version 1.168, 2010/08/16 04:06:06 |
version 1.169, 2010/08/31 11:54:45 |
|
|
Idtab *tab = idtab_lookup(version); |
Idtab *tab = idtab_lookup(version); |
Identity *id; |
Identity *id; |
int type, success = 0, death = 0, confirm = 0; |
int type, success = 0, death = 0, confirm = 0; |
char *type_name, *comment; |
char *type_name, *comment, *curve; |
Key *k = NULL; |
Key *k = NULL; |
|
BIGNUM *exponent; |
|
EC_POINT *q; |
u_char *cert; |
u_char *cert; |
u_int len; |
u_int len; |
|
|
|
|
case 2: |
case 2: |
type_name = buffer_get_string(&e->request, NULL); |
type_name = buffer_get_string(&e->request, NULL); |
type = key_type_from_name(type_name); |
type = key_type_from_name(type_name); |
xfree(type_name); |
|
switch (type) { |
switch (type) { |
case KEY_DSA: |
case KEY_DSA: |
k = key_new_private(type); |
k = key_new_private(type); |
|
|
key_add_private(k); |
key_add_private(k); |
buffer_get_bignum2(&e->request, k->dsa->priv_key); |
buffer_get_bignum2(&e->request, k->dsa->priv_key); |
break; |
break; |
|
case KEY_ECDSA: |
|
k = key_new_private(type); |
|
k->ecdsa_nid = key_ecdsa_nid_from_name(type_name); |
|
curve = buffer_get_string(&e->request, NULL); |
|
if (k->ecdsa_nid != key_curve_name_to_nid(curve)) |
|
fatal("%s: curve names mismatch", __func__); |
|
xfree(curve); |
|
k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); |
|
if (k->ecdsa == NULL) |
|
fatal("%s: EC_KEY_new_by_curve_name failed", |
|
__func__); |
|
q = EC_POINT_new(EC_KEY_get0_group(k->ecdsa)); |
|
if (q == NULL) |
|
fatal("%s: BN_new failed", __func__); |
|
if ((exponent = BN_new()) == NULL) |
|
fatal("%s: BN_new failed", __func__); |
|
buffer_get_ecpoint(&e->request, |
|
EC_KEY_get0_group(k->ecdsa), q); |
|
buffer_get_bignum2(&e->request, exponent); |
|
if (EC_KEY_set_public_key(k->ecdsa, q) != 1) |
|
fatal("%s: EC_KEY_set_public_key failed", |
|
__func__); |
|
if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) |
|
fatal("%s: EC_KEY_set_private_key failed", |
|
__func__); |
|
if (key_ec_validate_public(EC_KEY_get0_group(k->ecdsa), |
|
EC_KEY_get0_public_key(k->ecdsa)) != 0) |
|
fatal("%s: bad ECDSA public key", __func__); |
|
if (key_ec_validate_private(k->ecdsa) != 0) |
|
fatal("%s: bad ECDSA private key", __func__); |
|
BN_clear_free(exponent); |
|
EC_POINT_free(q); |
|
break; |
|
case KEY_ECDSA_CERT: |
|
cert = buffer_get_string(&e->request, &len); |
|
if ((k = key_from_blob(cert, len)) == NULL) |
|
fatal("Certificate parse failed"); |
|
xfree(cert); |
|
key_add_private(k); |
|
if ((exponent = BN_new()) == NULL) |
|
fatal("%s: BN_new failed", __func__); |
|
buffer_get_bignum2(&e->request, exponent); |
|
if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) |
|
fatal("%s: EC_KEY_set_private_key failed", |
|
__func__); |
|
if (key_ec_validate_public(EC_KEY_get0_group(k->ecdsa), |
|
EC_KEY_get0_public_key(k->ecdsa)) != 0 || |
|
key_ec_validate_private(k->ecdsa) != 0) |
|
fatal("%s: bad ECDSA key", __func__); |
|
BN_clear_free(exponent); |
|
break; |
case KEY_RSA: |
case KEY_RSA: |
k = key_new_private(type); |
k = key_new_private(type); |
buffer_get_bignum2(&e->request, k->rsa->n); |
buffer_get_bignum2(&e->request, k->rsa->n); |
|
|
buffer_get_bignum2(&e->request, k->rsa->q); |
buffer_get_bignum2(&e->request, k->rsa->q); |
break; |
break; |
default: |
default: |
|
xfree(type_name); |
buffer_clear(&e->request); |
buffer_clear(&e->request); |
goto send; |
goto send; |
} |
} |
|
xfree(type_name); |
break; |
break; |
} |
} |
/* enable blinding */ |
/* enable blinding */ |