annotate keyimport.c @ 1306:34e6127ef02e

merge fixes from PuTTY import.c toint() from misc.c (revids are from hggit conversion) changeset: 4620:60a336a6c85c user: Simon Tatham <[email protected]> date: Thu Feb 25 20:26:33 2016 +0000 files: import.c description: Fix potential segfaults in reading OpenSSH's ASN.1 key format. The length coming back from ber_read_id_len might have overflowed, so treat it as potentially negative. Also, while I'm here, accumulate it inside ber_read_id_len as an unsigned, so as to avoid undefined behaviour on integer overflow, and toint() it before return. Thanks to Hanno Böck for spotting this, with the aid of AFL. (cherry picked from commit 5b7833cd474a24ec098654dcba8cb9509f3bf2c1) Conflicts: import.c (cherry-picker's note: resolving the conflict involved removing an entire section of the original commit which fixed ECDSA code not present on this branch) changeset: 4619:9c6c638d98d8 user: Simon Tatham <[email protected]> date: Sun Jul 14 10:45:54 2013 +0000 files: import.c ssh.c sshdss.c sshpubk.c sshrsa.c description: Tighten up a lot of casts from unsigned to int which are read by one of the GET_32BIT macros and then used as length fields. Missing bounds checks against zero have been added, and also I've introduced a helper function toint() which casts from unsigned to int in such a way as to avoid C undefined behaviour, since I'm not sure I trust compilers any more to do the obviously sensible thing. [originally from svn r9918] changeset: 4618:3957829f24d3 user: Simon Tatham <[email protected]> date: Mon Jul 08 22:36:04 2013 +0000 files: import.c sshdss.c sshrsa.c description: Add an assortment of extra safety checks. [originally from svn r9896] changeset: 4617:2cddee0bce12 user: Jacob Nevins <[email protected]> date: Wed Dec 07 00:24:45 2005 +0000 files: import.c description: Institutional failure to memset() things pointed at rather than pointers. Things should now be zeroed and memory not leaked. Spotted by Brant Thomsen. [originally from svn r6476] changeset: 4616:24ac78a9c71d user: Simon Tatham <[email protected]> date: Wed Feb 11 13:58:27 2004 +0000 files: import.c description: Jacob's last-minute testing found a couple of trivial bugs in import.c, and my attempts to reproduce them in cmdgen found another one there :-) [originally from svn r3847] changeset: 4615:088d39a73db0 user: Simon Tatham <[email protected]> date: Thu Jan 22 18:52:49 2004 +0000 files: import.c description: Placate some gcc warnings. [originally from svn r3761] changeset: 4614:e4288bad4d93 parent: 1758:108b8924593d user: Simon Tatham <[email protected]> date: Fri Oct 03 21:21:23 2003 +0000 files: import.c description: My ASN.1 decoder returned wrong IDs for anything above 0x1E! Good job it's never had to yet. Ahem. [originally from svn r3479]
author Matt Johnston <matt@ucc.asn.au>
date Tue, 12 Jul 2016 23:00:01 +0800
parents 2bb4c662d1c2
children ad9c40aca3bc
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
2 * Based on PuTTY's import.c for importing/exporting OpenSSH and SSH.com
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 * keyfiles.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
5 * Modifications copyright 2003 Matt Johnston
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 * PuTTY is copyright 1997-2003 Simon Tatham.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 * Portions copyright Robert de Bath, Joris van Rantwijk, Delian
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 * Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 * Justin Bradford, and CORE SDI S.A.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 * Permission is hereby granted, free of charge, to any person
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 * obtaining a copy of this software and associated documentation files
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 * (the "Software"), to deal in the Software without restriction,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16 * including without limitation the rights to use, copy, modify, merge,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 * publish, distribute, sublicense, and/or sell copies of the Software,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 * and to permit persons to whom the Software is furnished to do so,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 * subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 * The above copyright notice and this permission notice shall be
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22 * included in all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
23 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 * NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 * FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 #include "keyimport.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 #include "bignum.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
35 #include "buffer.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36 #include "dbutil.h"
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
37 #include "ecc.h"
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
38
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
39 static const unsigned char OID_SEC256R1_BLOB[] = {0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07};
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
40 static const unsigned char OID_SEC384R1_BLOB[] = {0x2b, 0x81, 0x04, 0x00, 0x22};
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
41 static const unsigned char OID_SEC521R1_BLOB[] = {0x2b, 0x81, 0x04, 0x00, 0x23};
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
42
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
43 #define PUT_32BIT(cp, value) do { \
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
44 (cp)[3] = (unsigned char)(value); \
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
45 (cp)[2] = (unsigned char)((value) >> 8); \
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
46 (cp)[1] = (unsigned char)((value) >> 16); \
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
47 (cp)[0] = (unsigned char)((value) >> 24); } while (0)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
48
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
49 #define GET_32BIT(cp) \
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
50 (((unsigned long)(unsigned char)(cp)[0] << 24) | \
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
51 ((unsigned long)(unsigned char)(cp)[1] << 16) | \
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
52 ((unsigned long)(unsigned char)(cp)[2] << 8) | \
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
53 ((unsigned long)(unsigned char)(cp)[3]))
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
55 static int openssh_encrypted(const char *filename);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
56 static sign_key *openssh_read(const char *filename, char *passphrase);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
57 static int openssh_write(const char *filename, sign_key *key,
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
58 char *passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
59
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
60 static int dropbear_write(const char*filename, sign_key * key);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
61 static sign_key *dropbear_read(const char* filename);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
62
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
63 static int toint(unsigned u);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
64
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
65 #if 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
66 static int sshcom_encrypted(const char *filename, char **comment);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
67 static struct ssh2_userkey *sshcom_read(const char *filename, char *passphrase);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
68 static int sshcom_write(const char *filename, struct ssh2_userkey *key,
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
69 char *passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
70 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
71
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
72 int import_encrypted(const char* filename, int filetype) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
73
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
74 if (filetype == KEYFILE_OPENSSH) {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
75 return openssh_encrypted(filename);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
76 #if 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
77 } else if (filetype == KEYFILE_SSHCOM) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
78 return sshcom_encrypted(filename, NULL);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
79 #endif
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
80 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
81 return 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
82 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
83
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
84 sign_key *import_read(const char *filename, char *passphrase, int filetype) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
85
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
86 if (filetype == KEYFILE_OPENSSH) {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
87 return openssh_read(filename, passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
88 } else if (filetype == KEYFILE_DROPBEAR) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
89 return dropbear_read(filename);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
90 #if 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
91 } else if (filetype == KEYFILE_SSHCOM) {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
92 return sshcom_read(filename, passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
93 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
94 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
95 return NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
96 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
97
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
98 int import_write(const char *filename, sign_key *key, char *passphrase,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
99 int filetype) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
100
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
101 if (filetype == KEYFILE_OPENSSH) {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
102 return openssh_write(filename, key, passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
103 } else if (filetype == KEYFILE_DROPBEAR) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
104 return dropbear_write(filename, key);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
105 #if 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
106 } else if (filetype == KEYFILE_SSHCOM) {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
107 return sshcom_write(filename, key, passphrase);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
108 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
109 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
110 return 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
111 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
112
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
113 static sign_key *dropbear_read(const char* filename) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
114
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
115 buffer * buf = NULL;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
116 sign_key *ret = NULL;
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 845
diff changeset
117 enum signkey_type type;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
118
73
0bf5cebe622c Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
119 buf = buf_new(MAX_PRIVKEY_SIZE);
0bf5cebe622c Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
120 if (buf_readfile(buf, filename) == DROPBEAR_FAILURE) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
121 goto error;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
122 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
123
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
124 buf_setpos(buf, 0);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
125 ret = new_sign_key();
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
126
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
127 type = DROPBEAR_SIGNKEY_ANY;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
128 if (buf_get_priv_key(buf, ret, &type) == DROPBEAR_FAILURE){
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
129 goto error;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
130 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
131 buf_free(buf);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
132
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
133 ret->type = type;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
134
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
135 return ret;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
136
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
137 error:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
138 if (buf) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
139 buf_free(buf);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
140 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
141 if (ret) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
142 sign_key_free(ret);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
143 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
144 return NULL;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
145 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
146
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
147 /* returns 0 on fail, 1 on success */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
148 static int dropbear_write(const char*filename, sign_key * key) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
149
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
150 buffer * buf;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
151 FILE*fp;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
152 int len;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
153 int ret;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
154
73
0bf5cebe622c Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
155 buf = buf_new(MAX_PRIVKEY_SIZE);
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
156 buf_put_priv_key(buf, key, key->type);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
157
87
680a0bc9df0a Some small fixes for unused vars, and old messages
Matt Johnston <matt@ucc.asn.au>
parents: 73
diff changeset
158 fp = fopen(filename, "w");
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
159 if (!fp) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
160 ret = 0;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
161 goto out;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
162 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
163
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
164 buf_setpos(buf, 0);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
165 do {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
166 len = fwrite(buf_getptr(buf, buf->len - buf->pos),
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
167 1, buf->len - buf->pos, fp);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
168 buf_incrpos(buf, len);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
169 } while (len > 0 && buf->len != buf->pos);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
170
256
ac890087b8c1 * keyimport.c: fclose() the key file to make sure data gets written
Matt Johnston <matt@ucc.asn.au>
parents: 241
diff changeset
171 fclose(fp);
ac890087b8c1 * keyimport.c: fclose() the key file to make sure data gets written
Matt Johnston <matt@ucc.asn.au>
parents: 241
diff changeset
172
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
173 if (buf->pos != buf->len) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
174 ret = 0;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
175 } else {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
176 ret = 1;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
177 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
178 out:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
179 buf_free(buf);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
180 return ret;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
181 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
182
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
183
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
184 /* ----------------------------------------------------------------------
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
185 * Helper routines. (The base64 ones are defined in sshpubk.c.)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
186 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
187
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
188 #define isbase64(c) ( ((c) >= 'A' && (c) <= 'Z') || \
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
189 ((c) >= 'a' && (c) <= 'z') || \
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
190 ((c) >= '0' && (c) <= '9') || \
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
191 (c) == '+' || (c) == '/' || (c) == '=' \
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
192 )
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
193
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
194 /* cpl has to be less than 100 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
195 static void base64_encode_fp(FILE * fp, unsigned char *data,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
196 int datalen, int cpl)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
197 {
1094
c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents: 1089
diff changeset
198 unsigned char out[100];
1250
2bb4c662d1c2 more hard tab
Francois Perrad <francois.perrad@gadz.org>
parents: 1124
diff changeset
199 int n;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
200 unsigned long outlen;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
201 int rawcpl;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
202 rawcpl = cpl * 3 / 4;
241
c5d3ef11155f * use own assertions which should get logged properly
Matt Johnston <matt@ucc.asn.au>
parents: 87
diff changeset
203 dropbear_assert((unsigned int)cpl < sizeof(out));
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
204
1250
2bb4c662d1c2 more hard tab
Francois Perrad <francois.perrad@gadz.org>
parents: 1124
diff changeset
205 while (datalen > 0) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
206 n = (datalen < rawcpl ? datalen : rawcpl);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
207 outlen = sizeof(out);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
208 base64_encode(data, n, out, &outlen);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
209 data += n;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
210 datalen -= n;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
211 fwrite(out, 1, outlen, fp);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
212 fputc('\n', fp);
1250
2bb4c662d1c2 more hard tab
Francois Perrad <francois.perrad@gadz.org>
parents: 1124
diff changeset
213 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
214 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
215 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
216 * Read an ASN.1/BER identifier and length pair.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
217 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
218 * Flags are a combination of the #defines listed below.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
219 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
220 * Returns -1 if unsuccessful; otherwise returns the number of
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
221 * bytes used out of the source data.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
222 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
223
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
224 /* ASN.1 tag classes. */
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
225 #define ASN1_CLASS_UNIVERSAL (0 << 6)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
226 #define ASN1_CLASS_APPLICATION (1 << 6)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
227 #define ASN1_CLASS_CONTEXT_SPECIFIC (2 << 6)
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
228 #define ASN1_CLASS_PRIVATE (3 << 6)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
229 #define ASN1_CLASS_MASK (3 << 6)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
230
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
231 /* Primitive versus constructed bit. */
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
232 #define ASN1_CONSTRUCTED (1 << 5)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
233
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
234 static int ber_read_id_len(void *source, int sourcelen,
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
235 int *id, int *length, int *flags)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
236 {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
237 unsigned char *p = (unsigned char *) source;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
238
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
239 if (sourcelen == 0)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
240 return -1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
241
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
242 *flags = (*p & 0xE0);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
243 if ((*p & 0x1F) == 0x1F) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
244 *id = 0;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
245 while (*p & 0x80) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
246 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
247 if (sourcelen == 0)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
248 return -1;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
249 *id = (*id << 7) | (*p & 0x7F);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
250 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
251 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
252 } else {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
253 *id = *p & 0x1F;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
254 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
255 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
256
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
257 if (sourcelen == 0)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
258 return -1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
259
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
260 if (*p & 0x80) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
261 unsigned len;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
262 int n = *p & 0x7F;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
263 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
264 if (sourcelen < n)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
265 return -1;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
266 len = 0;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
267 while (n--)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
268 len = (len << 8) | (*p++);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
269 sourcelen -= n;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
270 *length = toint(len);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
271 } else {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
272 *length = *p;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
273 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
274 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
275
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
276 return p - (unsigned char *) source;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
277 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
278
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
279 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
280 * Write an ASN.1/BER identifier and length pair. Returns the
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
281 * number of bytes consumed. Assumes dest contains enough space.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
282 * Will avoid writing anything if dest is NULL, but still return
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
283 * amount of space required.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
284 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
285 static int ber_write_id_len(void *dest, int id, int length, int flags)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
286 {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
287 unsigned char *d = (unsigned char *)dest;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
288 int len = 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
289
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
290 if (id <= 30) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
291 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
292 * Identifier is one byte.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
293 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
294 len++;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
295 if (d) *d++ = id | flags;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
296 } else {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
297 int n;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
298 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
299 * Identifier is multiple bytes: the first byte is 11111
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
300 * plus the flags, and subsequent bytes encode the value of
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
301 * the identifier, 7 bits at a time, with the top bit of
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
302 * each byte 1 except the last one which is 0.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
303 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
304 len++;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
305 if (d) *d++ = 0x1F | flags;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
306 for (n = 1; (id >> (7*n)) > 0; n++)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
307 continue; /* count the bytes */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
308 while (n--) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
309 len++;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
310 if (d) *d++ = (n ? 0x80 : 0) | ((id >> (7*n)) & 0x7F);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
311 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
312 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
313
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
314 if (length < 128) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
315 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
316 * Length is one byte.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
317 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
318 len++;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
319 if (d) *d++ = length;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
320 } else {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
321 int n;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
322 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
323 * Length is multiple bytes. The first is 0x80 plus the
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
324 * number of subsequent bytes, and the subsequent bytes
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
325 * encode the actual length.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
326 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
327 for (n = 1; (length >> (8*n)) > 0; n++)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
328 continue; /* count the bytes */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
329 len++;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
330 if (d) *d++ = 0x80 | n;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
331 while (n--) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
332 len++;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
333 if (d) *d++ = (length >> (8*n)) & 0xFF;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
334 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
335 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
336
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
337 return len;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
338 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
339
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
340
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
341 /* Simple structure to point to an mp-int within a blob. */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
342 struct mpint_pos { void *start; int bytes; };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
343
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
344 /* ----------------------------------------------------------------------
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
345 * Code to read and write OpenSSH private keys.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
346 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
347
793
70625eed40c9 A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents: 491
diff changeset
348 enum { OSSH_DSA, OSSH_RSA, OSSH_EC };
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
349 struct openssh_key {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
350 int type;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
351 int encrypted;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
352 char iv[32];
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
353 unsigned char *keyblob;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
354 unsigned int keyblob_len, keyblob_size;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
355 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
356
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
357 static struct openssh_key *load_openssh_key(const char *filename)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
358 {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
359 struct openssh_key *ret;
340
454a34b2dfd1 Fixes from Erik Hovland:
Matt Johnston <matt@ucc.asn.au>
parents: 256
diff changeset
360 FILE *fp = NULL;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
361 char buffer[256];
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
362 char *errmsg = NULL, *p = NULL;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
363 int headers_done;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
364 unsigned long len, outlen;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
365
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
366 ret = (struct openssh_key*)m_malloc(sizeof(struct openssh_key));
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
367 ret->keyblob = NULL;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
368 ret->keyblob_len = ret->keyblob_size = 0;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
369 ret->encrypted = 0;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
370 memset(ret->iv, 0, sizeof(ret->iv));
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
371
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
372 if (strlen(filename) == 1 && filename[0] == '-') {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
373 fp = stdin;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
374 } else {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
375 fp = fopen(filename, "r");
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
376 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
377 if (!fp) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
378 errmsg = "Unable to open key file";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
379 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
380 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
381 if (!fgets(buffer, sizeof(buffer), fp) ||
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
382 0 != strncmp(buffer, "-----BEGIN ", 11) ||
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
383 0 != strcmp(buffer+strlen(buffer)-17, "PRIVATE KEY-----\n")) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
384 errmsg = "File does not begin with OpenSSH key header";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
385 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
386 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
387 if (!strcmp(buffer, "-----BEGIN RSA PRIVATE KEY-----\n"))
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
388 ret->type = OSSH_RSA;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
389 else if (!strcmp(buffer, "-----BEGIN DSA PRIVATE KEY-----\n"))
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
390 ret->type = OSSH_DSA;
793
70625eed40c9 A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents: 491
diff changeset
391 else if (!strcmp(buffer, "-----BEGIN EC PRIVATE KEY-----\n"))
70625eed40c9 A bit of work on ecdsa for host/auth keys
Matt Johnston <matt@ucc.asn.au>
parents: 491
diff changeset
392 ret->type = OSSH_EC;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
393 else {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
394 errmsg = "Unrecognised key type";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
395 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
396 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
397
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
398 headers_done = 0;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
399 while (1) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
400 if (!fgets(buffer, sizeof(buffer), fp)) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
401 errmsg = "Unexpected end of file";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
402 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
403 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
404 if (0 == strncmp(buffer, "-----END ", 9) &&
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
405 0 == strcmp(buffer+strlen(buffer)-17, "PRIVATE KEY-----\n"))
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
406 break; /* done */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
407 if ((p = strchr(buffer, ':')) != NULL) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
408 if (headers_done) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
409 errmsg = "Header found in body of key data";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
410 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
411 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
412 *p++ = '\0';
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
413 while (*p && isspace((unsigned char)*p)) p++;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
414 if (!strcmp(buffer, "Proc-Type")) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
415 if (p[0] != '4' || p[1] != ',') {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
416 errmsg = "Proc-Type is not 4 (only 4 is supported)";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
417 goto error;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
418 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
419 p += 2;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
420 if (!strcmp(p, "ENCRYPTED\n"))
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
421 ret->encrypted = 1;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
422 } else if (!strcmp(buffer, "DEK-Info")) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
423 int i, j;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
424
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
425 if (strncmp(p, "DES-EDE3-CBC,", 13)) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
426 errmsg = "Ciphers other than DES-EDE3-CBC not supported";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
427 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
428 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
429 p += 13;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
430 for (i = 0; i < 8; i++) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
431 if (1 != sscanf(p, "%2x", &j))
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
432 break;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
433 ret->iv[i] = j;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
434 p += 2;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
435 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
436 if (i < 8) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
437 errmsg = "Expected 16-digit iv in DEK-Info";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
438 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
439 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
440 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
441 } else {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
442 headers_done = 1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
443 len = strlen(buffer);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
444 outlen = len*4/3;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
445 if (ret->keyblob_len + outlen > ret->keyblob_size) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
446 ret->keyblob_size = ret->keyblob_len + outlen + 256;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
447 ret->keyblob = (unsigned char*)m_realloc(ret->keyblob,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
448 ret->keyblob_size);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
449 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
450 outlen = ret->keyblob_size - ret->keyblob_len;
1094
c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents: 1089
diff changeset
451 if (base64_decode((const unsigned char *)buffer, len,
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
452 ret->keyblob + ret->keyblob_len, &outlen) != CRYPT_OK){
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
453 errmsg = "Error decoding base64";
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
454 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
455 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
456 ret->keyblob_len += outlen;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
457 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
458 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
459
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
460 if (ret->keyblob_len == 0 || !ret->keyblob) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
461 errmsg = "Key body not present";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
462 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
463 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
464
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
465 if (ret->encrypted && ret->keyblob_len % 8 != 0) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
466 errmsg = "Encrypted key blob is not a multiple of cipher block size";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
467 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
468 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
469
1045
31727a8abd4b Use m_burn rather than memset
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1038
diff changeset
470 m_burn(buffer, sizeof(buffer));
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
471 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
472
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
473 error:
1045
31727a8abd4b Use m_burn rather than memset
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1038
diff changeset
474 m_burn(buffer, sizeof(buffer));
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
475 if (ret) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
476 if (ret->keyblob) {
1045
31727a8abd4b Use m_burn rather than memset
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1038
diff changeset
477 m_burn(ret->keyblob, ret->keyblob_size);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
478 m_free(ret->keyblob);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
479 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
480 m_free(ret);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
481 }
340
454a34b2dfd1 Fixes from Erik Hovland:
Matt Johnston <matt@ucc.asn.au>
parents: 256
diff changeset
482 if (fp) {
454a34b2dfd1 Fixes from Erik Hovland:
Matt Johnston <matt@ucc.asn.au>
parents: 256
diff changeset
483 fclose(fp);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
484 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
485 if (errmsg) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
486 fprintf(stderr, "Error: %s\n", errmsg);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
487 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
488 return NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
489 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
490
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
491 static int openssh_encrypted(const char *filename)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
492 {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
493 struct openssh_key *key = load_openssh_key(filename);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
494 int ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
495
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
496 if (!key)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
497 return 0;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
498 ret = key->encrypted;
1045
31727a8abd4b Use m_burn rather than memset
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1038
diff changeset
499 m_burn(key->keyblob, key->keyblob_size);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
500 m_free(key->keyblob);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
501 m_free(key);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
502 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
503 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
504
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 845
diff changeset
505 static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
506 {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
507 struct openssh_key *key;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
508 unsigned char *p;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
509 int ret, id, len, flags;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
510 int i, num_integers = 0;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
511 sign_key *retval = NULL;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
512 char *errmsg;
1119
845922d73e9c Turn modptr local variable into unsigned char *
Gaël PORTAY <gael.portay@gmail.com>
parents: 1094
diff changeset
513 unsigned char *modptr = NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
514 int modlen = -9999;
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 845
diff changeset
515 enum signkey_type type;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
516
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
517 sign_key *retkey;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
518 buffer * blobbuf = NULL;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
519
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
520 retkey = new_sign_key();
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
521
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
522 key = load_openssh_key(filename);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
523
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
524 if (!key)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
525 return NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
526
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
527 if (key->encrypted) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
528 errmsg = "encrypted keys not supported currently";
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
529 goto error;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
530 #if 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
531 /* matt TODO */
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
532 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
533 * Derive encryption key from passphrase and iv/salt:
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
534 *
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
535 * - let block A equal MD5(passphrase || iv)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
536 * - let block B equal MD5(A || passphrase || iv)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
537 * - block C would be MD5(B || passphrase || iv) and so on
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
538 * - encryption key is the first N bytes of A || B
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
539 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
540 struct MD5Context md5c;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
541 unsigned char keybuf[32];
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
542
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
543 MD5Init(&md5c);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
544 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
545 MD5Update(&md5c, (unsigned char *)key->iv, 8);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
546 MD5Final(keybuf, &md5c);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
547
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
548 MD5Init(&md5c);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
549 MD5Update(&md5c, keybuf, 16);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
550 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
551 MD5Update(&md5c, (unsigned char *)key->iv, 8);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
552 MD5Final(keybuf+16, &md5c);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
553
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
554 /*
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
555 * Now decrypt the key blob.
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
556 */
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
557 des3_decrypt_pubkey_ossh(keybuf, (unsigned char *)key->iv,
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
558 key->keyblob, key->keyblob_len);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
559
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
560 memset(&md5c, 0, sizeof(md5c));
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
561 memset(keybuf, 0, sizeof(keybuf));
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
562 #endif
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
563 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
564
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
565 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
566 * Now we have a decrypted key blob, which contains an ASN.1
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
567 * encoded private key. We must now untangle the ASN.1.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
568 *
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
569 * We expect the whole key blob to be formatted as a SEQUENCE
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
570 * (0x30 followed by a length code indicating that the rest of
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
571 * the blob is part of the sequence). Within that SEQUENCE we
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
572 * expect to see a bunch of INTEGERs. What those integers mean
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
573 * depends on the key type:
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
574 *
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
575 * - For RSA, we expect the integers to be 0, n, e, d, p, q,
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
576 * dmp1, dmq1, iqmp in that order. (The last three are d mod
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
577 * (p-1), d mod (q-1), inverse of q mod p respectively.)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
578 *
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
579 * - For DSA, we expect them to be 0, p, q, g, y, x in that
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
580 * order.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
581 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
582
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
583 p = key->keyblob;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
584
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
585 /* Expect the SEQUENCE header. Take its absence as a failure to decrypt. */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
586 ret = ber_read_id_len(p, key->keyblob_len, &id, &len, &flags);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
587 p += ret;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
588 if (ret < 0 || id != 16 || len < 0 ||
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
589 key->keyblob+key->keyblob_len-p < len) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
590 errmsg = "ASN.1 decoding failure - wrong password?";
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
591 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
592 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
593
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
594 /* Expect a load of INTEGERs. */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
595 if (key->type == OSSH_RSA)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
596 num_integers = 9;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
597 else if (key->type == OSSH_DSA)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
598 num_integers = 6;
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
599 else if (key->type == OSSH_EC)
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
600 num_integers = 1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
601
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
602 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
603 * Space to create key blob in.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
604 */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
605 blobbuf = buf_new(3000);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
606
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
607 #ifdef DROPBEAR_DSS
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
608 if (key->type == OSSH_DSA) {
1122
aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents: 1119
diff changeset
609 buf_putstring(blobbuf, "ssh-dss", 7);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
610 retkey->type = DROPBEAR_SIGNKEY_DSS;
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
611 }
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
612 #endif
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
613 #ifdef DROPBEAR_RSA
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
614 if (key->type == OSSH_RSA) {
1122
aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents: 1119
diff changeset
615 buf_putstring(blobbuf, "ssh-rsa", 7);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
616 retkey->type = DROPBEAR_SIGNKEY_RSA;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
617 }
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
618 #endif
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
619
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
620 for (i = 0; i < num_integers; i++) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
621 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
622 &id, &len, &flags);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
623 p += ret;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
624 if (ret < 0 || id != 2 || len < 0 ||
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
625 key->keyblob+key->keyblob_len-p < len) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
626 errmsg = "ASN.1 decoding failure";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
627 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
628 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
629
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
630 if (i == 0) {
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
631 /* First integer is a version indicator */
991
4f65c867fc99 Fix variables may be uninitialized.
Like Ma <likemartinma@gmail.com>
parents: 935
diff changeset
632 int expected = -1;
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
633 switch (key->type) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
634 case OSSH_RSA:
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
635 case OSSH_DSA:
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
636 expected = 0;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
637 break;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
638 case OSSH_EC:
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
639 expected = 1;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
640 break;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
641 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
642 if (len != 1 || p[0] != expected) {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
643 errmsg = "Version number mismatch";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
644 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
645 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
646 } else if (key->type == OSSH_RSA) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
647 /*
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
648 * OpenSSH key order is n, e, d, p, q, dmp1, dmq1, iqmp
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
649 * but we want e, n, d, p, q
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
650 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
651 if (i == 1) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
652 /* Save the details for after we deal with number 2. */
1119
845922d73e9c Turn modptr local variable into unsigned char *
Gaël PORTAY <gael.portay@gmail.com>
parents: 1094
diff changeset
653 modptr = p;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
654 modlen = len;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
655 } else if (i >= 2 && i <= 5) {
1122
aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents: 1119
diff changeset
656 buf_putstring(blobbuf, (const char*)p, len);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
657 if (i == 2) {
1122
aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents: 1119
diff changeset
658 buf_putstring(blobbuf, (const char*)modptr, modlen);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
659 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
660 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
661 } else if (key->type == OSSH_DSA) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
662 /*
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
663 * OpenSSH key order is p, q, g, y, x,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
664 * we want the same.
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
665 */
1122
aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings
Matt Johnston <matt@ucc.asn.au>
parents: 1119
diff changeset
666 buf_putstring(blobbuf, (const char*)p, len);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
667 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
668
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
669 /* Skip past the number. */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
670 p += len;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
671 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
672
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
673 #ifdef DROPBEAR_ECDSA
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
674 if (key->type == OSSH_EC) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
675 unsigned char* private_key_bytes = NULL;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
676 int private_key_len = 0;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
677 unsigned char* public_key_bytes = NULL;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
678 int public_key_len = 0;
807
75509065db53 have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents: 806
diff changeset
679 ecc_key *ecc = NULL;
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
680 const struct dropbear_ecc_curve *curve = NULL;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
681
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
682 /* See SEC1 v2, Appendix C.4 */
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
683 /* OpenSSL (so OpenSSH) seems to include the optional parts. */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
684
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
685 /* privateKey OCTET STRING, */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
686 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
687 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
688 p += ret;
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
689 /* id==4 for octet string */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
690 if (ret < 0 || id != 4 ||
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
691 key->keyblob+key->keyblob_len-p < len) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
692 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
693 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
694 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
695 private_key_bytes = p;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
696 private_key_len = len;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
697 p += len;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
698
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
699 /* parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL, */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
700 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
701 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
702 p += ret;
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
703 /* id==0 */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
704 if (ret < 0 || id != 0) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
705 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
706 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
707 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
708
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
709 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
710 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
711 p += ret;
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
712 /* id==6 for object */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
713 if (ret < 0 || id != 6 ||
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
714 key->keyblob+key->keyblob_len-p < len) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
715 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
716 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
717 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
718
847
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
719 if (0) {}
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
720 #ifdef DROPBEAR_ECC_256
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
721 else if (len == sizeof(OID_SEC256R1_BLOB)
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
722 && memcmp(p, OID_SEC256R1_BLOB, len) == 0) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
723 retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP256;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
724 curve = &ecc_curve_nistp256;
847
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
725 }
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
726 #endif
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
727 #ifdef DROPBEAR_ECC_384
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
728 else if (len == sizeof(OID_SEC384R1_BLOB)
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
729 && memcmp(p, OID_SEC384R1_BLOB, len) == 0) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
730 retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP384;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
731 curve = &ecc_curve_nistp384;
847
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
732 }
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
733 #endif
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
734 #ifdef DROPBEAR_ECC_521
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
735 else if (len == sizeof(OID_SEC521R1_BLOB)
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
736 && memcmp(p, OID_SEC521R1_BLOB, len) == 0) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
737 retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP521;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
738 curve = &ecc_curve_nistp521;
847
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
739 }
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
740 #endif
f4bb964c8678 Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents: 846
diff changeset
741 else {
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
742 errmsg = "Unknown ECC key type";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
743 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
744 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
745 p += len;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
746
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
747 /* publicKey [1] BIT STRING OPTIONAL */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
748 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
749 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
750 p += ret;
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
751 /* id==1 */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
752 if (ret < 0 || id != 1) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
753 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
754 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
755 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
756
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
757 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
758 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
759 p += ret;
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
760 /* id==3 for bit string */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
761 if (ret < 0 || id != 3 ||
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
762 key->keyblob+key->keyblob_len-p < len) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
763 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
764 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
765 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
766 public_key_bytes = p+1;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
767 public_key_len = len-1;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
768 p += len;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
769
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
770 buf_putbytes(blobbuf, public_key_bytes, public_key_len);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
771 ecc = buf_get_ecc_raw_pubkey(blobbuf, curve);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
772 if (!ecc) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
773 errmsg = "Error parsing ECC key";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
774 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
775 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
776 m_mp_alloc_init_multi((mp_int**)&ecc->k, NULL);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
777 if (mp_read_unsigned_bin(ecc->k, private_key_bytes, private_key_len)
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
778 != MP_OKAY) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
779 errmsg = "Error parsing ECC key";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
780 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
781 }
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
782
841
d4ce5269a439 Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
783 *signkey_key_ptr(retkey, retkey->type) = ecc;
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
784 }
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
785 #endif /* DROPBEAR_ECDSA */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
786
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
787 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
788 * Now put together the actual key. Simplest way to do this is
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
789 * to assemble our own key blobs and feed them to the createkey
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
790 * functions; this is a bit faffy but it does mean we get all
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
791 * the sanity checks for free.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
792 */
806
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
793 if (key->type == OSSH_RSA || key->type == OSSH_DSA) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
794 buf_setpos(blobbuf, 0);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
795 type = DROPBEAR_SIGNKEY_ANY;
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
796 if (buf_get_priv_key(blobbuf, retkey, &type)
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
797 != DROPBEAR_SUCCESS) {
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
798 errmsg = "unable to create key structure";
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
799 sign_key_free(retkey);
71e7d31f7671 hackish ECC import code from OpenSSH
Matt Johnston <matt@ucc.asn.au>
parents: 793
diff changeset
800 retkey = NULL;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
801 goto error;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
802 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
803 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
804
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
805 errmsg = NULL; /* no error */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
806 retval = retkey;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
807
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
808 error:
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
809 if (blobbuf) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
810 buf_burn(blobbuf);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
811 buf_free(blobbuf);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
812 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
813 m_burn(key->keyblob, key->keyblob_size);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
814 m_free(key->keyblob);
1002
97d1e54941fd When clearing the memory of 'key' in function openssh_read(), only the size
Christian Engelmayer <cengelma@gmx.at>
parents: 991
diff changeset
815 m_burn(key, sizeof(*key));
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
816 m_free(key);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
817 if (errmsg) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
818 fprintf(stderr, "Error: %s\n", errmsg);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
819 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
820 return retval;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
821 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
822
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
823 static int openssh_write(const char *filename, sign_key *key,
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
824 char *passphrase)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
825 {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
826 buffer * keyblob = NULL;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
827 buffer * extrablob = NULL; /* used for calculated values to write */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
828 unsigned char *outblob = NULL;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
829 int outlen = -9999;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
830 struct mpint_pos numbers[9];
991
4f65c867fc99 Fix variables may be uninitialized.
Like Ma <likemartinma@gmail.com>
parents: 935
diff changeset
831 int nnumbers = -1, pos = 0, len = 0, seqlen, i;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
832 char *header = NULL, *footer = NULL;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
833 char zero[1];
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
834 int ret = 0;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
835 FILE *fp;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
836
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
837 #ifdef DROPBEAR_RSA
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
838 mp_int dmp1, dmq1, iqmp, tmpval; /* for rsa */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
839 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
840
935
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
841 if (
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
842 #ifdef DROPBEAR_RSA
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
843 key->type == DROPBEAR_SIGNKEY_RSA ||
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
844 #endif
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
845 #ifdef DROPBEAR_DSS
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
846 key->type == DROPBEAR_SIGNKEY_DSS ||
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
847 #endif
25692c60479e Fix compiling with ECDSA and DSS disabled
Matt Johnston <matt@ucc.asn.au>
parents: 867
diff changeset
848 0)
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
849 {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
850 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
851 * Fetch the key blobs.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
852 */
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
853 keyblob = buf_new(3000);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
854 buf_put_priv_key(keyblob, key, key->type);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
855
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
856 buf_setpos(keyblob, 0);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
857 /* skip the "ssh-rsa" or "ssh-dss" header */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
858 buf_incrpos(keyblob, buf_getint(keyblob));
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
859
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
860 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
861 * Find the sequence of integers to be encoded into the OpenSSH
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
862 * key blob, and also decide on the header line.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
863 */
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
864 numbers[0].start = zero; numbers[0].bytes = 1; zero[0] = '\0';
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
865
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
866 #ifdef DROPBEAR_RSA
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
867 if (key->type == DROPBEAR_SIGNKEY_RSA) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
868
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
869 if (key->rsakey->p == NULL || key->rsakey->q == NULL) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
870 fprintf(stderr, "Pre-0.33 Dropbear keys cannot be converted to OpenSSH keys.\n");
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
871 goto error;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
872 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
873
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
874 /* e */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
875 numbers[2].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
876 numbers[2].start = buf_getptr(keyblob, numbers[2].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
877 buf_incrpos(keyblob, numbers[2].bytes);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
878
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
879 /* n */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
880 numbers[1].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
881 numbers[1].start = buf_getptr(keyblob, numbers[1].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
882 buf_incrpos(keyblob, numbers[1].bytes);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
883
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
884 /* d */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
885 numbers[3].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
886 numbers[3].start = buf_getptr(keyblob, numbers[3].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
887 buf_incrpos(keyblob, numbers[3].bytes);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
888
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
889 /* p */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
890 numbers[4].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
891 numbers[4].start = buf_getptr(keyblob, numbers[4].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
892 buf_incrpos(keyblob, numbers[4].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
893
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
894 /* q */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
895 numbers[5].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
896 numbers[5].start = buf_getptr(keyblob, numbers[5].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
897 buf_incrpos(keyblob, numbers[5].bytes);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
898
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
899 /* now calculate some extra parameters: */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
900 m_mp_init(&tmpval);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
901 m_mp_init(&dmp1);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
902 m_mp_init(&dmq1);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
903 m_mp_init(&iqmp);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
904
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
905 /* dmp1 = d mod (p-1) */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
906 if (mp_sub_d(key->rsakey->p, 1, &tmpval) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
907 fprintf(stderr, "Bignum error for p-1\n");
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
908 goto error;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
909 }
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
910 if (mp_mod(key->rsakey->d, &tmpval, &dmp1) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
911 fprintf(stderr, "Bignum error for dmp1\n");
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
912 goto error;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
913 }
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
914
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
915 /* dmq1 = d mod (q-1) */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
916 if (mp_sub_d(key->rsakey->q, 1, &tmpval) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
917 fprintf(stderr, "Bignum error for q-1\n");
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
918 goto error;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
919 }
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
920 if (mp_mod(key->rsakey->d, &tmpval, &dmq1) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
921 fprintf(stderr, "Bignum error for dmq1\n");
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
922 goto error;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
923 }
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
924
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
925 /* iqmp = (q^-1) mod p */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
926 if (mp_invmod(key->rsakey->q, key->rsakey->p, &iqmp) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
927 fprintf(stderr, "Bignum error for iqmp\n");
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
928 goto error;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
929 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
930
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
931 extrablob = buf_new(2000);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
932 buf_putmpint(extrablob, &dmp1);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
933 buf_putmpint(extrablob, &dmq1);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
934 buf_putmpint(extrablob, &iqmp);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
935 buf_setpos(extrablob, 0);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
936 mp_clear(&dmp1);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
937 mp_clear(&dmq1);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
938 mp_clear(&iqmp);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
939 mp_clear(&tmpval);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
940
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
941 /* dmp1 */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
942 numbers[6].bytes = buf_getint(extrablob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
943 numbers[6].start = buf_getptr(extrablob, numbers[6].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
944 buf_incrpos(extrablob, numbers[6].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
945
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
946 /* dmq1 */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
947 numbers[7].bytes = buf_getint(extrablob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
948 numbers[7].start = buf_getptr(extrablob, numbers[7].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
949 buf_incrpos(extrablob, numbers[7].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
950
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
951 /* iqmp */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
952 numbers[8].bytes = buf_getint(extrablob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
953 numbers[8].start = buf_getptr(extrablob, numbers[8].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
954 buf_incrpos(extrablob, numbers[8].bytes);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
955
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
956 nnumbers = 9;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
957 header = "-----BEGIN RSA PRIVATE KEY-----\n";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
958 footer = "-----END RSA PRIVATE KEY-----\n";
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
959 }
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
960 #endif /* DROPBEAR_RSA */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
961
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
962 #ifdef DROPBEAR_DSS
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
963 if (key->type == DROPBEAR_SIGNKEY_DSS) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
964
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
965 /* p */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
966 numbers[1].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
967 numbers[1].start = buf_getptr(keyblob, numbers[1].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
968 buf_incrpos(keyblob, numbers[1].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
969
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
970 /* q */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
971 numbers[2].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
972 numbers[2].start = buf_getptr(keyblob, numbers[2].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
973 buf_incrpos(keyblob, numbers[2].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
974
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
975 /* g */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
976 numbers[3].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
977 numbers[3].start = buf_getptr(keyblob, numbers[3].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
978 buf_incrpos(keyblob, numbers[3].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
979
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
980 /* y */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
981 numbers[4].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
982 numbers[4].start = buf_getptr(keyblob, numbers[4].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
983 buf_incrpos(keyblob, numbers[4].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
984
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
985 /* x */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
986 numbers[5].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
987 numbers[5].start = buf_getptr(keyblob, numbers[5].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
988 buf_incrpos(keyblob, numbers[5].bytes);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
989
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
990 nnumbers = 6;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
991 header = "-----BEGIN DSA PRIVATE KEY-----\n";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
992 footer = "-----END DSA PRIVATE KEY-----\n";
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
993 }
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
994 #endif /* DROPBEAR_DSS */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
995
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
996 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
997 * Now count up the total size of the ASN.1 encoded integers,
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
998 * so as to determine the length of the containing SEQUENCE.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
999 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1000 len = 0;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1001 for (i = 0; i < nnumbers; i++) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1002 len += ber_write_id_len(NULL, 2, numbers[i].bytes, 0);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1003 len += numbers[i].bytes;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1004 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1005 seqlen = len;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1006 /* Now add on the SEQUENCE header. */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1007 len += ber_write_id_len(NULL, 16, seqlen, ASN1_CONSTRUCTED);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1008 /* Round up to the cipher block size, ensuring we have at least one
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1009 * byte of padding (see below). */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1010 outlen = len;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1011 if (passphrase)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1012 outlen = (outlen+8) &~ 7;
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1013
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1014 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1015 * Now we know how big outblob needs to be. Allocate it.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1016 */
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1017 outblob = (unsigned char*)m_malloc(outlen);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1018
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1019 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1020 * And write the data into it.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1021 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1022 pos = 0;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1023 pos += ber_write_id_len(outblob+pos, 16, seqlen, ASN1_CONSTRUCTED);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1024 for (i = 0; i < nnumbers; i++) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1025 pos += ber_write_id_len(outblob+pos, 2, numbers[i].bytes, 0);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1026 memcpy(outblob+pos, numbers[i].start, numbers[i].bytes);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1027 pos += numbers[i].bytes;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1028 }
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
1029 } /* end RSA and DSS handling */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1030
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1031 #ifdef DROPBEAR_ECDSA
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1032 if (key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP256
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1033 || key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1034 || key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1035
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1036 /* SEC1 V2 appendix c.4
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1037 ECPrivateKey ::= SEQUENCE {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1038 version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1039 privateKey OCTET STRING,
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1040 parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL,
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1041 publicKey [1] BIT STRING OPTIONAL
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1042 }
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1043 */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1044 buffer *seq_buf = buf_new(400);
846
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 845
diff changeset
1045 ecc_key **eck = (ecc_key**)signkey_key_ptr(key, key->type);
b298bb438625 refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents: 845
diff changeset
1046 const long curve_size = (*eck)->dp->size;
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1047 int curve_oid_len = 0;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1048 const void* curve_oid = NULL;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1049 unsigned long pubkey_size = 2*curve_size+1;
1089
d144a6bece53 Uses k_size as an signed integer
Gaël PORTAY <gael.portay@gmail.com>
parents: 1045
diff changeset
1050 int k_size;
1038
d3925ed45a85 Fix for old compilers, variable declarations at beginning of functions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1002
diff changeset
1051 int err = 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1052
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1053 /* version. less than 10 bytes */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1054 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1055 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 2, 1, 0));
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1056 buf_putbyte(seq_buf, 1);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1057
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1058 /* privateKey */
867
d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
1059 k_size = mp_unsigned_bin_size((*eck)->k);
d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
1060 dropbear_assert(k_size <= curve_size);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1061 buf_incrwritepos(seq_buf,
867
d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
1062 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 4, k_size, 0));
1250
2bb4c662d1c2 more hard tab
Francois Perrad <francois.perrad@gadz.org>
parents: 1124
diff changeset
1063 mp_to_unsigned_bin((*eck)->k, buf_getwriteptr(seq_buf, k_size));
867
d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
1064 buf_incrwritepos(seq_buf, k_size);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1065
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1066 /* SECGCurveNames */
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1067 switch (key->type)
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1068 {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1069 case DROPBEAR_SIGNKEY_ECDSA_NISTP256:
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1070 curve_oid_len = sizeof(OID_SEC256R1_BLOB);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1071 curve_oid = OID_SEC256R1_BLOB;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1072 break;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1073 case DROPBEAR_SIGNKEY_ECDSA_NISTP384:
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1074 curve_oid_len = sizeof(OID_SEC384R1_BLOB);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1075 curve_oid = OID_SEC384R1_BLOB;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1076 break;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1077 case DROPBEAR_SIGNKEY_ECDSA_NISTP521:
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1078 curve_oid_len = sizeof(OID_SEC521R1_BLOB);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1079 curve_oid = OID_SEC521R1_BLOB;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1080 break;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1081 default:
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1082 dropbear_exit("Internal error");
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1083 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1084
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1085 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1086 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 0, 2+curve_oid_len, 0xa0));
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 849
diff changeset
1087 /* object == 6 */
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1088 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1089 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 6, curve_oid_len, 0));
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1090 buf_putbytes(seq_buf, curve_oid, curve_oid_len);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1091
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1092 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1093 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 1, 2+1+pubkey_size, 0xa0));
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1094 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1095 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 3, 1+pubkey_size, 0));
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1096 buf_putbyte(seq_buf, 0);
1038
d3925ed45a85 Fix for old compilers, variable declarations at beginning of functions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1002
diff changeset
1097 err = ecc_ansi_x963_export(*eck, buf_getwriteptr(seq_buf, pubkey_size), &pubkey_size);
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1098 if (err != CRYPT_OK) {
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1099 dropbear_exit("ECC error");
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1100 }
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1101 buf_incrwritepos(seq_buf, pubkey_size);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1102
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1103 buf_setpos(seq_buf, 0);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1104
867
d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
1105 outblob = (unsigned char*)m_malloc(1000);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1106
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1107 pos = 0;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1108 pos += ber_write_id_len(outblob+pos, 16, seq_buf->len, ASN1_CONSTRUCTED);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1109 memcpy(&outblob[pos], seq_buf->data, seq_buf->len);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1110 pos += seq_buf->len;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1111 len = pos;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1112 outlen = len;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1113
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1114 buf_burn(seq_buf);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1115 buf_free(seq_buf);
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1116 seq_buf = NULL;
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1117
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1118 header = "-----BEGIN EC PRIVATE KEY-----\n";
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1119 footer = "-----END EC PRIVATE KEY-----\n";
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1120 }
836
d7d9f1612d51 writing out openssh ecc keys works
Matt Johnston <matt@ucc.asn.au>
parents: 807
diff changeset
1121 #endif
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1122
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1123 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1124 * Padding on OpenSSH keys is deterministic. The number of
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1125 * padding bytes is always more than zero, and always at most
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1126 * the cipher block length. The value of each padding byte is
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1127 * equal to the number of padding bytes. So a plaintext that's
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1128 * an exact multiple of the block size will be padded with 08
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1129 * 08 08 08 08 08 08 08 (assuming a 64-bit block cipher); a
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1130 * plaintext one byte less than a multiple of the block size
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1131 * will be padded with just 01.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1132 *
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1133 * This enables the OpenSSL key decryption function to strip
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1134 * off the padding algorithmically and return the unpadded
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1135 * plaintext to the next layer: it looks at the final byte, and
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1136 * then expects to find that many bytes at the end of the data
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1137 * with the same value. Those are all removed and the rest is
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1138 * returned.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1139 */
241
c5d3ef11155f * use own assertions which should get logged properly
Matt Johnston <matt@ucc.asn.au>
parents: 87
diff changeset
1140 dropbear_assert(pos == len);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1141 while (pos < outlen) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1142 outblob[pos++] = outlen - len;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1143 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1144
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1145 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1146 * Encrypt the key.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1147 */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1148 if (passphrase) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1149 fprintf(stderr, "Encrypted keys aren't supported currently\n");
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1150 goto error;
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1151 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1152
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1153 /*
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1154 * And save it. We'll use Unix line endings just in case it's
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1155 * subsequently transferred in binary mode.
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1156 */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1157 if (strlen(filename) == 1 && filename[0] == '-') {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1158 fp = stdout;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1159 } else {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1160 fp = fopen(filename, "wb"); /* ensure Unix line endings */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1161 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1162 if (!fp) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1163 fprintf(stderr, "Failed opening output file\n");
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1164 goto error;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1165 }
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1166 fputs(header, fp);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1167 base64_encode_fp(fp, outblob, outlen, 64);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1168 fputs(footer, fp);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1169 fclose(fp);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1170 ret = 1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1171
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1172 error:
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1173 if (outblob) {
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1174 memset(outblob, 0, outlen);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1175 m_free(outblob);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1176 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1177 if (keyblob) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1178 buf_burn(keyblob);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1179 buf_free(keyblob);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1180 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1181 if (extrablob) {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1182 buf_burn(extrablob);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1183 buf_free(extrablob);
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1184 }
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1185 return ret;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1186 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1187
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1188 #if 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1189 /* XXX TODO ssh.com stuff isn't going yet */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1190
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1191 /* ----------------------------------------------------------------------
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1192 * Code to read ssh.com private keys.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1193 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1194
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1195 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1196 * The format of the base64 blob is largely ssh2-packet-formatted,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1197 * except that mpints are a bit different: they're more like the
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1198 * old ssh1 mpint. You have a 32-bit bit count N, followed by
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1199 * (N+7)/8 bytes of data.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1200 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1201 * So. The blob contains:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1202 *
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1203 * - uint32 0x3f6ff9eb (magic number)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1204 * - uint32 size (total blob size)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1205 * - string key-type (see below)
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1206 * - string cipher-type (tells you if key is encrypted)
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1207 * - string encrypted-blob
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1208 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1209 * (The first size field includes the size field itself and the
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1210 * magic number before it. All other size fields are ordinary ssh2
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1211 * strings, so the size field indicates how much data is to
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1212 * _follow_.)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1213 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1214 * The encrypted blob, once decrypted, contains a single string
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1215 * which in turn contains the payload. (This allows padding to be
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1216 * added after that string while still making it clear where the
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1217 * real payload ends. Also it probably makes for a reasonable
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1218 * decryption check.)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1219 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1220 * The payload blob, for an RSA key, contains:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1221 * - mpint e
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1222 * - mpint d
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1223 * - mpint n (yes, the public and private stuff is intermixed)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1224 * - mpint u (presumably inverse of p mod q)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1225 * - mpint p (p is the smaller prime)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1226 * - mpint q (q is the larger)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1227 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1228 * For a DSA key, the payload blob contains:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1229 * - uint32 0
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1230 * - mpint p
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1231 * - mpint g
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1232 * - mpint q
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1233 * - mpint y
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1234 * - mpint x
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1235 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1236 * Alternatively, if the parameters are `predefined', that
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1237 * (0,p,g,q) sequence can be replaced by a uint32 1 and a string
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1238 * containing some predefined parameter specification. *shudder*,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1239 * but I doubt we'll encounter this in real life.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1240 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1241 * The key type strings are ghastly. The RSA key I looked at had a
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1242 * type string of
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1243 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1244 * `if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}'
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1245 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1246 * and the DSA key wasn't much better:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1247 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1248 * `dl-modp{sign{dsa-nist-sha1},dh{plain}}'
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1249 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1250 * It isn't clear that these will always be the same. I think it
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1251 * might be wise just to look at the `if-modn{sign{rsa' and
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1252 * `dl-modp{sign{dsa' prefixes.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1253 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1254 * Finally, the encryption. The cipher-type string appears to be
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1255 * either `none' or `3des-cbc'. Looks as if this is SSH2-style
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1256 * 3des-cbc (i.e. outer cbc rather than inner). The key is created
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1257 * from the passphrase by means of yet another hashing faff:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1258 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1259 * - first 16 bytes are MD5(passphrase)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1260 * - next 16 bytes are MD5(passphrase || first 16 bytes)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1261 * - if there were more, they'd be MD5(passphrase || first 32),
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1262 * and so on.
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1263 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1264
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1265 #define SSHCOM_MAGIC_NUMBER 0x3f6ff9eb
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1266
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1267 struct sshcom_key {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1268 char comment[256]; /* allowing any length is overkill */
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1269 unsigned char *keyblob;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1270 int keyblob_len, keyblob_size;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1271 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1272
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1273 static struct sshcom_key *load_sshcom_key(const char *filename)
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1274 {
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1275 struct sshcom_key *ret;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1276 FILE *fp;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1277 char buffer[256];
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1278 int len;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1279 char *errmsg, *p;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1280 int headers_done;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1281 char base64_bit[4];
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1282 int base64_chars = 0;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1283
1306
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1284 ret = snew(struct sshcom_key);
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1285 ret->comment[0] = '\0';
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1286 ret->keyblob = NULL;
34e6127ef02e merge fixes from PuTTY import.c
Matt Johnston <matt@ucc.asn.au>
parents: 1250
diff changeset
1287 ret->keyblob_len = ret->keyblob_size = 0;