Initial revision

[gssapi-openssh.git] / openssh / key.c

diff --git a/openssh/key.c b/openssh/key.c
index 077c517f0bda7fd98a941ccdaf8a44b3a674087d..f5fe5822d36864a2948e6d7f2eeaf92dca8a4298 100644 (file)
--- a/openssh/key.c
+++ b/openssh/key.c
@@ -32,15 +32,13 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.43 2002/03/19 10:49:35 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.55 2003/11/10 16:23:41 jakob Exp $");
 
 #include <openssl/evp.h>
 
 #include "xmalloc.h"
 #include "key.h"
 #include "rsa.h"
-#include "ssh-dss.h"
-#include "ssh-rsa.h"
 #include "uuencode.h"
 #include "buffer.h"
 #include "bufaux.h"
@@ -89,6 +87,7 @@ key_new(int type)
        }
        return k;
 }
+
 Key *
 key_new_private(int type)
 {
@@ -120,6 +119,7 @@ key_new_private(int type)
        }
        return k;
 }
+
 void
 key_free(Key *k)
 {
@@ -143,8 +143,9 @@ key_free(Key *k)
        }
        xfree(k);
 }
+
 int
-key_equal(Key *a, Key *b)
+key_equal(const Key *a, const Key *b)
 {
        if (a == NULL || b == NULL || a->type != b->type)
                return 0;
@@ -169,8 +170,9 @@ key_equal(Key *a, Key *b)
        return 0;
 }
 
-static u_char*
-key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
+u_char*
+key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
+    u_int *dgst_raw_length)
 {
        const EVP_MD *md = NULL;
        EVP_MD_CTX ctx;
@@ -225,8 +227,8 @@ key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
        return retval;
 }
 
-static char*
-key_fingerprint_hex(u_char* dgst_raw, u_int dgst_raw_len)
+static char *
+key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len)
 {
        char *retval;
        int i;
@@ -236,14 +238,16 @@ key_fingerprint_hex(u_char* dgst_raw, u_int dgst_raw_len)
        for (i = 0; i < dgst_raw_len; i++) {
                char hex[4];
                snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]);
-               strlcat(retval, hex, dgst_raw_len * 3);
+               strlcat(retval, hex, dgst_raw_len * 3 + 1);
        }
+
+       /* Remove the trailing ':' character */
        retval[(dgst_raw_len * 3) - 1] = '\0';
        return retval;
 }
 
-static char*
-key_fingerprint_bubblebabble(u_char* dgst_raw, u_int dgst_raw_len)
+static char *
+key_fingerprint_bubblebabble(u_char *dgst_raw, u_int dgst_raw_len)
 {
        char vowels[] = { 'a', 'e', 'i', 'o', 'u', 'y' };
        char consonants[] = { 'b', 'c', 'd', 'f', 'g', 'h', 'k', 'l', 'm',
@@ -289,8 +293,8 @@ key_fingerprint_bubblebabble(u_char* dgst_raw, u_int dgst_raw_len)
        return retval;
 }
 
-char*
-key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
+char *
+key_fingerprint(const Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
 {
        char *retval = NULL;
        u_char *dgst_raw;
@@ -359,6 +363,7 @@ read_bignum(char **cpp, BIGNUM * value)
        *cpp = cp;
        return 1;
 }
+
 static int
 write_bignum(FILE *f, BIGNUM *num)
 {
@@ -407,14 +412,14 @@ key_read(Key *ret, char **cpp)
        case KEY_DSA:
                space = strchr(cp, ' ');
                if (space == NULL) {
-                       debug3("key_read: no space");
+                       debug3("key_read: missing whitespace");
                        return -1;
                }
                *space = '\0';
                type = key_type_from_name(cp);
                *space = ' ';
                if (type == KEY_UNSPEC) {
-                       debug3("key_read: no key found");
+                       debug3("key_read: missing keytype");
                        return -1;
                }
                cp = space+1;
@@ -437,7 +442,7 @@ key_read(Key *ret, char **cpp)
                        xfree(blob);
                        return -1;
                }
-               k = key_from_blob(blob, n);
+               k = key_from_blob(blob, (u_int)n);
                xfree(blob);
                if (k == NULL) {
                        error("key_read: key_from_blob %s failed", cp);
@@ -485,12 +490,14 @@ key_read(Key *ret, char **cpp)
        }
        return success;
 }
+
 int
-key_write(Key *key, FILE *f)
+key_write(const Key *key, FILE *f)
 {
        int n, success = 0;
        u_int len, bits = 0;
-       u_char *blob, *uu;
+       u_char *blob;
+       char *uu;
 
        if (key->type == KEY_RSA1 && key->rsa != NULL) {
                /* size of modulus 'n' */
@@ -516,8 +523,9 @@ key_write(Key *key, FILE *f)
        }
        return success;
 }
-char *
-key_type(Key *k)
+
+const char *
+key_type(const Key *k)
 {
        switch (k->type) {
        case KEY_RSA1:
@@ -532,8 +540,9 @@ key_type(Key *k)
        }
        return "unknown";
 }
-char *
-key_ssh_name(Key *k)
+
+const char *
+key_ssh_name(const Key *k)
 {
        switch (k->type) {
        case KEY_RSA:
@@ -545,8 +554,9 @@ key_ssh_name(Key *k)
        }
        return "ssh-unknown";
 }
+
 u_int
-key_size(Key *k)
+key_size(const Key *k)
 {
        switch (k->type) {
        case KEY_RSA1:
@@ -603,7 +613,7 @@ key_generate(int type, u_int bits)
 }
 
 Key *
-key_from_private(Key *k)
+key_from_private(const Key *k)
 {
        Key *n = NULL;
        switch (k->type) {
@@ -670,7 +680,7 @@ key_names_valid2(const char *names)
 }
 
 Key *
-key_from_blob(u_char *blob, int blen)
+key_from_blob(const u_char *blob, u_int blen)
 {
        Buffer b;
        char *ktype;
@@ -720,11 +730,10 @@ key_from_blob(u_char *blob, int blen)
 }
 
 int
-key_to_blob(Key *key, u_char **blobp, u_int *lenp)
+key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
 {
        Buffer b;
        int len;
-       u_char *buf;
 
        if (key == NULL) {
                error("key_to_blob: key == NULL");
@@ -750,22 +759,22 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp)
                return 0;
        }
        len = buffer_len(&b);
-       buf = xmalloc(len);
-       memcpy(buf, buffer_ptr(&b), len);
-       memset(buffer_ptr(&b), 0, len);
-       buffer_free(&b);
        if (lenp != NULL)
                *lenp = len;
-       if (blobp != NULL)
-               *blobp = buf;
+       if (blobp != NULL) {
+               *blobp = xmalloc(len);
+               memcpy(*blobp, buffer_ptr(&b), len);
+       }
+       memset(buffer_ptr(&b), 0, len);
+       buffer_free(&b);
        return len;
 }
 
 int
 key_sign(
-    Key *key,
+    const Key *key,
     u_char **sigp, u_int *lenp,
-    u_char *data, u_int datalen)
+    const u_char *data, u_int datalen)
 {
        switch (key->type) {
        case KEY_DSA:
@@ -781,11 +790,15 @@ key_sign(
        }
 }
 
+/*
+ * key_verify returns 1 for a correct signature, 0 for an incorrect signature
+ * and -1 on error.
+ */
 int
 key_verify(
-    Key *key,
-    u_char *signature, u_int signaturelen,
-    u_char *data, u_int datalen)
+    const Key *key,
+    const u_char *signature, u_int signaturelen,
+    const u_char *data, u_int datalen)
 {
        if (signaturelen == 0)
                return -1;
@@ -805,9 +818,8 @@ key_verify(
 }
 
 /* Converts a private to a public key */
-
 Key *
-key_demote(Key *k)
+key_demote(const Key *k)
 {
        Key *pk;