version 1.91, 2011/05/23 07:24:57 |
version 1.92, 2011/06/14 22:49:18 |
|
|
key_parse_public_rsa1(Buffer *blob, char **commentp) |
key_parse_public_rsa1(Buffer *blob, char **commentp) |
{ |
{ |
Key *pub; |
Key *pub; |
|
Buffer copy; |
|
|
/* Check that it is at least big enough to contain the ID string. */ |
/* Check that it is at least big enough to contain the ID string. */ |
if (buffer_len(blob) < sizeof(authfile_id_string)) { |
if (buffer_len(blob) < sizeof(authfile_id_string)) { |
|
|
debug3("Incorrect RSA1 identifier"); |
debug3("Incorrect RSA1 identifier"); |
return NULL; |
return NULL; |
} |
} |
buffer_consume(blob, sizeof(authfile_id_string)); |
buffer_init(©); |
|
buffer_append(©, buffer_ptr(blob), buffer_len(blob)); |
|
buffer_consume(©, sizeof(authfile_id_string)); |
|
|
/* Skip cipher type and reserved data. */ |
/* Skip cipher type and reserved data. */ |
(void) buffer_get_char(blob); /* cipher type */ |
(void) buffer_get_char(©); /* cipher type */ |
(void) buffer_get_int(blob); /* reserved */ |
(void) buffer_get_int(©); /* reserved */ |
|
|
/* Read the public key from the buffer. */ |
/* Read the public key from the buffer. */ |
(void) buffer_get_int(blob); |
(void) buffer_get_int(©); |
pub = key_new(KEY_RSA1); |
pub = key_new(KEY_RSA1); |
buffer_get_bignum(blob, pub->rsa->n); |
buffer_get_bignum(©, pub->rsa->n); |
buffer_get_bignum(blob, pub->rsa->e); |
buffer_get_bignum(©, pub->rsa->e); |
if (commentp) |
if (commentp) |
*commentp = buffer_get_string(blob, NULL); |
*commentp = buffer_get_string(©, NULL); |
/* The encrypted private part is not parsed by this function. */ |
/* The encrypted private part is not parsed by this function. */ |
buffer_clear(blob); |
buffer_free(©); |
|
|
return pub; |
return pub; |
} |
} |
|
|
CipherContext ciphercontext; |
CipherContext ciphercontext; |
Cipher *cipher; |
Cipher *cipher; |
Key *prv = NULL; |
Key *prv = NULL; |
|
Buffer copy; |
|
|
/* Check that it is at least big enough to contain the ID string. */ |
/* Check that it is at least big enough to contain the ID string. */ |
if (buffer_len(blob) < sizeof(authfile_id_string)) { |
if (buffer_len(blob) < sizeof(authfile_id_string)) { |
|
|
debug3("Incorrect RSA1 identifier"); |
debug3("Incorrect RSA1 identifier"); |
return NULL; |
return NULL; |
} |
} |
buffer_consume(blob, sizeof(authfile_id_string)); |
buffer_init(©); |
|
buffer_append(©, buffer_ptr(blob), buffer_len(blob)); |
|
buffer_consume(©, sizeof(authfile_id_string)); |
|
|
/* Read cipher type. */ |
/* Read cipher type. */ |
cipher_type = buffer_get_char(blob); |
cipher_type = buffer_get_char(©); |
(void) buffer_get_int(blob); /* Reserved data. */ |
(void) buffer_get_int(©); /* Reserved data. */ |
|
|
/* Read the public key from the buffer. */ |
/* Read the public key from the buffer. */ |
(void) buffer_get_int(blob); |
(void) buffer_get_int(©); |
prv = key_new_private(KEY_RSA1); |
prv = key_new_private(KEY_RSA1); |
|
|
buffer_get_bignum(blob, prv->rsa->n); |
buffer_get_bignum(©, prv->rsa->n); |
buffer_get_bignum(blob, prv->rsa->e); |
buffer_get_bignum(©, prv->rsa->e); |
if (commentp) |
if (commentp) |
*commentp = buffer_get_string(blob, NULL); |
*commentp = buffer_get_string(©, NULL); |
else |
else |
(void)buffer_get_string_ptr(blob, NULL); |
(void)buffer_get_string_ptr(©, NULL); |
|
|
/* Check that it is a supported cipher. */ |
/* Check that it is a supported cipher. */ |
cipher = cipher_by_number(cipher_type); |
cipher = cipher_by_number(cipher_type); |
if (cipher == NULL) { |
if (cipher == NULL) { |
debug("Unsupported RSA1 cipher %d", cipher_type); |
debug("Unsupported RSA1 cipher %d", cipher_type); |
|
buffer_free(©); |
goto fail; |
goto fail; |
} |
} |
/* Initialize space for decrypted data. */ |
/* Initialize space for decrypted data. */ |
buffer_init(&decrypted); |
buffer_init(&decrypted); |
cp = buffer_append_space(&decrypted, buffer_len(blob)); |
cp = buffer_append_space(&decrypted, buffer_len(©)); |
|
|
/* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ |
/* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ |
cipher_set_key_string(&ciphercontext, cipher, passphrase, |
cipher_set_key_string(&ciphercontext, cipher, passphrase, |
CIPHER_DECRYPT); |
CIPHER_DECRYPT); |
cipher_crypt(&ciphercontext, cp, |
cipher_crypt(&ciphercontext, cp, |
buffer_ptr(blob), buffer_len(blob)); |
buffer_ptr(©), buffer_len(©)); |
cipher_cleanup(&ciphercontext); |
cipher_cleanup(&ciphercontext); |
memset(&ciphercontext, 0, sizeof(ciphercontext)); |
memset(&ciphercontext, 0, sizeof(ciphercontext)); |
buffer_clear(blob); |
buffer_free(©); |
|
|
check1 = buffer_get_char(&decrypted); |
check1 = buffer_get_char(&decrypted); |
check2 = buffer_get_char(&decrypted); |
check2 = buffer_get_char(&decrypted); |
|
|
const char *passphrase, char **commentp) |
const char *passphrase, char **commentp) |
{ |
{ |
Key *pub, *prv; |
Key *pub, *prv; |
Buffer pubcopy; |
|
|
|
buffer_init(&pubcopy); |
|
buffer_append(&pubcopy, buffer_ptr(buffer), buffer_len(buffer)); |
|
/* it's a SSH v1 key if the public key part is readable */ |
/* it's a SSH v1 key if the public key part is readable */ |
pub = key_parse_public_rsa1(&pubcopy, commentp); |
pub = key_parse_public_rsa1(buffer, commentp); |
buffer_free(&pubcopy); |
|
if (pub == NULL) { |
if (pub == NULL) { |
prv = key_parse_private_type(buffer, KEY_UNSPEC, |
prv = key_parse_private_type(buffer, KEY_UNSPEC, |
passphrase, NULL); |
passphrase, NULL); |