version 1.47, 2017/04/30 23:15:04 |
version 1.48, 2017/04/30 23:18:44 |
|
|
for ((p = strsep(&cp, ",")); p && *p != '\0'; |
for ((p = strsep(&cp, ",")); p && *p != '\0'; |
(p = strsep(&cp, ","))) { |
(p = strsep(&cp, ","))) { |
type = sshkey_type_from_name(p); |
type = sshkey_type_from_name(p); |
if (type == KEY_RSA1) { |
|
free(s); |
|
return 0; |
|
} |
|
if (type == KEY_UNSPEC) { |
if (type == KEY_UNSPEC) { |
if (allow_wildcard) { |
if (allow_wildcard) { |
/* |
/* |
|
|
* the component is accepted. |
* the component is accepted. |
*/ |
*/ |
for (kt = keytypes; kt->type != -1; kt++) { |
for (kt = keytypes; kt->type != -1; kt++) { |
if (kt->type == KEY_RSA1) |
|
continue; |
|
if (match_pattern_list(kt->name, |
if (match_pattern_list(kt->name, |
p, 0) != 0) |
p, 0) != 0) |
break; |
break; |
|
|
{ |
{ |
switch (k->type) { |
switch (k->type) { |
#ifdef WITH_OPENSSL |
#ifdef WITH_OPENSSL |
case KEY_RSA1: |
|
case KEY_RSA: |
case KEY_RSA: |
case KEY_RSA_CERT: |
case KEY_RSA_CERT: |
return BN_num_bits(k->rsa->n); |
return BN_num_bits(k->rsa->n); |
|
|
k->ed25519_pk = NULL; |
k->ed25519_pk = NULL; |
switch (k->type) { |
switch (k->type) { |
#ifdef WITH_OPENSSL |
#ifdef WITH_OPENSSL |
case KEY_RSA1: |
|
case KEY_RSA: |
case KEY_RSA: |
case KEY_RSA_CERT: |
case KEY_RSA_CERT: |
if ((rsa = RSA_new()) == NULL || |
if ((rsa = RSA_new()) == NULL || |
|
|
{ |
{ |
switch (k->type) { |
switch (k->type) { |
#ifdef WITH_OPENSSL |
#ifdef WITH_OPENSSL |
case KEY_RSA1: |
|
case KEY_RSA: |
case KEY_RSA: |
case KEY_RSA_CERT: |
case KEY_RSA_CERT: |
#define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL) |
#define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL) |
|
|
return; |
return; |
switch (k->type) { |
switch (k->type) { |
#ifdef WITH_OPENSSL |
#ifdef WITH_OPENSSL |
case KEY_RSA1: |
|
case KEY_RSA: |
case KEY_RSA: |
case KEY_RSA_CERT: |
case KEY_RSA_CERT: |
if (k->rsa != NULL) |
if (k->rsa != NULL) |
|
|
|
|
switch (a->type) { |
switch (a->type) { |
#ifdef WITH_OPENSSL |
#ifdef WITH_OPENSSL |
case KEY_RSA1: |
|
case KEY_RSA_CERT: |
case KEY_RSA_CERT: |
case KEY_RSA: |
case KEY_RSA: |
return a->rsa != NULL && b->rsa != NULL && |
return a->rsa != NULL && b->rsa != NULL && |
|
|
r = SSH_ERR_INVALID_ARGUMENT; |
r = SSH_ERR_INVALID_ARGUMENT; |
goto out; |
goto out; |
} |
} |
|
if ((r = to_blob(k, &blob, &blob_len, 1)) != 0) |
if (k->type == KEY_RSA1) { |
|
#ifdef WITH_OPENSSL |
|
int nlen = BN_num_bytes(k->rsa->n); |
|
int elen = BN_num_bytes(k->rsa->e); |
|
|
|
if (nlen < 0 || elen < 0 || nlen >= INT_MAX - elen) { |
|
r = SSH_ERR_INVALID_FORMAT; |
|
goto out; |
|
} |
|
blob_len = nlen + elen; |
|
if ((blob = malloc(blob_len)) == NULL) { |
|
r = SSH_ERR_ALLOC_FAIL; |
|
goto out; |
|
} |
|
BN_bn2bin(k->rsa->n, blob); |
|
BN_bn2bin(k->rsa->e, blob + nlen); |
|
#endif /* WITH_OPENSSL */ |
|
} else if ((r = to_blob(k, &blob, &blob_len, 1)) != 0) |
|
goto out; |
goto out; |
if ((ret = calloc(1, SSH_DIGEST_MAX_LENGTH)) == NULL) { |
if ((ret = calloc(1, SSH_DIGEST_MAX_LENGTH)) == NULL) { |
r = SSH_ERR_ALLOC_FAIL; |
r = SSH_ERR_ALLOC_FAIL; |
|
|
cp = *cpp; |
cp = *cpp; |
|
|
switch (ret->type) { |
switch (ret->type) { |
case KEY_RSA1: |
|
break; |
|
case KEY_UNSPEC: |
case KEY_UNSPEC: |
case KEY_RSA: |
case KEY_RSA: |
case KEY_DSA: |
case KEY_DSA: |
|
|
} |
} |
|
|
static int |
static int |
sshkey_format_rsa1(const struct sshkey *key, struct sshbuf *b) |
|
{ |
|
int r = SSH_ERR_INTERNAL_ERROR; |
|
|
|
return r; |
|
} |
|
|
|
static int |
|
sshkey_format_text(const struct sshkey *key, struct sshbuf *b) |
sshkey_format_text(const struct sshkey *key, struct sshbuf *b) |
{ |
{ |
int r = SSH_ERR_INTERNAL_ERROR; |
int r = SSH_ERR_INTERNAL_ERROR; |
char *uu = NULL; |
char *uu = NULL; |
|
|
if (key->type == KEY_RSA1) { |
if ((r = sshkey_to_base64(key, &uu)) != 0) |
if ((r = sshkey_format_rsa1(key, b)) != 0) |
goto out; |
goto out; |
if ((r = sshbuf_putf(b, "%s %s", |
} else { |
sshkey_ssh_name(key), uu)) != 0) |
/* Unsupported key types handled in sshkey_to_base64() */ |
goto out; |
if ((r = sshkey_to_base64(key, &uu)) != 0) |
|
goto out; |
|
if ((r = sshbuf_putf(b, "%s %s", |
|
sshkey_ssh_name(key), uu)) != 0) |
|
goto out; |
|
} |
|
r = 0; |
r = 0; |
out: |
out: |
free(uu); |
free(uu); |
|
|
&k->ecdsa); |
&k->ecdsa); |
break; |
break; |
case KEY_RSA: |
case KEY_RSA: |
case KEY_RSA1: |
|
ret = rsa_generate_private_key(bits, &k->rsa); |
ret = rsa_generate_private_key(bits, &k->rsa); |
break; |
break; |
#endif /* WITH_OPENSSL */ |
#endif /* WITH_OPENSSL */ |
|
|
} |
} |
break; |
break; |
case KEY_RSA: |
case KEY_RSA: |
case KEY_RSA1: |
|
case KEY_RSA_CERT: |
case KEY_RSA_CERT: |
if ((n = sshkey_new(k->type)) == NULL) |
if ((n = sshkey_new(k->type)) == NULL) |
return SSH_ERR_ALLOC_FAIL; |
return SSH_ERR_ALLOC_FAIL; |
|
|
if ((ret = sshkey_cert_copy(k, pk)) != 0) |
if ((ret = sshkey_cert_copy(k, pk)) != 0) |
goto fail; |
goto fail; |
/* FALLTHROUGH */ |
/* FALLTHROUGH */ |
case KEY_RSA1: |
|
case KEY_RSA: |
case KEY_RSA: |
if ((pk->rsa = RSA_new()) == NULL || |
if ((pk->rsa = RSA_new()) == NULL || |
(pk->rsa->e = BN_dup(k->rsa->e)) == NULL || |
(pk->rsa->e = BN_dup(k->rsa->e)) == NULL || |
|
|
switch (k->type) { |
switch (k->type) { |
case KEY_RSA: |
case KEY_RSA: |
case KEY_RSA_CERT: |
case KEY_RSA_CERT: |
case KEY_RSA1: |
|
if (RSA_blinding_on(k->rsa, NULL) != 1) { |
if (RSA_blinding_on(k->rsa, NULL) != 1) { |
r = SSH_ERR_LIBCRYPTO_ERROR; |
r = SSH_ERR_LIBCRYPTO_ERROR; |
goto out; |
goto out; |