| version 1.38, 2000/11/12 19:03:28 |
version 1.39, 2000/11/12 19:50:38 |
|
|
| #include <openssl/rsa.h> |
#include <openssl/rsa.h> |
| #include "key.h" |
#include "key.h" |
| #include "authfd.h" |
#include "authfd.h" |
| #include "dsa.h" |
|
| #include "kex.h" |
#include "kex.h" |
| #include "compat.h" |
#include "compat.h" |
| |
|
|
|
| buffer_put_int(&msg, tab->nentries); |
buffer_put_int(&msg, tab->nentries); |
| for (i = 0; i < tab->nentries; i++) { |
for (i = 0; i < tab->nentries; i++) { |
| Identity *id = &tab->identities[i]; |
Identity *id = &tab->identities[i]; |
| if (id->key->type == KEY_RSA) { |
if (id->key->type == KEY_RSA1) { |
| buffer_put_int(&msg, BN_num_bits(id->key->rsa->n)); |
buffer_put_int(&msg, BN_num_bits(id->key->rsa->n)); |
| buffer_put_bignum(&msg, id->key->rsa->e); |
buffer_put_bignum(&msg, id->key->rsa->e); |
| buffer_put_bignum(&msg, id->key->rsa->n); |
buffer_put_bignum(&msg, id->key->rsa->n); |
| } else { |
} else { |
| unsigned char *blob; |
unsigned char *blob; |
| unsigned int blen; |
unsigned int blen; |
| dsa_make_key_blob(id->key, &blob, &blen); |
key_to_blob(id->key, &blob, &blen); |
| buffer_put_string(&msg, blob, blen); |
buffer_put_string(&msg, blob, blen); |
| xfree(blob); |
xfree(blob); |
| } |
} |
|
|
| unsigned int response_type; |
unsigned int response_type; |
| |
|
| buffer_init(&msg); |
buffer_init(&msg); |
| key = key_new(KEY_RSA); |
key = key_new(KEY_RSA1); |
| challenge = BN_new(); |
challenge = BN_new(); |
| |
|
| buffer_get_int(&e->input); /* ignored */ |
buffer_get_int(&e->input); /* ignored */ |
|
|
| if (flags & SSH_AGENT_OLD_SIGNATURE) |
if (flags & SSH_AGENT_OLD_SIGNATURE) |
| datafellows = SSH_BUG_SIGBLOB; |
datafellows = SSH_BUG_SIGBLOB; |
| |
|
| key = dsa_key_from_blob(blob, blen); |
key = key_from_blob(blob, blen); |
| if (key != NULL) { |
if (key != NULL) { |
| private = lookup_private_key(key, NULL, 2); |
private = lookup_private_key(key, NULL, 2); |
| if (private != NULL) |
if (private != NULL) |
| ok = dsa_sign(private, &signature, &slen, data, dlen); |
ok = key_sign(private, &signature, &slen, data, dlen); |
| } |
} |
| key_free(key); |
key_free(key); |
| buffer_init(&msg); |
buffer_init(&msg); |
|
|
| |
|
| switch(version){ |
switch(version){ |
| case 1: |
case 1: |
| key = key_new(KEY_RSA); |
key = key_new(KEY_RSA1); |
| bits = buffer_get_int(&e->input); |
bits = buffer_get_int(&e->input); |
| buffer_get_bignum(&e->input, key->rsa->e); |
buffer_get_bignum(&e->input, key->rsa->e); |
| buffer_get_bignum(&e->input, key->rsa->n); |
buffer_get_bignum(&e->input, key->rsa->n); |
|
|
| break; |
break; |
| case 2: |
case 2: |
| blob = buffer_get_string(&e->input, &blen); |
blob = buffer_get_string(&e->input, &blen); |
| key = dsa_key_from_blob(blob, blen); |
key = key_from_blob(blob, blen); |
| xfree(blob); |
xfree(blob); |
| break; |
break; |
| } |
} |
|
|
| } |
} |
| |
|
| void |
void |
| process_add_identity(SocketEntry *e, int version) |
generate_additional_parameters(RSA *rsa) |
| { |
{ |
| Key *k = NULL; |
|
| RSA *rsa; |
|
| BIGNUM *aux; |
BIGNUM *aux; |
| BN_CTX *ctx; |
BN_CTX *ctx; |
| char *type; |
/* Generate additional parameters */ |
| |
aux = BN_new(); |
| |
ctx = BN_CTX_new(); |
| |
|
| |
BN_sub(aux, rsa->q, BN_value_one()); |
| |
BN_mod(rsa->dmq1, rsa->d, aux, ctx); |
| |
|
| |
BN_sub(aux, rsa->p, BN_value_one()); |
| |
BN_mod(rsa->dmp1, rsa->d, aux, ctx); |
| |
|
| |
BN_clear_free(aux); |
| |
BN_CTX_free(ctx); |
| |
} |
| |
|
| |
void |
| |
process_add_identity(SocketEntry *e, int version) |
| |
{ |
| |
Key *k = NULL; |
| |
char *type_name; |
| char *comment; |
char *comment; |
| int success = 0; |
int type, success = 0; |
| Idtab *tab = idtab_lookup(version); |
Idtab *tab = idtab_lookup(version); |
| |
|
| switch (version) { |
switch (version) { |
| case 1: |
case 1: |
| k = key_new(KEY_RSA); |
k = key_new_private(KEY_RSA1); |
| rsa = k->rsa; |
buffer_get_int(&e->input); /* ignored */ |
| |
buffer_get_bignum(&e->input, k->rsa->n); |
| |
buffer_get_bignum(&e->input, k->rsa->e); |
| |
buffer_get_bignum(&e->input, k->rsa->d); |
| |
buffer_get_bignum(&e->input, k->rsa->iqmp); |
| |
|
| /* allocate mem for private key */ |
|
| /* XXX rsa->n and rsa->e are already allocated */ |
|
| rsa->d = BN_new(); |
|
| rsa->iqmp = BN_new(); |
|
| rsa->q = BN_new(); |
|
| rsa->p = BN_new(); |
|
| rsa->dmq1 = BN_new(); |
|
| rsa->dmp1 = BN_new(); |
|
| |
|
| buffer_get_int(&e->input); /* ignored */ |
|
| |
|
| buffer_get_bignum(&e->input, rsa->n); |
|
| buffer_get_bignum(&e->input, rsa->e); |
|
| buffer_get_bignum(&e->input, rsa->d); |
|
| buffer_get_bignum(&e->input, rsa->iqmp); |
|
| |
|
| /* SSH and SSL have p and q swapped */ |
/* SSH and SSL have p and q swapped */ |
| buffer_get_bignum(&e->input, rsa->q); /* p */ |
buffer_get_bignum(&e->input, k->rsa->q); /* p */ |
| buffer_get_bignum(&e->input, rsa->p); /* q */ |
buffer_get_bignum(&e->input, k->rsa->p); /* q */ |
| |
|
| /* Generate additional parameters */ |
/* Generate additional parameters */ |
| aux = BN_new(); |
generate_additional_parameters(k->rsa); |
| ctx = BN_CTX_new(); |
|
| |
|
| BN_sub(aux, rsa->q, BN_value_one()); |
|
| BN_mod(rsa->dmq1, rsa->d, aux, ctx); |
|
| |
|
| BN_sub(aux, rsa->p, BN_value_one()); |
|
| BN_mod(rsa->dmp1, rsa->d, aux, ctx); |
|
| |
|
| BN_clear_free(aux); |
|
| BN_CTX_free(ctx); |
|
| |
|
| break; |
break; |
| case 2: |
case 2: |
| type = buffer_get_string(&e->input, NULL); |
type_name = buffer_get_string(&e->input, NULL); |
| if (strcmp(type, KEX_DSS)) { |
type = key_type_from_name(type_name); |
| |
xfree(type_name); |
| |
switch(type) { |
| |
case KEY_DSA: |
| |
k = key_new_private(type); |
| |
buffer_get_bignum2(&e->input, k->dsa->p); |
| |
buffer_get_bignum2(&e->input, k->dsa->q); |
| |
buffer_get_bignum2(&e->input, k->dsa->g); |
| |
buffer_get_bignum2(&e->input, k->dsa->pub_key); |
| |
buffer_get_bignum2(&e->input, k->dsa->priv_key); |
| |
break; |
| |
case KEY_RSA: |
| |
k = key_new_private(type); |
| |
buffer_get_bignum2(&e->input, k->rsa->n); |
| |
buffer_get_bignum2(&e->input, k->rsa->e); |
| |
buffer_get_bignum2(&e->input, k->rsa->d); |
| |
buffer_get_bignum2(&e->input, k->rsa->iqmp); |
| |
buffer_get_bignum2(&e->input, k->rsa->p); |
| |
buffer_get_bignum2(&e->input, k->rsa->q); |
| |
|
| |
/* Generate additional parameters */ |
| |
generate_additional_parameters(k->rsa); |
| |
break; |
| |
default: |
| buffer_clear(&e->input); |
buffer_clear(&e->input); |
| xfree(type); |
|
| goto send; |
goto send; |
| } |
} |
| xfree(type); |
|
| |
|
| k = key_new(KEY_DSA); |
|
| |
|
| /* allocate mem for private key */ |
|
| k->dsa->priv_key = BN_new(); |
|
| |
|
| buffer_get_bignum2(&e->input, k->dsa->p); |
|
| buffer_get_bignum2(&e->input, k->dsa->q); |
|
| buffer_get_bignum2(&e->input, k->dsa->g); |
|
| buffer_get_bignum2(&e->input, k->dsa->pub_key); |
|
| buffer_get_bignum2(&e->input, k->dsa->priv_key); |
|
| |
|
| break; |
break; |
| } |
} |
| |
|
| comment = buffer_get_string(&e->input, NULL); |
comment = buffer_get_string(&e->input, NULL); |
| if (k == NULL) { |
if (k == NULL) { |
| xfree(comment); |
xfree(comment); |
|
|
| pid_t pid; |
pid_t pid; |
| char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; |
char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; |
| |
|
| /* check if RSA support exists */ |
|
| if (rsa_alive() == 0) { |
|
| fprintf(stderr, |
|
| "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", |
|
| __progname); |
|
| exit(1); |
|
| } |
|
| while ((ch = getopt(ac, av, "cks")) != -1) { |
while ((ch = getopt(ac, av, "cks")) != -1) { |
| switch (ch) { |
switch (ch) { |
| case 'c': |
case 'c': |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-agent.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh