static int
silc_client_get_public_key_auth(SilcClient client,
- char *filepath,
+ SilcClientConnection conn,
unsigned char *auth_data,
uint32 *auth_data_len,
SilcSKE ske)
int len;
SilcPKCS pkcs;
SilcBuffer auth;
- SilcPublicKey pub_key;
- if (!silc_pkcs_load_public_key(filepath,&pub_key, SILC_PKCS_FILE_PEM))
- if (!silc_pkcs_load_public_key(filepath, &pub_key, SILC_PKCS_FILE_BIN))
- return FALSE;
-
- silc_pkcs_alloc(pub_key->name, &pkcs);
- if (!silc_pkcs_public_key_set(pkcs, pub_key)) {
- silc_pkcs_free(pkcs);
- silc_pkcs_public_key_free(pub_key);
- return FALSE;
- }
+ /* Use our default key */
+ pkcs = client->pkcs;
/* Make the authentication data. Protocol says it is HASH plus
KE Start Payload. */
ske->start_payload_copy->len),
SILC_STR_END);
- if (silc_pkcs_sign(pkcs, auth->data, auth->len, auth_data, auth_data_len)) {
- silc_pkcs_free(pkcs);
+ if (silc_pkcs_sign_with_hash(pkcs, ske->prop->hash, auth->data,
+ auth->len, auth_data, auth_data_len)) {
silc_buffer_free(auth);
- silc_pkcs_public_key_free(pub_key);
return TRUE;
}
- silc_pkcs_free(pkcs);
silc_buffer_free(auth);
- silc_pkcs_public_key_free(pub_key);
return FALSE;
}
SILC_PACKET_CONNECTION_AUTH,
NULL, 0, NULL, NULL,
packet->data, packet->len, TRUE);
-
- if (auth_data) {
- memset(auth_data, 0, auth_data_len);
- silc_free(auth_data);
- }
silc_buffer_free(packet);
/* Next state is end of protocol */
*/
unsigned char *auth_data = NULL;
uint32 auth_data_len = 0;
+ unsigned char sign[1024];
switch(ctx->auth_meth) {
case SILC_AUTH_NONE:
break;
case SILC_AUTH_PUBLIC_KEY:
- {
- unsigned char sign[1024];
-
+ if (!ctx->auth_data) {
/* Public key authentication */
- silc_client_get_public_key_auth(client, ctx->auth_data,
- sign, &auth_data_len,
+ silc_client_get_public_key_auth(client, conn, sign, &auth_data_len,
ctx->ske);
- auth_data = silc_calloc(auth_data_len, sizeof(*auth_data));
- memcpy(auth_data, sign, auth_data_len);
- break;
+ auth_data = sign;
+ } else {
+ auth_data = ctx->auth_data;
+ auth_data_len = ctx->auth_data_len;
}
+
+ break;
}
silc_client_conn_auth_continue(auth_data,