[crypto] fix key decrypt inconsistencies
This commit is contained in:
parent
402cffdeb2
commit
8b6d05f90f
@ -321,14 +321,6 @@ const BYTE* freerdp_key_get_exponent(const rdpPrivateKey* key, size_t* plength)
|
||||
return key->PrivateExponent;
|
||||
}
|
||||
|
||||
#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
|
||||
RSA* freerdp_key_get_RSA(const rdpPrivateKey* key)
|
||||
{
|
||||
WINPR_ASSERT(key);
|
||||
return evp_pkey_to_rsa(key);
|
||||
}
|
||||
#endif
|
||||
|
||||
EVP_PKEY* freerdp_key_get_evp_pkey(const rdpPrivateKey* key)
|
||||
{
|
||||
WINPR_ASSERT(key);
|
||||
@ -351,15 +343,17 @@ BOOL freerdp_key_is_rsa(const rdpPrivateKey* key)
|
||||
|
||||
size_t freerdp_key_get_bits(const rdpPrivateKey* key)
|
||||
{
|
||||
int rc = -1;
|
||||
#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
|
||||
RSA* rsa = freerdp_key_get_RSA(key);
|
||||
if (!rsa)
|
||||
return -1;
|
||||
|
||||
const int size = RSA_size(rsa);
|
||||
RSA* rsa = evp_pkey_to_rsa(key);
|
||||
if (rsa)
|
||||
{
|
||||
rc = RSA_bits(rsa);
|
||||
RSA_free(rsa);
|
||||
return size;
|
||||
#else
|
||||
return EVP_PKEY_get_bits(key->evp);
|
||||
#endif
|
||||
}
|
||||
#else
|
||||
rc = EVP_PKEY_get_bits(key->evp);
|
||||
#endif
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
@ -35,13 +35,6 @@ extern "C"
|
||||
FREERDP_LOCAL const rdpCertInfo* freerdp_key_get_info(const rdpPrivateKey* key);
|
||||
FREERDP_LOCAL const BYTE* freerdp_key_get_exponent(const rdpPrivateKey* key, size_t* plength);
|
||||
|
||||
#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
|
||||
/** \brief returns a pointer to a RSA structure.
|
||||
* Call RSA_free when done.
|
||||
*/
|
||||
FREERDP_LOCAL RSA* freerdp_key_get_RSA(const rdpPrivateKey* key);
|
||||
#endif
|
||||
|
||||
/** \brief returns a pointer to a EVP_PKEY structure.
|
||||
* Call EVP_PKEY_free when done.
|
||||
*/
|
||||
|
@ -504,7 +504,7 @@ static int get_rsa_key_size(const rdpPrivateKey* privateKey)
|
||||
{
|
||||
WINPR_ASSERT(privateKey);
|
||||
|
||||
return freerdp_key_get_bits(privateKey);
|
||||
return freerdp_key_get_bits(privateKey) / 8;
|
||||
}
|
||||
|
||||
static BYTE vgids_get_algid(vgidsContext* p_Ctx)
|
||||
@ -1135,6 +1135,7 @@ sign_failed:
|
||||
|
||||
static BOOL vgids_perform_decrypt(vgidsContext* context)
|
||||
{
|
||||
EVP_PKEY_CTX* ctx = NULL;
|
||||
BOOL rc = FALSE;
|
||||
int res;
|
||||
int padding = RSA_NO_PADDING;
|
||||
@ -1151,24 +1152,24 @@ static BOOL vgids_perform_decrypt(vgidsContext* context)
|
||||
EVP_PKEY* pkey = freerdp_key_get_evp_pkey(context->privateKey);
|
||||
if (!pkey)
|
||||
goto decrypt_failed;
|
||||
EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(pkey, NULL);
|
||||
ctx = EVP_PKEY_CTX_new(pkey, NULL);
|
||||
if (!ctx)
|
||||
goto decrypt_failed;
|
||||
if (EVP_PKEY_decrypt_init(ctx) <= 0)
|
||||
goto decrypt_failed;
|
||||
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0)
|
||||
if (EVP_PKEY_CTX_set_rsa_padding(ctx, padding) <= 0)
|
||||
goto decrypt_failed;
|
||||
|
||||
context->responseData = Stream_New(NULL, freerdp_key_get_bits(context->privateKey));
|
||||
/* Determine buffer length */
|
||||
const size_t inlen = Stream_Length(context->commandData);
|
||||
size_t outlen = inlen * 2;
|
||||
context->responseData = Stream_New(NULL, outlen);
|
||||
if (!context->responseData)
|
||||
{
|
||||
WLog_ERR(TAG, "Failed to create decryption buffer");
|
||||
goto decrypt_failed;
|
||||
}
|
||||
|
||||
/* Determine buffer length */
|
||||
size_t outlen = Stream_Capacity(context->responseData);
|
||||
const size_t inlen = Stream_Length(context->commandData);
|
||||
res = EVP_PKEY_decrypt(ctx, Stream_Buffer(context->responseData), &outlen,
|
||||
Stream_Buffer(context->commandData), inlen);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user