version 1.130, 2016/05/02 09:36:42 |
version 1.131, 2017/05/30 14:16:41 |
|
|
#include "log.h" |
#include "log.h" |
#include "authfile.h" |
#include "authfile.h" |
|
|
void |
|
key_add_private(Key *k) |
|
{ |
|
int r; |
|
|
|
if ((r = sshkey_add_private(k)) != 0) |
|
fatal("%s: %s", __func__, ssh_err(r)); |
|
} |
|
|
|
Key * |
|
key_new_private(int type) |
|
{ |
|
Key *ret = NULL; |
|
|
|
if ((ret = sshkey_new_private(type)) == NULL) |
|
fatal("%s: failed", __func__); |
|
return ret; |
|
} |
|
|
|
int |
|
key_read(Key *ret, char **cpp) |
|
{ |
|
return sshkey_read(ret, cpp) == 0 ? 1 : -1; |
|
} |
|
|
|
int |
|
key_write(const Key *key, FILE *f) |
|
{ |
|
return sshkey_write(key, f) == 0 ? 1 : 0; |
|
} |
|
|
|
Key * |
|
key_generate(int type, u_int bits) |
|
{ |
|
int r; |
|
Key *ret = NULL; |
|
|
|
if ((r = sshkey_generate(type, bits, &ret)) != 0) |
|
fatal("%s: %s", __func__, ssh_err(r)); |
|
return ret; |
|
} |
|
|
|
void |
|
key_cert_copy(const Key *from_key, Key *to_key) |
|
{ |
|
int r; |
|
|
|
if ((r = sshkey_cert_copy(from_key, to_key)) != 0) |
|
fatal("%s: %s", __func__, ssh_err(r)); |
|
} |
|
|
|
Key * |
|
key_from_private(const Key *k) |
|
{ |
|
int r; |
|
Key *ret = NULL; |
|
|
|
if ((r = sshkey_from_private(k, &ret)) != 0) |
|
fatal("%s: %s", __func__, ssh_err(r)); |
|
return ret; |
|
} |
|
|
|
static void |
static void |
fatal_on_fatal_errors(int r, const char *func, int extra_fatal) |
fatal_on_fatal_errors(int r, const char *func, int extra_fatal) |
{ |
{ |
|
|
} |
} |
|
|
int |
int |
key_to_certified(Key *k) |
|
{ |
|
int r; |
|
|
|
if ((r = sshkey_to_certified(k)) != 0) { |
|
fatal_on_fatal_errors(r, __func__, 0); |
|
error("%s: %s", __func__, ssh_err(r)); |
|
return -1; |
|
} |
|
return 0; |
|
} |
|
|
|
int |
|
key_drop_cert(Key *k) |
key_drop_cert(Key *k) |
{ |
{ |
int r; |
int r; |
|
|
} |
} |
|
|
int |
int |
key_certify(Key *k, Key *ca) |
|
{ |
|
int r; |
|
|
|
if ((r = sshkey_certify(k, ca, NULL)) != 0) { |
|
fatal_on_fatal_errors(r, __func__, 0); |
|
error("%s: %s", __func__, ssh_err(r)); |
|
return -1; |
|
} |
|
return 0; |
|
} |
|
|
|
int |
|
key_cert_check_authority(const Key *k, int want_host, int require_principal, |
key_cert_check_authority(const Key *k, int want_host, int require_principal, |
const char *name, const char **reason) |
const char *name, const char **reason) |
{ |
{ |
|
|
return 0; |
return 0; |
} |
} |
|
|
#ifdef WITH_OPENSSL |
|
int |
|
key_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) |
|
{ |
|
int r; |
|
|
|
if ((r = sshkey_ec_validate_public(group, public)) != 0) { |
|
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); |
|
error("%s: %s", __func__, ssh_err(r)); |
|
return -1; |
|
} |
|
return 0; |
|
} |
|
|
|
int |
|
key_ec_validate_private(const EC_KEY *key) |
|
{ |
|
int r; |
|
|
|
if ((r = sshkey_ec_validate_private(key)) != 0) { |
|
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); |
|
error("%s: %s", __func__, ssh_err(r)); |
|
return -1; |
|
} |
|
return 0; |
|
} |
|
#endif /* WITH_OPENSSL */ |
|
|
|
void |
|
key_private_serialize(const Key *key, struct sshbuf *b) |
|
{ |
|
int r; |
|
|
|
if ((r = sshkey_private_serialize(key, b)) != 0) |
|
fatal("%s: %s", __func__, ssh_err(r)); |
|
} |
|
|
|
Key * |
|
key_private_deserialize(struct sshbuf *blob) |
|
{ |
|
int r; |
|
Key *ret = NULL; |
|
|
|
if ((r = sshkey_private_deserialize(blob, &ret)) != 0) { |
|
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); |
|
error("%s: %s", __func__, ssh_err(r)); |
|
return NULL; |
|
} |
|
return ret; |
|
} |
|
|
|
/* authfile.c */ |
/* authfile.c */ |
|
|
int |
|
key_save_private(Key *key, const char *filename, const char *passphrase, |
|
const char *comment, int force_new_format, const char *new_format_cipher, |
|
int new_format_rounds) |
|
{ |
|
int r; |
|
|
|
if ((r = sshkey_save_private(key, filename, passphrase, comment, |
|
force_new_format, new_format_cipher, new_format_rounds)) != 0) { |
|
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); |
|
error("%s: %s", __func__, ssh_err(r)); |
|
return 0; |
|
} |
|
return 1; |
|
} |
|
|
|
int |
|
key_load_file(int fd, const char *filename, struct sshbuf *blob) |
|
{ |
|
int r; |
|
|
|
if ((r = sshkey_load_file(fd, blob)) != 0) { |
|
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); |
|
error("%s: %s", __func__, ssh_err(r)); |
|
return 0; |
|
} |
|
return 1; |
|
} |
|
|
|
Key * |
Key * |
key_load_cert(const char *filename) |
key_load_cert(const char *filename) |
{ |
{ |
|
|
} |
} |
return ret; |
return ret; |
} |
} |
|
|
int |
|
key_perm_ok(int fd, const char *filename) |
|
{ |
|
return sshkey_perm_ok(fd, filename) == 0 ? 1 : 0; |
|
} |
|
|
|