Mercurial > dropbear

annotate keyimport.c @ 1312:25989154b4ec

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
bump version
author Matt Johnston <matt@ucc.asn.au>
date Thu, 21 Jul 2016 23:04:47 +0800
parents 8678e2cc1e53
children 2c9dac2d6707
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
2 * Based on PuTTY's import.c for importing/exporting OpenSSH and SSH.com
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 * keyfiles.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
5 * Modifications copyright 2003 Matt Johnston
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 * PuTTY is copyright 1997-2003 Simon Tatham.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 * Portions copyright Robert de Bath, Joris van Rantwijk, Delian
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 * Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 * Justin Bradford, and CORE SDI S.A.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 * Permission is hereby granted, free of charge, to any person
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 * obtaining a copy of this software and associated documentation files
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 * (the "Software"), to deal in the Software without restriction,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16 * including without limitation the rights to use, copy, modify, merge,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 * publish, distribute, sublicense, and/or sell copies of the Software,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 * and to permit persons to whom the Software is furnished to do so,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 * subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 * The above copyright notice and this permission notice shall be
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22 * included in all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
23 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 * NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 * FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 #include "keyimport.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 #include "bignum.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
35 #include "buffer.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36 #include "dbutil.h"
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
37 #include "ecc.h"
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
38
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
39 static const unsigned char OID_SEC256R1_BLOB[] = {0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07};
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
40 static const unsigned char OID_SEC384R1_BLOB[] = {0x2b, 0x81, 0x04, 0x00, 0x22};
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
41 static const unsigned char OID_SEC521R1_BLOB[] = {0x2b, 0x81, 0x04, 0x00, 0x23};
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
42
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
43 #define PUT_32BIT(cp, value) do { \
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
44 (cp)[3] = (unsigned char)(value); \
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
45 (cp)[2] = (unsigned char)((value) >> 8); \
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
46 (cp)[1] = (unsigned char)((value) >> 16); \
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
47 (cp)[0] = (unsigned char)((value) >> 24); } while (0)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
48
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
49 #define GET_32BIT(cp) \
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
50 (((unsigned long)(unsigned char)(cp)[0] << 24) | \
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
51 ((unsigned long)(unsigned char)(cp)[1] << 16) | \
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
52 ((unsigned long)(unsigned char)(cp)[2] << 8) | \
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
53 ((unsigned long)(unsigned char)(cp)[3]))
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
55 static int openssh_encrypted(const char *filename);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
56 static sign_key *openssh_read(const char *filename, char *passphrase);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
57 static int openssh_write(const char *filename, sign_key *key,
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
58 char *passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
59
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
60 static int dropbear_write(const char*filename, sign_key * key);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
61 static sign_key *dropbear_read(const char* filename);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
62
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
63 static int toint(unsigned u);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
64
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
65 #if 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
66 static int sshcom_encrypted(const char *filename, char **comment);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
67 static struct ssh2_userkey *sshcom_read(const char *filename, char *passphrase);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
68 static int sshcom_write(const char *filename, struct ssh2_userkey *key,
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
69 char *passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
70 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
71
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
72 int import_encrypted(const char* filename, int filetype) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
73
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
74 if (filetype == KEYFILE_OPENSSH) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
75 return openssh_encrypted(filename);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
76 #if 0
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
77 } else if (filetype == KEYFILE_SSHCOM) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
78 return sshcom_encrypted(filename, NULL);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
79 #endif
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
80 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
81 return 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
82 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
83
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
84 sign_key *import_read(const char *filename, char *passphrase, int filetype) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
85
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
86 if (filetype == KEYFILE_OPENSSH) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
87 return openssh_read(filename, passphrase);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
88 } else if (filetype == KEYFILE_DROPBEAR) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
89 return dropbear_read(filename);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
90 #if 0
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
91 } else if (filetype == KEYFILE_SSHCOM) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
92 return sshcom_read(filename, passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
93 #endif
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
94 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
95 return NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
96 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
97
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
98 int import_write(const char *filename, sign_key *key, char *passphrase,
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
99 int filetype) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
100
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
101 if (filetype == KEYFILE_OPENSSH) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
102 return openssh_write(filename, key, passphrase);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
103 } else if (filetype == KEYFILE_DROPBEAR) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
104 return dropbear_write(filename, key);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
105 #if 0
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
106 } else if (filetype == KEYFILE_SSHCOM) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
107 return sshcom_write(filename, key, passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
108 #endif
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
109 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
110 return 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
111 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
112
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
113 static sign_key *dropbear_read(const char* filename) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
114
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
115 buffer * buf = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
116 sign_key *ret = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
117 enum signkey_type type;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
118
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
119 buf = buf_new(MAX_PRIVKEY_SIZE);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
120 if (buf_readfile(buf, filename) == DROPBEAR_FAILURE) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
121 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
122 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
123
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
124 buf_setpos(buf, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
125 ret = new_sign_key();
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
126
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
127 type = DROPBEAR_SIGNKEY_ANY;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
128 if (buf_get_priv_key(buf, ret, &type) == DROPBEAR_FAILURE){
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
129 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
130 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
131 buf_free(buf);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
132
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
133 ret->type = type;
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
134
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
135 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
136
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
137 error:
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
138 if (buf) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
139 buf_free(buf);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
140 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
141 if (ret) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
142 sign_key_free(ret);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
143 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
144 return NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
145 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
146
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
147 /* returns 0 on fail, 1 on success */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
148 static int dropbear_write(const char*filename, sign_key * key) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
149
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
150 buffer * buf;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
151 FILE*fp;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
152 int len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
153 int ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
154
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
155 buf = buf_new(MAX_PRIVKEY_SIZE);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
156 buf_put_priv_key(buf, key, key->type);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
157
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
158 fp = fopen(filename, "w");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
159 if (!fp) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
160 ret = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
161 goto out;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
162 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
163
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
164 buf_setpos(buf, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
165 do {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
166 len = fwrite(buf_getptr(buf, buf->len - buf->pos),
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
167 1, buf->len - buf->pos, fp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
168 buf_incrpos(buf, len);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
169 } while (len > 0 && buf->len != buf->pos);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
170
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
171 fclose(fp);
256
ac890087b8c1 * keyimport.c: fclose() the key file to make sure data gets written
Matt Johnston <matt@ucc.asn.au>
parents: 241
diff changeset
172
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
173 if (buf->pos != buf->len) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
174 ret = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
175 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
176 ret = 1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
177 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
178 out:
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
179 buf_free(buf);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
180 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
181 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
182
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
183
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
184 /* ----------------------------------------------------------------------
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
185 * Helper routines. (The base64 ones are defined in sshpubk.c.)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
186 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
187
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
188 #define isbase64(c) ( ((c) >= 'A' && (c) <= 'Z') || \
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
189 ((c) >= 'a' && (c) <= 'z') || \
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
190 ((c) >= '0' && (c) <= '9') || \
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
191 (c) == '+' || (c) == '/' || (c) == '=' \
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
192 )
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
193
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
194 /* cpl has to be less than 100 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
195 static void base64_encode_fp(FILE * fp, unsigned char *data,
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
196 int datalen, int cpl)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
197 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
198 unsigned char out[100];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
199 int n;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
200 unsigned long outlen;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
201 int rawcpl;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
202 rawcpl = cpl * 3 / 4;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
203 dropbear_assert((unsigned int)cpl < sizeof(out));
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
204
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
205 while (datalen > 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
206 n = (datalen < rawcpl ? datalen : rawcpl);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
207 outlen = sizeof(out);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
208 base64_encode(data, n, out, &outlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
209 data += n;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
210 datalen -= n;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
211 fwrite(out, 1, outlen, fp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
212 fputc('\n', fp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
213 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
214 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
215 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
216 * Read an ASN.1/BER identifier and length pair.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
217 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
218 * Flags are a combination of the #defines listed below.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
219 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
220 * Returns -1 if unsuccessful; otherwise returns the number of
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
221 * bytes used out of the source data.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
222 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
223
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
224 /* ASN.1 tag classes. */
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
225 #define ASN1_CLASS_UNIVERSAL (0 << 6)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
226 #define ASN1_CLASS_APPLICATION (1 << 6)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
227 #define ASN1_CLASS_CONTEXT_SPECIFIC (2 << 6)
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
228 #define ASN1_CLASS_PRIVATE (3 << 6)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
229 #define ASN1_CLASS_MASK (3 << 6)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
230
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
231 /* Primitive versus constructed bit. */
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
232 #define ASN1_CONSTRUCTED (1 << 5)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
233
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
234 static int ber_read_id_len(void *source, int sourcelen,
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
235 int *id, int *length, int *flags)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
236 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
237 unsigned char *p = (unsigned char *) source;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
238
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
239 if (sourcelen == 0)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
240 return -1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
241
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
242 *flags = (*p & 0xE0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
243 if ((*p & 0x1F) == 0x1F) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
244 *id = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
245 while (*p & 0x80) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
246 p++, sourcelen--;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
247 if (sourcelen == 0)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
248 return -1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
249 *id = (*id << 7) | (*p & 0x7F);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
250 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
251 p++, sourcelen--;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
252 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
253 *id = *p & 0x1F;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
254 p++, sourcelen--;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
255 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
256
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
257 if (sourcelen == 0)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
258 return -1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
259
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
260 if (*p & 0x80) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
261 unsigned len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
262 int n = *p & 0x7F;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
263 p++, sourcelen--;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
264 if (sourcelen < n)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
265 return -1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
266 len = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
267 while (n--)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
268 len = (len << 8) | (*p++);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
269 sourcelen -= n;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
270 *length = toint(len);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
271 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
272 *length = *p;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
273 p++, sourcelen--;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
274 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
275
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
276 if (*length < 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
277 printf("Negative ASN.1 length\n");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
278 return -1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
279 }
1307
ad9c40aca3bc add length checks for ecc too
Matt Johnston <matt@ucc.asn.au>
parents: 1306
diff changeset
280
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
281 return p - (unsigned char *) source;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
282 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
283
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
284 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
285 * Write an ASN.1/BER identifier and length pair. Returns the
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
286 * number of bytes consumed. Assumes dest contains enough space.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
287 * Will avoid writing anything if dest is NULL, but still return
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
288 * amount of space required.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
289 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
290 static int ber_write_id_len(void *dest, int id, int length, int flags)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
291 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
292 unsigned char *d = (unsigned char *)dest;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
293 int len = 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
294
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
295 if (id <= 30) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
296 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
297 * Identifier is one byte.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
298 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
299 len++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
300 if (d) *d++ = id | flags;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
301 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
302 int n;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
303 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
304 * Identifier is multiple bytes: the first byte is 11111
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
305 * plus the flags, and subsequent bytes encode the value of
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
306 * the identifier, 7 bits at a time, with the top bit of
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
307 * each byte 1 except the last one which is 0.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
308 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
309 len++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
310 if (d) *d++ = 0x1F | flags;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
311 for (n = 1; (id >> (7*n)) > 0; n++)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
312 continue; /* count the bytes */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
313 while (n--) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
314 len++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
315 if (d) *d++ = (n ? 0x80 : 0) | ((id >> (7*n)) & 0x7F);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
316 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
317 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
318
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
319 if (length < 128) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
320 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
321 * Length is one byte.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
322 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
323 len++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
324 if (d) *d++ = length;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
325 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
326 int n;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
327 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
328 * Length is multiple bytes. The first is 0x80 plus the
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
329 * number of subsequent bytes, and the subsequent bytes
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
330 * encode the actual length.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
331 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
332 for (n = 1; (length >> (8*n)) > 0; n++)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
333 continue; /* count the bytes */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
334 len++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
335 if (d) *d++ = 0x80 | n;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
336 while (n--) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
337 len++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
338 if (d) *d++ = (length >> (8*n)) & 0xFF;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
339 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
340 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
341
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
342 return len;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
343 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
344
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
345
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
346 /* Simple structure to point to an mp-int within a blob. */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
347 struct mpint_pos { void *start; int bytes; };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
348
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
349 /* ----------------------------------------------------------------------
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
350 * Code to read and write OpenSSH private keys.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
351 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
352
793
70625eed40c9 A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents: 491
diff changeset
353 enum { OSSH_DSA, OSSH_RSA, OSSH_EC };
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
354 struct openssh_key {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
355 int type;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
356 int encrypted;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
357 char iv[32];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
358 unsigned char *keyblob;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
359 unsigned int keyblob_len, keyblob_size;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
360 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
361
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
362 static struct openssh_key *load_openssh_key(const char *filename)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
363 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
364 struct openssh_key *ret;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
365 FILE *fp = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
366 char buffer[256];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
367 char *errmsg = NULL, *p = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
368 int headers_done;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
369 unsigned long len, outlen;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
370
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
371 ret = (struct openssh_key*)m_malloc(sizeof(struct openssh_key));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
372 ret->keyblob = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
373 ret->keyblob_len = ret->keyblob_size = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
374 ret->encrypted = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
375 memset(ret->iv, 0, sizeof(ret->iv));
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
376
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
377 if (strlen(filename) == 1 && filename[0] == '-') {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
378 fp = stdin;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
379 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
380 fp = fopen(filename, "r");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
381 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
382 if (!fp) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
383 errmsg = "Unable to open key file";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
384 goto error;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
385 }
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
386 if (!fgets(buffer, sizeof(buffer), fp) ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
387 0 != strncmp(buffer, "-----BEGIN ", 11) ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
388 0 != strcmp(buffer+strlen(buffer)-17, "PRIVATE KEY-----\n")) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
389 errmsg = "File does not begin with OpenSSH key header";
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
390 goto error;
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
391 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
392 if (!strcmp(buffer, "-----BEGIN RSA PRIVATE KEY-----\n"))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
393 ret->type = OSSH_RSA;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
394 else if (!strcmp(buffer, "-----BEGIN DSA PRIVATE KEY-----\n"))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
395 ret->type = OSSH_DSA;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
396 else if (!strcmp(buffer, "-----BEGIN EC PRIVATE KEY-----\n"))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
397 ret->type = OSSH_EC;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
398 else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
399 errmsg = "Unrecognised key type";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
400 goto error;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
401 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
402
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
403 headers_done = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
404 while (1) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
405 if (!fgets(buffer, sizeof(buffer), fp)) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
406 errmsg = "Unexpected end of file";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
407 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
408 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
409 if (0 == strncmp(buffer, "-----END ", 9) &&
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
410 0 == strcmp(buffer+strlen(buffer)-17, "PRIVATE KEY-----\n"))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
411 break; /* done */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
412 if ((p = strchr(buffer, ':')) != NULL) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
413 if (headers_done) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
414 errmsg = "Header found in body of key data";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
415 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
416 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
417 *p++ = '\0';
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
418 while (*p && isspace((unsigned char)*p)) p++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
419 if (!strcmp(buffer, "Proc-Type")) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
420 if (p[0] != '4' || p[1] != ',') {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
421 errmsg = "Proc-Type is not 4 (only 4 is supported)";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
422 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
423 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
424 p += 2;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
425 if (!strcmp(p, "ENCRYPTED\n"))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
426 ret->encrypted = 1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
427 } else if (!strcmp(buffer, "DEK-Info")) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
428 int i, j;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
429
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
430 if (strncmp(p, "DES-EDE3-CBC,", 13)) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
431 errmsg = "Ciphers other than DES-EDE3-CBC not supported";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
432 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
433 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
434 p += 13;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
435 for (i = 0; i < 8; i++) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
436 if (1 != sscanf(p, "%2x", &j))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
437 break;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
438 ret->iv[i] = j;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
439 p += 2;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
440 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
441 if (i < 8) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
442 errmsg = "Expected 16-digit iv in DEK-Info";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
443 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
444 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
445 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
446 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
447 headers_done = 1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
448 len = strlen(buffer);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
449 outlen = len*4/3;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
450 if (ret->keyblob_len + outlen > ret->keyblob_size) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
451 ret->keyblob_size = ret->keyblob_len + outlen + 256;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
452 ret->keyblob = (unsigned char*)m_realloc(ret->keyblob,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
453 ret->keyblob_size);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
454 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
455 outlen = ret->keyblob_size - ret->keyblob_len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
456 if (base64_decode((const unsigned char *)buffer, len,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
457 ret->keyblob + ret->keyblob_len, &outlen) != CRYPT_OK){
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
458 errmsg = "Error decoding base64";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
459 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
460 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
461 ret->keyblob_len += outlen;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
462 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
463 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
464
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
465 if (ret->keyblob_len == 0 || !ret->keyblob) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
466 errmsg = "Key body not present";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
467 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
468 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
469
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
470 if (ret->encrypted && ret->keyblob_len % 8 != 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
471 errmsg = "Encrypted key blob is not a multiple of cipher block size";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
472 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
473 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
474
1045
31727a8abd4b Use m_burn rather than memset
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1038
diff changeset
475 m_burn(buffer, sizeof(buffer));
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
476 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
477
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
478 error:
1045
31727a8abd4b Use m_burn rather than memset
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1038
diff changeset
479 m_burn(buffer, sizeof(buffer));
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
480 if (ret) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
481 if (ret->keyblob) {
1045
31727a8abd4b Use m_burn rather than memset
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1038
diff changeset
482 m_burn(ret->keyblob, ret->keyblob_size);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
483 m_free(ret->keyblob);
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
484 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
485 m_free(ret);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
486 }
340
454a34b2dfd1 Fixes from Erik Hovland:
Matt Johnston <matt@ucc.asn.au>
parents: 256
diff changeset
487 if (fp) {
454a34b2dfd1 Fixes from Erik Hovland:
Matt Johnston <matt@ucc.asn.au>
parents: 256
diff changeset
488 fclose(fp);
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
489 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
490 if (errmsg) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
491 fprintf(stderr, "Error: %s\n", errmsg);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
492 }
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
493 return NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
494 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
495
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
496 static int openssh_encrypted(const char *filename)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
497 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
498 struct openssh_key *key = load_openssh_key(filename);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
499 int ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
500
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
501 if (!key)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
502 return 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
503 ret = key->encrypted;
1045
31727a8abd4b Use m_burn rather than memset
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1038
diff changeset
504 m_burn(key->keyblob, key->keyblob_size);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
505 m_free(key->keyblob);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
506 m_free(key);
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
507 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
508 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
509
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 845
diff changeset
510 static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
511 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
512 struct openssh_key *key;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
513 unsigned char *p;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
514 int ret, id, len, flags;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
515 int i, num_integers = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
516 sign_key *retval = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
517 char *errmsg;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
518 unsigned char *modptr = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
519 int modlen = -9999;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
520 enum signkey_type type;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
521
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
522 sign_key *retkey;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
523 buffer * blobbuf = NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
524
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
525 retkey = new_sign_key();
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
526
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
527 key = load_openssh_key(filename);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
528
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
529 if (!key)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
530 return NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
531
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
532 if (key->encrypted) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
533 errmsg = "encrypted keys not supported currently";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
534 goto error;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
535 #if 0
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
536 /* matt TODO */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
537 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
538 * Derive encryption key from passphrase and iv/salt:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
539 *
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
540 * - let block A equal MD5(passphrase || iv)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
541 * - let block B equal MD5(A || passphrase || iv)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
542 * - block C would be MD5(B || passphrase || iv) and so on
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
543 * - encryption key is the first N bytes of A || B
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
544 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
545 struct MD5Context md5c;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
546 unsigned char keybuf[32];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
547
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
548 MD5Init(&md5c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
549 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
550 MD5Update(&md5c, (unsigned char *)key->iv, 8);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
551 MD5Final(keybuf, &md5c);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
552
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
553 MD5Init(&md5c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
554 MD5Update(&md5c, keybuf, 16);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
555 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
556 MD5Update(&md5c, (unsigned char *)key->iv, 8);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
557 MD5Final(keybuf+16, &md5c);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
558
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
559 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
560 * Now decrypt the key blob.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
561 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
562 des3_decrypt_pubkey_ossh(keybuf, (unsigned char *)key->iv,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
563 key->keyblob, key->keyblob_len);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
564
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
565 memset(&md5c, 0, sizeof(md5c));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
566 memset(keybuf, 0, sizeof(keybuf));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
567 #endif
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
568 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
569
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
570 /*
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
571 * Now we have a decrypted key blob, which contains an ASN.1
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
572 * encoded private key. We must now untangle the ASN.1.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
573 *
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
574 * We expect the whole key blob to be formatted as a SEQUENCE
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
575 * (0x30 followed by a length code indicating that the rest of
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
576 * the blob is part of the sequence). Within that SEQUENCE we
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
577 * expect to see a bunch of INTEGERs. What those integers mean
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
578 * depends on the key type:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
579 *
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
580 * - For RSA, we expect the integers to be 0, n, e, d, p, q,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
581 * dmp1, dmq1, iqmp in that order. (The last three are d mod
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
582 * (p-1), d mod (q-1), inverse of q mod p respectively.)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
583 *
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
584 * - For DSA, we expect them to be 0, p, q, g, y, x in that
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
585 * order.
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
586 */
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
587
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
588 p = key->keyblob;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
589
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
590 /* Expect the SEQUENCE header. Take its absence as a failure to decrypt. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
591 ret = ber_read_id_len(p, key->keyblob_len, &id, &len, &flags);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
592 p += ret;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
593 if (ret < 0 || id != 16 || len < 0 ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
594 key->keyblob+key->keyblob_len-p < len) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
595 errmsg = "ASN.1 decoding failure";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
596 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
597 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
598
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
599 /* Expect a load of INTEGERs. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
600 if (key->type == OSSH_RSA)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
601 num_integers = 9;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
602 else if (key->type == OSSH_DSA)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
603 num_integers = 6;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
604 else if (key->type == OSSH_EC)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
605 num_integers = 1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
606
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
607 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
608 * Space to create key blob in.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
609 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
610 blobbuf = buf_new(3000);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
611
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
612 #ifdef DROPBEAR_DSS
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
613 if (key->type == OSSH_DSA) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
614 buf_putstring(blobbuf, "ssh-dss", 7);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
615 retkey->type = DROPBEAR_SIGNKEY_DSS;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
616 }
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
617 #endif
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
618 #ifdef DROPBEAR_RSA
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
619 if (key->type == OSSH_RSA) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
620 buf_putstring(blobbuf, "ssh-rsa", 7);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
621 retkey->type = DROPBEAR_SIGNKEY_RSA;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
622 }
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
623 #endif
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
624
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
625 for (i = 0; i < num_integers; i++) {
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
626 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
627 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
628 p += ret;
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
629 if (ret < 0 || id != 2 || len < 0 ||
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
630 key->keyblob+key->keyblob_len-p < len) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
631 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
632 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
633 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
634
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
635 if (i == 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
636 /* First integer is a version indicator */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
637 int expected = -1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
638 switch (key->type) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
639 case OSSH_RSA:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
640 case OSSH_DSA:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
641 expected = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
642 break;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
643 case OSSH_EC:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
644 expected = 1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
645 break;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
646 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
647 if (len != 1 || p[0] != expected) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
648 errmsg = "Version number mismatch";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
649 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
650 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
651 } else if (key->type == OSSH_RSA) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
652 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
653 * OpenSSH key order is n, e, d, p, q, dmp1, dmq1, iqmp
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
654 * but we want e, n, d, p, q
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
655 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
656 if (i == 1) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
657 /* Save the details for after we deal with number 2. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
658 modptr = p;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
659 modlen = len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
660 } else if (i >= 2 && i <= 5) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
661 buf_putstring(blobbuf, (const char*)p, len);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
662 if (i == 2) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
663 buf_putstring(blobbuf, (const char*)modptr, modlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
664 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
665 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
666 } else if (key->type == OSSH_DSA) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
667 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
668 * OpenSSH key order is p, q, g, y, x,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
669 * we want the same.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
670 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
671 buf_putstring(blobbuf, (const char*)p, len);
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
672 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
673
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
674 /* Skip past the number. */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
675 p += len;
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
676 }
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
677
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
678 #ifdef DROPBEAR_ECDSA
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
679 if (key->type == OSSH_EC) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
680 unsigned char* private_key_bytes = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
681 int private_key_len = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
682 unsigned char* public_key_bytes = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
683 int public_key_len = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
684 ecc_key *ecc = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
685 const struct dropbear_ecc_curve *curve = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
686
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
687 /* See SEC1 v2, Appendix C.4 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
688 /* OpenSSL (so OpenSSH) seems to include the optional parts. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
689
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
690 /* privateKey OCTET STRING, */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
691 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
692 &id, &len, &flags);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
693 p += ret;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
694 /* id==4 for octet string */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
695 if (ret < 0 || id != 4 || len < 0 ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
696 key->keyblob+key->keyblob_len-p < len) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
697 errmsg = "ASN.1 decoding failure";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
698 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
699 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
700 private_key_bytes = p;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
701 private_key_len = len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
702 p += len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
703
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
704 /* parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL, */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
705 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
706 &id, &len, &flags);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
707 p += ret;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
708 /* id==0 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
709 if (ret < 0 || id != 0 || len < 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
710 errmsg = "ASN.1 decoding failure";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
711 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
712 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
713
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
714 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
715 &id, &len, &flags);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
716 p += ret;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
717 /* id==6 for object */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
718 if (ret < 0 || id != 6 || len < 0 ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
719 key->keyblob+key->keyblob_len-p < len) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
720 errmsg = "ASN.1 decoding failure";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
721 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
722 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
723
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
724 if (0) {}
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
725 #ifdef DROPBEAR_ECC_256
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
726 else if (len == sizeof(OID_SEC256R1_BLOB)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
727 && memcmp(p, OID_SEC256R1_BLOB, len) == 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
728 retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP256;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
729 curve = &ecc_curve_nistp256;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
730 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
731 #endif
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
732 #ifdef DROPBEAR_ECC_384
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
733 else if (len == sizeof(OID_SEC384R1_BLOB)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
734 && memcmp(p, OID_SEC384R1_BLOB, len) == 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
735 retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP384;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
736 curve = &ecc_curve_nistp384;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
737 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
738 #endif
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
739 #ifdef DROPBEAR_ECC_521
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
740 else if (len == sizeof(OID_SEC521R1_BLOB)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
741 && memcmp(p, OID_SEC521R1_BLOB, len) == 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
742 retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP521;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
743 curve = &ecc_curve_nistp521;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
744 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
745 #endif
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
746 else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
747 errmsg = "Unknown ECC key type";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
748 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
749 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
750 p += len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
751
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
752 /* publicKey [1] BIT STRING OPTIONAL */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
753 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
754 &id, &len, &flags);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
755 p += ret;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
756 /* id==1 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
757 if (ret < 0 || id != 1 || len < 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
758 errmsg = "ASN.1 decoding failure";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
759 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
760 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
761
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
762 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
763 &id, &len, &flags);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
764 p += ret;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
765 /* id==3 for bit string */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
766 if (ret < 0 || id != 3 || len < 0 ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
767 key->keyblob+key->keyblob_len-p < len) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
768 errmsg = "ASN.1 decoding failure";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
769 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
770 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
771 public_key_bytes = p+1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
772 public_key_len = len-1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
773 p += len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
774
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
775 buf_putbytes(blobbuf, public_key_bytes, public_key_len);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
776 ecc = buf_get_ecc_raw_pubkey(blobbuf, curve);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
777 if (!ecc) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
778 errmsg = "Error parsing ECC key";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
779 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
780 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
781 m_mp_alloc_init_multi((mp_int**)&ecc->k, NULL);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
782 if (mp_read_unsigned_bin(ecc->k, private_key_bytes, private_key_len)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
783 != MP_OKAY) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
784 errmsg = "Error parsing ECC key";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
785 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
786 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
787
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
788 *signkey_key_ptr(retkey, retkey->type) = ecc;
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
789 }
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
790 #endif /* DROPBEAR_ECDSA */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
791
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
792 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
793 * Now put together the actual key. Simplest way to do this is
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
794 * to assemble our own key blobs and feed them to the createkey
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
795 * functions; this is a bit faffy but it does mean we get all
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
796 * the sanity checks for free.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
797 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
798 if (key->type == OSSH_RSA || key->type == OSSH_DSA) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
799 buf_setpos(blobbuf, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
800 type = DROPBEAR_SIGNKEY_ANY;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
801 if (buf_get_priv_key(blobbuf, retkey, &type)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
802 != DROPBEAR_SUCCESS) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
803 errmsg = "unable to create key structure";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
804 sign_key_free(retkey);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
805 retkey = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
806 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
807 }
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
808 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
809
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
810 errmsg = NULL; /* no error */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
811 retval = retkey;
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
812
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
813 error:
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
814 if (blobbuf) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
815 buf_burn(blobbuf);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
816 buf_free(blobbuf);
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
817 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
818 m_burn(key->keyblob, key->keyblob_size);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
819 m_free(key->keyblob);
1002
97d1e54941fd When clearing the memory of 'key' in function openssh_read(), only the size
Christian Engelmayer <cengelma@gmx.at>
parents: 991
diff changeset
820 m_burn(key, sizeof(*key));
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
821 m_free(key);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
822 if (errmsg) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
823 fprintf(stderr, "Error: %s\n", errmsg);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
824 }
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
825 return retval;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
826 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
827
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
828 static int openssh_write(const char *filename, sign_key *key,
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
829 char *passphrase)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
830 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
831 buffer * keyblob = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
832 buffer * extrablob = NULL; /* used for calculated values to write */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
833 unsigned char *outblob = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
834 int outlen = -9999;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
835 struct mpint_pos numbers[9];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
836 int nnumbers = -1, pos = 0, len = 0, seqlen, i;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
837 char *header = NULL, *footer = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
838 char zero[1];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
839 int ret = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
840 FILE *fp;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
841
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
842 #ifdef DROPBEAR_RSA
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
843 mp_int dmp1, dmq1, iqmp, tmpval; /* for rsa */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
844 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
845
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
846 if (
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
847 #ifdef DROPBEAR_RSA
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
848 key->type == DROPBEAR_SIGNKEY_RSA ||
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
849 #endif
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
850 #ifdef DROPBEAR_DSS
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
851 key->type == DROPBEAR_SIGNKEY_DSS ||
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
852 #endif
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
853 0)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
854 {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
855 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
856 * Fetch the key blobs.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
857 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
858 keyblob = buf_new(3000);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
859 buf_put_priv_key(keyblob, key, key->type);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
860
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
861 buf_setpos(keyblob, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
862 /* skip the "ssh-rsa" or "ssh-dss" header */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
863 buf_incrpos(keyblob, buf_getint(keyblob));
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
864
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
865 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
866 * Find the sequence of integers to be encoded into the OpenSSH
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
867 * key blob, and also decide on the header line.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
868 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
869 numbers[0].start = zero; numbers[0].bytes = 1; zero[0] = '\0';
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
870
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
871 #ifdef DROPBEAR_RSA
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
872 if (key->type == DROPBEAR_SIGNKEY_RSA) {
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
873
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
874 if (key->rsakey->p == NULL || key->rsakey->q == NULL) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
875 fprintf(stderr, "Pre-0.33 Dropbear keys cannot be converted to OpenSSH keys.\n");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
876 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
877 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
878
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
879 /* e */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
880 numbers[2].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
881 numbers[2].start = buf_getptr(keyblob, numbers[2].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
882 buf_incrpos(keyblob, numbers[2].bytes);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
883
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
884 /* n */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
885 numbers[1].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
886 numbers[1].start = buf_getptr(keyblob, numbers[1].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
887 buf_incrpos(keyblob, numbers[1].bytes);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
888
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
889 /* d */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
890 numbers[3].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
891 numbers[3].start = buf_getptr(keyblob, numbers[3].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
892 buf_incrpos(keyblob, numbers[3].bytes);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
893
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
894 /* p */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
895 numbers[4].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
896 numbers[4].start = buf_getptr(keyblob, numbers[4].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
897 buf_incrpos(keyblob, numbers[4].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
898
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
899 /* q */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
900 numbers[5].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
901 numbers[5].start = buf_getptr(keyblob, numbers[5].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
902 buf_incrpos(keyblob, numbers[5].bytes);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
903
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
904 /* now calculate some extra parameters: */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
905 m_mp_init(&tmpval);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
906 m_mp_init(&dmp1);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
907 m_mp_init(&dmq1);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
908 m_mp_init(&iqmp);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
909
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
910 /* dmp1 = d mod (p-1) */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
911 if (mp_sub_d(key->rsakey->p, 1, &tmpval) != MP_OKAY) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
912 fprintf(stderr, "Bignum error for p-1\n");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
913 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
914 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
915 if (mp_mod(key->rsakey->d, &tmpval, &dmp1) != MP_OKAY) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
916 fprintf(stderr, "Bignum error for dmp1\n");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
917 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
918 }
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
919
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
920 /* dmq1 = d mod (q-1) */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
921 if (mp_sub_d(key->rsakey->q, 1, &tmpval) != MP_OKAY) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
922 fprintf(stderr, "Bignum error for q-1\n");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
923 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
924 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
925 if (mp_mod(key->rsakey->d, &tmpval, &dmq1) != MP_OKAY) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
926 fprintf(stderr, "Bignum error for dmq1\n");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
927 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
928 }
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
929
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
930 /* iqmp = (q^-1) mod p */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
931 if (mp_invmod(key->rsakey->q, key->rsakey->p, &iqmp) != MP_OKAY) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
932 fprintf(stderr, "Bignum error for iqmp\n");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
933 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
934 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
935
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
936 extrablob = buf_new(2000);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
937 buf_putmpint(extrablob, &dmp1);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
938 buf_putmpint(extrablob, &dmq1);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
939 buf_putmpint(extrablob, &iqmp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
940 buf_setpos(extrablob, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
