OpenVAS Libraries  9.0.3
nasl_crypto2.c
Go to the documentation of this file.
1 /* Nessus Attack Scripting Language
2  *
3  * Copyright (C) 2002 - 2004 Tenable Network Security
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License version 2,
7  * as published by the Free Software Foundation
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
17  *
18  *
19  */
20 
26 #include <gcrypt.h>
27 #include <gnutls/gnutls.h>
28 #include <gnutls/x509.h>
29 
30 #include "../misc/openvas_logging.h"
31 
32 #include "nasl_tree.h"
33 #include "nasl_global_ctxt.h"
34 #include "nasl_func.h"
35 #include "nasl_var.h"
36 #include "nasl_lex_ctxt.h"
37 
38 #include "strutils.h"
39 #include "nasl_packet_forgery.h"
40 #include "nasl_debug.h"
41 #include "nasl_misc_funcs.h"
42 #include "nasl_crypto2.h"
43 
44 #define INTBLOB_LEN 20
45 #define SIGBLOB_LEN (2*INTBLOB_LEN)
46 
52 void
53 print_tls_error (lex_ctxt * lexic, char *txt, int err)
54 {
55  nasl_perror (lexic, "%s: %s (%d)\n", txt, gnutls_strerror (err), err);
56 }
57 
63 void
64 print_gcrypt_error (lex_ctxt * lexic, char *function, int err)
65 {
66  nasl_perror (lexic, "%s failed: %s/%s\n", function, gcry_strsource (err),
67  gcry_strerror (err));
68 }
69 
82 static int
83 mpi_from_string (lex_ctxt * lexic, gcry_mpi_t * dest, void *data, size_t len,
84  const char *parameter, const char *function)
85 {
86  gcry_error_t err;
87  unsigned char *buffer = data;
88 
89  err = gcry_mpi_scan (dest, GCRYMPI_FMT_USG, buffer, len, NULL);
90  if (err)
91  {
92  nasl_perror (lexic, "%s(): gcry_mpi_scan failed for %s: %s/%s\n",
93  function, parameter, gcry_strsource (err),
94  gcry_strerror (err));
95  return -1;
96  }
97 
98  return 0;
99 }
100 
111 static int
112 mpi_from_named_parameter (lex_ctxt * lexic, gcry_mpi_t * dest,
113  const char *parameter, const char *function)
114 {
115  long size;
116  char *s;
117 
118  s = get_str_local_var_by_name (lexic, parameter);
119  size = get_var_size_by_name (lexic, parameter);
120 
121  if (!s)
122  return -1;
123 
124  return mpi_from_string (lexic, dest, s, size, parameter, function);
125 }
126 
145 static int
146 set_mpi_retc (tree_cell * retc, gcry_mpi_t mpi)
147 {
148  unsigned char *buffer = NULL;
149  size_t size;
150 
151  gcry_mpi_aprint (GCRYMPI_FMT_USG, &buffer, &size, mpi);
152  if (!buffer)
153  return -1;
154 
155  retc->x.str_val = g_malloc0 (size);
156  memcpy (retc->x.str_val, buffer, size);
157  retc->size = size;
158 
159  gcry_free (buffer);
160 
161  return 0;
162 }
163 
172 tree_cell *
174 {
175  tree_cell *retc = NULL;
176  gcry_mpi_t key1 = NULL, key2 = NULL;
177 
178  retc = g_malloc0 (sizeof (tree_cell));
179  retc->ref_count = 1;
180  retc->type = CONST_INT;
181  retc->x.i_val = 1;
182 
183  if (mpi_from_named_parameter (lexic, &key1, "key1", "nasl_bn_cmp") < 0)
184  goto fail;
185  if (mpi_from_named_parameter (lexic, &key2, "key2", "nasl_bn_cmp") < 0)
186  goto fail;
187 
188  retc->x.i_val = gcry_mpi_cmp (key1, key2);
189 
190  /* make sure the return value is one of -1, 0, +1 */
191  if (retc->x.i_val > 0)
192  retc->x.i_val = 1;
193  if (retc->x.i_val < 0)
194  retc->x.i_val = -1;
195 
196 fail:
197  gcry_mpi_release (key1);
198  gcry_mpi_release (key2);
199  return retc;
200 }
201 
209 tree_cell *
211 {
212  tree_cell *retc = NULL;
213  gcry_mpi_t key = NULL;
214  long need;
215 
216  retc = alloc_tree_cell (0, NULL);
217  retc->type = CONST_DATA;
218 
219  /* number of random bits */
220  need = get_int_local_var_by_name (lexic, "need", 0);
221 
222  key = gcry_mpi_new (0);
223  if (!key)
224  goto fail;
225 
226  gcry_mpi_randomize (key, need, GCRY_STRONG_RANDOM);
227 
228  if (set_mpi_retc (retc, key) >= 0)
229  goto ret;
230 
231 fail:
232  retc->size = 0;
233  retc->x.str_val = g_malloc0 (1);
234 ret:
235  gcry_mpi_release (key);
236  return retc;
237 }
238 
249 static gnutls_x509_privkey_t
250 nasl_load_privkey_param (lex_ctxt * lexic, const char *priv_name,
251  const char *passphrase_name)
252 {
253  char *priv = NULL, *passphrase = NULL;
254  long privlen;
255  gnutls_x509_privkey_t privkey = NULL;
256  gnutls_datum_t pem;
257  int err;
258 
259  /* PEM encoded privkey */
260  priv = get_str_local_var_by_name (lexic, priv_name);
261  privlen = get_var_size_by_name (lexic, priv_name);
262 
263  /* passphrase */
264  passphrase = get_str_local_var_by_name (lexic, passphrase_name);
265  pem.data = (unsigned char *) priv;
266  pem.size = privlen;
267 
268  err = gnutls_x509_privkey_init (&privkey);
269  if (err)
270  {
271  print_tls_error (lexic, "gnutls_x509_privkey_init", err);
272  goto fail;
273  }
274 
275  if (passphrase && !*passphrase)
276  passphrase = NULL;
277  err = gnutls_x509_privkey_import2
278  (privkey, &pem, GNUTLS_X509_FMT_PEM, passphrase,
279  passphrase ? 0 : GNUTLS_PKCS_PLAIN);
280  if (err)
281  {
282  print_tls_error (lexic, "gnutls_x509_privkey_import_pkcs8", err);
283  goto fail;
284  }
285  return privkey;
286 
287 fail:
288  gnutls_x509_privkey_deinit (privkey);
289  return NULL;
290 }
291 
295 tree_cell *
296 nasl_pem_to (lex_ctxt * lexic, int type)
297 {
298  tree_cell *retc = NULL;
299  gnutls_x509_privkey_t privkey = NULL;
300  gcry_mpi_t key = NULL;
301  int err;
302 
303  retc = alloc_tree_cell (0, NULL);
304  retc->type = CONST_DATA;
305 
306  privkey = nasl_load_privkey_param (lexic, "priv", "passphrase");
307  if (!privkey)
308  goto fail;
309 
310  if (!type)
311  {
312  gnutls_datum_t m, e, d, p, q, u;
313  err =
314  gnutls_x509_privkey_export_rsa_raw (privkey, &m, &e, &d, &p, &q, &u);
315  if (err)
316  {
317  print_tls_error (lexic, "gnutls_x509_privkey_export_rsa_raw", err);
318  goto fail;
319  }
320 
321  err =
322  mpi_from_string (lexic, &key, d.data, d.size, "rsa d", "nasl_pem_to");
323  gnutls_free (m.data);
324  gnutls_free (e.data);
325  gnutls_free (d.data);
326  gnutls_free (p.data);
327  gnutls_free (q.data);
328  gnutls_free (u.data);
329 
330  if (err < 0)
331  goto fail;
332  }
333  else
334  {
335  gnutls_datum_t p, q, g, y, x;
336  err = gnutls_x509_privkey_export_dsa_raw (privkey, &p, &q, &g, &y, &x);
337  if (err)
338  {
339  print_tls_error (lexic, "gnutls_x509_privkey_export_dsa_raw", err);
340  goto fail;
341  }
342 
343  err =
344  mpi_from_string (lexic, &key, x.data, x.size, "dsa x", "nasl_pem_to");
345 
346  gnutls_free (p.data);
347  gnutls_free (q.data);
348  gnutls_free (g.data);
349  gnutls_free (y.data);
350  gnutls_free (x.data);
351 
352  if (err < 0)
353  goto fail;
354  }
355 
356  if (set_mpi_retc (retc, key) >= 0)
357  goto ret;
358 
359 fail:
360  retc->size = 0;
361  retc->x.str_val = g_malloc0 (1);
362 ret:
363  gcry_mpi_release (key);
364  gnutls_x509_privkey_deinit (privkey);
365  return retc;
366 }
367 
368 
379 tree_cell *
381 {
382  return nasl_pem_to (lexic, 0);
383 }
384 
385 
396 tree_cell *
398 {
399  return nasl_pem_to (lexic, 1);
400 }
401 
402 
414 static gcry_mpi_t
415 calc_dh_public (gcry_mpi_t g, gcry_mpi_t prime, gcry_mpi_t priv)
416 {
417  gcry_mpi_t e;
418 
419  e = gcry_mpi_new (gcry_mpi_get_nbits (prime));
420  if (e == NULL)
421  {
422  return NULL;
423  }
424 
425  gcry_mpi_powm (e, g, priv, prime);
426 
427  return e;
428 }
429 
441 static gcry_mpi_t
442 calc_dh_key (gcry_mpi_t pub, gcry_mpi_t prime, gcry_mpi_t priv)
443 {
444  gcry_mpi_t e;
445 
446  e = gcry_mpi_new (gcry_mpi_get_nbits (prime));
447  if (e == NULL)
448  {
449  return NULL;
450  }
451 
452  gcry_mpi_powm (e, pub, priv, prime);
453 
454  return e;
455 }
456 
466 tree_cell *
468 {
469  tree_cell *retc = NULL;
470  gcry_mpi_t p = NULL, g = NULL, priv = NULL, pub_mpi = NULL;
471 
472  retc = alloc_tree_cell (0, NULL);
473  retc->type = CONST_DATA;
474 
475  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dh_generate_key") < 0)
476  goto fail;
477  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dh_generate_key") < 0)
478  goto fail;
479  if (mpi_from_named_parameter (lexic, &priv, "priv", "nasl_dh_generate_key") <
480  0)
481  goto fail;
482 
483  pub_mpi = calc_dh_public (g, p, priv);
484  if (pub_mpi == NULL)
485  goto fail;
486 
487  if (set_mpi_retc (retc, pub_mpi) >= 0)
488  goto ret;
489 
490 fail:
491  retc->x.str_val = g_malloc0 (1);
492  retc->size = 0;
493 ret:
494  gcry_mpi_release (p);
495  gcry_mpi_release (g);
496  gcry_mpi_release (priv);
497  gcry_mpi_release (pub_mpi);
498  return retc;
499 }
500 
512 tree_cell *
514 {
515  tree_cell *retc = NULL;
516  gcry_mpi_t p = NULL, g = NULL, dh_server_pub = NULL;
517  gcry_mpi_t pub_key = NULL, priv_key = NULL;
518  gcry_mpi_t shared = NULL;
519 
520  retc = alloc_tree_cell (0, NULL);
521  retc->type = CONST_DATA;
522 
523  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dh_compute_key") < 0)
524  goto fail;
525  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dh_compute_key") < 0)
526  goto fail;
527  if (mpi_from_named_parameter
528  (lexic, &dh_server_pub, "dh_server_pub", "nasl_dh_compute_key") < 0)
529  goto fail;
530  if (mpi_from_named_parameter
531  (lexic, &pub_key, "pub_key", "nasl_dh_compute_key") < 0)
532  goto fail;
533  if (mpi_from_named_parameter
534  (lexic, &priv_key, "priv_key", "nasl_dh_compute_key") < 0)
535  goto fail;
536 
537  shared = calc_dh_key (dh_server_pub, p, priv_key);
538 
539  if (set_mpi_retc (retc, shared) >= 0)
540  goto ret;
541 
542 fail:
543  retc->size = 0;
544  retc->x.str_val = g_malloc0 (1);
545 ret:
546  gcry_mpi_release (p);
547  gcry_mpi_release (g);
548  gcry_mpi_release (dh_server_pub);
549  gcry_mpi_release (priv_key);
550  gcry_mpi_release (pub_key);
551  gcry_mpi_release (shared);
552  return retc;
553 }
554 
563 static gcry_mpi_t
564 extract_mpi_from_sexp (gcry_sexp_t sexp, const char *token)
565 {
566  gcry_sexp_t child = NULL;
567  gcry_mpi_t mpi = NULL;
568 
569  child = gcry_sexp_find_token (sexp, token, strlen (token));
570  if (!child)
571  {
572  log_legacy_write ("set_retc_from_sexp: no subexpression with token <%s>",
573  token);
574  }
575  else
576  {
577  mpi = gcry_sexp_nth_mpi (child, 1, GCRYMPI_FMT_USG);
578  }
579 
580  gcry_sexp_release (child);
581 
582  return mpi;
583 }
584 
594 static int
595 set_retc_from_sexp (tree_cell * retc, gcry_sexp_t sexp, const char *token)
596 {
597  int ret = 0;
598  gcry_mpi_t mpi = extract_mpi_from_sexp (sexp, token);
599  if (mpi)
600  {
601  ret = set_mpi_retc (retc, mpi);
602 
603  gcry_mpi_release (mpi);
604  }
605 
606  return ret;
607 }
608 
612 static int
613 strip_pkcs1_padding (tree_cell * retc)
614 {
615  char *p;
616 
617  if (retc->x.str_val == NULL || retc->size < 1)
618  return -1;
619 
620  /* Find type of padding. PKCS#1 padding normally starts with a 0 byte.
621  * However, due to the way the value in retc has been created, any
622  * leading zeros have already been stripped. So the byte that
623  * describes the type of padding is the first byte in str_val. Also,
624  * the only padding types we can actually find are 1 and 2. padding
625  * type 0 means that the padding is done with zeros and those will
626  * have been already stripped too. */
627  p = retc->x.str_val;
628  if (p[0] == 1 || p[0] == 2)
629  {
630  /* for padding type 1 and 2 we simply have to strip all non-zero
631  * bytes at the beginning of the value */
632  int i = 0;
633  char *temp;
634  while (i < retc->size && p[i])
635  i++;
636  /* skipt the zero byte */
637  i++;
638  if (i <= retc->size)
639  {
640  int rest = retc->size - i;
641  temp = g_malloc0 (rest);
642  memcpy (temp, p + i, rest);
643  g_free (retc->x.str_val);
644  retc->x.str_val = temp;
645  retc->size = rest;
646  }
647  else
648  return -1;
649  }
650 
651  return 0;
652 }
653 
662 tree_cell *
664 {
665  tree_cell *retc = NULL;
666  gcry_mpi_t e = NULL, n = NULL, dt = NULL;
667  gcry_sexp_t key = NULL, data = NULL, encrypted = NULL;
668  gcry_error_t err;
669  char *pad = (char *) get_str_var_by_name (lexic, "pad");
670 
671  if (pad == NULL)
672  {
673  nasl_perror (lexic,
674  "Syntax : rsa_public_encrypt(data:<d>,"
675  "n:<n>, e:<e>, pad:<pad>)");
676  return NULL;
677  }
678  retc = alloc_tree_cell (0, NULL);
679  retc->type = CONST_DATA;
680 
681  if (mpi_from_named_parameter (lexic, &dt, "data", "nasl_rsa_public_encrypt") <
682  0)
683  goto fail;
684  if (mpi_from_named_parameter (lexic, &e, "e", "nasl_rsa_public_encrypt") < 0)
685  goto fail;
686  if (mpi_from_named_parameter (lexic, &n, "n", "nasl_rsa_public_encrypt") < 0)
687  goto fail;
688 
689  err = gcry_sexp_build (&key, NULL, "(public-key (rsa (n %m) (e %m)))", n, e);
690  if (err)
691  {
692  print_gcrypt_error (lexic, "gcry_sexp_build pubkey", err);
693  goto fail;
694  }
695 
696  if (strcmp (pad,"TRUE") == 0)
697  err = gcry_sexp_build (&data, NULL, "(data (flags pkcs1) (value %m))", dt);
698  else
699  err = gcry_sexp_build (&data, NULL, "(data (flags raw) (value %m))", dt);
700  if (err)
701  {
702  print_gcrypt_error (lexic, "gcry_sexp_build data", err);
703  goto fail;
704  }
705 
706  err = gcry_pk_encrypt (&encrypted, data, key);
707  if (err)
708  {
709  print_gcrypt_error (lexic, "gcry_pk_encrypt", err);
710  goto fail;
711  }
712 
713  if (strcmp (pad,"TRUE") == 0)
714  {
715  if (set_retc_from_sexp (retc, encrypted, "a") >= 0 &&
716  strip_pkcs1_padding (retc) >= 0)
717  goto ret;
718  }
719  else
720  {
721  if (set_retc_from_sexp (retc, encrypted, "a") >= 0)
722  goto ret;
723  }
724 
725 fail:
726  retc->size = 0;
727  retc->x.str_val = g_malloc0 (1);
728 ret:
729  gcry_sexp_release (encrypted);
730  gcry_sexp_release (key);
731  gcry_sexp_release (data);
732  gcry_mpi_release (dt);
733  gcry_mpi_release (e);
734  gcry_mpi_release (n);
735  return retc;
736 }
737 
746 tree_cell *
748 {
749  tree_cell *retc = NULL;
750  gcry_mpi_t e = NULL, n = NULL, d = NULL, dt = NULL;
751  gcry_sexp_t key = NULL, data = NULL, decrypted = NULL;
752  gcry_error_t err;
753  char *pad = (char *) get_str_var_by_name (lexic, "pad");
754 
755  if (pad == NULL)
756  {
757  nasl_perror (lexic,
758  "Syntax : rsa_public_encrypt(data:<d>,"
759  "n:<n>, d:<d>, e:<e>, pad:<pad>)");
760  return NULL;
761  }
762  retc = alloc_tree_cell (0, NULL);
763  retc->type = CONST_DATA;
764 
765  if (mpi_from_named_parameter (lexic, &dt, "data",
766  "nasl_rsa_private_decrypt") < 0)
767  goto fail;
768  if (mpi_from_named_parameter (lexic, &e, "e", "nasl_rsa_private_decrypt") < 0)
769  goto fail;
770  if (mpi_from_named_parameter (lexic, &n, "n", "nasl_rsa_private_decrypt") < 0)
771  goto fail;
772  if (mpi_from_named_parameter (lexic, &d, "d", "nasl_rsa_private_decrypt") < 0)
773  goto fail;
774 
775  err = gcry_sexp_build (&key, NULL, "(private-key (rsa (n %m) (e %m) (d %m)))",
776  n, e, d);
777  if (err)
778  {
779  print_gcrypt_error (lexic, "gcry_sexp_build privkey", err);
780  goto fail;
781  }
782 
783  if (strcmp (pad,"TRUE") == 0)
784  err = gcry_sexp_build (&data, NULL, "(enc-val (flags pkcs1) (rsa (a %m)))",
785  dt);
786  else
787  err = gcry_sexp_build (&data, NULL, "(enc-val (flags raw) (rsa (a %m)))",
788  dt);
789  if (err)
790  {
791  print_gcrypt_error (lexic, "gcry_sexp_build data", err);
792  goto fail;
793  }
794 
795  err = gcry_pk_decrypt (&decrypted, data, key);
796  if (err)
797  {
798  print_gcrypt_error (lexic, "gcry_pk_decrypt", err);
799  goto fail;
800  }
801 
802  if (strcmp (pad,"TRUE") == 0)
803  {
804  if (set_retc_from_sexp (retc, decrypted, "value") >= 0 &&
805  strip_pkcs1_padding (retc) >= 0)
806  goto ret;
807  }
808  else
809  {
810  if (set_retc_from_sexp (retc, decrypted, "value") >= 0)
811  goto ret;
812  }
813 
814 fail:
815  retc->size = 0;
816  retc->x.str_val = g_malloc0 (1);
817 ret:
818  gcry_sexp_release (decrypted);
819  gcry_sexp_release (key);
820  gcry_sexp_release (data);
821  gcry_mpi_release (dt);
822  gcry_mpi_release (e);
823  gcry_mpi_release (n);
824  gcry_mpi_release (d);
825  return retc;
826 }
827 
837 tree_cell *
839 {
840  tree_cell *retc = NULL;
841  gcry_mpi_t e = NULL, n = NULL, s = NULL;
842  gcry_sexp_t key = NULL, sig = NULL, decrypted = NULL;
843  gcry_error_t err;
844 
845  retc = alloc_tree_cell (0, NULL);
846  retc->type = CONST_DATA;
847 
848  if (mpi_from_named_parameter (lexic, &s, "sig", "nasl_rsa_public_decrypt") <
849  0)
850  goto fail;
851  if (mpi_from_named_parameter (lexic, &e, "e", "nasl_rsa_public_decrypt") < 0)
852  goto fail;
853  if (mpi_from_named_parameter (lexic, &n, "n", "nasl_rsa_public_decrypt") < 0)
854  goto fail;
855 
856  err = gcry_sexp_build (&key, NULL, "(public-key (rsa (n %m) (e %m)))", n, e);
857  if (err)
858  {
859  print_gcrypt_error (lexic, "gcry_sexp_build pubkey", err);
860  goto fail;
861  }
862  err = gcry_sexp_build (&sig, NULL, "(data (flags raw) (value %m))", s);
863  if (err)
864  {
865  print_gcrypt_error (lexic, "gcry_sexp_build sig", err);
866  goto fail;
867  }
868 
869  /* gcry_pk_encrypt is equivalent to the public key decryption at least
870  * for RSA keys. */
871  err = gcry_pk_encrypt (&decrypted, sig, key);
872  if (err)
873  {
874  print_gcrypt_error (lexic, "gcry_pk_encrypt", err);
875  goto fail;
876  }
877 
878  if (set_retc_from_sexp (retc, decrypted, "a") >= 0
879  && strip_pkcs1_padding (retc) >= 0)
880  goto ret;
881 
882 fail:
883  retc->size = 0;
884  retc->x.str_val = g_malloc0 (1);
885 ret:
886  gcry_sexp_release (decrypted);
887  gcry_sexp_release (key);
888  gcry_sexp_release (sig);
889  gcry_mpi_release (s);
890  gcry_mpi_release (e);
891  gcry_mpi_release (n);
892  return retc;
893 }
894 
898 #define NUM_RSA_PARAMS 6
899 static gcry_sexp_t
900 nasl_sexp_from_privkey (lex_ctxt * lexic, gnutls_x509_privkey_t privkey)
901 {
902  gnutls_datum_t datums[NUM_RSA_PARAMS]; /* m/n, e, d, p, q, u */
903  gcry_mpi_t mpis[NUM_RSA_PARAMS]; /* m/n, e, d, p, q, u */
904  gcry_sexp_t key = NULL;
905  int err;
906  gcry_error_t gerr;
907  int i;
908 
909  for (i = 0; i < NUM_RSA_PARAMS; i++)
910  {
911  datums[i].data = NULL;
912  mpis[i] = NULL;
913  }
914 
915  err =
916  gnutls_x509_privkey_export_rsa_raw (privkey, datums + 0, datums + 1,
917  datums + 2, datums + 3, datums + 4,
918  datums + 5);
919  if (err)
920  {
921  print_tls_error (lexic, "gnutls_x509_privkey_export_rsa_raw", err);
922  goto fail;
923  }
924 
925  for (i = 0; i < NUM_RSA_PARAMS; i++)
926  {
927  err =
928  mpi_from_string (lexic, mpis + i, datums[i].data, datums[i].size,
929  "rsa parameter", "nasl_sexp_from_privkey");
930  if (err < 0)
931  goto fail;
932  }
933 
934  /* make sure that p < q. libgcrypt requires this. */
935  if (gcry_mpi_cmp (mpis[3], mpis[4]) > 0)
936  {
937  gcry_mpi_swap (mpis[3], mpis[4]);
938  gcry_mpi_invm (mpis[5], mpis[3], mpis[4]);
939  }
940 
941  gerr =
942  gcry_sexp_build (&key, NULL,
943  "(private-key (rsa (n %m) (e %m) (d %m)"
944  " (p %m) (q %m) (u %m)))", mpis[0], mpis[1], mpis[2],
945  mpis[3], mpis[4], mpis[5]);
946  if (gerr)
947  {
948  print_gcrypt_error (lexic, "gcry_sexp_build", gerr);
949  goto fail;
950  }
951 
952 fail:
953  for (i = 0; i < NUM_RSA_PARAMS; i++)
954  {
955  gnutls_free (datums[i].data);
956  gcry_mpi_release (mpis[i]);
957  }
958 
959  return key;
960 }
961 
962 
979 tree_cell *
981 {
982  tree_cell *retc = NULL;
983  char *data;
984  int data_size;
985  gcry_sexp_t ssig = NULL, sdata = NULL, skey = NULL;
986  gnutls_x509_privkey_t priv_key = NULL;
987  gcry_error_t err;
988 
989  retc = alloc_tree_cell (0, NULL);
990  retc->type = CONST_DATA;
991 
992  data = get_str_local_var_by_name (lexic, "data");
993  data_size = get_var_size_by_name (lexic, "data");
994  if (!data)
995  goto fail;
996 
997  priv_key = nasl_load_privkey_param (lexic, "priv", "passphrase");
