comparison keyimport.c @ 857:c19acba28590

use oldstyle comments
author Matt Johnston <matt@ucc.asn.au>
date Thu, 14 Nov 2013 22:03:30 +0800
parents 754d7bee1068
children d2d624c951ca
comparison
equal deleted inserted replaced
856:f56c41030c15 857:c19acba28590
670 unsigned char* public_key_bytes = NULL; 670 unsigned char* public_key_bytes = NULL;
671 int public_key_len = 0; 671 int public_key_len = 0;
672 ecc_key *ecc = NULL; 672 ecc_key *ecc = NULL;
673 const struct dropbear_ecc_curve *curve = NULL; 673 const struct dropbear_ecc_curve *curve = NULL;
674 674
675 // See SEC1 v2, Appendix C.4 675 /* See SEC1 v2, Appendix C.4 */
676 // OpenSSL (so OpenSSH) seems to include the optional parts. 676 /* OpenSSL (so OpenSSH) seems to include the optional parts. */
677 677
678 // privateKey OCTET STRING, 678 /* privateKey OCTET STRING, */
679 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p, 679 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
680 &id, &len, &flags); 680 &id, &len, &flags);
681 p += ret; 681 p += ret;
682 // id==4 for octet string 682 /* id==4 for octet string */
683 if (ret < 0 || id != 4 || 683 if (ret < 0 || id != 4 ||
684 key->keyblob+key->keyblob_len-p < len) { 684 key->keyblob+key->keyblob_len-p < len) {
685 errmsg = "ASN.1 decoding failure"; 685 errmsg = "ASN.1 decoding failure";
686 goto error; 686 goto error;
687 } 687 }
688 private_key_bytes = p; 688 private_key_bytes = p;
689 private_key_len = len; 689 private_key_len = len;
690 p += len; 690 p += len;
691 691
692 // parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL, 692 /* parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL, */
693 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p, 693 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
694 &id, &len, &flags); 694 &id, &len, &flags);
695 p += ret; 695 p += ret;
696 // id==0 696 /* id==0 */
697 if (ret < 0 || id != 0) { 697 if (ret < 0 || id != 0) {
698 errmsg = "ASN.1 decoding failure"; 698 errmsg = "ASN.1 decoding failure";
699 goto error; 699 goto error;
700 } 700 }
701 701
702 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p, 702 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
703 &id, &len, &flags); 703 &id, &len, &flags);
704 p += ret; 704 p += ret;
705 // id==6 for object 705 /* id==6 for object */
706 if (ret < 0 || id != 6 || 706 if (ret < 0 || id != 6 ||
707 key->keyblob+key->keyblob_len-p < len) { 707 key->keyblob+key->keyblob_len-p < len) {
708 errmsg = "ASN.1 decoding failure"; 708 errmsg = "ASN.1 decoding failure";
709 goto error; 709 goto error;
710 } 710 }
735 errmsg = "Unknown ECC key type"; 735 errmsg = "Unknown ECC key type";
736 goto error; 736 goto error;
737 } 737 }
738 p += len; 738 p += len;
739 739
740 // publicKey [1] BIT STRING OPTIONAL 740 /* publicKey [1] BIT STRING OPTIONAL */
741 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p, 741 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
742 &id, &len, &flags); 742 &id, &len, &flags);
743 p += ret; 743 p += ret;
744 // id==1 744 /* id==1 */
745 if (ret < 0 || id != 1) { 745 if (ret < 0 || id != 1) {
746 errmsg = "ASN.1 decoding failure"; 746 errmsg = "ASN.1 decoding failure";
747 goto error; 747 goto error;
748 } 748 }
749 749
750 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p, 750 ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
751 &id, &len, &flags); 751 &id, &len, &flags);
752 p += ret; 752 p += ret;
753 // id==3 for bit string 753 /* id==3 for bit string */
754 if (ret < 0 || id != 3 || 754 if (ret < 0 || id != 3 ||
755 key->keyblob+key->keyblob_len-p < len) { 755 key->keyblob+key->keyblob_len-p < len) {
756 errmsg = "ASN.1 decoding failure"; 756 errmsg = "ASN.1 decoding failure";
757 goto error; 757 goto error;
758 } 758 }
773 goto error; 773 goto error;
774 } 774 }
775 775
776 *signkey_key_ptr(retkey, retkey->type) = ecc; 776 *signkey_key_ptr(retkey, retkey->type) = ecc;
777 } 777 }
778 #endif // DROPBEAR_ECDSA 778 #endif /* DROPBEAR_ECDSA */
779 779
780 /* 780 /*
781 * Now put together the actual key. Simplest way to do this is 781 * Now put together the actual key. Simplest way to do this is
782 * to assemble our own key blobs and feed them to the createkey 782 * to assemble our own key blobs and feed them to the createkey
783 * functions; this is a bit faffy but it does mean we get all 783 * functions; this is a bit faffy but it does mean we get all
1010 for (i = 0; i < nnumbers; i++) { 1010 for (i = 0; i < nnumbers; i++) {
1011 pos += ber_write_id_len(outblob+pos, 2, numbers[i].bytes, 0); 1011 pos += ber_write_id_len(outblob+pos, 2, numbers[i].bytes, 0);
1012 memcpy(outblob+pos, numbers[i].start, numbers[i].bytes); 1012 memcpy(outblob+pos, numbers[i].start, numbers[i].bytes);
1013 pos += numbers[i].bytes; 1013 pos += numbers[i].bytes;
1014 } 1014 }
1015 } // end RSA and DSS handling 1015 } /* end RSA and DSS handling */
1016 1016
1017 #ifdef DROPBEAR_ECDSA 1017 #ifdef DROPBEAR_ECDSA
1018 if (key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP256 1018 if (key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP256
1019 || key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP384 1019 || key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
1020 || key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) { 1020 || key->type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
1065 dropbear_exit("Internal error"); 1065 dropbear_exit("Internal error");
1066 } 1066 }
1067 1067
1068 buf_incrwritepos(seq_buf, 1068 buf_incrwritepos(seq_buf,
1069 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 0, 2+curve_oid_len, 0xa0)); 1069 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 0, 2+curve_oid_len, 0xa0));
1070 // object == 6 1070 /* object == 6 */
1071 buf_incrwritepos(seq_buf, 1071 buf_incrwritepos(seq_buf,
1072 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 6, curve_oid_len, 0)); 1072 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 6, curve_oid_len, 0));
1073 buf_putbytes(seq_buf, curve_oid, curve_oid_len); 1073 buf_putbytes(seq_buf, curve_oid, curve_oid_len);
1074 1074
1075 buf_incrwritepos(seq_buf, 1075 buf_incrwritepos(seq_buf,