version 1.11, 2015/01/13 07:39:19 |
version 1.12, 2015/01/14 10:46:28 |
|
|
#include <sys/types.h> |
#include <sys/types.h> |
#include <netinet/in.h> |
#include <netinet/in.h> |
|
|
|
#ifdef WITH_OPENSSL |
#include <openssl/evp.h> |
#include <openssl/evp.h> |
#include <openssl/err.h> |
#include <openssl/err.h> |
#include <openssl/pem.h> |
#include <openssl/pem.h> |
|
#endif |
|
|
#include "crypto_api.h" |
#include "crypto_api.h" |
|
|
|
|
struct sshkey **keyp, int allow_cert) |
struct sshkey **keyp, int allow_cert) |
{ |
{ |
struct sshbuf *b = NULL; |
struct sshbuf *b = NULL; |
int type, nid = -1, ret = SSH_ERR_INTERNAL_ERROR; |
int type, ret = SSH_ERR_INTERNAL_ERROR; |
char *ktype = NULL, *curve = NULL; |
char *ktype = NULL, *curve = NULL; |
struct sshkey *key = NULL; |
struct sshkey *key = NULL; |
size_t len; |
size_t len; |
|
|
} |
} |
|
|
type = sshkey_type_from_name(ktype); |
type = sshkey_type_from_name(ktype); |
if (sshkey_type_plain(type) == KEY_ECDSA) |
|
nid = sshkey_ecdsa_nid_from_name(ktype); |
|
if (!allow_cert && sshkey_type_is_cert(type)) { |
if (!allow_cert && sshkey_type_is_cert(type)) { |
ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY; |
ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY; |
goto out; |
goto out; |
|
|
ret = SSH_ERR_ALLOC_FAIL; |
ret = SSH_ERR_ALLOC_FAIL; |
goto out; |
goto out; |
} |
} |
key->ecdsa_nid = nid; |
key->ecdsa_nid = sshkey_ecdsa_nid_from_name(ktype); |
if (sshbuf_get_cstring(b, &curve, NULL) != 0) { |
if (sshbuf_get_cstring(b, &curve, NULL) != 0) { |
ret = SSH_ERR_INVALID_FORMAT; |
ret = SSH_ERR_INVALID_FORMAT; |
goto out; |
goto out; |