dropbear: keyimport.c annotate

annotate keyimport.c @ 1306:34e6127ef02e

merge fixes from PuTTY import.c toint() from misc.c (revids are from hggit conversion) changeset: 4620:60a336a6c85c user: Simon Tatham <[email protected]> date: Thu Feb 25 20:26:33 2016 +0000 files: import.c description: Fix potential segfaults in reading OpenSSH's ASN.1 key format. The length coming back from ber_read_id_len might have overflowed, so treat it as potentially negative. Also, while I'm here, accumulate it inside ber_read_id_len as an unsigned, so as to avoid undefined behaviour on integer overflow, and toint() it before return. Thanks to Hanno Böck for spotting this, with the aid of AFL. (cherry picked from commit 5b7833cd474a24ec098654dcba8cb9509f3bf2c1) Conflicts: import.c (cherry-picker's note: resolving the conflict involved removing an entire section of the original commit which fixed ECDSA code not present on this branch) changeset: 4619:9c6c638d98d8 user: Simon Tatham <[email protected]> date: Sun Jul 14 10:45:54 2013 +0000 files: import.c ssh.c sshdss.c sshpubk.c sshrsa.c description: Tighten up a lot of casts from unsigned to int which are read by one of the GET_32BIT macros and then used as length fields. Missing bounds checks against zero have been added, and also I've introduced a helper function toint() which casts from unsigned to int in such a way as to avoid C undefined behaviour, since I'm not sure I trust compilers any more to do the obviously sensible thing. [originally from svn r9918] changeset: 4618:3957829f24d3 user: Simon Tatham <[email protected]> date: Mon Jul 08 22:36:04 2013 +0000 files: import.c sshdss.c sshrsa.c description: Add an assortment of extra safety checks. [originally from svn r9896] changeset: 4617:2cddee0bce12 user: Jacob Nevins <[email protected]> date: Wed Dec 07 00:24:45 2005 +0000 files: import.c description: Institutional failure to memset() things pointed at rather than pointers. Things should now be zeroed and memory not leaked. Spotted by Brant Thomsen. [originally from svn r6476] changeset: 4616:24ac78a9c71d user: Simon Tatham <[email protected]> date: Wed Feb 11 13:58:27 2004 +0000 files: import.c description: Jacob's last-minute testing found a couple of trivial bugs in import.c, and my attempts to reproduce them in cmdgen found another one there :-) [originally from svn r3847] changeset: 4615:088d39a73db0 user: Simon Tatham <[email protected]> date: Thu Jan 22 18:52:49 2004 +0000 files: import.c description: Placate some gcc warnings. [originally from svn r3761] changeset: 4614:e4288bad4d93 parent: 1758:108b8924593d user: Simon Tatham <[email protected]> date: Fri Oct 03 21:21:23 2003 +0000 files: import.c description: My ASN.1 decoder returned wrong IDs for anything above 0x1E! Good job it's never had to yet. Ahem. [originally from svn r3479]

author	Matt Johnston <matt@ucc.asn.au>
date	Tue, 12 Jul 2016 23:00:01 +0800
parents	2bb4c662d1c2
children	ad9c40aca3bc

rev	line source
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 /*
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 * Based on PuTTY's import.c for importing/exporting OpenSSH and SSH.com
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 * keyfiles.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	5 * Modifications copyright 2003 Matt Johnston
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	6 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7 * PuTTY is copyright 1997-2003 Simon Tatham.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9 * Portions copyright Robert de Bath, Joris van Rantwijk, Delian
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	10 * Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 * Justin Bradford, and CORE SDI S.A.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	12 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13 * Permission is hereby granted, free of charge, to any person
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14 * obtaining a copy of this software and associated documentation files
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15 * (the "Software"), to deal in the Software without restriction,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	16 * including without limitation the rights to use, copy, modify, merge,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	17 * publish, distribute, sublicense, and/or sell copies of the Software,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	18 * and to permit persons to whom the Software is furnished to do so,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	19 * subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	20 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	21 * The above copyright notice and this permission notice shall be
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	22 * included in all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	23 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	25 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	26 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	27 * NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	28 * FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	29 * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	30 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	31 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	32
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	33 #include "keyimport.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	34 #include "bignum.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	35 #include "buffer.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	36 #include "dbutil.h"
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	37 #include "ecc.h"
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	38
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	39 static const unsigned char OID_SEC256R1_BLOB[] = {0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07};
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	40 static const unsigned char OID_SEC384R1_BLOB[] = {0x2b, 0x81, 0x04, 0x00, 0x22};
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	41 static const unsigned char OID_SEC521R1_BLOB[] = {0x2b, 0x81, 0x04, 0x00, 0x23};
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	42
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	43 #define PUT_32BIT(cp, value) do { \
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	44 (cp)[3] = (unsigned char)(value); \
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	45 (cp)[2] = (unsigned char)((value) >> 8); \
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	46 (cp)[1] = (unsigned char)((value) >> 16); \
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	47 (cp)[0] = (unsigned char)((value) >> 24); } while (0)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	48
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	49 #define GET_32BIT(cp) \
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	50 (((unsigned long)(unsigned char)(cp)[0] << 24) \| \
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	51 ((unsigned long)(unsigned char)(cp)[1] << 16) \| \
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	52 ((unsigned long)(unsigned char)(cp)[2] << 8) \| \
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	53 ((unsigned long)(unsigned char)(cp)[3]))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	54
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	55 static int openssh_encrypted(const char *filename);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	56 static sign_key openssh_read(const char filename, char *passphrase);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	57 static int openssh_write(const char filename, sign_key key,
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	58 char *passphrase);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	59
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	60 static int dropbear_write(const charfilename, sign_key key);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	61 static sign_key dropbear_read(const char filename);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	62
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	63 static int toint(unsigned u);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	64
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	65 #if 0
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	66 static int sshcom_encrypted(const char filename, char *comment);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	67 static struct ssh2_userkey sshcom_read(const char filename, char *passphrase);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	68 static int sshcom_write(const char filename, struct ssh2_userkey key,
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	69 char *passphrase);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	70 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	71
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	72 int import_encrypted(const char* filename, int filetype) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	73
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	74 if (filetype == KEYFILE_OPENSSH) {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	75 return openssh_encrypted(filename);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	76 #if 0
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	77 } else if (filetype == KEYFILE_SSHCOM) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	78 return sshcom_encrypted(filename, NULL);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	79 #endif
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	80 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	81 return 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	82 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	83
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	84 sign_key import_read(const char filename, char *passphrase, int filetype) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	85
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	86 if (filetype == KEYFILE_OPENSSH) {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	87 return openssh_read(filename, passphrase);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	88 } else if (filetype == KEYFILE_DROPBEAR) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	89 return dropbear_read(filename);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	90 #if 0
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	91 } else if (filetype == KEYFILE_SSHCOM) {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	92 return sshcom_read(filename, passphrase);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	93 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	94 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	95 return NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	96 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	97
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	98 int import_write(const char filename, sign_key key, char *passphrase,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	99 int filetype) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	100
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	101 if (filetype == KEYFILE_OPENSSH) {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	102 return openssh_write(filename, key, passphrase);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	103 } else if (filetype == KEYFILE_DROPBEAR) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	104 return dropbear_write(filename, key);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	105 #if 0
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	106 } else if (filetype == KEYFILE_SSHCOM) {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	107 return sshcom_write(filename, key, passphrase);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	108 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	109 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	110 return 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	111 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	112
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	113 static sign_key dropbear_read(const char filename) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	114
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	115 buffer * buf = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	116 sign_key *ret = NULL;
846 b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 845 diff changeset	117 enum signkey_type type;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	118
73 0bf5cebe622c Dropbearkey can now print out pubkey portions Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	119 buf = buf_new(MAX_PRIVKEY_SIZE);
0bf5cebe622c Dropbearkey can now print out pubkey portions Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	120 if (buf_readfile(buf, filename) == DROPBEAR_FAILURE) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	121 goto error;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	122 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	123
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	124 buf_setpos(buf, 0);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	125 ret = new_sign_key();
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	126
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	127 type = DROPBEAR_SIGNKEY_ANY;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	128 if (buf_get_priv_key(buf, ret, &type) == DROPBEAR_FAILURE){
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	129 goto error;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	130 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	131 buf_free(buf);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	132
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	133 ret->type = type;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	134
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	135 return ret;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	136
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	137 error:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	138 if (buf) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	139 buf_free(buf);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	140 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	141 if (ret) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	142 sign_key_free(ret);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	143 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	144 return NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	145 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	146
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	147 /* returns 0 on fail, 1 on success */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	148 static int dropbear_write(const charfilename, sign_key key) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	149
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	150 buffer * buf;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	151 FILE*fp;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	152 int len;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	153 int ret;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	154
73 0bf5cebe622c Dropbearkey can now print out pubkey portions Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	155 buf = buf_new(MAX_PRIVKEY_SIZE);
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	156 buf_put_priv_key(buf, key, key->type);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	157
87 680a0bc9df0a Some small fixes for unused vars, and old messages Matt Johnston <matt@ucc.asn.au> parents: 73 diff changeset	158 fp = fopen(filename, "w");
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	159 if (!fp) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	160 ret = 0;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	161 goto out;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	162 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	163
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	164 buf_setpos(buf, 0);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	165 do {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	166 len = fwrite(buf_getptr(buf, buf->len - buf->pos),
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	167 1, buf->len - buf->pos, fp);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	168 buf_incrpos(buf, len);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	169 } while (len > 0 && buf->len != buf->pos);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	170
256 ac890087b8c1 * keyimport.c: fclose() the key file to make sure data gets written Matt Johnston <matt@ucc.asn.au> parents: 241 diff changeset	171 fclose(fp);
ac890087b8c1 * keyimport.c: fclose() the key file to make sure data gets written Matt Johnston <matt@ucc.asn.au> parents: 241 diff changeset	172
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	173 if (buf->pos != buf->len) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	174 ret = 0;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	175 } else {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	176 ret = 1;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	177 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	178 out:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	179 buf_free(buf);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	180 return ret;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	181 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	182
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	183
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	184 /* ----------------------------------------------------------------------
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	185 * Helper routines. (The base64 ones are defined in sshpubk.c.)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	186 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	187
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	188 #define isbase64(c) ( ((c) >= 'A' && (c) <= 'Z') \|\| \
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	189 ((c) >= 'a' && (c) <= 'z') \|\| \
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	190 ((c) >= '0' && (c) <= '9') \|\| \
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	191 (c) == '+' \|\| (c) == '/' \|\| (c) == '=' \
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	192 )
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	193
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	194 /* cpl has to be less than 100 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	195 static void base64_encode_fp(FILE * fp, unsigned char *data,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	196 int datalen, int cpl)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	197 {
1094 c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign] Gaël PORTAY <gael.portay@gmail.com> parents: 1089 diff changeset	198 unsigned char out[100];
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1124 diff changeset	199 int n;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	200 unsigned long outlen;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	201 int rawcpl;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	202 rawcpl = cpl * 3 / 4;
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 87 diff changeset	203 dropbear_assert((unsigned int)cpl < sizeof(out));
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	204
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1124 diff changeset	205 while (datalen > 0) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	206 n = (datalen < rawcpl ? datalen : rawcpl);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	207 outlen = sizeof(out);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	208 base64_encode(data, n, out, &outlen);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	209 data += n;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	210 datalen -= n;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	211 fwrite(out, 1, outlen, fp);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	212 fputc('\n', fp);
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1124 diff changeset	213 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	214 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	215 /*
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	216 * Read an ASN.1/BER identifier and length pair.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	217 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	218 * Flags are a combination of the #defines listed below.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	219 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	220 * Returns -1 if unsuccessful; otherwise returns the number of
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	221 * bytes used out of the source data.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	222 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	223
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	224 /* ASN.1 tag classes. */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	225 #define ASN1_CLASS_UNIVERSAL (0 << 6)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	226 #define ASN1_CLASS_APPLICATION (1 << 6)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	227 #define ASN1_CLASS_CONTEXT_SPECIFIC (2 << 6)
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	228 #define ASN1_CLASS_PRIVATE (3 << 6)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	229 #define ASN1_CLASS_MASK (3 << 6)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	230
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	231 /* Primitive versus constructed bit. */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	232 #define ASN1_CONSTRUCTED (1 << 5)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	233
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	234 static int ber_read_id_len(void *source, int sourcelen,
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	235 int id, int length, int *flags)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	236 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	237 unsigned char p = (unsigned char ) source;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	238
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	239 if (sourcelen == 0)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	240 return -1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	241
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	242 flags = (p & 0xE0);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	243 if ((*p & 0x1F) == 0x1F) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	244 *id = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	245 while (*p & 0x80) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	246 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	247 if (sourcelen == 0)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	248 return -1;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	249 id = (id << 7) \| (*p & 0x7F);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	250 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	251 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	252 } else {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	253 id = p & 0x1F;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	254 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	255 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	256
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	257 if (sourcelen == 0)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	258 return -1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	259
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	260 if (*p & 0x80) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	261 unsigned len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	262 int n = *p & 0x7F;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	263 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	264 if (sourcelen < n)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	265 return -1;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	266 len = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	267 while (n--)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	268 len = (len << 8) \| (*p++);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	269 sourcelen -= n;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	270 *length = toint(len);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	271 } else {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	272 length = p;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	273 p++, sourcelen--;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	274 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	275
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	276 return p - (unsigned char *) source;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	277 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	278
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	279 /*
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	280 * Write an ASN.1/BER identifier and length pair. Returns the
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	281 * number of bytes consumed. Assumes dest contains enough space.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	282 * Will avoid writing anything if dest is NULL, but still return
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	283 * amount of space required.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	284 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	285 static int ber_write_id_len(void *dest, int id, int length, int flags)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	286 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	287 unsigned char d = (unsigned char )dest;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	288 int len = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	289
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	290 if (id <= 30) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	291 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	292 * Identifier is one byte.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	293 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	294 len++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	295 if (d) *d++ = id \| flags;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	296 } else {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	297 int n;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	298 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	299 * Identifier is multiple bytes: the first byte is 11111
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	300 * plus the flags, and subsequent bytes encode the value of
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	301 * the identifier, 7 bits at a time, with the top bit of
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	302 * each byte 1 except the last one which is 0.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	303 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	304 len++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	305 if (d) *d++ = 0x1F \| flags;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	306 for (n = 1; (id >> (7*n)) > 0; n++)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	307 continue; /* count the bytes */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	308 while (n--) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	309 len++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	310 if (d) d++ = (n ? 0x80 : 0) \| ((id >> (7n)) & 0x7F);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	311 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	312 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	313
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	314 if (length < 128) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	315 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	316 * Length is one byte.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	317 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	318 len++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	319 if (d) *d++ = length;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	320 } else {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	321 int n;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	322 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	323 * Length is multiple bytes. The first is 0x80 plus the
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	324 * number of subsequent bytes, and the subsequent bytes
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	325 * encode the actual length.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	326 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	327 for (n = 1; (length >> (8*n)) > 0; n++)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	328 continue; /* count the bytes */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	329 len++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	330 if (d) *d++ = 0x80 \| n;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	331 while (n--) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	332 len++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	333 if (d) d++ = (length >> (8n)) & 0xFF;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	334 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	335 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	336
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	337 return len;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	338 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	339
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	340
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	341 /* Simple structure to point to an mp-int within a blob. */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	342 struct mpint_pos { void *start; int bytes; };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	343
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	344 /* ----------------------------------------------------------------------
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	345 * Code to read and write OpenSSH private keys.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	346 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	347
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 491 diff changeset	348 enum { OSSH_DSA, OSSH_RSA, OSSH_EC };
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	349 struct openssh_key {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	350 int type;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	351 int encrypted;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	352 char iv[32];
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	353 unsigned char *keyblob;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	354 unsigned int keyblob_len, keyblob_size;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	355 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	356
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	357 static struct openssh_key load_openssh_key(const char filename)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	358 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	359 struct openssh_key *ret;
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 256 diff changeset	360 FILE *fp = NULL;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	361 char buffer[256];
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	362 char errmsg = NULL, p = NULL;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	363 int headers_done;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	364 unsigned long len, outlen;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	365
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	366 ret = (struct openssh_key*)m_malloc(sizeof(struct openssh_key));
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	367 ret->keyblob = NULL;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	368 ret->keyblob_len = ret->keyblob_size = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	369 ret->encrypted = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	370 memset(ret->iv, 0, sizeof(ret->iv));
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	371
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	372 if (strlen(filename) == 1 && filename[0] == '-') {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	373 fp = stdin;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	374 } else {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	375 fp = fopen(filename, "r");
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	376 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	377 if (!fp) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	378 errmsg = "Unable to open key file";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	379 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	380 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	381 if (!fgets(buffer, sizeof(buffer), fp) \|\|
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	382 0 != strncmp(buffer, "-----BEGIN ", 11) \|\|
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	383 0 != strcmp(buffer+strlen(buffer)-17, "PRIVATE KEY-----\n")) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	384 errmsg = "File does not begin with OpenSSH key header";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	385 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	386 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	387 if (!strcmp(buffer, "-----BEGIN RSA PRIVATE KEY-----\n"))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	388 ret->type = OSSH_RSA;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	389 else if (!strcmp(buffer, "-----BEGIN DSA PRIVATE KEY-----\n"))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	390 ret->type = OSSH_DSA;
793 70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 491 diff changeset	391 else if (!strcmp(buffer, "-----BEGIN EC PRIVATE KEY-----\n"))
70625eed40c9 A bit of work on ecdsa for host/auth keys Matt Johnston <matt@ucc.asn.au> parents: 491 diff changeset	392 ret->type = OSSH_EC;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	393 else {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	394 errmsg = "Unrecognised key type";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	395 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	396 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	397
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	398 headers_done = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	399 while (1) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	400 if (!fgets(buffer, sizeof(buffer), fp)) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	401 errmsg = "Unexpected end of file";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	402 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	403 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	404 if (0 == strncmp(buffer, "-----END ", 9) &&
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	405 0 == strcmp(buffer+strlen(buffer)-17, "PRIVATE KEY-----\n"))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	406 break; /* done */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	407 if ((p = strchr(buffer, ':')) != NULL) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	408 if (headers_done) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	409 errmsg = "Header found in body of key data";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	410 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	411 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	412 *p++ = '\0';
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	413 while (p && isspace((unsigned char)p)) p++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	414 if (!strcmp(buffer, "Proc-Type")) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	415 if (p[0] != '4' \|\| p[1] != ',') {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	416 errmsg = "Proc-Type is not 4 (only 4 is supported)";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	417 goto error;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	418 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	419 p += 2;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	420 if (!strcmp(p, "ENCRYPTED\n"))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	421 ret->encrypted = 1;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	422 } else if (!strcmp(buffer, "DEK-Info")) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	423 int i, j;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	424
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	425 if (strncmp(p, "DES-EDE3-CBC,", 13)) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	426 errmsg = "Ciphers other than DES-EDE3-CBC not supported";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	427 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	428 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	429 p += 13;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	430 for (i = 0; i < 8; i++) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	431 if (1 != sscanf(p, "%2x", &j))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	432 break;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	433 ret->iv[i] = j;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	434 p += 2;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	435 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	436 if (i < 8) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	437 errmsg = "Expected 16-digit iv in DEK-Info";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	438 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	439 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	440 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	441 } else {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	442 headers_done = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	443 len = strlen(buffer);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	444 outlen = len*4/3;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	445 if (ret->keyblob_len + outlen > ret->keyblob_size) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	446 ret->keyblob_size = ret->keyblob_len + outlen + 256;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	447 ret->keyblob = (unsigned char*)m_realloc(ret->keyblob,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	448 ret->keyblob_size);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	449 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	450 outlen = ret->keyblob_size - ret->keyblob_len;
1094 c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign] Gaël PORTAY <gael.portay@gmail.com> parents: 1089 diff changeset	451 if (base64_decode((const unsigned char *)buffer, len,
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	452 ret->keyblob + ret->keyblob_len, &outlen) != CRYPT_OK){
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	453 errmsg = "Error decoding base64";
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	454 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	455 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	456 ret->keyblob_len += outlen;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	457 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	458 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	459
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	460 if (ret->keyblob_len == 0 \|\| !ret->keyblob) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	461 errmsg = "Key body not present";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	462 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	463 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	464
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	465 if (ret->encrypted && ret->keyblob_len % 8 != 0) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	466 errmsg = "Encrypted key blob is not a multiple of cipher block size";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	467 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	468 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	469
1045 31727a8abd4b Use m_burn rather than memset Thorsten Horstmann <thorsten.horstmann@web.de> parents: 1038 diff changeset	470 m_burn(buffer, sizeof(buffer));
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	471 return ret;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	472
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	473 error:
1045 31727a8abd4b Use m_burn rather than memset Thorsten Horstmann <thorsten.horstmann@web.de> parents: 1038 diff changeset	474 m_burn(buffer, sizeof(buffer));
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	475 if (ret) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	476 if (ret->keyblob) {
1045 31727a8abd4b Use m_burn rather than memset Thorsten Horstmann <thorsten.horstmann@web.de> parents: 1038 diff changeset	477 m_burn(ret->keyblob, ret->keyblob_size);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	478 m_free(ret->keyblob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	479 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	480 m_free(ret);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	481 }
340 454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 256 diff changeset	482 if (fp) {
454a34b2dfd1 Fixes from Erik Hovland: Matt Johnston <matt@ucc.asn.au> parents: 256 diff changeset	483 fclose(fp);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	484 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	485 if (errmsg) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	486 fprintf(stderr, "Error: %s\n", errmsg);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	487 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	488 return NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	489 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	490
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	491 static int openssh_encrypted(const char *filename)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	492 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	493 struct openssh_key *key = load_openssh_key(filename);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	494 int ret;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	495
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	496 if (!key)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	497 return 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	498 ret = key->encrypted;
1045 31727a8abd4b Use m_burn rather than memset Thorsten Horstmann <thorsten.horstmann@web.de> parents: 1038 diff changeset	499 m_burn(key->keyblob, key->keyblob_size);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	500 m_free(key->keyblob);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	501 m_free(key);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	502 return ret;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	503 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	504
846 b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 845 diff changeset	505 static sign_key openssh_read(const char filename, char * UNUSED(passphrase))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	506 {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	507 struct openssh_key *key;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	508 unsigned char *p;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	509 int ret, id, len, flags;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	510 int i, num_integers = 0;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	511 sign_key *retval = NULL;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	512 char *errmsg;
1119 845922d73e9c Turn modptr local variable into unsigned char * Gaël PORTAY <gael.portay@gmail.com> parents: 1094 diff changeset	513 unsigned char *modptr = NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	514 int modlen = -9999;
846 b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 845 diff changeset	515 enum signkey_type type;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	516
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	517 sign_key *retkey;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	518 buffer * blobbuf = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	519
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	520 retkey = new_sign_key();
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	521
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	522 key = load_openssh_key(filename);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	523
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	524 if (!key)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	525 return NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	526
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	527 if (key->encrypted) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	528 errmsg = "encrypted keys not supported currently";
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	529 goto error;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	530 #if 0
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	531 /* matt TODO */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	532 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	533 * Derive encryption key from passphrase and iv/salt:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	534 *
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	535 * - let block A equal MD5(passphrase \|\| iv)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	536 * - let block B equal MD5(A \|\| passphrase \|\| iv)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	537 * - block C would be MD5(B \|\| passphrase \|\| iv) and so on
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	538 * - encryption key is the first N bytes of A \|\| B
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	539 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	540 struct MD5Context md5c;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	541 unsigned char keybuf[32];
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	542
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	543 MD5Init(&md5c);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	544 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	545 MD5Update(&md5c, (unsigned char *)key->iv, 8);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	546 MD5Final(keybuf, &md5c);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	547
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	548 MD5Init(&md5c);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	549 MD5Update(&md5c, keybuf, 16);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	550 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	551 MD5Update(&md5c, (unsigned char *)key->iv, 8);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	552 MD5Final(keybuf+16, &md5c);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	553
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	554 /*
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	555 * Now decrypt the key blob.
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	556 */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	557 des3_decrypt_pubkey_ossh(keybuf, (unsigned char *)key->iv,
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	558 key->keyblob, key->keyblob_len);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	559
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	560 memset(&md5c, 0, sizeof(md5c));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	561 memset(keybuf, 0, sizeof(keybuf));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	562 #endif
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	563 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	564
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	565 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	566 * Now we have a decrypted key blob, which contains an ASN.1
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	567 * encoded private key. We must now untangle the ASN.1.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	568 *
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	569 * We expect the whole key blob to be formatted as a SEQUENCE
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	570 * (0x30 followed by a length code indicating that the rest of
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	571 * the blob is part of the sequence). Within that SEQUENCE we
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	572 * expect to see a bunch of INTEGERs. What those integers mean
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	573 * depends on the key type:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	574 *
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	575 * - For RSA, we expect the integers to be 0, n, e, d, p, q,
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	576 * dmp1, dmq1, iqmp in that order. (The last three are d mod
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	577 * (p-1), d mod (q-1), inverse of q mod p respectively.)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	578 *
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	579 * - For DSA, we expect them to be 0, p, q, g, y, x in that
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	580 * order.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	581 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	582
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	583 p = key->keyblob;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	584
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	585 /* Expect the SEQUENCE header. Take its absence as a failure to decrypt. */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	586 ret = ber_read_id_len(p, key->keyblob_len, &id, &len, &flags);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	587 p += ret;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	588 if (ret < 0 \|\| id != 16 \|\| len < 0 \|\|
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	589 key->keyblob+key->keyblob_len-p < len) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	590 errmsg = "ASN.1 decoding failure - wrong password?";
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	591 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	592 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	593
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	594 /* Expect a load of INTEGERs. */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	595 if (key->type == OSSH_RSA)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	596 num_integers = 9;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	597 else if (key->type == OSSH_DSA)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	598 num_integers = 6;
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	599 else if (key->type == OSSH_EC)
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	600 num_integers = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	601
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	602 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	603 * Space to create key blob in.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	604 */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	605 blobbuf = buf_new(3000);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	606
935 25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	607 #ifdef DROPBEAR_DSS
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	608 if (key->type == OSSH_DSA) {
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1119 diff changeset	609 buf_putstring(blobbuf, "ssh-dss", 7);
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	610 retkey->type = DROPBEAR_SIGNKEY_DSS;
935 25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	611 }
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	612 #endif
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	613 #ifdef DROPBEAR_RSA
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	614 if (key->type == OSSH_RSA) {
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1119 diff changeset	615 buf_putstring(blobbuf, "ssh-rsa", 7);
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	616 retkey->type = DROPBEAR_SIGNKEY_RSA;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	617 }
935 25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	618 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	619
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	620 for (i = 0; i < num_integers; i++) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	621 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	622 &id, &len, &flags);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	623 p += ret;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	624 if (ret < 0 \|\| id != 2 \|\| len < 0 \|\|
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	625 key->keyblob+key->keyblob_len-p < len) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	626 errmsg = "ASN.1 decoding failure";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	627 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	628 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	629
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	630 if (i == 0) {
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	631 /* First integer is a version indicator */
991 4f65c867fc99 Fix variables may be uninitialized. Like Ma <likemartinma@gmail.com> parents: 935 diff changeset	632 int expected = -1;
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	633 switch (key->type) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	634 case OSSH_RSA:
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	635 case OSSH_DSA:
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	636 expected = 0;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	637 break;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	638 case OSSH_EC:
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	639 expected = 1;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	640 break;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	641 }
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	642 if (len != 1 \|\| p[0] != expected) {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	643 errmsg = "Version number mismatch";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	644 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	645 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	646 } else if (key->type == OSSH_RSA) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	647 /*
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	648 * OpenSSH key order is n, e, d, p, q, dmp1, dmq1, iqmp
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	649 * but we want e, n, d, p, q
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	650 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	651 if (i == 1) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	652 /* Save the details for after we deal with number 2. */
1119 845922d73e9c Turn modptr local variable into unsigned char * Gaël PORTAY <gael.portay@gmail.com> parents: 1094 diff changeset	653 modptr = p;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	654 modlen = len;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	655 } else if (i >= 2 && i <= 5) {
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1119 diff changeset	656 buf_putstring(blobbuf, (const char*)p, len);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	657 if (i == 2) {
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1119 diff changeset	658 buf_putstring(blobbuf, (const char*)modptr, modlen);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	659 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	660 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	661 } else if (key->type == OSSH_DSA) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	662 /*
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	663 * OpenSSH key order is p, q, g, y, x,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	664 * we want the same.
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	665 */
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1119 diff changeset	666 buf_putstring(blobbuf, (const char*)p, len);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	667 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	668
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	669 /* Skip past the number. */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	670 p += len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	671 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	672
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	673 #ifdef DROPBEAR_ECDSA
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	674 if (key->type == OSSH_EC) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	675 unsigned char* private_key_bytes = NULL;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	676 int private_key_len = 0;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	677 unsigned char* public_key_bytes = NULL;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	678 int public_key_len = 0;
807 75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 806 diff changeset	679 ecc_key *ecc = NULL;
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	680 const struct dropbear_ecc_curve *curve = NULL;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	681
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	682 /* See SEC1 v2, Appendix C.4 */
c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	683 /* OpenSSL (so OpenSSH) seems to include the optional parts. */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	684
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	685 /* privateKey OCTET STRING, */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	686 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	687 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	688 p += ret;
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	689 /* id==4 for octet string */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	690 if (ret < 0 \|\| id != 4 \|\|
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	691 key->keyblob+key->keyblob_len-p < len) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	692 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	693 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	694 }
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	695 private_key_bytes = p;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	696 private_key_len = len;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	697 p += len;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	698
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	699 /* parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL, */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	700 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	701 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	702 p += ret;
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	703 /* id==0 */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	704 if (ret < 0 \|\| id != 0) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	705 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	706 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	707 }
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	708
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	709 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	710 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	711 p += ret;
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	712 /* id==6 for object */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	713 if (ret < 0 \|\| id != 6 \|\|
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	714 key->keyblob+key->keyblob_len-p < len) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	715 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	716 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	717 }
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	718
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	719 if (0) {}
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	720 #ifdef DROPBEAR_ECC_256
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	721 else if (len == sizeof(OID_SEC256R1_BLOB)
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	722 && memcmp(p, OID_SEC256R1_BLOB, len) == 0) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	723 retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP256;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	724 curve = &ecc_curve_nistp256;
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	725 }
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	726 #endif
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	727 #ifdef DROPBEAR_ECC_384
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	728 else if (len == sizeof(OID_SEC384R1_BLOB)
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	729 && memcmp(p, OID_SEC384R1_BLOB, len) == 0) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	730 retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP384;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	731 curve = &ecc_curve_nistp384;
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	732 }
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	733 #endif
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	734 #ifdef DROPBEAR_ECC_521
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	735 else if (len == sizeof(OID_SEC521R1_BLOB)
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	736 && memcmp(p, OID_SEC521R1_BLOB, len) == 0) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	737 retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP521;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	738 curve = &ecc_curve_nistp521;
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	739 }
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	740 #endif
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	741 else {
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	742 errmsg = "Unknown ECC key type";
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	743 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	744 }
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	745 p += len;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	746
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	747 /* publicKey [1] BIT STRING OPTIONAL */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	748 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	749 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	750 p += ret;
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	751 /* id==1 */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	752 if (ret < 0 \|\| id != 1) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	753 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	754 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	755 }
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	756
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	757 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	758 &id, &len, &flags);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	759 p += ret;
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	760 /* id==3 for bit string */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	761 if (ret < 0 \|\| id != 3 \|\|
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	762 key->keyblob+key->keyblob_len-p < len) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	763 errmsg = "ASN.1 decoding failure";
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	764 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	765 }
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	766 public_key_bytes = p+1;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	767 public_key_len = len-1;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	768 p += len;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	769
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	770 buf_putbytes(blobbuf, public_key_bytes, public_key_len);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	771 ecc = buf_get_ecc_raw_pubkey(blobbuf, curve);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	772 if (!ecc) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	773 errmsg = "Error parsing ECC key";
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	774 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	775 }
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	776 m_mp_alloc_init_multi((mp_int**)&ecc->k, NULL);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	777 if (mp_read_unsigned_bin(ecc->k, private_key_bytes, private_key_len)
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	778 != MP_OKAY) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	779 errmsg = "Error parsing ECC key";
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	780 goto error;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	781 }
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	782
841 d4ce5269a439 Fix specifying a keysize for key generation, fix key name arguments Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	783 *signkey_key_ptr(retkey, retkey->type) = ecc;
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	784 }
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	785 #endif /* DROPBEAR_ECDSA */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	786
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	787 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	788 * Now put together the actual key. Simplest way to do this is
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	789 * to assemble our own key blobs and feed them to the createkey
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	790 * functions; this is a bit faffy but it does mean we get all
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	791 * the sanity checks for free.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	792 */
806 71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	793 if (key->type == OSSH_RSA \|\| key->type == OSSH_DSA) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	794 buf_setpos(blobbuf, 0);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	795 type = DROPBEAR_SIGNKEY_ANY;
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	796 if (buf_get_priv_key(blobbuf, retkey, &type)
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	797 != DROPBEAR_SUCCESS) {
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	798 errmsg = "unable to create key structure";
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	799 sign_key_free(retkey);
71e7d31f7671 hackish ECC import code from OpenSSH Matt Johnston <matt@ucc.asn.au> parents: 793 diff changeset	800 retkey = NULL;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	801 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	802 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	803 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	804
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	805 errmsg = NULL; /* no error */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	806 retval = retkey;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	807
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	808 error:
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	809 if (blobbuf) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	810 buf_burn(blobbuf);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	811 buf_free(blobbuf);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	812 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	813 m_burn(key->keyblob, key->keyblob_size);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	814 m_free(key->keyblob);
1002 97d1e54941fd When clearing the memory of 'key' in function openssh_read(), only the size Christian Engelmayer <cengelma@gmx.at> parents: 991 diff changeset	815 m_burn(key, sizeof(*key));
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	816 m_free(key);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	817 if (errmsg) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	818 fprintf(stderr, "Error: %s\n", errmsg);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	819 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	820 return retval;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	821 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	822
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	823 static int openssh_write(const char filename, sign_key key,
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	824 char *passphrase)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	825 {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	826 buffer * keyblob = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	827 buffer * extrablob = NULL; /* used for calculated values to write */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	828 unsigned char *outblob = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	829 int outlen = -9999;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	830 struct mpint_pos numbers[9];
991 4f65c867fc99 Fix variables may be uninitialized. Like Ma <likemartinma@gmail.com> parents: 935 diff changeset	831 int nnumbers = -1, pos = 0, len = 0, seqlen, i;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	832 char header = NULL, footer = NULL;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	833 char zero[1];
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	834 int ret = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	835 FILE *fp;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	836
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	837 #ifdef DROPBEAR_RSA
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	838 mp_int dmp1, dmq1, iqmp, tmpval; /* for rsa */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	839 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	840
935 25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	841 if (
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	842 #ifdef DROPBEAR_RSA
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	843 key->type == DROPBEAR_SIGNKEY_RSA \|\|
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	844 #endif
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	845 #ifdef DROPBEAR_DSS
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	846 key->type == DROPBEAR_SIGNKEY_DSS \|\|
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	847 #endif
25692c60479e Fix compiling with ECDSA and DSS disabled Matt Johnston <matt@ucc.asn.au> parents: 867 diff changeset	848 0)
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	849 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	850 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	851 * Fetch the key blobs.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	852 */
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	853 keyblob = buf_new(3000);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	854 buf_put_priv_key(keyblob, key, key->type);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	855
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	856 buf_setpos(keyblob, 0);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	857 /* skip the "ssh-rsa" or "ssh-dss" header */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	858 buf_incrpos(keyblob, buf_getint(keyblob));
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	859
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	860 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	861 * Find the sequence of integers to be encoded into the OpenSSH
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	862 * key blob, and also decide on the header line.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	863 */
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	864 numbers[0].start = zero; numbers[0].bytes = 1; zero[0] = '\0';
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	865
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	866 #ifdef DROPBEAR_RSA
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	867 if (key->type == DROPBEAR_SIGNKEY_RSA) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	868
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	869 if (key->rsakey->p == NULL \|\| key->rsakey->q == NULL) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	870 fprintf(stderr, "Pre-0.33 Dropbear keys cannot be converted to OpenSSH keys.\n");
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	871 goto error;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	872 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	873
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	874 /* e */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	875 numbers[2].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	876 numbers[2].start = buf_getptr(keyblob, numbers[2].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	877 buf_incrpos(keyblob, numbers[2].bytes);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	878
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	879 /* n */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	880 numbers[1].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	881 numbers[1].start = buf_getptr(keyblob, numbers[1].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	882 buf_incrpos(keyblob, numbers[1].bytes);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	883
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	884 /* d */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	885 numbers[3].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	886 numbers[3].start = buf_getptr(keyblob, numbers[3].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	887 buf_incrpos(keyblob, numbers[3].bytes);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	888
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	889 /* p */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	890 numbers[4].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	891 numbers[4].start = buf_getptr(keyblob, numbers[4].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	892 buf_incrpos(keyblob, numbers[4].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	893
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	894 /* q */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	895 numbers[5].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	896 numbers[5].start = buf_getptr(keyblob, numbers[5].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	897 buf_incrpos(keyblob, numbers[5].bytes);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	898
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	899 /* now calculate some extra parameters: */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	900 m_mp_init(&tmpval);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	901 m_mp_init(&dmp1);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	902 m_mp_init(&dmq1);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	903 m_mp_init(&iqmp);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	904
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	905 /* dmp1 = d mod (p-1) */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	906 if (mp_sub_d(key->rsakey->p, 1, &tmpval) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	907 fprintf(stderr, "Bignum error for p-1\n");
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	908 goto error;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	909 }
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	910 if (mp_mod(key->rsakey->d, &tmpval, &dmp1) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	911 fprintf(stderr, "Bignum error for dmp1\n");
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	912 goto error;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	913 }
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	914
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	915 /* dmq1 = d mod (q-1) */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	916 if (mp_sub_d(key->rsakey->q, 1, &tmpval) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	917 fprintf(stderr, "Bignum error for q-1\n");
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	918 goto error;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	919 }
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	920 if (mp_mod(key->rsakey->d, &tmpval, &dmq1) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	921 fprintf(stderr, "Bignum error for dmq1\n");
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	922 goto error;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	923 }
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	924
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	925 /* iqmp = (q^-1) mod p */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	926 if (mp_invmod(key->rsakey->q, key->rsakey->p, &iqmp) != MP_OKAY) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	927 fprintf(stderr, "Bignum error for iqmp\n");
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	928 goto error;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	929 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	930
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	931 extrablob = buf_new(2000);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	932 buf_putmpint(extrablob, &dmp1);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	933 buf_putmpint(extrablob, &dmq1);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	934 buf_putmpint(extrablob, &iqmp);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	935 buf_setpos(extrablob, 0);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	936 mp_clear(&dmp1);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	937 mp_clear(&dmq1);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	938 mp_clear(&iqmp);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	939 mp_clear(&tmpval);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	940
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	941 /* dmp1 */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	942 numbers[6].bytes = buf_getint(extrablob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	943 numbers[6].start = buf_getptr(extrablob, numbers[6].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	944 buf_incrpos(extrablob, numbers[6].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	945
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	946 /* dmq1 */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	947 numbers[7].bytes = buf_getint(extrablob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	948 numbers[7].start = buf_getptr(extrablob, numbers[7].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	949 buf_incrpos(extrablob, numbers[7].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	950
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	951 /* iqmp */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	952 numbers[8].bytes = buf_getint(extrablob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	953 numbers[8].start = buf_getptr(extrablob, numbers[8].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	954 buf_incrpos(extrablob, numbers[8].bytes);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	955
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	956 nnumbers = 9;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	957 header = "-----BEGIN RSA PRIVATE KEY-----\n";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	958 footer = "-----END RSA PRIVATE KEY-----\n";
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	959 }
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	960 #endif /* DROPBEAR_RSA */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	961
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	962 #ifdef DROPBEAR_DSS
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	963 if (key->type == DROPBEAR_SIGNKEY_DSS) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	964
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	965 /* p */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	966 numbers[1].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	967 numbers[1].start = buf_getptr(keyblob, numbers[1].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	968 buf_incrpos(keyblob, numbers[1].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	969
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	970 /* q */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	971 numbers[2].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	972 numbers[2].start = buf_getptr(keyblob, numbers[2].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	973 buf_incrpos(keyblob, numbers[2].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	974
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	975 /* g */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	976 numbers[3].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	977 numbers[3].start = buf_getptr(keyblob, numbers[3].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	978 buf_incrpos(keyblob, numbers[3].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	979
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	980 /* y */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	981 numbers[4].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	982 numbers[4].start = buf_getptr(keyblob, numbers[4].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	983 buf_incrpos(keyblob, numbers[4].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	984
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	985 /* x */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	986 numbers[5].bytes = buf_getint(keyblob);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	987 numbers[5].start = buf_getptr(keyblob, numbers[5].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	988 buf_incrpos(keyblob, numbers[5].bytes);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	989
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	990 nnumbers = 6;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	991 header = "-----BEGIN DSA PRIVATE KEY-----\n";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	992 footer = "-----END DSA PRIVATE KEY-----\n";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	993 }
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	994 #endif /* DROPBEAR_DSS */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	995
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	996 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	997 * Now count up the total size of the ASN.1 encoded integers,
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	998 * so as to determine the length of the containing SEQUENCE.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	999 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1000 len = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1001 for (i = 0; i < nnumbers; i++) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1002 len += ber_write_id_len(NULL, 2, numbers[i].bytes, 0);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1003 len += numbers[i].bytes;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1004 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1005 seqlen = len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1006 /* Now add on the SEQUENCE header. */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1007 len += ber_write_id_len(NULL, 16, seqlen, ASN1_CONSTRUCTED);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1008 /* Round up to the cipher block size, ensuring we have at least one
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1009 * byte of padding (see below). */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1010 outlen = len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1011 if (passphrase)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1012 outlen = (outlen+8) &~ 7;
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1013
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1014 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1015 * Now we know how big outblob needs to be. Allocate it.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1016 */
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1017 outblob = (unsigned char*)m_malloc(outlen);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1018
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1019 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1020 * And write the data into it.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1021 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1022 pos = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1023 pos += ber_write_id_len(outblob+pos, 16, seqlen, ASN1_CONSTRUCTED);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1024 for (i = 0; i < nnumbers; i++) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1025 pos += ber_write_id_len(outblob+pos, 2, numbers[i].bytes, 0);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1026 memcpy(outblob+pos, numbers[i].start, numbers[i].bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1027 pos += numbers[i].bytes;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1028 }
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	1029 } /* end RSA and DSS handling */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1030
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1031 #ifdef DROPBEAR_ECDSA
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1032 if (key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP256
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1033 \|\| key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1034 \|\| key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1035
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1036 /* SEC1 V2 appendix c.4
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1037 ECPrivateKey ::= SEQUENCE {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1038 version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1039 privateKey OCTET STRING,
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1040 parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL,
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1041 publicKey [1] BIT STRING OPTIONAL
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1042 }
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1043 */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1044 buffer *seq_buf = buf_new(400);
846 b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 845 diff changeset	1045 ecc_key eck = (ecc_key)signkey_key_ptr(key, key->type);
b298bb438625 refactor key generation, make it generate as required. Matt Johnston <matt@ucc.asn.au> parents: 845 diff changeset	1046 const long curve_size = (*eck)->dp->size;
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1047 int curve_oid_len = 0;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1048 const void* curve_oid = NULL;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1049 unsigned long pubkey_size = 2*curve_size+1;
1089 d144a6bece53 Uses k_size as an signed integer Gaël PORTAY <gael.portay@gmail.com> parents: 1045 diff changeset	1050 int k_size;
1038 d3925ed45a85 Fix for old compilers, variable declarations at beginning of functions Thorsten Horstmann <thorsten.horstmann@web.de> parents: 1002 diff changeset	1051 int err = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1052
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1053 /* version. less than 10 bytes */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1054 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1055 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 2, 1, 0));
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1056 buf_putbyte(seq_buf, 1);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1057
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1058 /* privateKey */
867 d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	1059 k_size = mp_unsigned_bin_size((*eck)->k);
d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	1060 dropbear_assert(k_size <= curve_size);
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1061 buf_incrwritepos(seq_buf,
867 d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	1062 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 4, k_size, 0));
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1124 diff changeset	1063 mp_to_unsigned_bin((*eck)->k, buf_getwriteptr(seq_buf, k_size));
867 d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	1064 buf_incrwritepos(seq_buf, k_size);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1065
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1066 /* SECGCurveNames */
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1067 switch (key->type)
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1068 {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1069 case DROPBEAR_SIGNKEY_ECDSA_NISTP256:
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1070 curve_oid_len = sizeof(OID_SEC256R1_BLOB);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1071 curve_oid = OID_SEC256R1_BLOB;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1072 break;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1073 case DROPBEAR_SIGNKEY_ECDSA_NISTP384:
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1074 curve_oid_len = sizeof(OID_SEC384R1_BLOB);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1075 curve_oid = OID_SEC384R1_BLOB;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1076 break;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1077 case DROPBEAR_SIGNKEY_ECDSA_NISTP521:
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1078 curve_oid_len = sizeof(OID_SEC521R1_BLOB);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1079 curve_oid = OID_SEC521R1_BLOB;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1080 break;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1081 default:
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1082 dropbear_exit("Internal error");
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1083 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1084
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1085 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1086 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 0, 2+curve_oid_len, 0xa0));
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 849 diff changeset	1087 /* object == 6 */
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1088 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1089 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 6, curve_oid_len, 0));
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1090 buf_putbytes(seq_buf, curve_oid, curve_oid_len);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1091
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1092 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1093 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 1, 2+1+pubkey_size, 0xa0));
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1094 buf_incrwritepos(seq_buf,
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1095 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 3, 1+pubkey_size, 0));
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1096 buf_putbyte(seq_buf, 0);
1038 d3925ed45a85 Fix for old compilers, variable declarations at beginning of functions Thorsten Horstmann <thorsten.horstmann@web.de> parents: 1002 diff changeset	1097 err = ecc_ansi_x963_export(*eck, buf_getwriteptr(seq_buf, pubkey_size), &pubkey_size);
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1098 if (err != CRYPT_OK) {
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1099 dropbear_exit("ECC error");
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1100 }
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1101 buf_incrwritepos(seq_buf, pubkey_size);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1102
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1103 buf_setpos(seq_buf, 0);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1104
867 d2d624c951ca - Increase buffer size, fixes converting 521bit ECC key Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	1105 outblob = (unsigned char*)m_malloc(1000);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1106
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1107 pos = 0;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1108 pos += ber_write_id_len(outblob+pos, 16, seq_buf->len, ASN1_CONSTRUCTED);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1109 memcpy(&outblob[pos], seq_buf->data, seq_buf->len);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1110 pos += seq_buf->len;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1111 len = pos;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1112 outlen = len;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1113
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1114 buf_burn(seq_buf);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1115 buf_free(seq_buf);
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1116 seq_buf = NULL;
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1117
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1118 header = "-----BEGIN EC PRIVATE KEY-----\n";
d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1119 footer = "-----END EC PRIVATE KEY-----\n";
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1120 }
836 d7d9f1612d51 writing out openssh ecc keys works Matt Johnston <matt@ucc.asn.au> parents: 807 diff changeset	1121 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1122
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1123 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1124 * Padding on OpenSSH keys is deterministic. The number of
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1125 * padding bytes is always more than zero, and always at most
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1126 * the cipher block length. The value of each padding byte is
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1127 * equal to the number of padding bytes. So a plaintext that's
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1128 * an exact multiple of the block size will be padded with 08
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1129 * 08 08 08 08 08 08 08 (assuming a 64-bit block cipher); a
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1130 * plaintext one byte less than a multiple of the block size
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1131 * will be padded with just 01.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1132 *
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1133 * This enables the OpenSSL key decryption function to strip
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1134 * off the padding algorithmically and return the unpadded
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1135 * plaintext to the next layer: it looks at the final byte, and
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1136 * then expects to find that many bytes at the end of the data
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1137 * with the same value. Those are all removed and the rest is
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1138 * returned.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1139 */
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 87 diff changeset	1140 dropbear_assert(pos == len);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1141 while (pos < outlen) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1142 outblob[pos++] = outlen - len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1143 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1144
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1145 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1146 * Encrypt the key.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1147 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1148 if (passphrase) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1149 fprintf(stderr, "Encrypted keys aren't supported currently\n");
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1150 goto error;
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1151 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1152
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1153 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1154 * And save it. We'll use Unix line endings just in case it's
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1155 * subsequently transferred in binary mode.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1156 */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1157 if (strlen(filename) == 1 && filename[0] == '-') {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1158 fp = stdout;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1159 } else {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1160 fp = fopen(filename, "wb"); /* ensure Unix line endings */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1161 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1162 if (!fp) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1163 fprintf(stderr, "Failed opening output file\n");
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1164 goto error;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1165 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1166 fputs(header, fp);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1167 base64_encode_fp(fp, outblob, outlen, 64);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1168 fputs(footer, fp);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1169 fclose(fp);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1170 ret = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1171
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1172 error:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1173 if (outblob) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1174 memset(outblob, 0, outlen);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1175 m_free(outblob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1176 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1177 if (keyblob) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1178 buf_burn(keyblob);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1179 buf_free(keyblob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1180 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1181 if (extrablob) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1182 buf_burn(extrablob);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1183 buf_free(extrablob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1184 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1185 return ret;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1186 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1187
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1188 #if 0
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1189 /* XXX TODO ssh.com stuff isn't going yet */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1190
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1191 /* ----------------------------------------------------------------------
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1192 * Code to read ssh.com private keys.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1193 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1194
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1195 /*
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1196 * The format of the base64 blob is largely ssh2-packet-formatted,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1197 * except that mpints are a bit different: they're more like the
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1198 * old ssh1 mpint. You have a 32-bit bit count N, followed by
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1199 * (N+7)/8 bytes of data.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1200 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1201 * So. The blob contains:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1202 *
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1203 * - uint32 0x3f6ff9eb (magic number)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1204 * - uint32 size (total blob size)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1205 * - string key-type (see below)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1206 * - string cipher-type (tells you if key is encrypted)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1207 * - string encrypted-blob
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1208 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1209 * (The first size field includes the size field itself and the
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1210 * magic number before it. All other size fields are ordinary ssh2
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1211 * strings, so the size field indicates how much data is to
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1212 * _follow_.)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1213 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1214 * The encrypted blob, once decrypted, contains a single string
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1215 * which in turn contains the payload. (This allows padding to be
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1216 * added after that string while still making it clear where the
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1217 * real payload ends. Also it probably makes for a reasonable
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1218 * decryption check.)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1219 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1220 * The payload blob, for an RSA key, contains:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1221 * - mpint e
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1222 * - mpint d
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1223 * - mpint n (yes, the public and private stuff is intermixed)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1224 * - mpint u (presumably inverse of p mod q)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1225 * - mpint p (p is the smaller prime)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1226 * - mpint q (q is the larger)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1227 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1228 * For a DSA key, the payload blob contains:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1229 * - uint32 0
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1230 * - mpint p
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1231 * - mpint g
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1232 * - mpint q
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1233 * - mpint y
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1234 * - mpint x
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1235 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1236 * Alternatively, if the parameters are `predefined', that
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1237 * (0,p,g,q) sequence can be replaced by a uint32 1 and a string
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1238 * containing some predefined parameter specification. shudder,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1239 * but I doubt we'll encounter this in real life.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1240 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1241 * The key type strings are ghastly. The RSA key I looked at had a
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1242 * type string of
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1243 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1244 * `if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}'
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1245 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1246 * and the DSA key wasn't much better:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1247 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1248 * `dl-modp{sign{dsa-nist-sha1},dh{plain}}'
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1249 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1250 * It isn't clear that these will always be the same. I think it
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1251 * might be wise just to look at the `if-modn{sign{rsa' and
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1252 * `dl-modp{sign{dsa' prefixes.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1253 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1254 * Finally, the encryption. The cipher-type string appears to be
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1255 * either `none' or `3des-cbc'. Looks as if this is SSH2-style
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1256 * 3des-cbc (i.e. outer cbc rather than inner). The key is created
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1257 * from the passphrase by means of yet another hashing faff:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1258 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1259 * - first 16 bytes are MD5(passphrase)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1260 * - next 16 bytes are MD5(passphrase \|\| first 16 bytes)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1261 * - if there were more, they'd be MD5(passphrase \|\| first 32),
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1262 * and so on.
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1263 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1264
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1265 #define SSHCOM_MAGIC_NUMBER 0x3f6ff9eb
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1266
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1267 struct sshcom_key {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1268 char comment[256]; /* allowing any length is overkill */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1269 unsigned char *keyblob;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1270 int keyblob_len, keyblob_size;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1271 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1272
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1273 static struct sshcom_key load_sshcom_key(const char filename)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1274 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1275 struct sshcom_key *ret;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1276 FILE *fp;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1277 char buffer[256];
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1278 int len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1279 char errmsg, p;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1280 int headers_done;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1281 char base64_bit[4];
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1282 int base64_chars = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1283
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1284 ret = snew(struct sshcom_key);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1285 ret->comment[0] = '\0';
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1286 ret->keyblob = NULL;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1287 ret->keyblob_len = ret->keyblob_size = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1288
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1289 fp = fopen(filename, "r");
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1290 if (!fp) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1291 errmsg = "Unable to open key file";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1292 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1293 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1294 if (!fgets(buffer, sizeof(buffer), fp) \|\|
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1295 0 != strcmp(buffer, "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----\n")) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1296 errmsg = "File does not begin with ssh.com key header";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1297 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1298 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1299
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1300 headers_done = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1301 while (1) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1302 if (!fgets(buffer, sizeof(buffer), fp)) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1303 errmsg = "Unexpected end of file";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1304 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1305 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1306 if (!strcmp(buffer, "---- END SSH2 ENCRYPTED PRIVATE KEY ----\n"))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1307 break; /* done */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1308 if ((p = strchr(buffer, ':')) != NULL) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1309 if (headers_done) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1310 errmsg = "Header found in body of key data";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1311 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1312 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1313 *p++ = '\0';
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1314 while (p && isspace((unsigned char)p)) p++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1315 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1316 * Header lines can end in a trailing backslash for
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1317 * continuation.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1318 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1319 while ((len = strlen(p)) > (int)(sizeof(buffer) - (p-buffer) -1) \|\|
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1320 p[len-1] != '\n' \|\| p[len-2] == '\\') {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1321 if (len > (int)((p-buffer) + sizeof(buffer)-2)) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1322 errmsg = "Header line too long to deal with";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1323 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1324 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1325 if (!fgets(p+len-2, sizeof(buffer)-(p-buffer)-(len-2), fp)) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1326 errmsg = "Unexpected end of file";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1327 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1328 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1329 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1330 p[strcspn(p, "\n")] = '\0';
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1331 if (!strcmp(buffer, "Comment")) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1332 /* Strip quotes in comment if present. */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1333 if (p[0] == '"' && p[strlen(p)-1] == '"') {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1334 p++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1335 p[strlen(p)-1] = '\0';
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1336 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1337 strncpy(ret->comment, p, sizeof(ret->comment));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1338 ret->comment[sizeof(ret->comment)-1] = '\0';
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1339 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1340 } else {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1341 headers_done = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1342
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1343 p = buffer;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1344 while (isbase64(*p)) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1345 base64_bit[base64_chars++] = *p;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1346 if (base64_chars == 4) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1347 unsigned char out[3];
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1348
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1349 base64_chars = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1350
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1351 len = base64_decode_atom(base64_bit, out);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1352
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1353 if (len <= 0) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1354 errmsg = "Invalid base64 encoding";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1355 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1356 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1357
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1358 if (ret->keyblob_len + len > ret->keyblob_size) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1359 ret->keyblob_size = ret->keyblob_len + len + 256;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1360 ret->keyblob = sresize(ret->keyblob, ret->keyblob_size,
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1361 unsigned char);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1362 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1363
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1364 memcpy(ret->keyblob + ret->keyblob_len, out, len);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1365 ret->keyblob_len += len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1366 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1367
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1368 p++;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1369 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1370 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1371 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1372
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1373 if (ret->keyblob_len == 0 \|\| !ret->keyblob) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1374 errmsg = "Key body not present";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1375 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1376 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1377
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1378 return ret;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1379
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1380 error:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1381 if (ret) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1382 if (ret->keyblob) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1383 memset(ret->keyblob, 0, ret->keyblob_size);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1384 m_free(ret->keyblob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1385 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1386 memset(ret, 0, sizeof(*ret));
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1387 m_free(ret);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1388 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1389 return NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1390 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1391
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1392 int sshcom_encrypted(const char filename, char *comment)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1393 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1394 struct sshcom_key *key = load_sshcom_key(filename);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1395 int pos, len, answer;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1396
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1397 *comment = NULL;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1398 if (!key)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1399 return 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1400
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1401 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1402 * Check magic number.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1403 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1404 if (GET_32BIT(key->keyblob) != 0x3f6ff9eb)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1405 return 0; /* key is invalid */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1406
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1407 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1408 * Find the cipher-type string.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1409 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1410 answer = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1411 pos = 8;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1412 if (key->keyblob_len < pos+4)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1413 goto done; /* key is far too short */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1414 len = toint(GET_32BIT(key->keyblob + pos));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1415 if (len < 0 \|\| len > key->keyblob_len - pos - 4)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1416 goto done; /* key is far too short */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1417 pos += 4 + len; /* skip key type */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1418 len = toint(GET_32BIT(key->keyblob + pos)); /* find cipher-type length */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1419 if (len < 0 \|\| len > key->keyblob_len - pos - 4)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1420 goto done; /* cipher type string is incomplete */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1421 if (len != 4 \|\| 0 != memcmp(key->keyblob + pos + 4, "none", 4))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1422 answer = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1423
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1424 done:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1425 *comment = dupstr(key->comment);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1426 memset(key->keyblob, 0, key->keyblob_size);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1427 m_free(key->keyblob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1428 memset(key, 0, sizeof(*key));
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1429 m_free(key);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1430 return answer;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1431 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1432
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1433 static int sshcom_read_mpint(void data, int len, struct mpint_pos ret)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1434 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1435 unsigned bits, bytes;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1436 unsigned char d = (unsigned char ) data;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1437
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1438 if (len < 4)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1439 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1440 bits = GET_32BIT(d);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1441
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1442 bytes = (bits + 7) / 8;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1443 if (len < 4+bytes)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1444 goto error;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1445
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1446 ret->start = d + 4;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1447 ret->bytes = bytes;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1448 return bytes+4;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1449
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1450 error:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1451 ret->start = NULL;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1452 ret->bytes = -1;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1453 return len; /* ensure further calls fail as well */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1454 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1455
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1456 static int sshcom_put_mpint(void target, void data, int len)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1457 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1458 unsigned char d = (unsigned char )target;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1459 unsigned char i = (unsigned char )data;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1460 int bits = len * 8 - 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1461
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1462 while (bits > 0) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1463 if (*i & (1 << (bits & 7)))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1464 break;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1465 if (!(bits-- & 7))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1466 i++, len--;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1467 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1468
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1469 PUT_32BIT(d, bits+1);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1470 memcpy(d+4, i, len);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1471 return len+4;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1472 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1473
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1474 sign_key sshcom_read(const char filename, char *passphrase)
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1475 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1476 struct sshcom_key *key = load_sshcom_key(filename);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1477 char *errmsg;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1478 int pos, len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1479 const char prefix_rsa[] = "if-modn{sign{rsa";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1480 const char prefix_dsa[] = "dl-modp{sign{dsa";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1481 enum { RSA, DSA } type;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1482 int encrypted;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1483 char *ciphertext;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1484 int cipherlen;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1485 struct ssh2_userkey ret = NULL, retkey;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1486 const struct ssh_signkey *alg;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1487 unsigned char *blob = NULL;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1488 int blobsize = 0, publen, privlen;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1489
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1490 if (!key)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1491 return NULL;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1492
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1493 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1494 * Check magic number.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1495 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1496 if (GET_32BIT(key->keyblob) != SSHCOM_MAGIC_NUMBER) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1497 errmsg = "Key does not begin with magic number";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1498 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1499 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1500
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1501 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1502 * Determine the key type.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1503 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1504 pos = 8;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1505 if (key->keyblob_len < pos+4 \|\|
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1506 (len = GET_32BIT(key->keyblob + pos)) > key->keyblob_len - pos - 4) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1507 errmsg = "Key blob does not contain a key type string";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1508 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1509 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1510 if (len > sizeof(prefix_rsa) - 1 &&
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1511 !memcmp(key->keyblob+pos+4, prefix_rsa, sizeof(prefix_rsa) - 1)) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1512 type = RSA;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1513 } else if (len > sizeof(prefix_dsa) - 1 &&
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1514 !memcmp(key->keyblob+pos+4, prefix_dsa, sizeof(prefix_dsa) - 1)) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1515 type = DSA;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1516 } else {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1517 errmsg = "Key is of unknown type";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1518 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1519 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1520 pos += 4+len;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1521
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1522 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1523 * Determine the cipher type.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1524 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1525 if (key->keyblob_len < pos+4 \|\|
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1526 (len = GET_32BIT(key->keyblob + pos)) > key->keyblob_len - pos - 4) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1527 errmsg = "Key blob does not contain a cipher type string";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1528 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1529 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1530 if (len == 4 && !memcmp(key->keyblob+pos+4, "none", 4))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1531 encrypted = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1532 else if (len == 8 && !memcmp(key->keyblob+pos+4, "3des-cbc", 8))
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1533 encrypted = 1;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1534 else {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1535 errmsg = "Key encryption is of unknown type";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1536 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1537 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1538 pos += 4+len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1539
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1540 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1541 * Get hold of the encrypted part of the key.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1542 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1543 if (key->keyblob_len < pos+4 \|\|
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1544 (len = GET_32BIT(key->keyblob + pos)) > key->keyblob_len - pos - 4) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1545 errmsg = "Key blob does not contain actual key data";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1546 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1547 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1548 ciphertext = (char *)key->keyblob + pos + 4;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1549 cipherlen = len;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1550 if (cipherlen == 0) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1551 errmsg = "Length of key data is zero";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1552 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1553 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1554
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1555 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1556 * Decrypt it if necessary.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1557 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1558 if (encrypted) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1559 /*
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1560 * Derive encryption key from passphrase and iv/salt:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1561 *
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1562 * - let block A equal MD5(passphrase)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1563 * - let block B equal MD5(passphrase \|\| A)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1564 * - block C would be MD5(passphrase \|\| A \|\| B) and so on
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1565 * - encryption key is the first N bytes of A \|\| B
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1566 */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1567 struct MD5Context md5c;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1568 unsigned char keybuf[32], iv[8];
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1569
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1570 if (cipherlen % 8 != 0) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1571 errmsg = "Encrypted part of key is not a multiple of cipher block"
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1572 " size";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1573 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1574 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1575
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1576 MD5Init(&md5c);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1577 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1578 MD5Final(keybuf, &md5c);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1579
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1580 MD5Init(&md5c);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1581 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1582 MD5Update(&md5c, keybuf, 16);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1583 MD5Final(keybuf+16, &md5c);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1584
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1585 /*
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1586 * Now decrypt the key blob.
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1587 */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1588 memset(iv, 0, sizeof(iv));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1589 des3_decrypt_pubkey_ossh(keybuf, iv, (unsigned char *)ciphertext,
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1590 cipherlen);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1591
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1592 memset(&md5c, 0, sizeof(md5c));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1593 memset(keybuf, 0, sizeof(keybuf));
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1594
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1595 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1596 * Hereafter we return WRONG_PASSPHRASE for any parsing
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1597 * error. (But only if we've just tried to decrypt it!
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1598 * Returning WRONG_PASSPHRASE for an unencrypted key is
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1599 * automatic doom.)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1600 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1601 if (encrypted)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1602 ret = SSH2_WRONG_PASSPHRASE;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1603 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1604
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1605 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1606 * Strip away the containing string to get to the real meat.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1607 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1608 len = toint(GET_32BIT(ciphertext));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1609 if (len < 0 \|\| len > cipherlen-4) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1610 errmsg = "containing string was ill-formed";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1611 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1612 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1613 ciphertext += 4;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1614 cipherlen = len;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1615
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1616 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1617 * Now we break down into RSA versus DSA. In either case we'll
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1618 * construct public and private blobs in our own format, and
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1619 * end up feeding them to alg->createkey().
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1620 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1621 blobsize = cipherlen + 256;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1622 blob = snewn(blobsize, unsigned char);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1623 privlen = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1624 if (type == RSA) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1625 struct mpint_pos n, e, d, u, p, q;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1626 int pos = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1627 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &e);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1628 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &d);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1629 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &n);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1630 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &u);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1631 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &p);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1632 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &q);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1633 if (!q.start) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1634 errmsg = "key data did not contain six integers";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1635 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1636 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1637
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1638 alg = &ssh_rsa;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1639 pos = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1640 pos += put_string(blob+pos, "ssh-rsa", 7);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1641 pos += put_mp(blob+pos, e.start, e.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1642 pos += put_mp(blob+pos, n.start, n.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1643 publen = pos;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1644 pos += put_string(blob+pos, d.start, d.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1645 pos += put_mp(blob+pos, q.start, q.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1646 pos += put_mp(blob+pos, p.start, p.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1647 pos += put_mp(blob+pos, u.start, u.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1648 privlen = pos - publen;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1649 } else if (type == DSA) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1650 struct mpint_pos p, q, g, x, y;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1651 int pos = 4;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1652 if (GET_32BIT(ciphertext) != 0) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1653 errmsg = "predefined DSA parameters not supported";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1654 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1655 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1656 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &p);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1657 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &g);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1658 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &q);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1659 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &y);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1660 pos += sshcom_read_mpint(ciphertext+pos, cipherlen-pos, &x);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1661 if (!x.start) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1662 errmsg = "key data did not contain five integers";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1663 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1664 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1665
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1666 alg = &ssh_dss;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1667 pos = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1668 pos += put_string(blob+pos, "ssh-dss", 7);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1669 pos += put_mp(blob+pos, p.start, p.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1670 pos += put_mp(blob+pos, q.start, q.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1671 pos += put_mp(blob+pos, g.start, g.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1672 pos += put_mp(blob+pos, y.start, y.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1673 publen = pos;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1674 pos += put_mp(blob+pos, x.start, x.bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1675 privlen = pos - publen;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1676 } else
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1677 return NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1678
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 87 diff changeset	1679 dropbear_assert(privlen > 0); /* should have bombed by now if not */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1680
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1681 retkey = snew(struct ssh2_userkey);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1682 retkey->alg = alg;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1683 retkey->data = alg->createkey(blob, publen, blob+publen, privlen);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1684 if (!retkey->data) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1685 m_free(retkey);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1686 errmsg = "unable to create key data structure";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1687 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1688 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1689 retkey->comment = dupstr(key->comment);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1690
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1691 errmsg = NULL; /* no error */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1692 ret = retkey;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1693
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1694 error:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1695 if (blob) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1696 memset(blob, 0, blobsize);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1697 m_free(blob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1698 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1699 memset(key->keyblob, 0, key->keyblob_size);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1700 m_free(key->keyblob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1701 memset(key, 0, sizeof(*key));
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1702 m_free(key);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1703 return ret;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1704 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1705
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1706 int sshcom_write(const char filename, sign_key key,
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1707 char *passphrase)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1708 {
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1709 unsigned char pubblob, privblob;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1710 int publen, privlen;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1711 unsigned char *outblob;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1712 int outlen;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1713 struct mpint_pos numbers[6];
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1714 int nnumbers, initial_zero, pos, lenpos, i;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1715 char *type;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1716 char *ciphertext;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1717 int cipherlen;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1718 int ret = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1719 FILE *fp;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1720
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1721 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1722 * Fetch the key blobs.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1723 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1724 pubblob = key->alg->public_blob(key->data, &publen);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1725 privblob = key->alg->private_blob(key->data, &privlen);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1726 outblob = NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1727
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1728 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1729 * Find the sequence of integers to be encoded into the OpenSSH
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1730 * key blob, and also decide on the header line.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1731 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1732 if (key->alg == &ssh_rsa) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1733 int pos;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1734 struct mpint_pos n, e, d, p, q, iqmp;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1735
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1736 pos = 4 + GET_32BIT(pubblob);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1737 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &e);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1738 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &n);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1739 pos = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1740 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &d);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1741 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &p);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1742 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &q);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1743 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &iqmp);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1744
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 87 diff changeset	1745 dropbear_assert(e.start && iqmp.start); /* can't go wrong */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1746
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1747 numbers[0] = e;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1748 numbers[1] = d;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1749 numbers[2] = n;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1750 numbers[3] = iqmp;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1751 numbers[4] = q;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1752 numbers[5] = p;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1753
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1754 nnumbers = 6;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1755 initial_zero = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1756 type = "if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1757 } else if (key->alg == &ssh_dss) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1758 int pos;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1759 struct mpint_pos p, q, g, y, x;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1760
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1761 pos = 4 + GET_32BIT(pubblob);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1762 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &p);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1763 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &q);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1764 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &g);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1765 pos += ssh2_read_mpint(pubblob+pos, publen-pos, &y);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1766 pos = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1767 pos += ssh2_read_mpint(privblob+pos, privlen-pos, &x);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1768
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 87 diff changeset	1769 dropbear_assert(y.start && x.start); /* can't go wrong */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1770
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1771 numbers[0] = p;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1772 numbers[1] = g;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1773 numbers[2] = q;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1774 numbers[3] = y;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1775 numbers[4] = x;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1776
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1777 nnumbers = 5;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1778 initial_zero = 1;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1779 type = "dl-modp{sign{dsa-nist-sha1},dh{plain}}";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1780 } else {
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 87 diff changeset	1781 dropbear_assert(0); /* zoinks! */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1782 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1783
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1784 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1785 * Total size of key blob will be somewhere under 512 plus
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1786 * combined length of integers. We'll calculate the more
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1787 * precise size as we construct the blob.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1788 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1789 outlen = 512;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1790 for (i = 0; i < nnumbers; i++)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1791 outlen += 4 + numbers[i].bytes;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1792 outblob = snewn(outlen, unsigned char);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1793
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1794 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1795 * Create the unencrypted key blob.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1796 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1797 pos = 0;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1798 PUT_32BIT(outblob+pos, SSHCOM_MAGIC_NUMBER); pos += 4;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1799 pos += 4; /* length field, fill in later */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1800 pos += put_string(outblob+pos, type, strlen(type));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1801 {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1802 char *ciphertype = passphrase ? "3des-cbc" : "none";
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1803 pos += put_string(outblob+pos, ciphertype, strlen(ciphertype));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1804 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1805 lenpos = pos; /* remember this position */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1806 pos += 4; /* encrypted-blob size */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1807 pos += 4; /* encrypted-payload size */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1808 if (initial_zero) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1809 PUT_32BIT(outblob+pos, 0);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1810 pos += 4;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1811 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1812 for (i = 0; i < nnumbers; i++)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1813 pos += sshcom_put_mpint(outblob+pos,
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1814 numbers[i].start, numbers[i].bytes);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1815 /* Now wrap up the encrypted payload. */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1816 PUT_32BIT(outblob+lenpos+4, pos - (lenpos+8));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1817 /* Pad encrypted blob to a multiple of cipher block size. */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1818 if (passphrase) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1819 int padding = -(pos - (lenpos+4)) & 7;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1820 while (padding--)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1821 outblob[pos++] = random_byte();
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1822 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1823 ciphertext = (char *)outblob+lenpos+4;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1824 cipherlen = pos - (lenpos+4);
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 87 diff changeset	1825 dropbear_assert(!passphrase \|\| cipherlen % 8 == 0);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1826 /* Wrap up the encrypted blob string. */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1827 PUT_32BIT(outblob+lenpos, cipherlen);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1828 /* And finally fill in the total length field. */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1829 PUT_32BIT(outblob+4, pos);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1830
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 87 diff changeset	1831 dropbear_assert(pos < outlen);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1832
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1833 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1834 * Encrypt the key.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1835 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1836 if (passphrase) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1837 /*
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1838 * Derive encryption key from passphrase and iv/salt:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1839 *
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1840 * - let block A equal MD5(passphrase)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1841 * - let block B equal MD5(passphrase \|\| A)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1842 * - block C would be MD5(passphrase \|\| A \|\| B) and so on
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1843 * - encryption key is the first N bytes of A \|\| B
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1844 */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1845 struct MD5Context md5c;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1846 unsigned char keybuf[32], iv[8];
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1847
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1848 MD5Init(&md5c);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1849 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1850 MD5Final(keybuf, &md5c);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1851
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1852 MD5Init(&md5c);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1853 MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1854 MD5Update(&md5c, keybuf, 16);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1855 MD5Final(keybuf+16, &md5c);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1856
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1857 /*
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1858 * Now decrypt the key blob.
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1859 */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1860 memset(iv, 0, sizeof(iv));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1861 des3_encrypt_pubkey_ossh(keybuf, iv, (unsigned char *)ciphertext,
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1862 cipherlen);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1863
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1864 memset(&md5c, 0, sizeof(md5c));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1865 memset(keybuf, 0, sizeof(keybuf));
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1866 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1867
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1868 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1869 * And save it. We'll use Unix line endings just in case it's
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1870 * subsequently transferred in binary mode.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1871 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1872 fp = fopen(filename, "wb"); /* ensure Unix line endings */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1873 if (!fp)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1874 goto error;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1875 fputs("---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----\n", fp);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1876 fprintf(fp, "Comment: \"");
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1877 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1878 * Comment header is broken with backslash-newline if it goes
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1879 * over 70 chars. Although it's surrounded by quotes, it
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1880 * _doesn't_ escape backslashes or quotes within the string.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1881 * Don't ask me, I didn't design it.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1882 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1883 {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1884 int slen = 60; /* starts at 60 due to "Comment: " */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1885 char *c = key->comment;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1886 while ((int)strlen(c) > slen) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1887 fprintf(fp, "%.*s\\\n", slen, c);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1888 c += slen;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1889 slen = 70; /* allow 70 chars on subsequent lines */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1890 }
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1891 fprintf(fp, "%s\"\n", c);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1892 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1893 base64_encode_fp(fp, outblob, pos, 70);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1894 fputs("---- END SSH2 ENCRYPTED PRIVATE KEY ----\n", fp);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1895 fclose(fp);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1896 ret = 1;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1897
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1898 error:
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1899 if (outblob) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1900 memset(outblob, 0, outlen);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1901 m_free(outblob);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1902 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1903 if (privblob) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1904 memset(privblob, 0, privlen);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1905 m_free(privblob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1906 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1907 if (pubblob) {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1908 memset(pubblob, 0, publen);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1909 m_free(pubblob);
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1910 }
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1911 return ret;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1912 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1913 #endif /* ssh.com stuff disabled */
1306 34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1914
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1915 /* From PuTTY misc.c */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1916 static int toint(unsigned u)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1917 {
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1918 /*
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1919 * Convert an unsigned to an int, without running into the
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1920 * undefined behaviour which happens by the strict C standard if
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1921 * the value overflows. You'd hope that sensible compilers would
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1922 * do the sensible thing in response to a cast, but actually I
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1923 * don't trust modern compilers not to do silly things like
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1924 * assuming that _obviously_ you wouldn't have caused an overflow
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1925 * and so they can elide an 'if (i < 0)' test immediately after
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1926 * the cast.
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1927 *
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1928 * Sensible compilers ought of course to optimise this entire
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1929 * function into 'just return the input value'!
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1930 */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1931 if (u <= (unsigned)INT_MAX)
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1932 return (int)u;
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1933 else if (u >= (unsigned)INT_MIN) /* wrap in cast _to_ unsigned is OK */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1934 return INT_MIN + (int)(u - (unsigned)INT_MIN);
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1935 else
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1936 return INT_MIN; /* fallback; should never occur on binary machines */
34e6127ef02e merge fixes from PuTTY import.c Matt Johnston <matt@ucc.asn.au> parents: 1250 diff changeset	1937 }

Mercurial > dropbear

annotate keyimport.c @ 1306:34e6127ef02e