941 mp_clear(&dmp1);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
942 mp_clear(&dmq1);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
943 mp_clear(&iqmp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
944 mp_clear(&tmpval);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
945
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
946 /* dmp1 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
947 numbers[6].bytes = buf_getint(extrablob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
948 numbers[6].start = buf_getptr(extrablob, numbers[6].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
949 buf_incrpos(extrablob, numbers[6].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
950
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
951 /* dmq1 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
952 numbers[7].bytes = buf_getint(extrablob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
953 numbers[7].start = buf_getptr(extrablob, numbers[7].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
954 buf_incrpos(extrablob, numbers[7].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
955
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
956 /* iqmp */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
957 numbers[8].bytes = buf_getint(extrablob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
958 numbers[8].start = buf_getptr(extrablob, numbers[8].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
959 buf_incrpos(extrablob, numbers[8].bytes);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
960
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
961 nnumbers = 9;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
962 header = "-----BEGIN RSA PRIVATE KEY-----\n";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
963 footer = "-----END RSA PRIVATE KEY-----\n";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
964 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
965 #endif /* DROPBEAR_RSA */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
966
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
967 #ifdef DROPBEAR_DSS
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
968 if (key->type == DROPBEAR_SIGNKEY_DSS) {
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
969
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
970 /* p */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
971 numbers[1].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
972 numbers[1].start = buf_getptr(keyblob, numbers[1].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
973 buf_incrpos(keyblob, numbers[1].bytes);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
974
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
975 /* q */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
976 numbers[2].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
977 numbers[2].start = buf_getptr(keyblob, numbers[2].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
978 buf_incrpos(keyblob, numbers[2].bytes);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
979
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
980 /* g */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
981 numbers[3].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
982 numbers[3].start = buf_getptr(keyblob, numbers[3].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
983 buf_incrpos(keyblob, numbers[3].bytes);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
984
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
985 /* y */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
986 numbers[4].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
987 numbers[4].start = buf_getptr(keyblob, numbers[4].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
988 buf_incrpos(keyblob, numbers[4].bytes);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
989
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
990 /* x */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
991 numbers[5].bytes = buf_getint(keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
992 numbers[5].start = buf_getptr(keyblob, numbers[5].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
993 buf_incrpos(keyblob, numbers[5].bytes);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
994
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
995 nnumbers = 6;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
996 header = "-----BEGIN DSA PRIVATE KEY-----\n";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
997 footer = "-----END DSA PRIVATE KEY-----\n";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
998 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
999 #endif /* DROPBEAR_DSS */
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1000
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1001 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1002 * Now count up the total size of the ASN.1 encoded integers,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1003 * so as to determine the length of the containing SEQUENCE.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1004 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1005 len = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1006 for (i = 0; i < nnumbers; i++) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1007 len += ber_write_id_len(NULL, 2, numbers[i].bytes, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1008 len += numbers[i].bytes;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1009 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1010 seqlen = len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1011 /* Now add on the SEQUENCE header. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1012 len += ber_write_id_len(NULL, 16, seqlen, ASN1_CONSTRUCTED);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1013 /* Round up to the cipher block size, ensuring we have at least one
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1014 * byte of padding (see below). */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1015 outlen = len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1016 if (passphrase)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1017 outlen = (outlen+8) &~ 7;
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1018
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1019 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1020 * Now we know how big outblob needs to be. Allocate it.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1021 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1022 outblob = (unsigned char*)m_malloc(outlen);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1023
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1024 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1025 * And write the data into it.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1026 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1027 pos = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1028 pos += ber_write_id_len(outblob+pos, 16, seqlen, ASN1_CONSTRUCTED);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1029 for (i = 0; i < nnumbers; i++) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1030 pos += ber_write_id_len(outblob+pos, 2, numbers[i].bytes, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1031 memcpy(outblob+pos, numbers[i].start, numbers[i].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1032 pos += numbers[i].bytes;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1033 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1034 } /* end RSA and DSS handling */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1035
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1036 #ifdef DROPBEAR_ECDSA
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1037 if (key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP256
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1038 || key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1039 || key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1040
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1041 /* SEC1 V2 appendix c.4
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1042 ECPrivateKey ::= SEQUENCE {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1043 version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1044 privateKey OCTET STRING,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1045 parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1046 publicKey [1] BIT STRING OPTIONAL
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1047 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1048 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1049 buffer *seq_buf = buf_new(400);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1050 ecc_key **eck = (ecc_key**)signkey_key_ptr(key, key->type);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1051 const long curve_size = (*eck)->dp->size;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1052 int curve_oid_len = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1053 const void* curve_oid = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1054 unsigned long pubkey_size = 2*curve_size+1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1055 int k_size;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1056 int err = 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1057
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1058 /* version. less than 10 bytes */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1059 buf_incrwritepos(seq_buf,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1060 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 2, 1, 0));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1061 buf_putbyte(seq_buf, 1);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1062
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1063 /* privateKey */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1064 k_size = mp_unsigned_bin_size((*eck)->k);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1065 dropbear_assert(k_size <= curve_size);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1066 buf_incrwritepos(seq_buf,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1067 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 4, k_size, 0));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1068 mp_to_unsigned_bin((*eck)->k, buf_getwriteptr(seq_buf, k_size));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1069 buf_incrwritepos(seq_buf, k_size);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1070
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1071 /* SECGCurveNames */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1072 switch (key->type)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1073 {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1074 case DROPBEAR_SIGNKEY_ECDSA_NISTP256:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1075 curve_oid_len = sizeof(OID_SEC256R1_BLOB);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1076 curve_oid = OID_SEC256R1_BLOB;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1077 break;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1078 case DROPBEAR_SIGNKEY_ECDSA_NISTP384:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1079 curve_oid_len = sizeof(OID_SEC384R1_BLOB);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1080 curve_oid = OID_SEC384R1_BLOB;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1081 break;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1082 case DROPBEAR_SIGNKEY_ECDSA_NISTP521:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1083 curve_oid_len = sizeof(OID_SEC521R1_BLOB);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1084 curve_oid = OID_SEC521R1_BLOB;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1085 break;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1086 default:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1087 dropbear_exit("Internal error");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1088 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1089
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1090 buf_incrwritepos(seq_buf,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1091 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 0, 2+curve_oid_len, 0xa0));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1092 /* object == 6 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1093 buf_incrwritepos(seq_buf,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1094 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 6, curve_oid_len, 0));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1095 buf_putbytes(seq_buf, curve_oid, curve_oid_len);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1096
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1097 buf_incrwritepos(seq_buf,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1098 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 1, 2+1+pubkey_size, 0xa0));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1099 buf_incrwritepos(seq_buf,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1100 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 3, 1+pubkey_size, 0));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1101 buf_putbyte(seq_buf, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1102 err = ecc_ansi_x963_export(*eck, buf_getwriteptr(seq_buf, pubkey_size), &pubkey_size);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1103 if (err != CRYPT_OK) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1104 dropbear_exit("ECC error");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1105 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1106 buf_incrwritepos(seq_buf, pubkey_size);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1107
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1108 buf_setpos(seq_buf, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1109
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1110 outblob = (unsigned char*)m_malloc(1000);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1111
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1112 pos = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1113 pos += ber_write_id_len(outblob+pos, 16, seq_buf->len, ASN1_CONSTRUCTED);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1114 memcpy(&outblob[pos], seq_buf->data, seq_buf->len);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1115 pos += seq_buf->len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1116 len = pos;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1117 outlen = len;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1118
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1119 buf_burn(seq_buf);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1120 buf_free(seq_buf);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1121 seq_buf = NULL;
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1122
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1123 header = "-----BEGIN EC PRIVATE KEY-----\n";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1124 footer = "-----END EC PRIVATE KEY-----\n";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1125 }
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1126 #endif
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1127
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1128 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1129 * Padding on OpenSSH keys is deterministic. The number of
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1130 * padding bytes is always more than zero, and always at most
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1131 * the cipher block length. The value of each padding byte is
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1132 * equal to the number of padding bytes. So a plaintext that's
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1133 * an exact multiple of the block size will be padded with 08
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1134 * 08 08 08 08 08 08 08 (assuming a 64-bit block cipher); a
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1135 * plaintext one byte less than a multiple of the block size
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1136 * will be padded with just 01.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1137 *
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1138 * This enables the OpenSSL key decryption function to strip
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1139 * off the padding algorithmically and return the unpadded
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1140 * plaintext to the next layer: it looks at the final byte, and
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1141 * then expects to find that many bytes at the end of the data
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1142 * with the same value. Those are all removed and the rest is
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1143 * returned.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1144 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1145 dropbear_assert(pos == len);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1146 while (pos < outlen) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1147 outblob[pos++] = outlen - len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1148 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1149
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1150 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1151 * Encrypt the key.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1152 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1153 if (passphrase) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1154 fprintf(stderr, "Encrypted keys aren't supported currently\n");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1155 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1156 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1157
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1158 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1159 * And save it. We'll use Unix line endings just in case it's
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1160 * subsequently transferred in binary mode.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1161 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1162 if (strlen(filename) == 1 && filename[0] == '-') {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1163 fp = stdout;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1164 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1165 fp = fopen(filename, "wb"); /* ensure Unix line endings */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1166 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1167 if (!fp) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1168 fprintf(stderr, "Failed opening output file\n");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1169 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1170 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1171 fputs(header, fp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1172 base64_encode_fp(fp, outblob, outlen, 64);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1173 fputs(footer, fp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1174 fclose(fp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1175 ret = 1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1176
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1177 error:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1178 if (outblob) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1179 memset(outblob, 0, outlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1180 m_free(outblob);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1181 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1182 if (keyblob) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1183 buf_burn(keyblob);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1184 buf_free(keyblob);
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1185 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1186 if (extrablob) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1187 buf_burn(extrablob);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1188 buf_free(extrablob);
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1189 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1190 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1191 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1192
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1193 #if 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1194 /* XXX TODO ssh.com stuff isn't going yet */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1195
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1196 /* ----------------------------------------------------------------------
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1197 * Code to read ssh.com private keys.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1198 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1199
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1200 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1201 * The format of the base64 blob is largely ssh2-packet-formatted,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1202 * except that mpints are a bit different: they're more like the
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1203 * old ssh1 mpint. You have a 32-bit bit count N, followed by
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1204 * (N+7)/8 bytes of data.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1205 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1206 * So. The blob contains:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1207 *
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1208 * - uint32 0x3f6ff9eb (magic number)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1209 * - uint32 size (total blob size)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1210 * - string key-type (see below)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1211 * - string cipher-type (tells you if key is encrypted)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1212 * - string encrypted-blob
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1213 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1214 * (The first size field includes the size field itself and the
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1215 * magic number before it. All other size fields are ordinary ssh2
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1216 * strings, so the size field indicates how much data is to
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1217 * _follow_.)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1218 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1219 * The encrypted blob, once decrypted, contains a single string
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1220 * which in turn contains the payload. (This allows padding to be
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1221 * added after that string while still making it clear where the
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1222 * real payload ends. Also it probably makes for a reasonable
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1223 * decryption check.)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1224 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1225 * The payload blob, for an RSA key, contains:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1226 * - mpint e
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1227 * - mpint d
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1228 * - mpint n (yes, the public and private stuff is intermixed)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1229 * - mpint u (presumably inverse of p mod q)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1230 * - mpint p (p is the smaller prime)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1231 * - mpint q (q is the larger)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1232 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1233 * For a DSA key, the payload blob contains:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1234 * - uint32 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1235 * - mpint p
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1236 * - mpint g
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1237 * - mpint q
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1238 * - mpint y
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1239 * - mpint x
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1240 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1241 * Alternatively, if the parameters are `predefined', that
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1242 * (0,p,g,q) sequence can be replaced by a uint32 1 and a string
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1243 * containing some predefined parameter specification. *shudder*,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1244 * but I doubt we'll encounter this in real life.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1245 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1246 * The key type strings are ghastly. The RSA key I looked at had a
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1247 * type string of
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1248 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1249 * `if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}'
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1250 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1251 * and the DSA key wasn't much better:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1252 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1253 * `dl-modp{sign{dsa-nist-sha1},dh{plain}}'
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1254 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1255 * It isn't clear that these will always be the same. I think it
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1256 * might be wise just to look at the `if-modn{sign{rsa' and
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1257 * `dl-modp{sign{dsa' prefixes.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1258 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1259 * Finally, the encryption. The cipher-type string appears to be
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1260 * either `none' or `3des-cbc'. Looks as if this is SSH2-style
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1261 * 3des-cbc (i.e. outer cbc rather than inner). The key is created
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1262 * from the passphrase by means of yet another hashing faff:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1263 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1264 * - first 16 bytes are MD5(passphrase)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1265 * - next 16 bytes are MD5(passphrase || first 16 bytes)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1266 * - if there were more, they'd be MD5(passphrase || first 32),
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1267 * and so on.
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1268 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1269
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1270 #define SSHCOM_MAGIC_NUMBER 0x3f6ff9eb
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1271
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1272 struct sshcom_key {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1273 char comment[256]; /* allowing any length is overkill */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1274 unsigned char *keyblob;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1275 int keyblob_len, keyblob_size;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1276 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1277
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1278 static struct sshcom_key *load_sshcom_key(const char *filename)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1279 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1280 struct sshcom_key *ret;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1281 FILE *fp;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1282 char buffer[256];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1283 int len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1284 char *errmsg, *p;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1285 int headers_done;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1286 char base64_bit[4];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1287 int base64_chars = 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1288
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1289 ret = snew(struct sshcom_key);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1290 ret->comment[0] = '\0';
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1291 ret->keyblob = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1292 ret->keyblob_len = ret->keyblob_size = 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1293
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1294 fp = fopen(filename, "r");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1295 if (!fp) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1296 errmsg = "Unable to open key file";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1297 goto error;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1298 }
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1299 if (!fgets(buffer, sizeof(buffer), fp) ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1300 0 != strcmp(buffer, "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----\n")) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1301 errmsg = "File does not begin with ssh.com key header";
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1302 goto error;
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1303 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1304
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1305 headers_done = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1306 while (1) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1307 if (!fgets(buffer, sizeof(buffer), fp)) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1308 errmsg = "Unexpected end of file";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1309 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1310 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1311 if (!strcmp(buffer, "---- END SSH2 ENCRYPTED PRIVATE KEY ----\n"))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1312 break; /* done */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1313 if ((p = strchr(buffer, ':')) != NULL) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1314 if (headers_done) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1315 errmsg = "Header found in body of key data";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1316 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1317 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1318 *p++ = '\0';
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1319 while (*p && isspace((unsigned char)*p)) p++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1320 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1321 * Header lines can end in a trailing backslash for
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1322 * continuation.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1323 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1324 while ((len = strlen(p)) > (int)(sizeof(buffer) - (p-buffer) -1) ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1325 p[len-1] != '\n' || p[len-2] == '\\') {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1326 if (len > (int)((p-buffer) + sizeof(buffer)-2)) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1327 errmsg = "Header line too long to deal with";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1328 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1329 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1330 if (!fgets(p+len-2, sizeof(buffer)-(p-buffer)-(len-2), fp)) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1331 errmsg = "Unexpected end of file";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1332 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1333 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1334 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1335 p[strcspn(p, "\n")] = '\0';
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1336 if (!strcmp(buffer, "Comment")) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1337 /* Strip quotes in comment if present. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1338 if (p[0] == '"' && p[strlen(p)-1] == '"') {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1339 p++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1340 p[strlen(p)-1] = '\0';
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1341 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1342 strncpy(ret->comment, p, sizeof(ret->comment));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1343 ret->comment[sizeof(ret->comment)-1] = '\0';
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1344 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1345 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1346 headers_done = 1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1347
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1348 p = buffer;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1349 while (isbase64(*p)) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1350 base64_bit[base64_chars++] = *p;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1351 if (base64_chars == 4) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1352 unsigned char out[3];
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1353
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1354 base64_chars = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1355
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1356 len = base64_decode_atom(base64_bit, out);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1357
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1358 if (len <= 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1359 errmsg = "Invalid base64 encoding";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1360 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1361 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1362
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1363 if (ret->keyblob_len + len > ret->keyblob_size) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1364 ret->keyblob_size = ret->keyblob_len + len + 256;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1365 ret->keyblob = sresize(ret->keyblob, ret->keyblob_size,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1366 unsigned char);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1367 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1368
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1369 memcpy(ret->keyblob + ret->keyblob_len, out, len);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1370 ret->keyblob_len += len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1371 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1372
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1373 p++;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1374 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1375 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1376 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1377
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1378 if (ret->keyblob_len == 0 || !ret->keyblob) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1379 errmsg = "Key body not present";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1380 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1381 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1382
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1383 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1384
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1385 error:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1386 if (ret) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1387 if (ret->keyblob) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1388 memset(ret->keyblob, 0, ret->keyblob_size);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1389 m_free(ret->keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1390 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1391 memset(ret, 0, sizeof(*ret));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1392 m_free(ret);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1393 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1394 return NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1395 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1396
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1397 int sshcom_encrypted(const char *filename, char **comment)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1398 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1399 struct sshcom_key *key = load_sshcom_key(filename);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1400 int pos, len, answer;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1401
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1402 *comment = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1403 if (!key)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1404 return 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1405
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1406 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1407 * Check magic number.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1408 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1409 if (GET_32BIT(key->keyblob) != 0x3f6ff9eb)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1410 return 0; /* key is invalid */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1411
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1412 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1413 * Find the cipher-type string.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1414 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1415 answer = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1416 pos = 8;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1417 if (key->keyblob_len < pos+4)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1418 goto done; /* key is far too short */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1419 len = toint(GET_32BIT(key->keyblob + pos));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1420 if (len < 0 || len > key->keyblob_len - pos - 4)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1421 goto done; /* key is far too short */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1422 pos += 4 + len; /* skip key type */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1423 len = toint(GET_32BIT(key->keyblob + pos)); /* find cipher-type length */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1424 if (len < 0 || len > key->keyblob_len - pos - 4)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1425 goto done; /* cipher type string is incomplete */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1426 if (len != 4 || 0 != memcmp(key->keyblob + pos + 4, "none", 4))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1427 answer = 1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1428
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1429 done:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1430 *comment = dupstr(key->comment);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1431 memset(key->keyblob, 0, key->keyblob_size);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1432 m_free(key->keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1433 memset(key, 0, sizeof(*key));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1434 m_free(key);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1435 return answer;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1436 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1437
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1438 static int sshcom_read_mpint(void *data, int len, struct mpint_pos *ret)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1439 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1440 unsigned bits, bytes;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1441 unsigned char *d = (unsigned char *) data;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1442
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1443 if (len < 4)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1444 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1445 bits = GET_32BIT(d);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1446
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1447 bytes = (bits + 7) / 8;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1448 if (len < 4+bytes)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1449 goto error;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1450
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1451 ret->start = d + 4;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1452 ret->bytes = bytes;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1453 return bytes+4;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1454
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1455 error:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1456 ret->start = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1457 ret->bytes = -1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1458 return len; /* ensure further calls fail as well */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1459 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1460
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1461 static int sshcom_put_mpint(void *target, void *data, int len)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1462 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1463 unsigned char *d = (unsigned char *)target;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1464 unsigned char *i = (unsigned char *)data;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1465 int bits = len * 8 - 1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1466
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1467 while (bits > 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1468 if (*i & (1 << (bits & 7)))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1469 break;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1470 if (!(bits-- & 7))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1471 i++, len--;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1472 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1473
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1474 PUT_32BIT(d, bits+1);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1475 memcpy(d+4, i, len);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1476 return len+4;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1477 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1478
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1479 sign_key *sshcom_read(const char *filename, char *passphrase)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1480 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1481 struct sshcom_key *key = load_sshcom_key(filename);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1482 char *errmsg;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1483 int pos, len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1484 const char prefix_rsa[] = "if-modn{sign{rsa";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1485 const char prefix_dsa[] = "dl-modp{sign{dsa";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1486 enum { RSA, DSA } type;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1487 int encrypted;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1488 char *ciphertext;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1489 int cipherlen;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1490 struct ssh2_userkey *ret = NULL, *retkey;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1491 const struct ssh_signkey *alg;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1492 unsigned char *blob = NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1493 int blobsize = 0, publen, privlen;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1494
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1495 if (!key)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1496 return NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1497
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1498 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1499 * Check magic number.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1500 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1501 if (GET_32BIT(key->keyblob) != SSHCOM_MAGIC_NUMBER) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1502 errmsg = "Key does not begin with magic number";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1503 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1504 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1505
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1506 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1507 * Determine the key type.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1508 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1509 pos = 8;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1510 if (key->keyblob_len < pos+4 ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1511 (len = GET_32BIT(key->keyblob + pos)) > key->keyblob_len - pos - 4) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1512 errmsg = "Key blob does not contain a key type string";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1513 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1514 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1515 if (len > sizeof(prefix_rsa) - 1 &&
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1516 !memcmp(key->keyblob+pos+4, prefix_rsa, sizeof(prefix_rsa) - 1)) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1517 type = RSA;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1518 } else if (len > sizeof(prefix_dsa) - 1 &&
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1519 !memcmp(key->keyblob+pos+4, prefix_dsa, sizeof(prefix_dsa) - 1)) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1520 type = DSA;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1521 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1522 errmsg = "Key is of unknown type";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1523 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1524 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1525 pos += 4+len;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1526
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1527 /*
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1528 * Determine the cipher type.
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1529 */
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1530 if (key->keyblob_len < pos+4 ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1531 (len = GET_32BIT(key->keyblob + pos)) > key->keyblob_len - pos - 4) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1532 errmsg = "Key blob does not contain a cipher type string";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1533 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1534 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1535 if (len == 4 && !memcmp(key->keyblob+pos+4, "none", 4))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1536 encrypted = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1537 else if (len == 8 && !memcmp(key->keyblob+pos+4, "3des-cbc", 8))
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1538 encrypted = 1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1539 else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1540 errmsg = "Key encryption is of unknown type";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1541 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1542 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1543 pos += 4+len;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1544
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1545 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1546 * Get hold of the encrypted part of the key.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1547 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1548 if (key->keyblob_len < pos+4 ||
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1549 (len = GET_32BIT(key->keyblob + pos)) > key->keyblob_len - pos - 4) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1550 errmsg = "Key blob does not contain actual key data";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1551 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1552 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1553 ciphertext = (char *)key->keyblob + pos + 4;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1554 cipherlen = len;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1555 if (cipherlen == 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1556 errmsg = "Length of key data is zero";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1557 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1558 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1559
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1560 /*
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1561 * Decrypt it if necessary.
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1562 */
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1563 if (encrypted) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1564 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1565 * Derive encryption key from passphrase and iv/salt:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1566 *
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1567 * - let block A equal MD5(passphrase)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1568 * - let block B equal MD5(passphrase || A)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1569 * - block C would be MD5(passphrase || A || B) and so on
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1570 * - encryption key is the first N bytes of A || B
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1571 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1572 struct MD5Context md5c;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1573 unsigned char keybuf[32], iv[8];
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1574
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1575 if (cipherlen % 8 != 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1576 errmsg = "Encrypted part of key is not a multiple of cipher block"
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1577 " size";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1578 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1579 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1580
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1581 MD5Init(&md5c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1582 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1583 MD5Final(keybuf, &md5c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1584
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1585 MD5Init(&md5c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1586 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1587 MD5Update(&md5c, keybuf, 16);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1588 MD5Final(keybuf+16, &md5c);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1589
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1590 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1591 * Now decrypt the key blob.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1592 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1593 memset(iv, 0, sizeof(iv));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1594 des3_decrypt_pubkey_ossh(keybuf, iv, (unsigned char *)ciphertext,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1595 cipherlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1596
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1597 memset(&md5c, 0, sizeof(md5c));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1598 memset(keybuf, 0, sizeof(keybuf));
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1599
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1600 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1601 * Hereafter we return WRONG_PASSPHRASE for any parsing
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1602 * error. (But only if we've just tried to decrypt it!
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1603 * Returning WRONG_PASSPHRASE for an unencrypted key is
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1604 * automatic doom.)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1605 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1606 if (encrypted)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1607 ret = SSH2_WRONG_PASSPHRASE;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1608 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1609
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1610 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1611 * Strip away the containing string to get to the real meat.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1612 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1613 len = toint(GET_32BIT(ciphertext));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1614 if (len < 0 || len > cipherlen-4) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1615 errmsg = "containing string was ill-formed";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1616 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1617 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1618 ciphertext += 4;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1619 cipherlen = len;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1620
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1621 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1622 * Now we break down into RSA versus DSA. In either case we'll
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1623 * construct public and private blobs in our own format, and
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1624 * end up feeding them to alg->createkey().
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1625 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1626 blobsize = cipherlen + 256;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1627 blob = snewn(blobsize, unsigned char);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1628 privlen = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1629 if (type == RSA) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1630 struct mpint_pos n, e, d, u, p, q;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1631 int pos = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1632 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &e);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1633 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &d);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1634 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &n);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1635 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &u);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1636 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &p);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1637 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &q);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1638 if (!q.start) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1639 errmsg = "key data did not contain six integers";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1640 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1641 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1642
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1643 alg = &ssh_rsa;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1644 pos = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1645 pos += put_string(blob+pos, "ssh-rsa", 7);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1646 pos += put_mp(blob+pos, e.start, e.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1647 pos += put_mp(blob+pos, n.start, n.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1648 publen = pos;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1649 pos += put_string(blob+pos, d.start, d.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1650 pos += put_mp(blob+pos, q.start, q.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1651 pos += put_mp(blob+pos, p.start, p.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1652 pos += put_mp(blob+pos, u.start, u.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1653 privlen = pos - publen;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1654 } else if (type == DSA) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1655 struct mpint_pos p, q, g, x, y;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1656 int pos = 4;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1657 if (GET_32BIT(ciphertext) != 0) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1658 errmsg = "predefined DSA parameters not supported";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1659 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1660 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1661 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &p);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1662 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &g);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1663 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &q);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1664 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &y);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1665 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &x);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1666 if (!x.start) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1667 errmsg = "key data did not contain five integers";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1668 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1669 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1670
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1671 alg = &ssh_dss;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1672 pos = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1673 pos += put_string(blob+pos, "ssh-dss", 7);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1674 pos += put_mp(blob+pos, p.start, p.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1675 pos += put_mp(blob+pos, q.start, q.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1676 pos += put_mp(blob+pos, g.start, g.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1677 pos += put_mp(blob+pos, y.start, y.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1678 publen = pos;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1679 pos += put_mp(blob+pos, x.start, x.bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1680 privlen = pos - publen;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1681 } else
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1682 return NULL;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1683
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1684 dropbear_assert(privlen > 0); /* should have bombed by now if not */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1685
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1686 retkey = snew(struct ssh2_userkey);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1687 retkey->alg = alg;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1688 retkey->data = alg->createkey(blob, publen, blob+publen, privlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1689 if (!retkey->data) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1690 m_free(retkey);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1691 errmsg = "unable to create key data structure";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1692 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1693 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1694 retkey->comment = dupstr(key->comment);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1695
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1696 errmsg = NULL; /* no error */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1697 ret = retkey;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1698
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1699 error:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1700 if (blob) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1701 memset(blob, 0, blobsize);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1702 m_free(blob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1703 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1704 memset(key->keyblob, 0, key->keyblob_size);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1705 m_free(key->keyblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1706 memset(key, 0, sizeof(*key));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1707 m_free(key);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1708 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1709 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1710
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1711 int sshcom_write(const char *filename, sign_key *key,
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1712 char *passphrase)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1713 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1714 unsigned char *pubblob, *privblob;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1715 int publen, privlen;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1716 unsigned char *outblob;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1717 int outlen;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1718 struct mpint_pos numbers[6];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1719 int nnumbers, initial_zero, pos, lenpos, i;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1720 char *type;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1721 char *ciphertext;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1722 int cipherlen;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1723 int ret = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1724 FILE *fp;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1725
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1726 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1727 * Fetch the key blobs.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1728 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1729 pubblob = key->alg->public_blob(key->data, &publen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1730 privblob = key->alg->private_blob(key->data, &privlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1731 outblob = NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1732
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1733 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1734 * Find the sequence of integers to be encoded into the OpenSSH
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1735 * key blob, and also decide on the header line.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1736 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1737 if (key->alg == &ssh_rsa) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1738 int pos;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1739 struct mpint_pos n, e, d, p, q, iqmp;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1740
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1741 pos = 4 + GET_32BIT(pubblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1742 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &e);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1743 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &n);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1744 pos = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1745 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &d);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1746 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &p);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1747 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &q);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1748 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &iqmp);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1749
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1750 dropbear_assert(e.start && iqmp.start); /* can't go wrong */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1751
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1752 numbers[0] = e;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1753 numbers[1] = d;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1754 numbers[2] = n;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1755 numbers[3] = iqmp;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1756 numbers[4] = q;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1757 numbers[5] = p;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1758
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1759 nnumbers = 6;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1760 initial_zero = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1761 type = "if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1762 } else if (key->alg == &ssh_dss) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1763 int pos;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1764 struct mpint_pos p, q, g, y, x;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1765
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1766 pos = 4 + GET_32BIT(pubblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1767 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &p);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1768 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &q);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1769 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &g);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1770 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &y);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1771 pos = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1772 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &x);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1773
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1774 dropbear_assert(y.start && x.start); /* can't go wrong */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1775
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1776 numbers[0] = p;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1777 numbers[1] = g;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1778 numbers[2] = q;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1779 numbers[3] = y;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1780 numbers[4] = x;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1781
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1782 nnumbers = 5;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1783 initial_zero = 1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1784 type = "dl-modp{sign{dsa-nist-sha1},dh{plain}}";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1785 } else {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1786 dropbear_assert(0); /* zoinks! */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1787 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1788
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1789 /*
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1790 * Total size of key blob will be somewhere under 512 plus
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1791 * combined length of integers. We'll calculate the more
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1792 * precise size as we construct the blob.
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1793 */
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1794 outlen = 512;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1795 for (i = 0; i < nnumbers; i++)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1796 outlen += 4 + numbers[i].bytes;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1797 outblob = snewn(outlen, unsigned char);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1798
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1799 /*
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1800 * Create the unencrypted key blob.
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1801 */
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1802 pos = 0;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1803 PUT_32BIT(outblob+pos, SSHCOM_MAGIC_NUMBER); pos += 4;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1804 pos += 4; /* length field, fill in later */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1805 pos += put_string(outblob+pos, type, strlen(type));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1806 {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1807 char *ciphertype = passphrase ? "3des-cbc" : "none";
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1808 pos += put_string(outblob+pos, ciphertype, strlen(ciphertype));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1809 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1810 lenpos = pos; /* remember this position */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1811 pos += 4; /* encrypted-blob size */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1812 pos += 4; /* encrypted-payload size */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1813 if (initial_zero) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1814 PUT_32BIT(outblob+pos, 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1815 pos += 4;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1816 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1817 for (i = 0; i < nnumbers; i++)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1818 pos += sshcom_put_mpint(outblob+pos,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1819 numbers[i].start, numbers[i].bytes);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1820 /* Now wrap up the encrypted payload. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1821 PUT_32BIT(outblob+lenpos+4, pos - (lenpos+8));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1822 /* Pad encrypted blob to a multiple of cipher block size. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1823 if (passphrase) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1824 int padding = -(pos - (lenpos+4)) & 7;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1825 while (padding--)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1826 outblob[pos++] = random_byte();
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1827 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1828 ciphertext = (char *)outblob+lenpos+4;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1829 cipherlen = pos - (lenpos+4);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1830 dropbear_assert(!passphrase || cipherlen % 8 == 0);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1831 /* Wrap up the encrypted blob string. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1832 PUT_32BIT(outblob+lenpos, cipherlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1833 /* And finally fill in the total length field. */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1834 PUT_32BIT(outblob+4, pos);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1835
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1836 dropbear_assert(pos < outlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1837
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1838 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1839 * Encrypt the key.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1840 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1841 if (passphrase) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1842 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1843 * Derive encryption key from passphrase and iv/salt:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1844 *
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1845 * - let block A equal MD5(passphrase)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1846 * - let block B equal MD5(passphrase || A)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1847 * - block C would be MD5(passphrase || A || B) and so on
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1848 * - encryption key is the first N bytes of A || B
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1849 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1850 struct MD5Context md5c;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1851 unsigned char keybuf[32], iv[8];
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1852
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1853 MD5Init(&md5c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1854 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1855 MD5Final(keybuf, &md5c);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1856
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1857 MD5Init(&md5c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1858 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1859 MD5Update(&md5c, keybuf, 16);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1860 MD5Final(keybuf+16, &md5c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1861
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1862 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1863 * Now decrypt the key blob.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1864 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1865 memset(iv, 0, sizeof(iv));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1866 des3_encrypt_pubkey_ossh(keybuf, iv, (unsigned char *)ciphertext,
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1867 cipherlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1868
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1869 memset(&md5c, 0, sizeof(md5c));
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1870 memset(keybuf, 0, sizeof(keybuf));
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1871 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1872
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1873 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1874 * And save it. We'll use Unix line endings just in case it's
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1875 * subsequently transferred in binary mode.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1876 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1877 fp = fopen(filename, "wb"); /* ensure Unix line endings */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1878 if (!fp)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1879 goto error;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1880 fputs("---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----\n", fp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1881 fprintf(fp, "Comment: \"");
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1882 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1883 * Comment header is broken with backslash-newline if it goes
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1884 * over 70 chars. Although it's surrounded by quotes, it
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1885 * _doesn't_ escape backslashes or quotes within the string.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1886 * Don't ask me, I didn't design it.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1887 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1888 {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1889 int slen = 60; /* starts at 60 due to "Comment: " */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1890 char *c = key->comment;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1891 while ((int)strlen(c) > slen) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1892 fprintf(fp, "%.*s\\\n", slen, c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1893 c += slen;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1894 slen = 70; /* allow 70 chars on subsequent lines */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1895 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1896 fprintf(fp, "%s\"\n", c);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1897 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1898 base64_encode_fp(fp, outblob, pos, 70);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1899 fputs("---- END SSH2 ENCRYPTED PRIVATE KEY ----\n", fp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1900 fclose(fp);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1901 ret = 1;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1902
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1903 error:
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1904 if (outblob) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1905 memset(outblob, 0, outlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1906 m_free(outblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1907 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1908 if (privblob) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1909 memset(privblob, 0, privlen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1910 m_free(privblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1911 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1912 if (pubblob) {
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1913 memset(pubblob, 0, publen);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1914 m_free(pubblob);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1915 }
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1916 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1917 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1918 #endif /* ssh.com stuff disabled */
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1919
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1920 /* From PuTTY misc.c */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1921 static int toint(unsigned u)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1922 {
1308
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1923 /*
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1924 * Convert an unsigned to an int, without running into the
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1925 * undefined behaviour which happens by the strict C standard if
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1926 * the value overflows. You'd hope that sensible compilers would
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1927 * do the sensible thing in response to a cast, but actually I
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1928 * don't trust modern compilers not to do silly things like
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1929 * assuming that _obviously_ you wouldn't have caused an overflow
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1930 * and so they can elide an 'if (i < 0)' test immediately after
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1931 * the cast.
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1932 *
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1933 * Sensible compilers ought of course to optimise this entire
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1934 * function into 'just return the input value'!
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1935 */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1936 if (u <= (unsigned)INT_MAX)
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1937 return (int)u;
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1938 else if (u >= (unsigned)INT_MIN) /* wrap in cast _to_ unsigned is OK */
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1939 return INT_MIN + (int)(u - (unsigned)INT_MIN);
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1940 else
8678e2cc1e53 make indenting consistent
Matt Johnston <matt@ucc.asn.au>
parents: 1307
diff changeset
1941 return INT_MIN; /* fallback; should never occur on binary machines */
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1942 }