| version 1.51, 2017/05/31 09:15:42 |
version 1.52, 2017/06/09 06:40:24 |
|
|
| return r; |
return r; |
| } |
} |
| |
|
| static int |
int |
| sshkey_format_text(const struct sshkey *key, struct sshbuf *b) |
sshkey_format_text(const struct sshkey *key, struct sshbuf *b) |
| { |
{ |
| int r = SSH_ERR_INTERNAL_ERROR; |
int r = SSH_ERR_INTERNAL_ERROR; |
|
|
| |
|
| #ifdef WITH_OPENSSL |
#ifdef WITH_OPENSSL |
| static int |
static int |
| |
translate_libcrypto_error(unsigned long pem_err) |
| |
{ |
| |
int pem_reason = ERR_GET_REASON(pem_err); |
| |
|
| |
switch (ERR_GET_LIB(pem_err)) { |
| |
case ERR_LIB_PEM: |
| |
switch (pem_reason) { |
| |
case PEM_R_BAD_PASSWORD_READ: |
| |
case PEM_R_PROBLEMS_GETTING_PASSWORD: |
| |
case PEM_R_BAD_DECRYPT: |
| |
return SSH_ERR_KEY_WRONG_PASSPHRASE; |
| |
default: |
| |
return SSH_ERR_INVALID_FORMAT; |
| |
} |
| |
case ERR_LIB_EVP: |
| |
switch (pem_reason) { |
| |
case EVP_R_BAD_DECRYPT: |
| |
return SSH_ERR_KEY_WRONG_PASSPHRASE; |
| |
case EVP_R_BN_DECODE_ERROR: |
| |
case EVP_R_DECODE_ERROR: |
| |
#ifdef EVP_R_PRIVATE_KEY_DECODE_ERROR |
| |
case EVP_R_PRIVATE_KEY_DECODE_ERROR: |
| |
#endif |
| |
return SSH_ERR_INVALID_FORMAT; |
| |
default: |
| |
return SSH_ERR_LIBCRYPTO_ERROR; |
| |
} |
| |
case ERR_LIB_ASN1: |
| |
return SSH_ERR_INVALID_FORMAT; |
| |
} |
| |
return SSH_ERR_LIBCRYPTO_ERROR; |
| |
} |
| |
|
| |
static void |
| |
clear_libcrypto_errors(void) |
| |
{ |
| |
while (ERR_get_error() != 0) |
| |
; |
| |
} |
| |
|
| |
/* |
| |
* Translate OpenSSL error codes to determine whether |
| |
* passphrase is required/incorrect. |
| |
*/ |
| |
static int |
| |
convert_libcrypto_error(void) |
| |
{ |
| |
/* |
| |
* Some password errors are reported at the beginning |
| |
* of the error queue. |
| |
*/ |
| |
if (translate_libcrypto_error(ERR_peek_error()) == |
| |
SSH_ERR_KEY_WRONG_PASSPHRASE) |
| |
return SSH_ERR_KEY_WRONG_PASSPHRASE; |
| |
return translate_libcrypto_error(ERR_peek_last_error()); |
| |
} |
| |
|
| |
static int |
| sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, |
sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, |
| const char *passphrase, struct sshkey **keyp) |
const char *passphrase, struct sshkey **keyp) |
| { |
{ |
|
|
| goto out; |
goto out; |
| } |
} |
| |
|
| |
clear_libcrypto_errors(); |
| if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, |
if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, |
| (char *)passphrase)) == NULL) { |
(char *)passphrase)) == NULL) { |
| unsigned long pem_err = ERR_peek_last_error(); |
r = convert_libcrypto_error(); |
| int pem_reason = ERR_GET_REASON(pem_err); |
|
| |
|
| /* |
|
| * Translate OpenSSL error codes to determine whether |
|
| * passphrase is required/incorrect. |
|
| */ |
|
| switch (ERR_GET_LIB(pem_err)) { |
|
| case ERR_LIB_PEM: |
|
| switch (pem_reason) { |
|
| case PEM_R_BAD_PASSWORD_READ: |
|
| case PEM_R_PROBLEMS_GETTING_PASSWORD: |
|
| case PEM_R_BAD_DECRYPT: |
|
| r = SSH_ERR_KEY_WRONG_PASSPHRASE; |
|
| goto out; |
|
| default: |
|
| r = SSH_ERR_INVALID_FORMAT; |
|
| goto out; |
|
| } |
|
| case ERR_LIB_EVP: |
|
| switch (pem_reason) { |
|
| case EVP_R_BAD_DECRYPT: |
|
| r = SSH_ERR_KEY_WRONG_PASSPHRASE; |
|
| goto out; |
|
| case EVP_R_BN_DECODE_ERROR: |
|
| case EVP_R_DECODE_ERROR: |
|
| case EVP_R_PRIVATE_KEY_DECODE_ERROR: |
|
| r = SSH_ERR_INVALID_FORMAT; |
|
| goto out; |
|
| default: |
|
| r = SSH_ERR_LIBCRYPTO_ERROR; |
|
| goto out; |
|
| } |
|
| case ERR_LIB_ASN1: |
|
| r = SSH_ERR_INVALID_FORMAT; |
|
| goto out; |
|
| } |
|
| r = SSH_ERR_LIBCRYPTO_ERROR; |
|
| goto out; |
goto out; |
| } |
} |
| if (pk->type == EVP_PKEY_RSA && |
if (pk->type == EVP_PKEY_RSA && |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshkey.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh