version 1.105, 2014/04/28 03:09:18 |
version 1.106, 2014/04/29 18:01:49 |
|
|
#include <sys/param.h> |
#include <sys/param.h> |
#include <sys/uio.h> |
#include <sys/uio.h> |
|
|
|
#ifdef WITH_OPENSSL |
#include <openssl/err.h> |
#include <openssl/err.h> |
#include <openssl/evp.h> |
#include <openssl/evp.h> |
#include <openssl/pem.h> |
#include <openssl/pem.h> |
|
#endif |
|
|
#include "crypto_api.h" |
#include "crypto_api.h" |
|
|
|
|
return k; |
return k; |
} |
} |
|
|
|
#ifdef WITH_SSH1 |
/* |
/* |
* Serialises the authentication (private) key to a blob, encrypting it with |
* Serialises the authentication (private) key to a blob, encrypting it with |
* passphrase. The identification of the blob (lowest 64 bits of n) will |
* passphrase. The identification of the blob (lowest 64 bits of n) will |
|
|
|
|
return 1; |
return 1; |
} |
} |
|
#endif |
|
|
|
#ifdef WITH_OPENSSL |
/* convert SSH v2 key in OpenSSL PEM format */ |
/* convert SSH v2 key in OpenSSL PEM format */ |
static int |
static int |
key_private_pem_to_blob(Key *key, Buffer *blob, const char *_passphrase, |
key_private_pem_to_blob(Key *key, Buffer *blob, const char *_passphrase, |
|
|
BIO_free(bio); |
BIO_free(bio); |
return success; |
return success; |
} |
} |
|
#endif |
|
|
/* Save a key blob to a file */ |
/* Save a key blob to a file */ |
static int |
static int |
|
|
int new_format_rounds) |
int new_format_rounds) |
{ |
{ |
switch (key->type) { |
switch (key->type) { |
|
#ifdef WITH_SSH1 |
case KEY_RSA1: |
case KEY_RSA1: |
return key_private_rsa1_to_blob(key, blob, passphrase, comment); |
return key_private_rsa1_to_blob(key, blob, passphrase, comment); |
|
#endif |
|
#ifdef WITH_OPENSSL |
case KEY_DSA: |
case KEY_DSA: |
case KEY_ECDSA: |
case KEY_ECDSA: |
case KEY_RSA: |
case KEY_RSA: |
|
|
comment, new_format_cipher, new_format_rounds); |
comment, new_format_cipher, new_format_rounds); |
} |
} |
return key_private_pem_to_blob(key, blob, passphrase, comment); |
return key_private_pem_to_blob(key, blob, passphrase, comment); |
|
#endif |
case KEY_ED25519: |
case KEY_ED25519: |
return key_private_to_blob2(key, blob, passphrase, |
return key_private_to_blob2(key, blob, passphrase, |
comment, new_format_cipher, new_format_rounds); |
comment, new_format_cipher, new_format_rounds); |
|
|
return success; |
return success; |
} |
} |
|
|
|
#ifdef WITH_SSH1 |
/* |
/* |
* Parse the public, unencrypted portion of a RSA1 key. |
* Parse the public, unencrypted portion of a RSA1 key. |
*/ |
*/ |
|
|
|
|
return pub; |
return pub; |
} |
} |
|
#endif |
|
|
/* Load a key from a fd into a buffer */ |
/* Load a key from a fd into a buffer */ |
int |
int |
|
|
return 1; |
return 1; |
} |
} |
|
|
|
#ifdef WITH_SSH1 |
/* |
/* |
* Loads the public part of the ssh v1 key file. Returns NULL if an error was |
* Loads the public part of the ssh v1 key file. Returns NULL if an error was |
* encountered (the file does not exist or is not readable), and the key |
* encountered (the file does not exist or is not readable), and the key |
|
|
key_free(prv); |
key_free(prv); |
return NULL; |
return NULL; |
} |
} |
|
#endif |
|
|
|
#ifdef WITH_OPENSSL |
