X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=blobdiff_plain;f=lib%2Fsilccore%2Fsilcauth.c;h=38a1a961392e87fe668cd7110f48dc0418990780;hp=7cb173ecc702c94ed760c659b04aeb8edf4607d2;hb=382d15d447b7a95390decfa783836ae4fe255b3d;hpb=8c94186e5b81937b67ce0862c1f3e2cb1f484719 diff --git a/lib/silccore/silcauth.c b/lib/silccore/silcauth.c index 7cb173ec..38a1a961 100644 --- a/lib/silccore/silcauth.c +++ b/lib/silccore/silcauth.c @@ -1,6 +1,6 @@ /* - silcauth.c + silcauth.c Author: Pekka Riikonen @@ -8,8 +8,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. + the Free Software Foundation; version 2 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of @@ -186,7 +185,7 @@ unsigned char *silc_auth_get_data(SilcAuthPayload payload, static unsigned char * silc_auth_public_key_encode_data(SilcPublicKey public_key, - const unsigned char *random, + const unsigned char *randomdata, SilcUInt32 random_len, const void *id, SilcIdType type, SilcUInt32 *ret_len) { @@ -212,7 +211,7 @@ silc_auth_public_key_encode_data(SilcPublicKey public_key, return NULL; } silc_buffer_format(buf, - SILC_STR_UI_XNSTRING(random, random_len), + SILC_STR_UI_XNSTRING(randomdata, random_len), SILC_STR_UI_XNSTRING(id_data, id_len), SILC_STR_UI_XNSTRING(pk, pk_len), SILC_STR_END); @@ -224,6 +223,7 @@ silc_auth_public_key_encode_data(SilcPublicKey public_key, if (ret_len) *ret_len = buf->len; + silc_buffer_clear(buf); silc_buffer_free(buf); silc_free(id_data); silc_free(pk); @@ -240,8 +240,8 @@ SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key, SilcRng rng, SilcHash hash, const void *id, SilcIdType type) { - unsigned char *random; - unsigned char auth_data[1024]; + unsigned char *randomdata; + unsigned char auth_data[2048 + 1]; SilcUInt32 auth_len; unsigned char *tmp; SilcUInt32 tmp_len; @@ -252,20 +252,20 @@ SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key, /* Get 256 bytes of random data */ if (rng) - random = silc_rng_get_rn_data(rng, 256); + randomdata = silc_rng_get_rn_data(rng, 256); else - random = silc_rng_global_get_rn_data(256); - if (!random) + randomdata = silc_rng_global_get_rn_data(256); + if (!randomdata) return NULL; /* Encode the auth data */ - tmp = silc_auth_public_key_encode_data(public_key, random, 256, id, type, - &tmp_len); + tmp = silc_auth_public_key_encode_data(public_key, randomdata, 256, id, + type, &tmp_len); if (!tmp) return NULL; /* Allocate PKCS object */ - if (!silc_pkcs_alloc(public_key->name, &pkcs)) { + if (!silc_pkcs_alloc(private_key->name, &pkcs)) { memset(tmp, 0, tmp_len); silc_free(tmp); return NULL; @@ -274,25 +274,26 @@ SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key, silc_pkcs_private_key_set(pkcs, private_key); /* Compute the hash and the signature. */ - if (!silc_pkcs_sign_with_hash(pkcs, hash, tmp, tmp_len, auth_data, + if (silc_pkcs_get_key_len(pkcs) / 8 > sizeof(auth_data) - 1 || + !silc_pkcs_sign_with_hash(pkcs, hash, tmp, tmp_len, auth_data, &auth_len)) { - memset(random, 0, 256); + memset(randomdata, 0, 256); memset(tmp, 0, tmp_len); silc_free(tmp); - silc_free(random); + silc_free(randomdata); silc_pkcs_free(pkcs); return NULL; } /* Encode Authentication Payload */ - buf = silc_auth_payload_encode(SILC_AUTH_PUBLIC_KEY, random, 256, + buf = silc_auth_payload_encode(SILC_AUTH_PUBLIC_KEY, randomdata, 256, auth_data, auth_len); memset(tmp, 0, tmp_len); memset(auth_data, 0, sizeof(auth_data)); - memset(random, 0, 256); + memset(randomdata, 0, 256); silc_free(tmp); - silc_free(random); + silc_free(randomdata); silc_pkcs_free(pkcs); return buf;