998  if (!priv_key)
999  goto fail;
1000 
1001  err =
1002  gcry_sexp_build (&sdata, NULL, "(data (flags pkcs1) (hash sha1 %b))",
1003  data_size, data);
1004  if (err)
1005  {
1006  print_gcrypt_error (lexic, "gcry_sexp_build for data", err);
1007  goto fail;
1008  }
1009 
1010  skey = nasl_sexp_from_privkey (lexic, priv_key);
1011  if (!skey)
1012  goto fail;
1013 
1014 
1015  err = gcry_pk_sign (&ssig, sdata, skey);
1016  if (err)
1017  {
1018  print_gcrypt_error (lexic, "gcry_pk_sign", err);
1019  goto fail;
1020  }
1021 
1022  if (set_retc_from_sexp (retc, ssig, "s") >= 0)
1023  goto ret;
1024 
1025 fail:
1026  retc->size = 0;
1027  retc->x.str_val = g_malloc0 (1);
1028 ret:
1029  gcry_sexp_release (ssig);
1030  gcry_sexp_release (sdata);
1031  gcry_sexp_release (skey);
1032  gnutls_x509_privkey_deinit (priv_key);
1033  return retc;
1034 }
1035 
1036 
1047 tree_cell *
1049 {
1050  tree_cell *retc = NULL;
1051  gcry_mpi_t p = NULL, g = NULL, q = NULL, pub = NULL, data = NULL;
1052  gcry_mpi_t r = NULL, s = NULL;
1053  gcry_sexp_t ssig = NULL, skey = NULL, sdata = NULL;
1054  gcry_error_t err;
1055 
1056  retc = g_malloc0 (sizeof (tree_cell));
1057  retc->ref_count = 1;
1058  retc->type = CONST_INT;
1059  retc->x.i_val = 0;
1060 
1061  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dsa_do_sign") < 0)
1062  goto fail;
1063  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dsa_do_sign") < 0)
1064  goto fail;
1065  if (mpi_from_named_parameter (lexic, &q, "q", "nasl_dsa_do_sign") < 0)
1066  goto fail;
1067  if (mpi_from_named_parameter (lexic, &pub, "pub", "nasl_dsa_do_sign") < 0)
1068  goto fail;
1069  if (mpi_from_named_parameter (lexic, &r, "r", "nasl_dsa_do_sign") < 0)
1070  goto fail;
1071  if (mpi_from_named_parameter (lexic, &s, "s", "nasl_dsa_do_sign") < 0)
1072  goto fail;
1073  if (mpi_from_named_parameter (lexic, &data, "data", "nasl_dsa_do_sign") < 0)
1074  goto fail;
1075 
1076  err = gcry_sexp_build (&sdata, NULL, "(data (flags raw) (value %m))", data);
1077  if (err)
1078  {
1079  print_gcrypt_error (lexic, "gcry_sexp_build for data", err);
1080  goto fail;
1081  }
1082 
1083  err =
1084  gcry_sexp_build (&skey, NULL,
1085  "(public-key (dsa (p %m) (q %m) (g %m) (y %m)))", p, q, g,
1086  pub);
1087  if (err)
1088  {
1089  print_gcrypt_error (lexic, "gcry_sexp_build for private key", err);
1090  goto fail;
1091  }
1092 
1093  err = gcry_sexp_build (&ssig, NULL, "(sig-val (dsa (r %m) (s %m)))", r, s);
1094  if (err)
1095  {
1096  print_gcrypt_error (lexic, "gcry_sexp_build for signature", err);
1097  goto fail;
1098  }
1099 
1100  err = gcry_pk_verify (ssig, sdata, skey);
1101  if (err == 0)
1102  retc->x.i_val = 1;
1103  else if (gcry_err_code (err) == GPG_ERR_BAD_SIGNATURE)
1104  retc->x.i_val = 0;
1105  else
1106  {
1107  print_gcrypt_error (lexic, "gcry_pk_sign", err);
1108  goto fail;
1109  }
1110 
1111 fail:
1112  gcry_mpi_release (p);
1113  gcry_mpi_release (g);
1114  gcry_mpi_release (q);
1115  gcry_mpi_release (pub);
1116  gcry_mpi_release (r);
1117  gcry_mpi_release (s);
1118  gcry_mpi_release (data);
1119  gcry_sexp_release (ssig);
1120  gcry_sexp_release (skey);
1121  gcry_sexp_release (sdata);
1122 
1123  return retc;
1124 }
1125 
1137 tree_cell *
1139 {
1140  tree_cell *retc = NULL;
1141  gcry_mpi_t p = NULL, g = NULL, q = NULL, pub = NULL, priv = NULL, data = NULL;
1142  gcry_mpi_t r = NULL, s = NULL;
1143  gcry_sexp_t ssig = NULL, skey = NULL, sdata = NULL;
1144  long rlen, slen;
1145  unsigned char *sigblob = NULL;
1146  gcry_error_t err;
1147 
1148  retc = g_malloc0 (sizeof (tree_cell));
1149  retc->ref_count = 1;
1150  retc->type = CONST_DATA;
1151  retc->x.i_val = 0;
1152 
1153  if (mpi_from_named_parameter (lexic, &p, "p", "nasl_dsa_do_sign") < 0)
1154  goto fail;
1155  if (mpi_from_named_parameter (lexic, &g, "g", "nasl_dsa_do_sign") < 0)
1156  goto fail;
1157  if (mpi_from_named_parameter (lexic, &q, "q", "nasl_dsa_do_sign") < 0)
1158  goto fail;
1159  if (mpi_from_named_parameter (lexic, &pub, "pub", "nasl_dsa_do_sign") < 0)
1160  goto fail;
1161  if (mpi_from_named_parameter (lexic, &priv, "priv", "nasl_dsa_do_sign") < 0)
1162  goto fail;
1163  if (mpi_from_named_parameter (lexic, &data, "data", "nasl_dsa_do_sign") < 0)
1164  goto fail;
1165 
1166  err = gcry_sexp_build (&sdata, NULL, "(data (flags raw) (value %m))", data);
1167  if (err)
1168  {
1169  print_gcrypt_error (lexic, "gcry_sexp_build for data", err);
1170  goto fail;
1171  }
1172 
1173  err =
1174  gcry_sexp_build (&skey, NULL,
1175  "(private-key (dsa (p %m) (q %m) (g %m) (y %m) (x %m)))",
1176  p, q, g, pub, priv);
1177  if (err)
1178  {
1179  print_gcrypt_error (lexic, "gcry_sexp_build for private-key", err);
1180  goto fail;
1181  }
1182 
1183  err = gcry_pk_sign (&ssig, sdata, skey);
1184  if (err)
1185  {
1186  print_gcrypt_error (lexic, "gcry_pk_sign", err);
1187  goto fail;
1188  }
1189 
1190  r = extract_mpi_from_sexp (ssig, "r");
1191  s = extract_mpi_from_sexp (ssig, "s");
1192  if (!r || !s)
1193  goto fail;
1194 
1195  rlen = (gcry_mpi_get_nbits (r) + 7) / 8;
1196  slen = (gcry_mpi_get_nbits (s) + 7) / 8;
1197  if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN)
1198  {
1199  nasl_perror (lexic, "rlen (%d) or slen (%d) > INTBLOB_LEN (%d)\n", rlen,
1200  slen, INTBLOB_LEN);
1201  goto fail;
1202  }
1203 
1204  sigblob = g_malloc0 (SIGBLOB_LEN);
1205  memset (sigblob, 0, SIGBLOB_LEN);
1206 
1207  err =
1208  gcry_mpi_print (GCRYMPI_FMT_USG,
1209  (unsigned char *) (sigblob + SIGBLOB_LEN - INTBLOB_LEN -
1210  rlen), rlen, NULL, r);
1211  if (err)
1212  {
1213  print_gcrypt_error (lexic, "gcry_mpi_print(r)", err);
1214  goto fail;
1215  }
1216  err =
1217  gcry_mpi_print (GCRYMPI_FMT_USG,
1218  (unsigned char *) (sigblob + SIGBLOB_LEN - slen), rlen,
1219  NULL, s);
1220  if (err)
1221  {
1222  print_gcrypt_error (lexic, "gcry_mpi_print(s)", err);
1223  goto fail;
1224  }
1225 
1226  retc->x.str_val = (char *) sigblob;
1227  sigblob = NULL;
1228  retc->size = SIGBLOB_LEN;
1229 
1230 fail:
1231  gcry_mpi_release (p);
1232  gcry_mpi_release (g);
1233  gcry_mpi_release (q);
1234  gcry_mpi_release (pub);
1235  gcry_mpi_release (priv);
1236  gcry_mpi_release (data);
1237  gcry_mpi_release (r);
1238  gcry_mpi_release (s);
1239  gcry_sexp_release (ssig);
1240  gcry_sexp_release (skey);
1241  gcry_sexp_release (sdata);
1242  g_free (sigblob);
1243 
1244  return retc;
1245 }
1246 
1250 tree_cell *
1251 nasl_bf_cbc (lex_ctxt * lexic, int enc)
1252 {
1253  tree_cell *retc = NULL;
1254  char *enckey = NULL, *iv = NULL, *data = NULL, *out = NULL;
1255  long enckeylen, ivlen, datalen;
1256  gcry_cipher_hd_t hd = NULL;
1257  anon_nasl_var v;
1258  nasl_array *a;
1259  gcry_error_t err;
1260 
1261  retc = alloc_tree_cell (0, NULL);
1262  retc->type = CONST_DATA;
1263 
1264  /* key */
1265  enckey = get_str_local_var_by_name (lexic, "key");
1266  enckeylen = get_var_size_by_name (lexic, "key");
1267 
1268  /* initialization vector */
1269  iv = get_str_local_var_by_name (lexic, "iv");
1270  ivlen = get_var_size_by_name (lexic, "iv");
1271 
1272  /* data to decrypt/encrypt */
1273  data = get_str_local_var_by_name (lexic, "data");
1274  datalen = get_var_size_by_name (lexic, "data");
1275 
1276  if (enckey == NULL || data == NULL || iv == NULL)
1277  goto fail;
1278  if (enckeylen < 16)
1279  {
1280  /* key length must be at least 16 for compatibility with libnasl
1281  * code from before the OpenSSL -> GnuTLS migration */
1282  nasl_perror (lexic,
1283  "nasl_bf_cbc: unexpected enckeylen = %d; must be >= 16\n",
1284  enckeylen);
1285  goto fail;
1286  }
1287 #if 0
1288  else if (enckeylen > 16)
1289  {
1290  /* Ideally we would warn about this. However, the old OpenSSL
1291  * based code also silently used only the first 16 bytes and this
1292  * function is actually called from ssh_funcs.inc with keys longer
1293  * than 16 bytes for some reason */
1294  nasl_perror (lexic,
1295  "nasl_bf_cbc: unexpected enckeylen = %d;"
1296  " will only use the first 16 bytes\n", enckeylen);
1297  }
1298 #endif
1299  if (ivlen < 8)
1300  {
1301  nasl_perror (lexic, "nasl_bf_cbc: unexpected ivlen = %d; must >= 8\n",
1302  ivlen);
1303  goto fail;
1304  }
1305  if (datalen < 8)
1306  {
1307  nasl_perror (lexic, "nasl_bf_cbc: unexpected datalen = %d; must >= 8\n",
1308  datalen);
1309  goto fail;
1310  }
1311 
1312  err = gcry_cipher_open (&hd, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CBC, 0);
1313  if (err)
1314  {
1315  print_gcrypt_error (lexic, "gcry_cipher_open", err);
1316  goto fail;
1317  }
1318 
1319  /* Always pass 16 as the length of enckey. The old OpenSSL based code
1320  * did this explicitly. The length cannot be < 16 at this point
1321  * because we checked for this case above. */
1322  err = gcry_cipher_setkey (hd, enckey, 16);
1323  if (err)
1324  {
1325  print_gcrypt_error (lexic, "gcry_cipher_setkey", err);
1326  goto fail;
1327  }
1328  /* Always pass 8 as the length of iv. The old OpenSSL based code did
1329  * this implicitly. The length cannot be < 8 at this point because we
1330  * checked for this case above. */
1331  err = gcry_cipher_setiv (hd, iv, 8);
1332  if (err)
1333  {
1334  print_gcrypt_error (lexic, "gcry_cipher_setiv", err);
1335  goto fail;
1336  }
1337 
1338  out = g_malloc0 (datalen);
1339  if (!out)
1340  goto fail;
1341 
1342  if (enc)
1343  err = gcry_cipher_encrypt (hd, out, datalen, data, datalen);
1344  else
1345  err = gcry_cipher_decrypt (hd, out, datalen, data, datalen);
1346  if (err)
1347  {
1348  print_gcrypt_error (lexic, "gcry_cipher_encrypt", err);
1349  goto fail;
1350  }
1351 
1352  retc->type = DYN_ARRAY;
1353  retc->x.ref_val = a = g_malloc0 (sizeof (nasl_array));
1354 
1355  /* first encrypted */
1356  v.var_type = VAR2_DATA;
1357  v.v.v_str.s_siz = datalen;
1358  v.v.v_str.s_val = (unsigned char *) out;
1359  (void) add_var_to_list (a, 0, &v);
1360 
1361  /* second iv */
1362  /* the iv to use to for the next part of the data is always the last
1363  * eight bytes of the cipher text. When encrypting the cipher text is
1364  * in out when decrypting it's in data.
1365  */
1366  v.var_type = VAR2_DATA;
1367  v.v.v_str.s_siz = 8;
1368  v.v.v_str.s_val = (unsigned char *) ((enc ? out : data) + datalen - 8);
1369  (void) add_var_to_list (a, 1, &v);
1370 
1371  goto ret;
1372 
1373 fail:
1374  retc->type = CONST_DATA;
1375  retc->x.str_val = g_malloc0 (1);
1376  retc->size = 0;
1377 
1378 ret:
1379  g_free (out);
1380  gcry_cipher_close (hd);
1381 
1382  return retc;
1383 }
1384 
1385 
1400 tree_cell *
1402 {
1403  return nasl_bf_cbc (lexic, 1);
1404 }
1405 
1406 
1421 tree_cell *
1423 {
1424  return nasl_bf_cbc (lexic, 0);
1425 }
1426 
1427 static tree_cell *
1428 encrypt_data (lex_ctxt *lexic, int cipher, int mode)
1429 {
1430  gcry_cipher_hd_t hd;
1431  gcry_error_t error;
1432  void *result, *data, *key, *tmp, *iv;
1433  size_t resultlen, datalen, keylen, tmplen, ivlen;
1434  tree_cell *retc;
1435 
1436  data = get_str_var_by_name (lexic, "data");
1437  datalen = get_var_size_by_name (lexic, "data");
1438  key = get_str_var_by_name (lexic, "key");
1439  keylen = get_var_size_by_name (lexic, "key");
1440  iv = get_str_var_by_name (lexic, "iv");
1441  ivlen = get_var_size_by_name (lexic, "iv");
1442 
1443  if (!data || datalen <= 0 || !key || keylen <= 0)
1444  {
1445  nasl_perror (lexic, "Syntax: encrypt_data: Missing data or key argument");
1446  return NULL;
1447  }
1448 
1449  if ((error = gcry_cipher_open (&hd, cipher, mode, 0)))
1450  {
1451  nasl_perror (lexic, "gcry_cipher_open: %s", gcry_strerror (error));
1452  gcry_cipher_close (hd);
1453  return NULL;
1454  }
1455  if ((error = gcry_cipher_setkey (hd, key, keylen)))
1456  {
1457  nasl_perror (lexic, "gcry_cipher_setkey: %s", gcry_strerror (error));
1458  gcry_cipher_close (hd);
1459  return NULL;
1460  }
1461 
1462  if (cipher == GCRY_CIPHER_ARCFOUR)
1463  {
1464  resultlen = datalen;
1465  tmp = g_memdup (data, datalen);
1466  tmplen = datalen;
1467  }
1468  else if (cipher == GCRY_CIPHER_3DES)
1469  {
1470  if (datalen % 8 == 0)
1471  resultlen = datalen;
1472  else
1473  resultlen = ((datalen / 8) + 1) * 8;
1474  tmp = g_malloc0 (resultlen);
1475  tmplen = resultlen;
1476  memcpy (tmp, data, datalen);
1477  }
1478  else if (cipher == GCRY_CIPHER_AES128)
1479  {
1480  if (datalen % 16 == 0)
1481  resultlen = datalen;
1482  else
1483  resultlen = ((datalen / 16) + 1) * 16;
1484  tmp = g_malloc0 (resultlen);
1485  tmplen = resultlen;
1486  memcpy (tmp, data, datalen);
1487  }
1488  else if (cipher == GCRY_CIPHER_AES256)
1489  {
1490  if (datalen % 32 == 0)
1491  resultlen = datalen;
1492  else
1493  resultlen = ((datalen / 32) + 1) * 32;
1494  tmp = g_malloc0 (resultlen);
1495  tmplen = resultlen;
1496  memcpy (tmp, data, datalen);
1497  }
1498  else
1499  {
1500  nasl_perror (lexic, "encrypt_data: Unknown cipher %d", cipher);
1501  gcry_cipher_close (hd);
1502  return NULL;
1503  }
1504 
1505  if (iv && ivlen)
1506  {
1507  if ((error = gcry_cipher_setiv (hd, iv, ivlen)))
1508  {
1509  nasl_perror (lexic, "gcry_cipher_setiv: %s", gcry_strerror (error));
1510  return NULL;
1511  }
1512  }
1513 
1514  result = g_malloc0 (resultlen);
1515  if ((error = gcry_cipher_encrypt (hd, result, resultlen, tmp, tmplen)))
1516  {
1517  log_legacy_write ("gcry_cipher_encrypt: %s", gcry_strerror (error));
1518  gcry_cipher_close (hd);
1519  g_free (result);
1520  g_free (tmp);
1521  return NULL;
1522  }
1523 
1524  g_free (tmp);
1525  gcry_cipher_close (hd);
1526  retc = alloc_tree_cell (0, NULL);
1527  retc->type = CONST_DATA;
1528  retc->x.str_val = result;
1529  retc->size = resultlen;
1530  return retc;
1531 }
1532 
1533 tree_cell *
1535 {
1536  return encrypt_data (lexic, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM);
1537 }
1538 
1539 tree_cell *
1541 {
1542  return encrypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC);
1543 }
1544 
1545 tree_cell *
1547 {
1548  return encrypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC);
1549 }
1550 
1551 tree_cell *
1553 {
1554  return encrypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR);
1555 }
1556 
1557 tree_cell *
1559 {
1560  return encrypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CTR);
1561 }
1562 
1563 tree_cell *
1565 {
1566  return encrypt_data (lexic, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC);
1567 }
1568 
1569 tree_cell *
1571 {
1572  return encrypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM);
1573 }
1574 
1575 tree_cell *
1577 {
1578  return encrypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM);
1579 }
tree_cell * nasl_rsa_public_decrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:838
#define err(x)
tree_cell * nasl_bn_random(lex_ctxt *lexic)
Definition: nasl_crypto2.c:210
tree_cell * nasl_bf_cbc_encrypt(lex_ctxt *lexic)
tree_cell * nasl_aes128_cbc_encrypt(lex_ctxt *lexic)
#define NUM_RSA_PARAMS
Creates a libgcryt s-expression from a GnuTLS private RSA key.
Definition: nasl_crypto2.c:898
short type
Definition: nasl_tree.h:107
union st_a_nasl_var::@9 v
char * str_val
Definition: nasl_tree.h:113
short ref_count
Definition: nasl_tree.h:109
tree_cell * nasl_aes128_ctr_encrypt(lex_ctxt *lexic)
void * ref_val
Definition: nasl_tree.h:115
tree_cell * nasl_dsa_do_verify(lex_ctxt *lexic)
tree_cell * nasl_aes128_gcm_encrypt(lex_ctxt *lexic)
nasl_string_t v_str
Definition: nasl_var.h:60
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
long int get_int_local_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1240
char * get_str_local_var_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1262
union TC::@7 x
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1255
void print_tls_error(lex_ctxt *lexic, char *txt, int err)
Prints a GnuTLS error.
Definition: nasl_crypto2.c:53
tree_cell * nasl_rsa_sign(lex_ctxt *lexic)
Definition: nasl_crypto2.c:980
int add_var_to_list(nasl_array *a, int i, const anon_nasl_var *v)
Definition: nasl_var.c:1403
int var_type
Definition: nasl_var.h:54
tree_cell * nasl_dh_compute_key(lex_ctxt *lexic)
Definition: nasl_crypto2.c:513
tree_cell * nasl_bn_cmp(lex_ctxt *lexic)
Definition: nasl_crypto2.c:173
void print_gcrypt_error(lex_ctxt *lexic, char *function, int err)
Prints a libgcrypt error.
Definition: nasl_crypto2.c:64
tree_cell * nasl_bf_cbc_decrypt(lex_ctxt *lexic)
tree_cell * nasl_rc4_encrypt(lex_ctxt *lexic)
Definition: nasl_tree.h:105
tree_cell * nasl_aes256_gcm_encrypt(lex_ctxt *lexic)
tree_cell * nasl_dsa_do_sign(lex_ctxt *lexic)
tree_cell * nasl_rsa_private_decrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:747
tree_cell * nasl_aes256_cbc_encrypt(lex_ctxt *lexic)
void nasl_perror(lex_ctxt *lexic, char *msg,...)
Definition: nasl_debug.c:94
tree_cell * nasl_rsa_public_encrypt(lex_ctxt *lexic)
Definition: nasl_crypto2.c:663
tree_cell * nasl_dh_generate_key(lex_ctxt *lexic)
Definition: nasl_crypto2.c:467
long int i_val
Definition: nasl_tree.h:114
tree_cell * nasl_pem_to_dsa(lex_ctxt *lexic)
Definition: nasl_crypto2.c:397
tree_cell * alloc_tree_cell(int lnb, char *s)
Definition: nasl_tree.c:37
tree_cell * nasl_pem_to_rsa(lex_ctxt *lexic)
Definition: nasl_crypto2.c:380
tree_cell * nasl_des_ede_cbc_encrypt(lex_ctxt *lexic)
#define SIGBLOB_LEN
Definition: nasl_crypto2.c:45
#define INTBLOB_LEN
Definition: nasl_crypto2.c:44
unsigned char * s_val
Definition: nasl_var.h:35
tree_cell * nasl_aes256_ctr_encrypt(lex_ctxt *lexic)
int get_var_size_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1291
tree_cell * nasl_pem_to(lex_ctxt *lexic, int type)
Implements the nasl functions pem_to_rsa and pem_to_dsa.
Definition: nasl_crypto2.c:296
int size
Definition: nasl_tree.h:110
tree_cell * nasl_bf_cbc(lex_ctxt *lexic, int enc)
Implements the nasl functions bf_cbc_encrypt and bf_cbc_decrypt.