Mercurial > dropbear
annotate signkey_ossh.c @ 1920:1489449eceb1
Check authorized_keys permissions as the user
This is necessary on NFS with squash root.
Based on work from Chris Dragan
This commit also tidies some trailing whitespace.
Fixes github pull #107
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 30 Mar 2022 12:56:09 +0800 |
parents | ced53051e200 |
children |
rev | line source |
---|---|
1908
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 #include "includes.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 #include "dbutil.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 #include "ssh.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 #include "signkey_ossh.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 #include "bignum.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 #include "ecdsa.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 #include "sk-ecdsa.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 #include "sk-ed25519.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 #include "rsa.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 #include "dss.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 #include "ed25519.h" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 #if DROPBEAR_RSA |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 /* OpenSSH raw private RSA format is |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 string "ssh-rsa" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 mpint n |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 mpint e |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 mpint d |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 mpint iqmp (q^-1) mod p |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 mpint p |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 mpint q |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 */ |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 void buf_put_rsa_priv_ossh(buffer *buf, const sign_key *akey) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 const dropbear_rsa_key *key = akey->rsakey; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 mp_int iqmp; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 dropbear_assert(key != NULL); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 if (!(key->p && key->q)) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 dropbear_exit("Pre-0.33 Dropbear keys cannot be converted to OpenSSH keys.\n"); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 m_mp_init(&iqmp); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 /* iqmp = (q^-1) mod p */ |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 if (mp_invmod(key->q, key->p, &iqmp) != MP_OKAY) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 dropbear_exit("Bignum error for iqmp\n"); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 buf_putmpint(buf, key->n); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 buf_putmpint(buf, key->e); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 buf_putmpint(buf, key->d); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 buf_putmpint(buf, &iqmp); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 buf_putmpint(buf, key->p); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 buf_putmpint(buf, key->q); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 mp_clear(&iqmp); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
48 int buf_get_rsa_priv_ossh(buffer *buf, sign_key *akey) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 int ret = DROPBEAR_FAILURE; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 dropbear_rsa_key *key = NULL; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 mp_int iqmp; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
52 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 rsa_key_free(akey->rsakey); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
54 akey->rsakey = m_malloc(sizeof(*akey->rsakey)); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
55 key = akey->rsakey; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
56 m_mp_alloc_init_multi(&key->e, &key->n, &key->d, &key->p, &key->q, NULL); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
57 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
58 buf_eatstring(buf); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
59 m_mp_init(&iqmp); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
60 if (buf_getmpint(buf, key->n) == DROPBEAR_SUCCESS |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
61 && buf_getmpint(buf, key->e) == DROPBEAR_SUCCESS |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 && buf_getmpint(buf, key->d) == DROPBEAR_SUCCESS |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 && buf_getmpint(buf, &iqmp) == DROPBEAR_SUCCESS |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 && buf_getmpint(buf, key->p) == DROPBEAR_SUCCESS |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
65 && buf_getmpint(buf, key->q) == DROPBEAR_SUCCESS) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 ret = DROPBEAR_SUCCESS; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
68 mp_clear(&iqmp); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 return ret; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
70 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
71 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
72 #endif /* DROPBEAR_RSA */ |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
74 #if DROPBEAR_ED25519 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
75 /* OpenSSH raw private ed25519 format is |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
76 string "ssh-ed25519" |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
77 uint32 32 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
78 byte[32] pubkey |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
79 uint32 64 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
80 byte[32] privkey |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
81 byte[32] pubkey |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
82 */ |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
83 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
84 void buf_put_ed25519_priv_ossh(buffer *buf, const sign_key *akey) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
85 const dropbear_ed25519_key *key = akey->ed25519key; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
86 dropbear_assert(key != NULL); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
87 buf_putstring(buf, SSH_SIGNKEY_ED25519, SSH_SIGNKEY_ED25519_LEN); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
88 buf_putint(buf, CURVE25519_LEN); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
89 buf_putbytes(buf, key->pub, CURVE25519_LEN); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
90 buf_putint(buf, CURVE25519_LEN*2); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
91 buf_putbytes(buf, key->priv, CURVE25519_LEN); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
92 buf_putbytes(buf, key->pub, CURVE25519_LEN); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
93 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
94 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
95 int buf_get_ed25519_priv_ossh(buffer *buf, sign_key *akey) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
96 dropbear_ed25519_key *key = NULL; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
97 uint32_t len; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
98 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
99 ed25519_key_free(akey->ed25519key); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
100 akey->ed25519key = m_malloc(sizeof(*akey->ed25519key)); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
101 key = akey->ed25519key; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
102 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
103 /* Parse past the first string and pubkey */ |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
104 if (buf_get_ed25519_pub_key(buf, key, DROPBEAR_SIGNKEY_ED25519) |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
105 == DROPBEAR_FAILURE) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
106 dropbear_log(LOG_ERR, "Error parsing ed25519 key, pubkey"); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
107 return DROPBEAR_FAILURE; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
108 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
109 len = buf_getint(buf); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
110 if (len != 2*CURVE25519_LEN) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
111 dropbear_log(LOG_ERR, "Error parsing ed25519 key, bad length"); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
112 return DROPBEAR_FAILURE; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
113 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
114 memcpy(key->priv, buf_getptr(buf, CURVE25519_LEN), CURVE25519_LEN); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
115 buf_incrpos(buf, CURVE25519_LEN); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
116 |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
117 /* Sanity check */ |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
118 if (memcmp(buf_getptr(buf, CURVE25519_LEN), key->pub, |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
119 CURVE25519_LEN) != 0) { |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
120 dropbear_log(LOG_ERR, "Error parsing ed25519 key, mismatch pubkey"); |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
121 return DROPBEAR_FAILURE; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
122 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
123 return DROPBEAR_SUCCESS; |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
124 } |
eadd023fde4d
Support RSA OpenSSH new format in dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
125 #endif /* DROPBEAR_ED255219 */ |
1911
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
126 |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
127 #if DROPBEAR_ECDSA |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
128 /* OpenSSH raw private ecdsa format is the same as Dropbear's. |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
129 # First part is the same as the SSH wire pubkey format |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
130 string "ecdsa-sha2-[identifier]" |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
131 string [identifier] |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
132 string Q |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
133 # With private part appended |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
134 mpint d |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
135 */ |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
136 |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
137 void buf_put_ecdsa_priv_ossh(buffer *buf, const sign_key *key) { |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
138 ecc_key **eck = (ecc_key**)signkey_key_ptr((sign_key*)key, key->type); |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
139 if (eck && *eck) { |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
140 buf_put_ecdsa_priv_key(buf, *eck); |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
141 return; |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
142 } |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
143 dropbear_exit("ecdsa key is not set"); |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
144 } |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
145 |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
146 int buf_get_ecdsa_priv_ossh(buffer *buf, sign_key *key) { |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
147 ecc_key **eck = (ecc_key**)signkey_key_ptr(key, key->type); |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
148 if (eck) { |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
149 if (*eck) { |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
150 ecc_free(*eck); |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
151 m_free(*eck); |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
152 *eck = NULL; |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
153 } |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
154 *eck = buf_get_ecdsa_priv_key(buf); |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
155 if (*eck) { |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
156 return DROPBEAR_SUCCESS; |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
157 } |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
158 } |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
159 return DROPBEAR_FAILURE; |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
160 } |
ced53051e200
Add ecdsa OpenSSH format for dropbearconvert
Matt Johnston <matt@ucc.asn.au>
parents:
1908
diff
changeset
|
161 #endif /* DROPBEAR_ECDSA */ |