| version 1.114, 2013/12/29 04:20:04 |
version 1.115, 2014/01/09 23:20:00 |
|
|
| #include "log.h" |
#include "log.h" |
| #include "misc.h" |
#include "misc.h" |
| #include "ssh2.h" |
#include "ssh2.h" |
| |
#include "digest.h" |
| |
|
| static int to_blob(const Key *, u_char **, u_int *, int); |
static int to_blob(const Key *, u_char **, u_int *, int); |
| static Key *key_from_blob2(const u_char *, u_int, int); |
static Key *key_from_blob2(const u_char *, u_int, int); |
|
|
| key_fingerprint_raw(const Key *k, enum fp_type dgst_type, |
key_fingerprint_raw(const Key *k, enum fp_type dgst_type, |
| u_int *dgst_raw_length) |
u_int *dgst_raw_length) |
| { |
{ |
| const EVP_MD *md = NULL; |
|
| EVP_MD_CTX ctx; |
|
| u_char *blob = NULL; |
u_char *blob = NULL; |
| u_char *retval = NULL; |
u_char *retval = NULL; |
| u_int len = 0; |
u_int len = 0; |
| int nlen, elen; |
int nlen, elen, hash_alg = -1; |
| |
|
| *dgst_raw_length = 0; |
*dgst_raw_length = 0; |
| |
|
| |
/* XXX switch to DIGEST_* directly? */ |
| switch (dgst_type) { |
switch (dgst_type) { |
| case SSH_FP_MD5: |
case SSH_FP_MD5: |
| md = EVP_md5(); |
hash_alg = SSH_DIGEST_MD5; |
| break; |
break; |
| case SSH_FP_SHA1: |
case SSH_FP_SHA1: |
| md = EVP_sha1(); |
hash_alg = SSH_DIGEST_SHA1; |
| break; |
break; |
| case SSH_FP_SHA256: |
case SSH_FP_SHA256: |
| md = EVP_sha256(); |
hash_alg = SSH_DIGEST_SHA256; |
| break; |
break; |
| default: |
default: |
| fatal("key_fingerprint_raw: bad digest type %d", |
fatal("%s: bad digest type %d", __func__, dgst_type); |
| dgst_type); |
|
| } |
} |
| switch (k->type) { |
switch (k->type) { |
| case KEY_RSA1: |
case KEY_RSA1: |
|
|
| case KEY_UNSPEC: |
case KEY_UNSPEC: |
| return retval; |
return retval; |
| default: |
default: |
| fatal("key_fingerprint_raw: bad key type %d", k->type); |
fatal("%s: bad key type %d", __func__, k->type); |
| break; |
break; |
| } |
} |
| if (blob != NULL) { |
if (blob != NULL) { |
| retval = xmalloc(EVP_MAX_MD_SIZE); |
retval = xmalloc(SSH_DIGEST_MAX_LENGTH); |
| EVP_DigestInit(&ctx, md); |
if ((ssh_digest_memory(hash_alg, blob, len, |
| EVP_DigestUpdate(&ctx, blob, len); |
retval, SSH_DIGEST_MAX_LENGTH)) != 0) |
| EVP_DigestFinal(&ctx, retval, dgst_raw_length); |
fatal("%s: digest_memory failed", __func__); |
| memset(blob, 0, len); |
memset(blob, 0, len); |
| free(blob); |
free(blob); |
| |
*dgst_raw_length = ssh_digest_bytes(hash_alg); |
| } else { |
} else { |
| fatal("key_fingerprint_raw: blob is null"); |
fatal("%s: blob is null", __func__); |
| } |
} |
| return retval; |
return retval; |
| } |
} |
|
|
| return NULL; |
return NULL; |
| } |
} |
| |
|
| const EVP_MD * |
int |
| key_ec_nid_to_evpmd(int nid) |
key_ec_nid_to_hash_alg(int nid) |
| { |
{ |
| int kbits = key_curve_nid_to_bits(nid); |
int kbits = key_curve_nid_to_bits(nid); |
| |
|
|
|
| fatal("%s: invalid nid %d", __func__, nid); |
fatal("%s: invalid nid %d", __func__, nid); |
| /* RFC5656 section 6.2.1 */ |
/* RFC5656 section 6.2.1 */ |
| if (kbits <= 256) |
if (kbits <= 256) |
| return EVP_sha256(); |
return SSH_DIGEST_SHA256; |
| else if (kbits <= 384) |
else if (kbits <= 384) |
| return EVP_sha384(); |
return SSH_DIGEST_SHA384; |
| else |
else |
| return EVP_sha512(); |
return SSH_DIGEST_SHA512; |
| } |
} |
| |
|
| int |
int |
![[BACK]](/icons/back.gif){kind=icon}
Return to key.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh