lexic)

nasl function

bf_cbc_encrypt(key:key, iv:iv, data:data)

Encrypt the plaintext data using the blowfish algorithm in CBC mode with the key key and the initialization vector iv. The key must be 16 bytes long. The iv must be at least 8 bytes long. data must be a multiple of 8 bytes long.

The return value is an array a with a[0] being the encrypted data and a[1] the new initialization vector to use for the next part of the data.

Definition at line 1498 of file nasl_crypto2.c.

References nasl_bf_cbc().

1499 {
1500  return nasl_bf_cbc (lexic, 1);
1501 }
tree_cell * nasl_bf_cbc(lex_ctxt *lexic, int enc)
Implements the nasl functions bf_cbc_encrypt and bf_cbc_decrypt.
Here is the call graph for this function:

◆ nasl_bn_cmp()

tree_cell* nasl_bn_cmp ( lex_ctxt lexic)

nasl function

bn_cmp(key1:MPI1, key2:MPI2)

Compares the MPIs key1 and key2 (given as binary strings). Returns -1 if key1 < key2, 0 if key1 == key2 and +1 if key1 > key2.

Definition at line 285 of file nasl_crypto2.c.

References CONST_INT, TC::i_val, mpi_from_named_parameter(), TC::ref_count, TC::type, and TC::x.

286 {
287  tree_cell *retc = NULL;
288  gcry_mpi_t key1 = NULL, key2 = NULL;
289 
290  retc = g_malloc0 (sizeof (tree_cell));
291  retc->ref_count = 1;
292  retc->type = CONST_INT;
293  retc->x.i_val = 1;
294 
295  if (mpi_from_named_parameter (lexic, &key1, "key1", "nasl_bn_cmp") < 0)
296  goto fail;
297  if (mpi_from_named_parameter (lexic, &key2, "key2", "nasl_bn_cmp") < 0)
298  goto fail;
299 
300  retc->x.i_val = gcry_mpi_cmp (key1, key2);
301 
302  /* make sure the return value is one of -1, 0, +1 */
303  if (retc->x.i_val > 0)
304  retc->x.i_val = 1;
305  if (retc->x.i_val < 0)
306  retc->x.i_val = -1;
307 
308 fail:
309  gcry_mpi_release (key1);
310  gcry_mpi_release (key2);
311  return retc;
312 }
short type
Definition: nasl_tree.h:106
short ref_count
Definition: nasl_tree.h:108
Definition: nasl_tree.h:104
union TC::@2 x
static int mpi_from_named_parameter(lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function)
Converts a named nasl parameter to a gcry_mpi_t.
Definition: nasl_crypto2.c:224
long int i_val
Definition: nasl_tree.h:113
Here is the call graph for this function:

◆ nasl_bn_random()

tree_cell* nasl_bn_random ( lex_ctxt lexic)

nasl function

bn_random(need:numBits)

Returns
An MPI as a string with need bits of random data.

Definition at line 322 of file nasl_crypto2.c.

References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), set_mpi_retc(), TC::size, TC::str_val, and TC::x.

323 {
324  tree_cell *retc = NULL;
325  gcry_mpi_t key = NULL;
326  long need;
327 
328  retc = alloc_typed_cell (CONST_DATA);
329 
330  /* number of random bits */
331  need = get_int_var_by_name (lexic, "need", 0);
332 
333  key = gcry_mpi_new (0);
334  if (!key)
335  goto fail;
336 
337  gcry_mpi_randomize (key, need, GCRY_STRONG_RANDOM);
338 
339  if (set_mpi_retc (retc, key) >= 0)
340  goto ret;
341 
342 fail:
343  retc->size = 0;
344  retc->x.str_val = g_malloc0 (1);
345 ret:
346  gcry_mpi_release (key);
347  return retc;
348 }
char * str_val
Definition: nasl_tree.h:112
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:40
Definition: nasl_tree.h:104
union TC::@2 x
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1113
static int set_mpi_retc(tree_cell *retc, gcry_mpi_t mpi)
Sets the return value in retc from the MPI mpi.
Definition: nasl_crypto2.c:258
int size
Definition: nasl_tree.h:109
Here is the call graph for this function:

◆ nasl_close_stream_cipher()

tree_cell* nasl_close_stream_cipher ( lex_ctxt lexic)

Nasl function to delete a cipher item from the cipher table.

Parameters
[in]cipherThe cipher algorithm. It must be the same used for the handler. It is used to prepare the data. Only GCRY_CIPHER_ARCFOUR is currently supported.
Returns
Returns the encrypted data on success. Otherwise NULL.

Definition at line 1661 of file nasl_crypto2.c.

References alloc_typed_cell(), CONST_INT, delete_cipher_item(), get_int_var_by_name(), cipher_table_item::hd, TC::i_val, verify_cipher_id(), and TC::x.

1662 {
1663  tree_cell *retc;
1664  int cipher_id;
1665  gcry_cipher_hd_t hd;
1666 
1667  cipher_id = get_int_var_by_name (lexic, "hd", 0);
1668 
1669  hd = verify_cipher_id (lexic, cipher_id);
1670  if (hd == NULL)
1671  return NULL;
1672 
1673  delete_cipher_item (cipher_id);
1674  retc = alloc_typed_cell (CONST_INT);
1675  retc->x.i_val = 0;
1676  return retc;
1677 }
static gcry_cipher_hd_t verify_cipher_id(lex_ctxt *lexic, int cipher_id)
Helper function to validate the cipher id.
Definition: nasl_crypto2.c:134
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:40
Definition: nasl_tree.h:104
union TC::@2 x
static void delete_cipher_item(int cipher_id)
Free and remove a cipher handler from the cipher table.
Definition: nasl_crypto2.c:169
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1113
long int i_val
Definition: nasl_tree.h:113
Here is the call graph for this function:

◆ nasl_des_ede_cbc_encrypt()

tree_cell* nasl_des_ede_cbc_encrypt ( lex_ctxt lexic)

Definition at line 1853 of file nasl_crypto2.c.

