version 1.30, 2001/03/26 23:12:42 |
version 1.31, 2001/04/15 16:58:03 |
|
|
buffer_free(&buffer); |
buffer_free(&buffer); |
|
|
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
if (fd < 0) |
if (fd < 0) { |
|
error("open %s failed: %s.", filename, strerror(errno)); |
return 0; |
return 0; |
|
} |
if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
buffer_len(&encrypted)) { |
buffer_len(&encrypted)) { |
debug("Write to key file %.200s failed: %.100s", filename, |
error("write to key file %s failed: %s", filename, |
strerror(errno)); |
strerror(errno)); |
buffer_free(&encrypted); |
buffer_free(&encrypted); |
close(fd); |
close(fd); |
|
|
EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; |
EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; |
|
|
if (len > 0 && len <= 4) { |
if (len > 0 && len <= 4) { |
error("passphrase too short: %d bytes", len); |
error("passphrase too short: have %d bytes, need > 4", len); |
errno = 0; |
|
return 0; |
return 0; |
} |
} |
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
if (fd < 0) { |
if (fd < 0) { |
debug("open %s failed", filename); |
error("open %s failed: %s.", filename, strerror(errno)); |
return 0; |
return 0; |
} |
} |
fp = fdopen(fd, "w"); |
fp = fdopen(fd, "w"); |
if (fp == NULL ) { |
if (fp == NULL ) { |
debug("fdopen %s failed", filename); |
error("fdopen %s failed: %s.", filename, strerror(errno)); |
close(fd); |
close(fd); |
return 0; |
return 0; |
} |
} |
|
|
default: |
default: |
break; |
break; |
} |
} |
|
error("key_save_private: cannot save key type %d", key->type); |
return 0; |
return 0; |
} |
} |
|
|
|
|
|
|
/* Check that it is at least big enough to contain the ID string. */ |
/* Check that it is at least big enough to contain the ID string. */ |
if (len < sizeof(authfile_id_string)) { |
if (len < sizeof(authfile_id_string)) { |
debug3("Bad RSA1 key file %.200s.", filename); |
debug3("No RSA1 key file %.200s.", filename); |
buffer_free(&buffer); |
buffer_free(&buffer); |
return NULL; |
return NULL; |
} |
} |
|
|
*/ |
*/ |
for (i = 0; i < sizeof(authfile_id_string); i++) |
for (i = 0; i < sizeof(authfile_id_string); i++) |
if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
debug3("Bad RSA1 key file %.200s.", filename); |
debug3("No RSA1 key file %.200s.", filename); |
buffer_free(&buffer); |
buffer_free(&buffer); |
return NULL; |
return NULL; |
} |
} |
|
|
|
|
/* Check that it is at least big enough to contain the ID string. */ |
/* Check that it is at least big enough to contain the ID string. */ |
if (len < sizeof(authfile_id_string)) { |
if (len < sizeof(authfile_id_string)) { |
debug3("Bad RSA1 key file %.200s.", filename); |
debug3("No RSA1 key file %.200s.", filename); |
buffer_free(&buffer); |
buffer_free(&buffer); |
close(fd); |
close(fd); |
return NULL; |
return NULL; |
|
|
*/ |
*/ |
for (i = 0; i < sizeof(authfile_id_string); i++) |
for (i = 0; i < sizeof(authfile_id_string); i++) |
if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
debug3("Bad RSA1 key file %.200s.", filename); |
debug3("No RSA1 key file %.200s.", filename); |
buffer_free(&buffer); |
buffer_free(&buffer); |
close(fd); |
close(fd); |
return NULL; |
return NULL; |
|
|
|
|
fp = fdopen(fd, "r"); |
fp = fdopen(fd, "r"); |
if (fp == NULL) { |
if (fp == NULL) { |
error("fdopen failed"); |
error("fdopen failed: %s", strerror(errno)); |
close(fd); |
close(fd); |
return NULL; |
return NULL; |
} |
} |
pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); |
pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); |
if (pk == NULL) { |
if (pk == NULL) { |
debug("PEM_read_PrivateKey failed"); |
error("PEM_read_PrivateKey failed"); |
(void)ERR_get_error(); |
(void)ERR_get_error(); |
} else if (pk->type == EVP_PKEY_RSA && |
} else if (pk->type == EVP_PKEY_RSA && |
(type == KEY_UNSPEC||type==KEY_RSA)) { |
(type == KEY_UNSPEC||type==KEY_RSA)) { |
|
|
if (fd < 0) |
if (fd < 0) |
return NULL; |
return NULL; |
if (!key_perm_ok(fd, filename)) { |
if (!key_perm_ok(fd, filename)) { |
debug("bad permissions: ignore key: %s", filename); |
error("bad permissions: ignore key: %s", filename); |
close(fd); |
close(fd); |
return NULL; |
return NULL; |
} |
} |
|
|
if (fd < 0) |
if (fd < 0) |
return NULL; |
return NULL; |
if (!key_perm_ok(fd, filename)) { |
if (!key_perm_ok(fd, filename)) { |
debug("bad permissions: ignore key: %s", filename); |
error("bad permissions: ignore key: %s", filename); |
close(fd); |
close(fd); |
return NULL; |
return NULL; |
} |
} |