* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.36 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: key.c,v 1.44 2002/05/31 13:16:48 markus Exp $");
#include <openssl/evp.h>
switch (k->type) {
case KEY_RSA1:
case KEY_RSA:
- rsa = RSA_new();
- rsa->n = BN_new();
- rsa->e = BN_new();
+ if ((rsa = RSA_new()) == NULL)
+ fatal("key_new: RSA_new failed");
+ if ((rsa->n = BN_new()) == NULL)
+ fatal("key_new: BN_new failed");
+ if ((rsa->e = BN_new()) == NULL)
+ fatal("key_new: BN_new failed");
k->rsa = rsa;
break;
case KEY_DSA:
- dsa = DSA_new();
- dsa->p = BN_new();
- dsa->q = BN_new();
- dsa->g = BN_new();
- dsa->pub_key = BN_new();
+ if ((dsa = DSA_new()) == NULL)
+ fatal("key_new: DSA_new failed");
+ if ((dsa->p = BN_new()) == NULL)
+ fatal("key_new: BN_new failed");
+ if ((dsa->q = BN_new()) == NULL)
+ fatal("key_new: BN_new failed");
+ if ((dsa->g = BN_new()) == NULL)
+ fatal("key_new: BN_new failed");
+ if ((dsa->pub_key = BN_new()) == NULL)
+ fatal("key_new: BN_new failed");
k->dsa = dsa;
break;
case KEY_UNSPEC:
switch (k->type) {
case KEY_RSA1:
case KEY_RSA:
- k->rsa->d = BN_new();
- k->rsa->iqmp = BN_new();
- k->rsa->q = BN_new();
- k->rsa->p = BN_new();
- k->rsa->dmq1 = BN_new();
- k->rsa->dmp1 = BN_new();
+ if ((k->rsa->d = BN_new()) == NULL)
+ fatal("key_new_private: BN_new failed");
+ if ((k->rsa->iqmp = BN_new()) == NULL)
+ fatal("key_new_private: BN_new failed");
+ if ((k->rsa->q = BN_new()) == NULL)
+ fatal("key_new_private: BN_new failed");
+ if ((k->rsa->p = BN_new()) == NULL)
+ fatal("key_new_private: BN_new failed");
+ if ((k->rsa->dmq1 = BN_new()) == NULL)
+ fatal("key_new_private: BN_new failed");
+ if ((k->rsa->dmp1 = BN_new()) == NULL)
+ fatal("key_new_private: BN_new failed");
break;
case KEY_DSA:
- k->dsa->priv_key = BN_new();
+ if ((k->dsa->priv_key = BN_new()) == NULL)
+ fatal("key_new_private: BN_new failed");
break;
case KEY_UNSPEC:
break;
}
static u_char*
-key_fingerprint_raw(Key *k, enum fp_type dgst_type, size_t *dgst_raw_length)
+key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
{
- EVP_MD *md = NULL;
+ const EVP_MD *md = NULL;
EVP_MD_CTX ctx;
u_char *blob = NULL;
u_char *retval = NULL;
- int len = 0;
+ u_int len = 0;
int nlen, elen;
*dgst_raw_length = 0;
retval = xmalloc(EVP_MAX_MD_SIZE);
EVP_DigestInit(&ctx, md);
EVP_DigestUpdate(&ctx, blob, len);
- EVP_DigestFinal(&ctx, retval, NULL);
- *dgst_raw_length = md->md_size;
+ EVP_DigestFinal(&ctx, retval, dgst_raw_length);
memset(blob, 0, len);
xfree(blob);
} else {
}
static char*
-key_fingerprint_hex(u_char* dgst_raw, size_t dgst_raw_len)
+key_fingerprint_hex(u_char* dgst_raw, u_int dgst_raw_len)
{
char *retval;
int i;
}
static char*
-key_fingerprint_bubblebabble(u_char* dgst_raw, size_t dgst_raw_len)
+key_fingerprint_bubblebabble(u_char* dgst_raw, u_int dgst_raw_len)
{
char vowels[] = { 'a', 'e', 'i', 'o', 'u', 'y' };
char consonants[] = { 'b', 'c', 'd', 'f', 'g', 'h', 'k', 'l', 'm',
{
char *retval = NULL;
u_char *dgst_raw;
- size_t dgst_raw_len;
+ u_int dgst_raw_len;
dgst_raw = key_fingerprint_raw(k, dgst_type, &dgst_raw_len);
if (!dgst_raw)
int
key_write(Key *key, FILE *f)
{
- int success = 0;
- u_int bits = 0;
+ int n, success = 0;
+ u_int len, bits = 0;
+ u_char *blob, *uu;
if (key->type == KEY_RSA1 && key->rsa != NULL) {
/* size of modulus 'n' */
}
} else if ((key->type == KEY_DSA && key->dsa != NULL) ||
(key->type == KEY_RSA && key->rsa != NULL)) {
- int len, n;
- u_char *blob, *uu;
key_to_blob(key, &blob, &len);
uu = xmalloc(2*len);
n = uuencode(blob, len, uu, 2*len);
int
key_sign(
Key *key,
- u_char **sigp, int *lenp,
- u_char *data, int datalen)
+ u_char **sigp, u_int *lenp,
+ u_char *data, u_int datalen)
{
switch (key->type) {
case KEY_DSA:
}
}
+/*
+ * key_verify returns 1 for a correct signature, 0 for an incorrect signature
+ * and -1 on error.
+ */
int
key_verify(
Key *key,
- u_char *signature, int signaturelen,
- u_char *data, int datalen)
+ u_char *signature, u_int signaturelen,
+ u_char *data, u_int datalen)
{
if (signaturelen == 0)
return -1;
break;
}
}
+
+/* Converts a private to a public key */
+
+Key *
+key_demote(Key *k)
+{
+ Key *pk;
+
+ pk = xmalloc(sizeof(*pk));
+ pk->type = k->type;
+ pk->flags = k->flags;
+ pk->dsa = NULL;
+ pk->rsa = NULL;
+
+ switch (k->type) {
+ case KEY_RSA1:
+ case KEY_RSA:
+ if ((pk->rsa = RSA_new()) == NULL)
+ fatal("key_demote: RSA_new failed");
+ if ((pk->rsa->e = BN_dup(k->rsa->e)) == NULL)
+ fatal("key_demote: BN_dup failed");
+ if ((pk->rsa->n = BN_dup(k->rsa->n)) == NULL)
+ fatal("key_demote: BN_dup failed");
+ break;
+ case KEY_DSA:
+ if ((pk->dsa = DSA_new()) == NULL)
+ fatal("key_demote: DSA_new failed");
+ if ((pk->dsa->p = BN_dup(k->dsa->p)) == NULL)
+ fatal("key_demote: BN_dup failed");
+ if ((pk->dsa->q = BN_dup(k->dsa->q)) == NULL)
+ fatal("key_demote: BN_dup failed");
+ if ((pk->dsa->g = BN_dup(k->dsa->g)) == NULL)
+ fatal("key_demote: BN_dup failed");
+ if ((pk->dsa->pub_key = BN_dup(k->dsa->pub_key)) == NULL)
+ fatal("key_demote: BN_dup failed");
+ break;
+ default:
+ fatal("key_free: bad key type %d", k->type);
+ break;
+ }
+
+ return (pk);
+}
andersk / openssh.git / blobdiff