version 1.99, 2012/05/23 03:28:28 |
version 1.100, 2013/01/17 23:00:01 |
|
|
#include "misc.h" |
#include "misc.h" |
#include "ssh2.h" |
#include "ssh2.h" |
|
|
|
static int to_blob(const Key *, u_char **, u_int *, int); |
|
|
static struct KeyCert * |
static struct KeyCert * |
cert_new(void) |
cert_new(void) |
{ |
{ |
|
|
} |
} |
|
|
u_char* |
u_char* |
key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length) |
key_fingerprint_raw(const Key *k, enum fp_type dgst_type, |
|
u_int *dgst_raw_length) |
{ |
{ |
const EVP_MD *md = NULL; |
const EVP_MD *md = NULL; |
EVP_MD_CTX ctx; |
EVP_MD_CTX ctx; |
u_char *blob = NULL; |
u_char *blob = NULL; |
u_char *retval = NULL; |
u_char *retval = NULL; |
u_int len = 0; |
u_int len = 0; |
int nlen, elen, otype; |
int nlen, elen; |
|
|
*dgst_raw_length = 0; |
*dgst_raw_length = 0; |
|
|
|
|
case KEY_ECDSA_CERT: |
case KEY_ECDSA_CERT: |
case KEY_RSA_CERT: |
case KEY_RSA_CERT: |
/* We want a fingerprint of the _key_ not of the cert */ |
/* We want a fingerprint of the _key_ not of the cert */ |
otype = k->type; |
to_blob(k, &blob, &len, 1); |
k->type = key_type_plain(k->type); |
|
key_to_blob(k, &blob, &len); |
|
k->type = otype; |
|
break; |
break; |
case KEY_UNSPEC: |
case KEY_UNSPEC: |
return retval; |
return retval; |
|
|
return key; |
return key; |
} |
} |
|
|
int |
static int |
key_to_blob(const Key *key, u_char **blobp, u_int *lenp) |
to_blob(const Key *key, u_char **blobp, u_int *lenp, int force_plain) |
{ |
{ |
Buffer b; |
Buffer b; |
int len; |
int len, type; |
|
|
if (key == NULL) { |
if (key == NULL) { |
error("key_to_blob: key == NULL"); |
error("key_to_blob: key == NULL"); |
return 0; |
return 0; |
} |
} |
buffer_init(&b); |
buffer_init(&b); |
switch (key->type) { |
type = force_plain ? key_type_plain(key->type) : key->type; |
|
switch (type) { |
case KEY_DSA_CERT_V00: |
case KEY_DSA_CERT_V00: |
case KEY_RSA_CERT_V00: |
case KEY_RSA_CERT_V00: |
case KEY_DSA_CERT: |
case KEY_DSA_CERT: |
|
|
buffer_len(&key->cert->certblob)); |
buffer_len(&key->cert->certblob)); |
break; |
break; |
case KEY_DSA: |
case KEY_DSA: |
buffer_put_cstring(&b, key_ssh_name(key)); |
buffer_put_cstring(&b, |
|
key_ssh_name_from_type_nid(type, key->ecdsa_nid)); |
buffer_put_bignum2(&b, key->dsa->p); |
buffer_put_bignum2(&b, key->dsa->p); |
buffer_put_bignum2(&b, key->dsa->q); |
buffer_put_bignum2(&b, key->dsa->q); |
buffer_put_bignum2(&b, key->dsa->g); |
buffer_put_bignum2(&b, key->dsa->g); |
buffer_put_bignum2(&b, key->dsa->pub_key); |
buffer_put_bignum2(&b, key->dsa->pub_key); |
break; |
break; |
case KEY_ECDSA: |
case KEY_ECDSA: |
buffer_put_cstring(&b, key_ssh_name(key)); |
buffer_put_cstring(&b, |
|
key_ssh_name_from_type_nid(type, key->ecdsa_nid)); |
buffer_put_cstring(&b, key_curve_nid_to_name(key->ecdsa_nid)); |
buffer_put_cstring(&b, key_curve_nid_to_name(key->ecdsa_nid)); |
buffer_put_ecpoint(&b, EC_KEY_get0_group(key->ecdsa), |
buffer_put_ecpoint(&b, EC_KEY_get0_group(key->ecdsa), |
EC_KEY_get0_public_key(key->ecdsa)); |
EC_KEY_get0_public_key(key->ecdsa)); |
break; |
break; |
case KEY_RSA: |
case KEY_RSA: |
buffer_put_cstring(&b, key_ssh_name(key)); |
buffer_put_cstring(&b, |
|
key_ssh_name_from_type_nid(type, key->ecdsa_nid)); |
buffer_put_bignum2(&b, key->rsa->e); |
buffer_put_bignum2(&b, key->rsa->e); |
buffer_put_bignum2(&b, key->rsa->n); |
buffer_put_bignum2(&b, key->rsa->n); |
break; |
break; |
|
|
} |
} |
|
|
int |
int |
|
key_to_blob(const Key *key, u_char **blobp, u_int *lenp) |
|
{ |
|
return to_blob(key, blobp, lenp, 0); |
|
} |
|
|
|
int |
key_sign( |
key_sign( |
const Key *key, |
const Key *key, |
u_char **sigp, u_int *lenp, |
u_char **sigp, u_int *lenp, |
|
|
} |
} |
|
|
int |
int |
key_cert_is_legacy(Key *k) |
key_cert_is_legacy(const Key *k) |
{ |
{ |
switch (k->type) { |
switch (k->type) { |
case KEY_DSA_CERT_V00: |
case KEY_DSA_CERT_V00: |