| version 1.58.4.2, 2006/11/08 00:17:14 |
version 1.59, 2006/03/19 18:51:18 |
|
|
| /* $OpenBSD$ */ |
|
| /* |
/* |
| * read_bignum(): |
* read_bignum(): |
| * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
|
|
| * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
*/ |
| |
#include "includes.h" |
| |
|
| #include <sys/types.h> |
|
| |
|
| #include <openssl/evp.h> |
#include <openssl/evp.h> |
| |
|
| #include <stdio.h> |
|
| #include <string.h> |
|
| |
|
| #include "xmalloc.h" |
#include "xmalloc.h" |
| #include "key.h" |
#include "key.h" |
| #include "rsa.h" |
#include "rsa.h" |
| #include "uuencode.h" |
#include "uuencode.h" |
| #include "buffer.h" |
#include "buffer.h" |
| |
#include "bufaux.h" |
| #include "log.h" |
#include "log.h" |
| |
|
| Key * |
Key * |
|
|
| Key *k; |
Key *k; |
| RSA *rsa; |
RSA *rsa; |
| DSA *dsa; |
DSA *dsa; |
| k = xcalloc(1, sizeof(*k)); |
k = xmalloc(sizeof(*k)); |
| k->type = type; |
k->type = type; |
| |
k->flags = 0; |
| k->dsa = NULL; |
k->dsa = NULL; |
| k->rsa = NULL; |
k->rsa = NULL; |
| switch (k->type) { |
switch (k->type) { |
|
|
| void |
void |
| key_free(Key *k) |
key_free(Key *k) |
| { |
{ |
| if (k == NULL) |
|
| fatal("key_free: key is NULL"); |
|
| switch (k->type) { |
switch (k->type) { |
| case KEY_RSA1: |
case KEY_RSA1: |
| case KEY_RSA: |
case KEY_RSA: |
|
|
| return a->rsa != NULL && b->rsa != NULL && |
return a->rsa != NULL && b->rsa != NULL && |
| BN_cmp(a->rsa->e, b->rsa->e) == 0 && |
BN_cmp(a->rsa->e, b->rsa->e) == 0 && |
| BN_cmp(a->rsa->n, b->rsa->n) == 0; |
BN_cmp(a->rsa->n, b->rsa->n) == 0; |
| |
break; |
| case KEY_DSA: |
case KEY_DSA: |
| return a->dsa != NULL && b->dsa != NULL && |
return a->dsa != NULL && b->dsa != NULL && |
| BN_cmp(a->dsa->p, b->dsa->p) == 0 && |
BN_cmp(a->dsa->p, b->dsa->p) == 0 && |
| BN_cmp(a->dsa->q, b->dsa->q) == 0 && |
BN_cmp(a->dsa->q, b->dsa->q) == 0 && |
| BN_cmp(a->dsa->g, b->dsa->g) == 0 && |
BN_cmp(a->dsa->g, b->dsa->g) == 0 && |
| BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0; |
BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0; |
| |
break; |
| default: |
default: |
| fatal("key_equal: bad key type %d", a->type); |
fatal("key_equal: bad key type %d", a->type); |
| break; |
break; |
|
|
| break; |
break; |
| case KEY_UNSPEC: |
case KEY_UNSPEC: |
| return retval; |
return retval; |
| |
break; |
| default: |
default: |
| fatal("key_fingerprint_raw: bad key type %d", k->type); |
fatal("key_fingerprint_raw: bad key type %d", k->type); |
| break; |
break; |
|
|
| char *retval; |
char *retval; |
| u_int i; |
u_int i; |
| |
|
| retval = xcalloc(1, dgst_raw_len * 3 + 1); |
retval = xmalloc(dgst_raw_len * 3 + 1); |
| |
retval[0] = '\0'; |
| for (i = 0; i < dgst_raw_len; i++) { |
for (i = 0; i < dgst_raw_len; i++) { |
| char hex[4]; |
char hex[4]; |
| snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]); |
snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]); |
|
|
| char *retval; |
char *retval; |
| |
|
| rounds = (dgst_raw_len / 2) + 1; |
rounds = (dgst_raw_len / 2) + 1; |
| retval = xcalloc((rounds * 6), sizeof(char)); |
retval = xmalloc(sizeof(char) * (rounds*6)); |
| retval[j++] = 'x'; |
retval[j++] = 'x'; |
| for (i = 0; i < rounds; i++) { |
for (i = 0; i < rounds; i++) { |
| u_int idx0, idx1, idx2, idx3, idx4; |
u_int idx0, idx1, idx2, idx3, idx4; |
|
|
| switch (k->type) { |
switch (k->type) { |
| case KEY_RSA1: |
case KEY_RSA1: |
| return "RSA1"; |
return "RSA1"; |
| |
break; |
| case KEY_RSA: |
case KEY_RSA: |
| return "RSA"; |
return "RSA"; |
| |
break; |
| case KEY_DSA: |
case KEY_DSA: |
| return "DSA"; |
return "DSA"; |
| |
break; |
| } |
} |
| return "unknown"; |
return "unknown"; |
| } |
} |
|
|
| switch (k->type) { |
switch (k->type) { |
| case KEY_RSA: |
case KEY_RSA: |
| return "ssh-rsa"; |
return "ssh-rsa"; |
| |
break; |
| case KEY_DSA: |
case KEY_DSA: |
| return "ssh-dss"; |
return "ssh-dss"; |
| |
break; |
| } |
} |
| return "ssh-unknown"; |
return "ssh-unknown"; |
| } |
} |
|
|
| case KEY_RSA1: |
case KEY_RSA1: |
| case KEY_RSA: |
case KEY_RSA: |
| return BN_num_bits(k->rsa->n); |
return BN_num_bits(k->rsa->n); |
| |
break; |
| case KEY_DSA: |
case KEY_DSA: |
| return BN_num_bits(k->dsa->p); |
return BN_num_bits(k->dsa->p); |
| |
break; |
| } |
} |
| return 0; |
return 0; |
| } |
} |
|
|
| rsa_generate_private_key(u_int bits) |
rsa_generate_private_key(u_int bits) |
| { |
{ |
| RSA *private; |
RSA *private; |
| |
|
| private = RSA_generate_key(bits, 35, NULL, NULL); |
private = RSA_generate_key(bits, 35, NULL, NULL); |
| if (private == NULL) |
if (private == NULL) |
| fatal("rsa_generate_private_key: key generation failed."); |
fatal("rsa_generate_private_key: key generation failed."); |
|
|
| dsa_generate_private_key(u_int bits) |
dsa_generate_private_key(u_int bits) |
| { |
{ |
| DSA *private = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL); |
DSA *private = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL); |
| |
|
| if (private == NULL) |
if (private == NULL) |
| fatal("dsa_generate_private_key: DSA_generate_parameters failed"); |
fatal("dsa_generate_private_key: DSA_generate_parameters failed"); |
| if (!DSA_generate_key(private)) |
if (!DSA_generate_key(private)) |
|
|
| switch (k->type) { |
switch (k->type) { |
| case KEY_DSA: |
case KEY_DSA: |
| n = key_new(k->type); |
n = key_new(k->type); |
| if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) || |
BN_copy(n->dsa->p, k->dsa->p); |
| (BN_copy(n->dsa->q, k->dsa->q) == NULL) || |
BN_copy(n->dsa->q, k->dsa->q); |
| (BN_copy(n->dsa->g, k->dsa->g) == NULL) || |
BN_copy(n->dsa->g, k->dsa->g); |
| (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL)) |
BN_copy(n->dsa->pub_key, k->dsa->pub_key); |
| fatal("key_from_private: BN_copy failed"); |
|
| break; |
break; |
| case KEY_RSA: |
case KEY_RSA: |
| case KEY_RSA1: |
case KEY_RSA1: |
| n = key_new(k->type); |
n = key_new(k->type); |
| if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) || |
BN_copy(n->rsa->n, k->rsa->n); |
| (BN_copy(n->rsa->e, k->rsa->e) == NULL)) |
BN_copy(n->rsa->e, k->rsa->e); |
| fatal("key_from_private: BN_copy failed"); |
|
| break; |
break; |
| default: |
default: |
| fatal("key_from_private: unknown type %d", k->type); |
fatal("key_from_private: unknown type %d", k->type); |
|
|
| switch (key->type) { |
switch (key->type) { |
| case KEY_DSA: |
case KEY_DSA: |
| return ssh_dss_sign(key, sigp, lenp, data, datalen); |
return ssh_dss_sign(key, sigp, lenp, data, datalen); |
| |
break; |
| case KEY_RSA: |
case KEY_RSA: |
| return ssh_rsa_sign(key, sigp, lenp, data, datalen); |
return ssh_rsa_sign(key, sigp, lenp, data, datalen); |
| |
break; |
| default: |
default: |
| error("key_sign: invalid key type %d", key->type); |
error("key_sign: invalid key type %d", key->type); |
| return -1; |
return -1; |
| |
break; |
| } |
} |
| } |
} |
| |
|
|
|
| switch (key->type) { |
switch (key->type) { |
| case KEY_DSA: |
case KEY_DSA: |
| return ssh_dss_verify(key, signature, signaturelen, data, datalen); |
return ssh_dss_verify(key, signature, signaturelen, data, datalen); |
| |
break; |
| case KEY_RSA: |
case KEY_RSA: |
| return ssh_rsa_verify(key, signature, signaturelen, data, datalen); |
return ssh_rsa_verify(key, signature, signaturelen, data, datalen); |
| |
break; |
| default: |
default: |
| error("key_verify: invalid key type %d", key->type); |
error("key_verify: invalid key type %d", key->type); |
| return -1; |
return -1; |
| |
break; |
| } |
} |
| } |
} |
| |
|
|
|
| { |
{ |
| Key *pk; |
Key *pk; |
| |
|
| pk = xcalloc(1, sizeof(*pk)); |
pk = xmalloc(sizeof(*pk)); |
| pk->type = k->type; |
pk->type = k->type; |
| pk->flags = k->flags; |
pk->flags = k->flags; |
| pk->dsa = NULL; |
pk->dsa = NULL; |
![[BACK]](/icons/back.gif){kind=icon}
Return to key.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh