mirror of
https://github.com/gnif/LookingGlass.git
synced 2024-11-22 13:37:22 +00:00
[spice] relocate openssl code into seperate function
This is in preperation of switching to an alternative SSL library as OpenSSL conflicts with the GNU licence.
This commit is contained in:
parent
6e0eac0abc
commit
cba6630aa0
@ -17,6 +17,7 @@ CFLAGS += -DBUILD_VERSION='"$(shell git describe --always --long --dirty --abbr
|
|||||||
|
|
||||||
OBJS = main.o \
|
OBJS = main.o \
|
||||||
lg-renderer.o \
|
lg-renderer.o \
|
||||||
|
spice/rsa.o \
|
||||||
spice/spice.o \
|
spice/spice.o \
|
||||||
parsers/nal.o \
|
parsers/nal.o \
|
||||||
decoders/null.o \
|
decoders/null.o \
|
||||||
|
74
client/spice/rsa.c
Normal file
74
client/spice/rsa.c
Normal file
@ -0,0 +1,74 @@
|
|||||||
|
/*
|
||||||
|
Looking Glass - KVM FrameRelay (KVMFR) Client
|
||||||
|
Copyright (C) 2017 Geoffrey McRae <geoff@hostfission.com>
|
||||||
|
https://looking-glass.hostfission.com
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify it under
|
||||||
|
the terms of the GNU General Public License as published by the Free Software
|
||||||
|
Foundation; either version 2 of the License, or (at your option) any later
|
||||||
|
version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful, but WITHOUT ANY
|
||||||
|
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License along with
|
||||||
|
this program; if not, write to the Free Software Foundation, Inc., 59 Temple
|
||||||
|
Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "rsa.h"
|
||||||
|
#include "debug.h"
|
||||||
|
|
||||||
|
#include <spice/protocol.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#include <openssl/rsa.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
|
||||||
|
bool spice_rsa_encrypt_password(uint8_t * pub_key, char * password, struct spice_password * result)
|
||||||
|
{
|
||||||
|
BIO *bioKey = BIO_new(BIO_s_mem());
|
||||||
|
if (!bioKey)
|
||||||
|
{
|
||||||
|
DEBUG_ERROR("failed to allocate bioKey");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
BIO_write(bioKey, pub_key, SPICE_TICKET_PUBKEY_BYTES);
|
||||||
|
EVP_PKEY *rsaKey = d2i_PUBKEY_bio(bioKey, NULL);
|
||||||
|
RSA *rsa = EVP_PKEY_get1_RSA(rsaKey);
|
||||||
|
|
||||||
|
result->size = RSA_size(rsa);
|
||||||
|
result->data = (char *)malloc(result->size);
|
||||||
|
|
||||||
|
if (RSA_public_encrypt(
|
||||||
|
strlen(password) + 1,
|
||||||
|
(uint8_t*)password,
|
||||||
|
(uint8_t*)result->data,
|
||||||
|
rsa,
|
||||||
|
RSA_PKCS1_OAEP_PADDING
|
||||||
|
) <= 0)
|
||||||
|
{
|
||||||
|
free(result->data);
|
||||||
|
result->size = 0;
|
||||||
|
result->data = NULL;
|
||||||
|
|
||||||
|
DEBUG_ERROR("rsa public encrypt failed");
|
||||||
|
EVP_PKEY_free(rsaKey);
|
||||||
|
BIO_free(bioKey);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
EVP_PKEY_free(rsaKey);
|
||||||
|
BIO_free(bioKey);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
void spice_rsa_free_password(struct spice_password * pass)
|
||||||
|
{
|
||||||
|
free(pass->data);
|
||||||
|
pass->size = 0;
|
||||||
|
pass->data = NULL;
|
||||||
|
}
|
30
client/spice/rsa.h
Normal file
30
client/spice/rsa.h
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
/*
|
||||||
|
Looking Glass - KVM FrameRelay (KVMFR) Client
|
||||||
|
Copyright (C) 2017 Geoffrey McRae <geoff@hostfission.com>
|
||||||
|
https://looking-glass.hostfission.com
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify it under
|
||||||
|
the terms of the GNU General Public License as published by the Free Software
|
||||||
|
Foundation; either version 2 of the License, or (at your option) any later
|
||||||
|
version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful, but WITHOUT ANY
|
||||||
|
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License along with
|
||||||
|
this program; if not, write to the Free Software Foundation, Inc., 59 Temple
|
||||||
|
Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdbool.h>
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
struct spice_password
|
||||||
|
{
|
||||||
|
char * data;
|
||||||
|
unsigned int size;
|
||||||
|
};
|
||||||
|
|
||||||
|
bool spice_rsa_encrypt_password(uint8_t * pub_key, char * password, struct spice_password * result);
|
||||||
|
void spice_rsa_free_password(struct spice_password * pass);
|
@ -27,10 +27,6 @@ Place, Suite 330, Boston, MA 02111-1307 USA
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
|
|
||||||
#include <openssl/rsa.h>
|
|
||||||
#include <openssl/evp.h>
|
|
||||||
#include <openssl/x509.h>
|
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
#include <sys/select.h>
|
#include <sys/select.h>
|
||||||
@ -42,6 +38,7 @@ Place, Suite 330, Boston, MA 02111-1307 USA
|
|||||||
#include <spice/error_codes.h>
|
#include <spice/error_codes.h>
|
||||||
|
|
||||||
#include "messages.h"
|
#include "messages.h"
|
||||||
|
#include "rsa.h"
|
||||||
|
|
||||||
#ifdef DEBUG_SPICE_MOUSE
|
#ifdef DEBUG_SPICE_MOUSE
|
||||||
#define DEBUG_MOUSE(fmt, args...) DEBUG_PRINT("[M]", fmt, ##args)
|
#define DEBUG_MOUSE(fmt, args...) DEBUG_PRINT("[M]", fmt, ##args)
|
||||||
@ -584,45 +581,23 @@ bool spice_connect_channel(struct SpiceChannel * channel)
|
|||||||
spice_read(channel, &capsCommon , sizeof(capsCommon ));
|
spice_read(channel, &capsCommon , sizeof(capsCommon ));
|
||||||
spice_read(channel, &capsChannel, sizeof(capsChannel));
|
spice_read(channel, &capsChannel, sizeof(capsChannel));
|
||||||
|
|
||||||
BIO *bioKey = BIO_new(BIO_s_mem());
|
struct spice_password pass;
|
||||||
if (!bioKey)
|
if (!spice_rsa_encrypt_password(reply.pub_key, spice.password, &pass))
|
||||||
{
|
{
|
||||||
DEBUG_ERROR("failed to allocate bioKey");
|
|
||||||
spice_disconnect_channel(channel);
|
spice_disconnect_channel(channel);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
BIO_write(bioKey, reply.pub_key, SPICE_TICKET_PUBKEY_BYTES);
|
if (!spice_write(channel, pass.data, pass.size))
|
||||||
EVP_PKEY *rsaKey = d2i_PUBKEY_bio(bioKey, NULL);
|
|
||||||
RSA *rsa = EVP_PKEY_get1_RSA(rsaKey);
|
|
||||||
|
|
||||||
char enc[RSA_size(rsa)];
|
|
||||||
if (RSA_public_encrypt(
|
|
||||||
strlen(spice.password) + 1,
|
|
||||||
(uint8_t*)spice.password,
|
|
||||||
(uint8_t*)enc,
|
|
||||||
rsa,
|
|
||||||
RSA_PKCS1_OAEP_PADDING
|
|
||||||
) <= 0)
|
|
||||||
{
|
|
||||||
DEBUG_ERROR("rsa public encrypt failed");
|
|
||||||
spice_disconnect_channel(channel);
|
|
||||||
EVP_PKEY_free(rsaKey);
|
|
||||||
BIO_free(bioKey);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
ssize_t rsaSize = RSA_size(rsa);
|
|
||||||
EVP_PKEY_free(rsaKey);
|
|
||||||
BIO_free(bioKey);
|
|
||||||
|
|
||||||
if (!spice_write(channel, enc, rsaSize))
|
|
||||||
{
|
{
|
||||||
|
spice_rsa_free_password(&pass);
|
||||||
DEBUG_ERROR("failed to write encrypted data");
|
DEBUG_ERROR("failed to write encrypted data");
|
||||||
spice_disconnect_channel(channel);
|
spice_disconnect_channel(channel);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
spice_rsa_free_password(&pass);
|
||||||
|
|
||||||
uint32_t linkResult;
|
uint32_t linkResult;
|
||||||
if (!spice_read(channel, &linkResult, sizeof(linkResult)))
|
if (!spice_read(channel, &linkResult, sizeof(linkResult)))
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user