Mercurial > dropbear

comparison signkey.c @ 44:45edf30ea0a6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Improved signkey code
author Matt Johnston <matt@ucc.asn.au>
date Tue, 03 Aug 2004 15:51:55 +0000
parents b4874d772210
children 095d689fed16
comparison
equal deleted inserted replaced
43:942b22d7dd1c 44:45edf30ea0a6
42 #endif 42 #endif
43 return ret; 43 return ret;
44 44
45 } 45 }
46 46
47 /* Returns "ssh-dss" or "ssh-rsa" corresponding to the type. Exits fatally
48 * if the type is invalid */
49 const char* signkey_name_from_type(int type, int *namelen) {
50
51 #ifdef DROPBEAR_RSA
52 if (type == DROPBEAR_SIGNKEY_RSA) {
53 *namelen = SSH_SIGNKEY_RSA_LEN;
54 return SSH_SIGNKEY_RSA;
55 }
56 #endif
57 #ifdef DROPBEAR_DSS
58 if (type == DROPBEAR_SIGNKEY_DSS) {
59 *namelen = SSH_SIGNKEY_DSS_LEN;
60 return SSH_SIGNKEY_DSS;
61 }
62 #endif
63 dropbear_exit("bad key type %d", type);
64 return NULL; /* notreached */
65 }
66
67 /* Returns DROPBEAR_SIGNKEY_RSA, DROPBEAR_SIGNKEY_DSS,
68 * or DROPBEAR_SIGNKEY_NONE */
69 int signkey_type_from_name(const char* name, int namelen) {
70
71 #ifdef DROPBEAR_RSA
72 if (namelen == SSH_SIGNKEY_RSA_LEN
73 && memcmp(name, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN) == 0) {
74 return DROPBEAR_SIGNKEY_RSA;
75 }
76 #endif
77 #ifdef DROPBEAR_DSS
78 if (namelen == SSH_SIGNKEY_DSS_LEN
79 && memcmp(name, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN) == 0) {
80 return DROPBEAR_SIGNKEY_DSS;
81 }
82 #endif
83
84 return DROPBEAR_SIGNKEY_NONE;
85 }
86
47 /* returns DROPBEAR_SUCCESS on success, DROPBEAR_FAILURE on fail. 87 /* returns DROPBEAR_SUCCESS on success, DROPBEAR_FAILURE on fail.
48 * type should be set by the caller to specify the type to read, and 88 * type should be set by the caller to specify the type to read, and
49 * on return is set to the type read (useful when type = _ANY) */ 89 * on return is set to the type read (useful when type = _ANY) */
50 int buf_get_pub_key(buffer *buf, sign_key *key, int *type) { 90 int buf_get_pub_key(buffer *buf, sign_key *key, int *type) {
51 91
52 unsigned char* ident; 92 unsigned char* ident;
53 unsigned int len; 93 unsigned int len;
94 int keytype;
95 int ret = DROPBEAR_FAILURE;
54 96
55 TRACE(("enter buf_get_pub_key")); 97 TRACE(("enter buf_get_pub_key"));
56 98
57 ident = buf_getstring(buf, &len); 99 ident = buf_getstring(buf, &len);
58 100 keytype = signkey_type_from_name(ident, len);
59 101 m_free(ident);
60 #ifdef DROPBEAR_DSS 102
61 if (memcmp(ident, SSH_SIGNKEY_DSS, len) == 0 103 if (*type != DROPBEAR_SIGNKEY_ANY && *type != keytype) {
62 && (*type == DROPBEAR_SIGNKEY_ANY 104 return DROPBEAR_FAILURE;
63 || *type == DROPBEAR_SIGNKEY_DSS)) { 105 }
64 m_free(ident); 106
65 buf_setpos(buf, buf->pos - len - 4); 107 *type = keytype;
108
109 /* Rewind the buffer back before "ssh-rsa" etc */
110 buf_incrpos(buf, -len - 4);
111
112 #ifdef DROPBEAR_DSS
113 if (keytype == DROPBEAR_SIGNKEY_DSS) {
66 dss_key_free(key->dsskey); 114 dss_key_free(key->dsskey);
67 key->dsskey = (dss_key*)m_malloc(sizeof(dss_key)); 115 key->dsskey = (dss_key*)m_malloc(sizeof(dss_key));
68 *type = DROPBEAR_SIGNKEY_DSS; 116 ret = buf_get_dss_pub_key(buf, key->dsskey);
69 return buf_get_dss_pub_key(buf, key->dsskey); 117 if (ret == DROPBEAR_FAILURE) {
70 } 118 m_free(key->dsskey);
71 #endif 119 }
72 #ifdef DROPBEAR_RSA 120 }
73 if (memcmp(ident, SSH_SIGNKEY_RSA, len) == 0 121 #endif
74 && (*type == DROPBEAR_SIGNKEY_ANY 122 #ifdef DROPBEAR_RSA
75 || *type == DROPBEAR_SIGNKEY_RSA)) { 123 if (keytype == DROPBEAR_SIGNKEY_RSA) {
76 m_free(ident);
77 buf_setpos(buf, buf->pos - len - 4);
78 rsa_key_free(key->rsakey); 124 rsa_key_free(key->rsakey);
79 key->rsakey = (rsa_key*)m_malloc(sizeof(rsa_key)); 125 key->rsakey = (rsa_key*)m_malloc(sizeof(rsa_key));
80 *type = DROPBEAR_SIGNKEY_RSA; 126 ret = buf_get_rsa_pub_key(buf, key->rsakey);
81 return buf_get_rsa_pub_key(buf, key->rsakey); 127 if (ret == DROPBEAR_FAILURE) {
82 } 128 m_free(key->rsakey);
83 #endif 129 }
84 TRACE(("leave buf_get_pub_key: didn't match the type we want (%d versus '%s'len %d)", *type, ident, len)); 130 }
85 131 #endif
86 m_free(ident); 132
87 133 TRACE(("leave buf_get_pub_key"));
88 return DROPBEAR_FAILURE; 134
135 return ret;
89 136
90 } 137 }
91 138
92 /* returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ 139 /* returns DROPBEAR_SUCCESS on success, DROPBEAR_FAILURE on fail.
93 /* type is set to hold the type returned */ 140 * type should be set by the caller to specify the type to read, and
141 * on return is set to the type read (useful when type = _ANY) */
94 int buf_get_priv_key(buffer *buf, sign_key *key, int *type) { 142 int buf_get_priv_key(buffer *buf, sign_key *key, int *type) {
95 143
96 unsigned char* ident; 144 unsigned char* ident;
97 unsigned int len; 145 unsigned int len;
98 int ret; 146 int keytype;
147 int ret = DROPBEAR_FAILURE;
99 148
100 TRACE(("enter buf_get_priv_key")); 149 TRACE(("enter buf_get_priv_key"));
150
101 ident = buf_getstring(buf, &len); 151 ident = buf_getstring(buf, &len);
102 152 keytype = signkey_type_from_name(ident, len);
103 #ifdef DROPBEAR_DSS 153 m_free(ident);
104 if (memcmp(ident, SSH_SIGNKEY_DSS, len) == 0 154
105 && (*type == DROPBEAR_SIGNKEY_ANY 155 if (*type != DROPBEAR_SIGNKEY_ANY && *type != keytype) {
106 || *type == DROPBEAR_SIGNKEY_DSS)) { 156 return DROPBEAR_FAILURE;
107 m_free(ident); 157 }
108 buf_setpos(buf, buf->pos - len - 4); 158
159 *type = keytype;
160
161 /* Rewind the buffer back before "ssh-rsa" etc */
162 buf_incrpos(buf, -len - 4);
163
164 #ifdef DROPBEAR_DSS
165 if (keytype == DROPBEAR_SIGNKEY_DSS) {
109 dss_key_free(key->dsskey); 166 dss_key_free(key->dsskey);
110 key->dsskey = (dss_key*)m_malloc(sizeof(dss_key)); 167 key->dsskey = (dss_key*)m_malloc(sizeof(dss_key));
111 ret = buf_get_dss_priv_key(buf, key->dsskey); 168 ret = buf_get_dss_priv_key(buf, key->dsskey);
112 *type = DROPBEAR_SIGNKEY_DSS;
113 if (ret == DROPBEAR_FAILURE) { 169 if (ret == DROPBEAR_FAILURE) {
114 m_free(key->dsskey); 170 m_free(key->dsskey);
115 } 171 }
116 TRACE(("leave buf_get_priv_key: done get dss")); 172 }
117 return ret; 173 #endif
118 } 174 #ifdef DROPBEAR_RSA
119 #endif 175 if (keytype == DROPBEAR_SIGNKEY_RSA) {
120 #ifdef DROPBEAR_RSA
121 if (memcmp(ident, SSH_SIGNKEY_RSA, len) == 0
122 && (*type == DROPBEAR_SIGNKEY_ANY
123 || *type == DROPBEAR_SIGNKEY_RSA)) {
124 m_free(ident);
125 buf_setpos(buf, buf->pos - len - 4);
126 rsa_key_free(key->rsakey); 176 rsa_key_free(key->rsakey);
127 key->rsakey = (rsa_key*)m_malloc(sizeof(rsa_key)); 177 key->rsakey = (rsa_key*)m_malloc(sizeof(rsa_key));
128 ret = buf_get_rsa_priv_key(buf, key->rsakey); 178 ret = buf_get_rsa_priv_key(buf, key->rsakey);
129 *type = DROPBEAR_SIGNKEY_RSA;
130 if (ret == DROPBEAR_FAILURE) { 179 if (ret == DROPBEAR_FAILURE) {
131 m_free(key->rsakey); 180 m_free(key->rsakey);
132 } 181 }
133 TRACE(("leave buf_get_priv_key: done get rsa")); 182 }
134 return ret; 183 #endif
135 } 184
136 #endif
137
138 m_free(ident);
139
140 TRACE(("leave buf_get_priv_key")); 185 TRACE(("leave buf_get_priv_key"));
141 return DROPBEAR_FAILURE; 186
187 return ret;
142 188
143 } 189 }
144 190
145 /* type is either DROPBEAR_SIGNKEY_DSS or DROPBEAR_SIGNKEY_RSA */ 191 /* type is either DROPBEAR_SIGNKEY_DSS or DROPBEAR_SIGNKEY_RSA */
146 void buf_put_pub_key(buffer* buf, sign_key *key, int type) { 192 void buf_put_pub_key(buffer* buf, sign_key *key, int type) {