static Key * |
static Key * |
key_parse_private_pem(Buffer *blob, int type, const char *passphrase, |
key_parse_private_pem(Buffer *blob, int type, const char *passphrase, |
char **commentp) |
char **commentp) |
|
|
buffer_free(&buffer); |
buffer_free(&buffer); |
return prv; |
return prv; |
} |
} |
|
#endif |
|
|
int |
int |
key_perm_ok(int fd, const char *filename) |
key_perm_ok(int fd, const char *filename) |
|
|
Key *k; |
Key *k; |
|
|
switch (type) { |
switch (type) { |
|
#ifdef WITH_SSH1 |
case KEY_RSA1: |
case KEY_RSA1: |
return key_parse_private_rsa1(blob, passphrase, commentp); |
return key_parse_private_rsa1(blob, passphrase, commentp); |
|
#endif |
|
#ifdef WITH_OPENSSL |
case KEY_DSA: |
case KEY_DSA: |
case KEY_ECDSA: |
case KEY_ECDSA: |
case KEY_RSA: |
case KEY_RSA: |
return key_parse_private_pem(blob, type, passphrase, commentp); |
return key_parse_private_pem(blob, type, passphrase, commentp); |
|
#endif |
case KEY_ED25519: |
case KEY_ED25519: |
return key_parse_private2(blob, type, passphrase, commentp); |
return key_parse_private2(blob, type, passphrase, commentp); |
case KEY_UNSPEC: |
case KEY_UNSPEC: |
if ((k = key_parse_private2(blob, type, passphrase, commentp))) |
if ((k = key_parse_private2(blob, type, passphrase, commentp))) |
return k; |
return k; |
|
#ifdef WITH_OPENSSL |
return key_parse_private_pem(blob, type, passphrase, commentp); |
return key_parse_private_pem(blob, type, passphrase, commentp); |
|
#endif |
default: |
default: |
error("%s: cannot parse key type %d", __func__, type); |
error("%s: cannot parse key type %d", __func__, type); |
break; |
break; |
|
|
key_parse_private(Buffer *buffer, const char *filename, |
key_parse_private(Buffer *buffer, const char *filename, |
const char *passphrase, char **commentp) |
const char *passphrase, char **commentp) |
{ |
{ |
|
#ifdef WITH_SSH1 |
Key *pub, *prv; |
Key *pub, *prv; |
|
|
/* it's a SSH v1 key if the public key part is readable */ |
/* it's a SSH v1 key if the public key part is readable */ |
|
|
NULL); |
NULL); |
} |
} |
return prv; |
return prv; |
|
#else |
|
return key_parse_private_type(buffer, KEY_UNSPEC, |
|
passphrase, commentp); |
|
#endif |
} |
} |
|
|
Key * |
Key * |
|
|
Key *pub; |
Key *pub; |
char file[MAXPATHLEN]; |
char file[MAXPATHLEN]; |
|
|
|
#ifdef WITH_SSH1 |
/* try rsa1 private key */ |
/* try rsa1 private key */ |
pub = key_load_public_type(KEY_RSA1, filename, commentp); |
pub = key_load_public_type(KEY_RSA1, filename, commentp); |
if (pub != NULL) |
if (pub != NULL) |
|
|
if (key_try_load_public(pub, filename, commentp) == 1) |
if (key_try_load_public(pub, filename, commentp) == 1) |
return pub; |
return pub; |
key_free(pub); |
key_free(pub); |
|
#endif |
|
|
/* try ssh2 public key */ |
/* try ssh2 public key */ |
pub = key_new(KEY_UNSPEC); |
pub = key_new(KEY_UNSPEC); |
|
|
Key *key, *pub; |
Key *key, *pub; |
|
|
switch (type) { |
switch (type) { |
|
#ifdef WITH_OPENSSL |
case KEY_RSA: |
case KEY_RSA: |
case KEY_DSA: |
case KEY_DSA: |
case KEY_ECDSA: |
case KEY_ECDSA: |
|
#endif |
case KEY_ED25519: |
case KEY_ED25519: |
break; |
break; |
default: |
default: |