References encrypt_data().

1854 {
1855  return encrypt_data (lexic, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC);
1856 }
static tree_cell * encrypt_data(lex_ctxt *lexic, int cipher, int mode)
Here is the call graph for this function:

◆ nasl_dh_compute_key()

tree_cell* nasl_dh_compute_key ( lex_ctxt lexic)

nasl function

DH_compute_key(p:mpi_p, g:mpi_g, dh_server_pub:mpi_server_pub, pub_key:mpi_client_pub, priv_key:mpi_client_priv)

Computes the Diffie-Hellman shared secret key from the shared parameters p and g, the server's public key dh_server_pub and the client's public and private keys pub_key an priv_key. The return value is the shared secret key as an MPI.

Definition at line 619 of file nasl_crypto2.c.

References alloc_typed_cell(), calc_dh_key(), CONST_DATA, mpi_from_named_parameter(), set_mpi_retc(), TC::size, TC::str_val, and TC::x.

620 {
621  tree_cell *retc = NULL;
622  gcry_mpi_t p = NULL, g = NULL, dh_server_pub = NULL;
623  gcry_mpi_t pub_key = NULL, priv_key = NULL;
624  gcry_mpi_t shared = NULL;
625 
626  retc = alloc_typed_cell (CONST_DATA);
627 
628  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dh_compute_key") < 0)
629  goto fail;
630  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dh_compute_key") < 0)
631  goto fail;
632  if (mpi_from_named_parameter (lexic, &dh_server_pub, "dh_server_pub",
633  "nasl_dh_compute_key")
634  < 0)
635  goto fail;
636  if (mpi_from_named_parameter (lexic, &pub_key, "pub_key",
637  "nasl_dh_compute_key")
638  < 0)
639  goto fail;
640  if (mpi_from_named_parameter (lexic, &priv_key, "priv_key",
641  "nasl_dh_compute_key")
642  < 0)
643  goto fail;
644 
645  shared = calc_dh_key (dh_server_pub, p, priv_key);
646 
647  if (set_mpi_retc (retc, shared) >= 0)
648  goto ret;
649 
650 fail:
651  retc->size = 0;
652  retc->x.str_val = g_malloc0 (1);
653 ret:
654  gcry_mpi_release (p);
655  gcry_mpi_release (g);
656  gcry_mpi_release (dh_server_pub);
657  gcry_mpi_release (priv_key);
658  gcry_mpi_release (pub_key);
659  gcry_mpi_release (shared);
660  return retc;
661 }
static gcry_mpi_t calc_dh_key(gcry_mpi_t pub, gcry_mpi_t prime, gcry_mpi_t priv)
Compute the diffie hellman shared secret key.
Definition: nasl_crypto2.c:549
char * str_val
Definition: nasl_tree.h:112
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:40
Definition: nasl_tree.h:104
union TC::@2 x
static int mpi_from_named_parameter(lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function)
Converts a named nasl parameter to a gcry_mpi_t.
Definition: nasl_crypto2.c:224
static int set_mpi_retc(tree_cell *retc, gcry_mpi_t mpi)
Sets the return value in retc from the MPI mpi.
Definition: nasl_crypto2.c:258
int size
Definition: nasl_tree.h:109
Here is the call graph for this function:

◆ nasl_dh_generate_key()

tree_cell* nasl_dh_generate_key ( lex_ctxt lexic)

nasl function

dh_generate_key(p:mpi_p, g:mpi_g, priv:mpi_priv)

Generates a Diffie-Hellman public key from the shared parameters p and g and the private parameter priv. The return value is the public key as an MPI.

Definition at line 574 of file nasl_crypto2.c.

References alloc_typed_cell(), calc_dh_public(), CONST_DATA, mpi_from_named_parameter(), set_mpi_retc(), TC::size, TC::str_val, and TC::x.

575 {
576  tree_cell *retc = NULL;
577  gcry_mpi_t p = NULL, g = NULL, priv = NULL, pub_mpi = NULL;
578 
579  retc = alloc_typed_cell (CONST_DATA);
580 
581  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dh_generate_key") < 0)
582  goto fail;
583  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dh_generate_key") < 0)
584  goto fail;
585  if (mpi_from_named_parameter (lexic, &priv, "priv", "nasl_dh_generate_key")
586  < 0)
587  goto fail;
588 
589  pub_mpi = calc_dh_public (g, p, priv);
590  if (pub_mpi == NULL)
591  goto fail;
592 
593  if (set_mpi_retc (retc, pub_mpi) >= 0)
594  goto ret;
595 
596 fail:
597  retc->x.str_val = g_malloc0 (1);
598  retc->size = 0;
599 ret:
600  gcry_mpi_release (p);
601  gcry_mpi_release (g);
602  gcry_mpi_release (priv);
603  gcry_mpi_release (pub_mpi);
604  return retc;
605 }
char * str_val
Definition: nasl_tree.h:112
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:40
Definition: nasl_tree.h:104
union TC::@2 x
static int mpi_from_named_parameter(lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function)
Converts a named nasl parameter to a gcry_mpi_t.
Definition: nasl_crypto2.c:224
static int set_mpi_retc(tree_cell *retc, gcry_mpi_t mpi)
Sets the return value in retc from the MPI mpi.
Definition: nasl_crypto2.c:258
static gcry_mpi_t calc_dh_public(gcry_mpi_t g, gcry_mpi_t prime, gcry_mpi_t priv)
compute the diffie hellman public key.
Definition: nasl_crypto2.c:522
int size
Definition: nasl_tree.h:109
Here is the call graph for this function:

◆ nasl_dsa_do_sign()

tree_cell* nasl_dsa_do_sign ( lex_ctxt lexic)

nasl function

dsa_do_sign(p:mpi_p, g:mpi_g, q:mpi_q, pub:mpi_pub, priv:mpi_priv, data:hash)

Computes the DSA signature of the hash in data using the private DSA key given by p, g, q, pub and priv. The return value is a 40 byte string encoding the two MPIs r and s of the DSA signature. The first 20 bytes are the value of r and the last 20 bytes are the value of s.

Definition at line 1251 of file nasl_crypto2.c.

References CONST_DATA, extract_mpi_from_sexp(), TC::i_val, INTBLOB_LEN, mpi_from_named_parameter(), nasl_perror(), print_gcrypt_error(), TC::ref_count, SIGBLOB_LEN, TC::size, TC::str_val, TC::type, and TC::x.

1252 {
1253  tree_cell *retc = NULL;
1254  gcry_mpi_t p = NULL, g = NULL, q = NULL, pub = NULL, priv = NULL, data = NULL;
1255  gcry_mpi_t r = NULL, s = NULL;
1256  gcry_sexp_t ssig = NULL, skey = NULL, sdata = NULL;
1257  long rlen, slen;
1258  unsigned char *sigblob = NULL;
1259  gcry_error_t err;
1260 
1261  retc = g_malloc0 (sizeof (tree_cell));
1262  retc->ref_count = 1;
1263  retc->type = CONST_DATA;
1264  retc->x.i_val = 0;
1265 
1266  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dsa_do_sign") < 0)
1267  goto fail;
1268  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dsa_do_sign") < 0)
1269  goto fail;
1270  if (mpi_from_named_parameter (lexic, &q, "q", "nasl_dsa_do_sign") < 0)
1271  goto fail;
1272  if (mpi_from_named_parameter (lexic, &pub, "pub", "nasl_dsa_do_sign") < 0)
1273  goto fail;
1274  if (mpi_from_named_parameter (lexic, &priv, "priv", "nasl_dsa_do_sign") < 0)
1275  goto fail;
1276  if (mpi_from_named_parameter (lexic, &data, "data", "nasl_dsa_do_sign") < 0)
1277  goto fail;
1278 
1279  err = gcry_sexp_build (&sdata, NULL, "(data (flags raw) (value %m))", data);
1280  if (err)
1281  {
1282  print_gcrypt_error (lexic, "gcry_sexp_build for data", err);
1283  goto fail;
1284  }
1285 
1286  err = gcry_sexp_build (
1287  &skey, NULL, "(private-key (dsa (p %m) (q %m) (g %m) (y %m) (x %m)))", p, q,
1288  g, pub, priv);
1289  if (err)
1290  {
1291  print_gcrypt_error (lexic, "gcry_sexp_build for private-key", err);
1292  goto fail;
1293  }
1294 
1295  err = gcry_pk_sign (&ssig, sdata, skey);
1296  if (err)
1297  {
1298  print_gcrypt_error (lexic, "gcry_pk_sign", err);
1299  goto fail;
1300  }
1301 
1302  r = extract_mpi_from_sexp (ssig, "r");
1303  s = extract_mpi_from_sexp (ssig, "s");
1304  if (!r || !s)
1305  goto fail;
1306 
1307  rlen = (gcry_mpi_get_nbits (r) + 7) / 8;
1308  slen = (gcry_mpi_get_nbits (s) + 7) / 8;
1309  if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN)
1310  {
1311  nasl_perror (lexic, "rlen (%d) or slen (%d) > INTBLOB_LEN (%d)\n", rlen,
1312  slen, INTBLOB_LEN);
1313  goto fail;
1314  }
1315 
1316  sigblob = g_malloc0 (SIGBLOB_LEN);
1317  memset (sigblob, 0, SIGBLOB_LEN);
1318 
1319  err = gcry_mpi_print (
1320  GCRYMPI_FMT_USG,
1321  (unsigned char *) (sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen), rlen, NULL,
1322  r);
1323  if (err)
1324  {
1325  print_gcrypt_error (lexic, "gcry_mpi_print(r)", err);
1326  goto fail;
1327  }
1328  err = gcry_mpi_print (GCRYMPI_FMT_USG,
1329  (unsigned char *) (sigblob + SIGBLOB_LEN - slen), rlen,
1330  NULL, s);
1331  if (err)
1332  {
1333  print_gcrypt_error (lexic, "gcry_mpi_print(s)", err);
1334  goto fail;
1335  }
1336 
1337  retc->x.str_val = (char *) sigblob;
1338  sigblob = NULL;
1339  retc->size = SIGBLOB_LEN;
1340 
1341 fail:
1342  gcry_mpi_release (p);
1343  gcry_mpi_release (g);
1344  gcry_mpi_release (q);
1345  gcry_mpi_release (pub);
1346  gcry_mpi_release (priv);
1347  gcry_mpi_release (data);
1348  gcry_mpi_release (r);
1349  gcry_mpi_release (s);
1350  gcry_sexp_release (ssig);
1351  gcry_sexp_release (skey);
1352  gcry_sexp_release (sdata);
1353  g_free (sigblob);
1354 
1355  return retc;
1356 }
short type
Definition: nasl_tree.h:106
char * str_val
Definition: nasl_tree.h:112
short ref_count
Definition: nasl_tree.h:108
static gcry_mpi_t extract_mpi_from_sexp(gcry_sexp_t sexp, const char *token)
Extracts an MPI value from a libgcryt s-expression.
Definition: nasl_crypto2.c:672
void print_gcrypt_error(lex_ctxt *lexic, char *function, int err)
Prints a libgcrypt error.
Definition: nasl_crypto2.c:86
Definition: nasl_tree.h:104
union TC::@2 x
static int mpi_from_named_parameter(lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function)
Converts a named nasl parameter to a gcry_mpi_t.
Definition: nasl_crypto2.c:224
void nasl_perror(lex_ctxt *lexic, char *msg,...)
Definition: nasl_debug.c:120
long int i_val
Definition: nasl_tree.h:113
#define SIGBLOB_LEN
Definition: nasl_crypto2.c:43
#define INTBLOB_LEN
Definition: nasl_crypto2.c:42
int size
Definition: nasl_tree.h:109
Here is the call graph for this function:

◆ nasl_dsa_do_verify()

tree_cell* nasl_dsa_do_verify ( lex_ctxt lexic)

nasl function

dsa_do_verify(p:mpi_p, g:mpi_g, q:mpi_q, pub:mpi_pub, r:mpi_r, s:mpi_s, data:hash)

Verify that the DSA signature given by r and s matches the hash given in data using the public DSA key given by p, g, q and pub. Returns 1 if the signature is valid and 0 if it's invalid.

Definition at line 1162 of file nasl_crypto2.c.

References CONST_INT, TC::i_val, mpi_from_named_parameter(), print_gcrypt_error(), TC::ref_count, TC::type, and TC::x.

1163 {
1164  tree_cell *retc = NULL;
1165  gcry_mpi_t p = NULL, g = NULL, q = NULL, pub = NULL, data = NULL;
1166  gcry_mpi_t r = NULL, s = NULL;
1167  gcry_sexp_t ssig = NULL, skey = NULL, sdata = NULL;
1168  gcry_error_t err;
1169 
1170  retc = g_malloc0 (sizeof (tree_cell));
1171  retc->ref_count = 1;
1172  retc->type = CONST_INT;
1173  retc->x.i_val = 0;
1174 
1175  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dsa_do_sign") < 0)
1176  goto fail;
1177  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dsa_do_sign") < 0)
1178  goto fail;
1179  if (mpi_from_named_parameter (lexic, &q, "q", "nasl_dsa_do_sign") < 0)
1180  goto fail;
1181  if (mpi_from_named_parameter (lexic, &pub, "pub", "nasl_dsa_do_sign") < 0)
1182  goto fail;
1183  if (mpi_from_named_parameter (lexic, &r, "r", "nasl_dsa_do_sign") < 0)
1184  goto fail;
1185  if (mpi_from_named_parameter (lexic, &s, "s", "nasl_dsa_do_sign") < 0)
1186  goto fail;
1187  if (mpi_from_named_parameter (lexic, &data, "data", "nasl_dsa_do_sign") < 0)
1188  goto fail;
1189 
1190  err = gcry_sexp_build (&sdata, NULL, "(data (flags raw) (value %m))", data);
1191  if (err)
1192  {
1193  print_gcrypt_error (lexic, "gcry_sexp_build for data", err);
1194  goto fail;
1195  }
1196 
1197  err = gcry_sexp_build (&skey, NULL,
1198  "(public-key (dsa (p %m) (q %m) (g %m) (y %m)))", p, q,
1199  g, pub);
1200  if (err)
1201  {
1202  print_gcrypt_error (lexic, "gcry_sexp_build for private key", err);
1203  goto fail;
1204  }
1205 
1206  err = gcry_sexp_build (&ssig, NULL, "(sig-val (dsa (r %m) (s %m)))", r, s);
1207  if (err)
1208  {
1209  print_gcrypt_error (lexic, "gcry_sexp_build for signature", err);
1210  goto fail;
1211  }
1212 
1213  err = gcry_pk_verify (ssig, sdata, skey);
1214  if (err == 0)
1215  retc->x.i_val = 1;
1216  else if (gcry_err_code (err) == GPG_ERR_BAD_SIGNATURE)
1217  retc->x.i_val = 0;
1218  else
1219  {
1220  print_gcrypt_error (lexic, "gcry_pk_sign", err);
1221  goto fail;
1222  }
1223 
1224 fail:
1225  gcry_mpi_release (p);
1226  gcry_mpi_release (g);
1227  gcry_mpi_release (q);
1228  gcry_mpi_release (pub);
1229  gcry_mpi_release (r);
1230  gcry_mpi_release (s);
1231  gcry_mpi_release (data);
1232  gcry_sexp_release (ssig);
1233  gcry_sexp_release (skey);
1234  gcry_sexp_release (sdata);
1235 
1236  return retc;
1237 }
short type
Definition: nasl_tree.h:106
short ref_count
Definition: nasl_tree.h:108
void print_gcrypt_error(lex_ctxt *lexic, char *function, int err)
Prints a libgcrypt error.
Definition: nasl_crypto2.c:86
Definition: nasl_tree.h:104
union TC::@2 x
static int mpi_from_named_parameter(lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function)
Converts a named nasl parameter to a gcry_mpi_t.
Definition: nasl_crypto2.c:224
long int i_val
Definition: nasl_tree.h:113
Here is the call graph for this function:

◆ nasl_open_rc4_cipher()

tree_cell* nasl_open_rc4_cipher ( lex_ctxt lexic)

Nasl function to open RC4 cipher to encrypt a stream of data. The handler can be used to encrypt stream data. Open cipher must be close with close_stream_cipher() when it is not useful anymore.

Returns
Returns the id of the cipher handler encrypted data on success. Otherwise NULL.

Definition at line 1822 of file nasl_crypto2.c.

References nasl_open_stream_cipher().

1823 {
1824  return nasl_open_stream_cipher (lexic, GCRY_CIPHER_ARCFOUR,
1825  GCRY_CIPHER_MODE_STREAM);
1826 }
static tree_cell * nasl_open_stream_cipher(lex_ctxt *lexic, int cipher, int mode)
Open a stream cipher. This function creates a context handle and stores it in a cipher table...
Here is the call graph for this function:

◆ nasl_pem_to_dsa()

tree_cell* nasl_pem_to_dsa ( lex_ctxt lexic)

nasl function

pem_to_dsa(priv:PEM, passphrase:PASSPHRASE)

Reads the private key from the string priv which contains a private DSA key in PEM format. Passphrase is the passphrase needed to decrypt the private key. The function returns the parameter "x" of the DSA key as an MPI.

Definition at line 505 of file nasl_crypto2.c.

References nasl_pem_to().

506 {
507  return nasl_pem_to (lexic, 1);
508 }
tree_cell * nasl_pem_to(lex_ctxt *lexic, int type)
Implements the nasl functions pem_to_rsa and pem_to_dsa.
Definition: nasl_crypto2.c:407
Here is the call graph for this function:

◆ nasl_pem_to_rsa()

tree_cell* nasl_pem_to_rsa ( lex_ctxt lexic)

nasl function

pem_to_rsa(priv:PEM, passphrase:PASSPHRASE)

Reads the private key from the string priv which contains a private RSA key in PEM format. Passphrase is the passphrase needed to decrypt the private key. The function returns the parameter "d" of the RSA key as an MPI.

Definition at line 489 of file nasl_crypto2.c.

References nasl_pem_to().

490 {
491  return nasl_pem_to (lexic, 0);
492 }
tree_cell * nasl_pem_to(lex_ctxt *lexic, int type)
Implements the nasl functions pem_to_rsa and pem_to_dsa.
Definition: nasl_crypto2.c:407
Here is the call graph for this function:

◆ nasl_rc4_encrypt()

tree_cell* nasl_rc4_encrypt ( lex_ctxt lexic)

Nasl function to encrypt data with a RC4 cipher. If an hd param exist in the lexix context, it will use this handler to encrypt the data as part of a stream data. e.g.: rc4_encypt(data: data, hd: hd)

Otherwise encrypts the data as block and the key is mandatory: e.g.: rc4_encypt(data: data, key: key)

Returns
Returns the encrypted data on success. Otherwise NULL.

Definition at line 1796 of file nasl_crypto2.c.

References encrypt_data(), encrypt_stream_data(), get_int_var_by_name(), cipher_table_item::hd, and verify_cipher_id().

1797 {
1798  int cipher_id;
1799  gcry_cipher_hd_t hd;
1800  cipher_id = get_int_var_by_name (lexic, "hd", -1);
1801 
1802  if (cipher_id >= 0)
1803  {
1804  hd = verify_cipher_id (lexic, cipher_id);
1805  if (hd == NULL)
1806  return NULL;
1807  return encrypt_stream_data (lexic, GCRY_CIPHER_ARCFOUR);
1808  }
1809 
1810  return encrypt_data (lexic, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM);
1811 }
static tree_cell * encrypt_stream_data(lex_ctxt *lexic, int cipher)
Encrypt data using an existent cipher handle. As the handler is not close, the key is updated to encr...
static tree_cell * encrypt_data(lex_ctxt *lexic, int cipher, int mode)
static gcry_cipher_hd_t verify_cipher_id(lex_ctxt *lexic, int cipher_id)
Helper function to validate the cipher id.
Definition: nasl_crypto2.c:134
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1113
Here is the call graph for this function:

◆ nasl_rsa_private_decrypt()

tree_cell* nasl_rsa_private_decrypt ( lex_ctxt lexic)

nasl function

rsa_private_decrypt(data:data, d:mpi_d, e:mpi_e, n:mpi_n, padd:<TRUE:FALSE>)

Decrypt the provided data with the private RSA key given by its parameters d, e and n. The return value is the decrypted data in plaintext format.

TODO: In future releases, string support for padding should be removed

Definition at line 862 of file nasl_crypto2.c.

References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), get_var_type_by_name(), mpi_from_named_parameter(), nasl_perror(), print_gcrypt_error(), set_retc_from_sexp(), TC::size, TC::str_val, strip_pkcs1_padding(), VAR2_INT, VAR2_STRING, and TC::x.

863 {
864  tree_cell *retc = NULL;
865  gcry_mpi_t e = NULL, n = NULL, d = NULL, dt = NULL;
866  gcry_sexp_t key = NULL, data = NULL, decrypted = NULL;
867  gcry_error_t err;
868  int type = get_var_type_by_name (lexic, "pad");
869  int pad = 0;
870 
871  if (type == VAR2_INT)
872  pad = get_int_var_by_name (lexic, "pad", 0);
874  else if (type == VAR2_STRING)
875  {
876  if (!strcmp (get_str_var_by_name (lexic, "pad"), "TRUE"))
877  pad = 1;
878  }
879  else
880  {
881  nasl_perror (lexic, "Syntax : rsa_public_encrypt(data:<d>,"
882  "n:<n>, e:<e>, pad:<TRUE:FALSE>)");
883  return NULL;
884  }
885 
886  retc = alloc_typed_cell (CONST_DATA);
887 
888  if (mpi_from_named_parameter (lexic, &dt, "data", "nasl_rsa_private_decrypt")
889  < 0)
890  goto fail;
891  if (mpi_from_named_parameter (lexic, &e, "e", "nasl_rsa_private_decrypt") < 0)
892  goto fail;
893  if (mpi_from_named_parameter (lexic, &n, "n", "nasl_rsa_private_decrypt") < 0)
894  goto fail;
895  if (mpi_from_named_parameter (lexic, &d, "d", "nasl_rsa_private_decrypt") < 0)
896  goto fail;
897 
898  err = gcry_sexp_build (&key, NULL, "(private-key (rsa (n %m) (e %m) (d %m)))",
899  n, e, d);
900  if (err)
901  {
902  print_gcrypt_error (lexic, "gcry_sexp_build privkey", err);
903  goto fail;
904  }
905 
906  if (pad == 1)
907  err =
908  gcry_sexp_build (&data, NULL, "(enc-val (flags pkcs1) (rsa (a %m)))", dt);
909  else
910  err =
911  gcry_sexp_build (&data, NULL, "(enc-val (flags raw) (rsa (a %m)))", dt);
912  if (err)
913  {
914  print_gcrypt_error (lexic, "gcry_sexp_build data", err);
915  goto fail;
916  }
917 
918  err = gcry_pk_decrypt (&decrypted, data, key);
919  if (err)
920  {
921  print_gcrypt_error (lexic, "gcry_pk_decrypt", err);
922  goto fail;
923  }
924 
925  if (pad == 1)
926  {
927  if (set_retc_from_sexp (retc, decrypted, "value") >= 0
928  && strip_pkcs1_padding (retc) >= 0)
929  goto ret;
930  }
931  else
932  {
933  if (set_retc_from_sexp (retc, decrypted, "value") >= 0)
934  goto ret;
935  }
936 
937 fail:
938  retc->size = 0;
939  retc->x.str_val = g_malloc0 (1);
940 ret:
941  gcry_sexp_release (decrypted);
942  gcry_sexp_release (key);
943  gcry_sexp_release (data);
944  gcry_mpi_release (dt);
945  gcry_mpi_release (e);
946  gcry_mpi_release (n);
947  gcry_mpi_release (d);
948  return retc;
949 }
int get_var_type_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1171
static int strip_pkcs1_padding(tree_cell *retc)
Strips PKCS#1 padding from the string in retc.
Definition: nasl_crypto2.c:720
char * str_val
Definition: nasl_tree.h:112
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1127
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:40
void print_gcrypt_error(lex_ctxt *lexic, char *function, int err)
Prints a libgcrypt error.
Definition: nasl_crypto2.c:86
Definition: nasl_tree.h:104
union TC::@2 x
static int mpi_from_named_parameter(lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function)
Converts a named nasl parameter to a gcry_mpi_t.
Definition: nasl_crypto2.c:224
void nasl_perror(lex_ctxt *lexic, char *msg,...)
Definition: nasl_debug.c:120
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1113
static int set_retc_from_sexp(tree_cell *retc, gcry_sexp_t sexp, const char *token)
Sets the return value in retc from an sexpression.
Definition: nasl_crypto2.c:702
int size
Definition: nasl_tree.h:109
Here is the call graph for this function:

◆ nasl_rsa_public_decrypt()

tree_cell* nasl_rsa_public_decrypt ( lex_ctxt lexic)

nasl function

rsa_public_decrypt(sig:signature, e:mpi_e, n:mpi_n)

Decrypt the data in signature (usually an rsa-encrypted hash) with the public RSA key given by its parameters e and n. The return value is the decrypted data.

Definition at line 961 of file nasl_crypto2.c.

References alloc_typed_cell(), CONST_DATA, mpi_from_named_parameter(), print_gcrypt_error(), set_retc_from_sexp(), TC::size, TC::str_val, strip_pkcs1_padding(), and TC::x.

962 {
963  tree_cell *retc = NULL;
964  gcry_mpi_t e = NULL, n = NULL, s = NULL;
965  gcry_sexp_t key = NULL, sig = NULL, decrypted = NULL;
966  gcry_error_t err;
967 
968  retc = alloc_typed_cell (CONST_DATA);
969 
970  if (mpi_from_named_parameter (lexic, &s, "sig", "nasl_rsa_public_decrypt")
971  < 0)
972  goto fail;
973  if (mpi_from_named_parameter (lexic, &e, "e", "nasl_rsa_public_decrypt") < 0)
974  goto fail;
975  if (mpi_from_named_parameter (lexic, &n, "n", "nasl_rsa_public_decrypt") < 0)
976  goto fail;
977 
978  err = gcry_sexp_build (&key, NULL, "(public-key (rsa (n %m) (e %m)))", n, e);
979  if (err)
980  {
981  print_gcrypt_error (lexic, "gcry_sexp_build pubkey", err);
982  goto fail;
983  }
984  err = gcry_sexp_build (&sig, NULL, "(data (flags raw) (value %m))", s);
985  if (err)
986  {
987  print_gcrypt_error (lexic, "gcry_sexp_build sig", err);
988  goto fail;
989  }
990 
991  /* gcry_pk_encrypt is equivalent to the public key decryption at least
992  * for RSA keys. */
993  err = gcry_pk_encrypt (&decrypted, sig, key);
994  if (err)
995  {
996  print_gcrypt_error (lexic, "gcry_pk_encrypt", err);
997  goto fail;
998  }
999 
1000  if (set_retc_from_sexp (retc, decrypted, "a") >= 0
1001  && strip_pkcs1_padding (retc) >= 0)
1002  goto ret;
1003 
1004 fail:
1005  retc->size = 0;
1006  retc->x.str_val = g_malloc0 (1);
1007 ret:
1008  gcry_sexp_release (decrypted);
1009  gcry_sexp_release (key);
1010  gcry_sexp_release (sig);
1011  gcry_mpi_release (s);
1012  gcry_mpi_release (e);
1013  gcry_mpi_release (n);
1014  return retc;
1015 }
static int strip_pkcs1_padding(tree_cell *retc)
Strips PKCS#1 padding from the string in retc.
Definition: nasl_crypto2.c:720
char * str_val
Definition: nasl_tree.h:112
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:40
void print_gcrypt_error(lex_ctxt *lexic, char *function, int err)
Prints a libgcrypt error.
Definition: nasl_crypto2.c:86
Definition: nasl_tree.h:104
union TC::@2 x
static int mpi_from_named_parameter(lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function)
Converts a named nasl parameter to a gcry_mpi_t.
Definition: nasl_crypto2.c:224
static int set_retc_from_sexp(tree_cell *retc, gcry_sexp_t sexp, const char *token)
Sets the return value in retc from an sexpression.
Definition: nasl_crypto2.c:702
int size
Definition: nasl_tree.h:109
Here is the call graph for this function:

◆ nasl_rsa_public_encrypt()

tree_cell* nasl_rsa_public_encrypt ( lex_ctxt lexic)

nasl function

rsa_public_encrypt(data:data, e:mpi_e, n:mpi_n, padd:<TRUE:FALSE>)

Encrypt the provided data with the public RSA key given by its parameters e and n. The return value is the encrypted data.

TODO: In future releases, string support for padding should be removed

Definition at line 770 of file nasl_crypto2.c.

References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), get_var_type_by_name(), mpi_from_named_parameter(), nasl_perror(), print_gcrypt_error(), set_retc_from_sexp(), TC::size, TC::str_val, strip_pkcs1_padding(), VAR2_INT, VAR2_STRING, and TC::x.

771 {
772  tree_cell *retc = NULL;
773  gcry_mpi_t e = NULL, n = NULL, dt = NULL;
774  gcry_sexp_t key = NULL, data = NULL, encrypted = NULL;
775  gcry_error_t err;
776  int type = get_var_type_by_name (lexic, "pad");
777  int pad = 0;
778 
779  if (type == VAR2_INT)
780  pad = get_int_var_by_name (lexic, "pad", 0);
782  else if (type == VAR2_STRING)
783  {
784  if (!strcmp (get_str_var_by_name (lexic, "pad"), "TRUE"))
785  pad = 1;
786  }
787  else
788  {
789  nasl_perror (lexic, "Syntax : rsa_public_encrypt(data:<d>,"
790  "n:<n>, e:<e>, pad:<TRUE:FALSE>)");
791  return NULL;
792  }
793 
794  retc = alloc_typed_cell (CONST_DATA);
795 
796  if (mpi_from_named_parameter (lexic, &dt, "data", "nasl_rsa_public_encrypt")
797  < 0)
798  goto fail;
799  if (mpi_from_named_parameter (lexic, &e, "e", "nasl_rsa_public_encrypt") < 0)
800  goto fail;
801  if (mpi_from_named_parameter (lexic, &n, "n", "nasl_rsa_public_encrypt") < 0)
802  goto fail;
803 
804  err = gcry_sexp_build (&key, NULL, "(public-key (rsa (n %m) (e %m)))", n, e);
805  if (err)
806  {
807  print_gcrypt_error (lexic, "gcry_sexp_build pubkey", err);
808  goto fail;
809  }
810 
811  if (pad == 1)
812  err = gcry_sexp_build (&data, NULL, "(data (flags pkcs1) (value %m))", dt);
813  else
814  err = gcry_sexp_build (&data, NULL, "(data (flags raw) (value %m))", dt);
815  if (err)
816  {
817  print_gcrypt_error (lexic, "gcry_sexp_build data", err);
818  goto fail;
819  }
820 
821  err = gcry_pk_encrypt (&encrypted, data, key);
822  if (err)
823  {
824  print_gcrypt_error (lexic, "gcry_pk_encrypt", err);
825  goto fail;
826  }
827 
828  if (pad == 1)
829  {
830  if (set_retc_from_sexp (retc, encrypted, "a") >= 0
831  && strip_pkcs1_padding (retc) >= 0)
832  goto ret;
833  }
834  else
835  {
836  if (set_retc_from_sexp (retc, encrypted, "a") >= 0)
837  goto ret;
838  }
839 
840 fail:
841  retc->size = 0;
842  retc->x.str_val = g_malloc0 (1);
843 ret:
844  gcry_sexp_release (encrypted);
845  gcry_sexp_release (key);
846  gcry_sexp_release (data);
847  gcry_mpi_release (dt);
848  gcry_mpi_release (e);
849  gcry_mpi_release (n);
850  return retc;
851 }
int get_var_type_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1171
static int strip_pkcs1_padding(tree_cell *retc)
Strips PKCS#1 padding from the string in retc.
Definition: nasl_crypto2.c:720
char * str_val
Definition: nasl_tree.h:112
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1127
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:40
void print_gcrypt_error(lex_ctxt *lexic, char *function, int err)
Prints a libgcrypt error.
Definition: nasl_crypto2.c:86
Definition: nasl_tree.h:104
union TC::@2 x
static int mpi_from_named_parameter(lex_ctxt *lexic, gcry_mpi_t *dest, const char *parameter, const char *function)
Converts a named nasl parameter to a gcry_mpi_t.
Definition: nasl_crypto2.c:224
void nasl_perror(lex_ctxt *lexic, char *msg,...)
Definition: nasl_debug.c:120
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1113
static int set_retc_from_sexp(tree_cell *retc, gcry_sexp_t sexp, const char *token)
Sets the return value in retc from an sexpression.
Definition: nasl_crypto2.c:702
int size
Definition: nasl_tree.h:109
Here is the call graph for this function:

◆ nasl_rsa_sign()

tree_cell* nasl_rsa_sign ( lex_ctxt lexic)

nasl function

rsa_sign(data:hash, priv:pem, passphrase:passphrase)

Signs the data with the private RSA key priv given in PEM format. The passphrase is the passphrase needed to decrypt the private key. Returns the signed data.

In the OpenSSL based nasl, the key was not given in PEM form and with a passphrase. Instead it was given as the RSA parameters e, n and d. libgcrypt always requires all the parameters (including p, g, and u), so this function was changed to simply accept the full private key in PEM form. The one place where it was called had that the key available in that form.

Definition at line 1098 of file nasl_crypto2.c.

References alloc_typed_cell(), CONST_DATA, get_str_var_by_name(), get_var_size_by_name(), nasl_load_privkey_param(), nasl_sexp_from_privkey(), print_gcrypt_error(), set_retc_from_sexp(), TC::size, TC::str_val, and TC::x.

1099 {
1100  tree_cell *retc = NULL;
1101  char *data;
1102  int data_size;
1103  gcry_sexp_t ssig = NULL, sdata = NULL, skey = NULL;
1104  gnutls_x509_privkey_t priv_key = NULL;
1105  gcry_error_t err;
1106 
1107  retc = alloc_typed_cell (CONST_DATA);
1108 
1109  data = get_str_var_by_name (lexic, "data");
1110  data_size = get_var_size_by_name (lexic, "data");
1111  if (!data)
1112  goto fail;
1113 
1114  priv_key = nasl_load_privkey_param (lexic, "priv", "passphrase");
1115  if (!priv_key)
1116  goto fail;
1117 
1118  err = gcry_sexp_build (&sdata, NULL, "(data (flags pkcs1) (hash sha1 %b))",
1119  data_size, data);
1120  if (err)
1121  {
1122  print_gcrypt_error (lexic, "gcry_sexp_build for data", err);
1123  goto fail;
1124  }
1125 
1126  skey = nasl_sexp_from_privkey (lexic, priv_key);
1127  if (!skey)
1128  goto fail;
1129 
1130  err = gcry_pk_sign (&ssig, sdata, skey);
1131  if (err)
1132  {
1133  print_gcrypt_error (lexic, "gcry_pk_sign", err);
1134  goto fail;
1135  }
1136 
1137  if (set_retc_from_sexp (retc, ssig, "s") >= 0)
1138  goto ret;
1139 
1140 fail:
1141  retc->size = 0;
1142  retc->x.str_val = g_malloc0 (1);
1143 ret:
1144  gcry_sexp_release (ssig);
1145  gcry_sexp_release (sdata);
1146  gcry_sexp_release (skey);
1147  gnutls_x509_privkey_deinit (priv_key);
1148  return retc;
1149 }
static gcry_sexp_t nasl_sexp_from_privkey(lex_ctxt *lexic, gnutls_x509_privkey_t privkey)
char * str_val
Definition: nasl_tree.h:112
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1127
tree_cell * alloc_typed_cell(int typ)
Definition: nasl_tree.c:40
void print_gcrypt_error(lex_ctxt *lexic, char *function, int err)
Prints a libgcrypt error.
Definition: nasl_crypto2.c:86
Definition: nasl_tree.h:104
union TC::@2 x
static int set_retc_from_sexp(tree_cell *retc, gcry_sexp_t sexp, const char *token)
Sets the return value in retc from an sexpression.
Definition: nasl_crypto2.c:702
int get_var_size_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1147
static gnutls_x509_privkey_t nasl_load_privkey_param(lex_ctxt *lexic, const char *priv_name, const char *passphrase_name)
Loads a private key from a string.
Definition: nasl_crypto2.c:361
int size
Definition: nasl_tree.h:109
Here is the call graph for this function: