- djm@cvs.openbsd.org 2004/03/03 09:31:20

[openssh.git] / key.c

diff --git a/key.c b/key.c
index 718cd16c0cd7012c417cdb09a0bd6c794450f28e..323e6ff84bfddeee1a2ca2228c389db6a6d5feda 100644 (file)
--- a/key.c
+++ b/key.c
@@ -32,15 +32,13 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.46 2002/06/30 21:59:45 deraadt Exp $");
+RCSID("$OpenBSD: key.c,v 1.55 2003/11/10 16:23:41 jakob Exp $");
 
 #include <openssl/evp.h>
 
 #include "xmalloc.h"
 #include "key.h"
 #include "rsa.h"
-#include "ssh-dss.h"
-#include "ssh-rsa.h"
 #include "uuencode.h"
 #include "buffer.h"
 #include "bufaux.h"
@@ -145,8 +143,9 @@ key_free(Key *k)
        }
        xfree(k);
 }
+
 int
-key_equal(Key *a, Key *b)
+key_equal(const Key *a, const Key *b)
 {
        if (a == NULL || b == NULL || a->type != b->type)
                return 0;
@@ -171,8 +170,9 @@ key_equal(Key *a, Key *b)
        return 0;
 }
 
-static u_char *
-key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
+u_char*
+key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
+    u_int *dgst_raw_length)
 {
        const EVP_MD *md = NULL;
        EVP_MD_CTX ctx;
@@ -238,8 +238,10 @@ key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len)
        for (i = 0; i < dgst_raw_len; i++) {
                char hex[4];
                snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]);
-               strlcat(retval, hex, dgst_raw_len * 3);
+               strlcat(retval, hex, dgst_raw_len * 3 + 1);
        }
+
+       /* Remove the trailing ':' character */
        retval[(dgst_raw_len * 3) - 1] = '\0';
        return retval;
 }
@@ -292,7 +294,7 @@ key_fingerprint_bubblebabble(u_char *dgst_raw, u_int dgst_raw_len)
 }
 
 char *
-key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
+key_fingerprint(const Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
 {
        char *retval = NULL;
        u_char *dgst_raw;
@@ -410,14 +412,14 @@ key_read(Key *ret, char **cpp)
        case KEY_DSA:
                space = strchr(cp, ' ');
                if (space == NULL) {
-                       debug3("key_read: no space");
+                       debug3("key_read: missing whitespace");
                        return -1;
                }
                *space = '\0';
                type = key_type_from_name(cp);
                *space = ' ';
                if (type == KEY_UNSPEC) {
-                       debug3("key_read: no key found");
+                       debug3("key_read: missing keytype");
                        return -1;
                }
                cp = space+1;
@@ -440,7 +442,7 @@ key_read(Key *ret, char **cpp)
                        xfree(blob);
                        return -1;
                }
-               k = key_from_blob(blob, n);
+               k = key_from_blob(blob, (u_int)n);
                xfree(blob);
                if (k == NULL) {
                        error("key_read: key_from_blob %s failed", cp);
@@ -490,11 +492,12 @@ key_read(Key *ret, char **cpp)
 }
 
 int
-key_write(Key *key, FILE *f)
+key_write(const Key *key, FILE *f)
 {
        int n, success = 0;
        u_int len, bits = 0;
-       u_char *blob, *uu;
+       u_char *blob;
+       char *uu;
 
        if (key->type == KEY_RSA1 && key->rsa != NULL) {
                /* size of modulus 'n' */
@@ -521,8 +524,8 @@ key_write(Key *key, FILE *f)
        return success;
 }
 
-char *
-key_type(Key *k)
+const char *
+key_type(const Key *k)
 {
        switch (k->type) {
        case KEY_RSA1:
@@ -538,8 +541,8 @@ key_type(Key *k)
        return "unknown";
 }
 
-char *
-key_ssh_name(Key *k)
+const char *
+key_ssh_name(const Key *k)
 {
        switch (k->type) {
        case KEY_RSA:
@@ -553,7 +556,7 @@ key_ssh_name(Key *k)
 }
 
 u_int
-key_size(Key *k)
+key_size(const Key *k)
 {
        switch (k->type) {
        case KEY_RSA1:
@@ -610,7 +613,7 @@ key_generate(int type, u_int bits)
 }
 
 Key *
-key_from_private(Key *k)
+key_from_private(const Key *k)
 {
        Key *n = NULL;
        switch (k->type) {
@@ -675,7 +678,7 @@ key_names_valid2(const char *names)
 }
 
 Key *
-key_from_blob(u_char *blob, int blen)
+key_from_blob(const u_char *blob, u_int blen)
 {
        Buffer b;
        char *ktype;
@@ -725,11 +728,10 @@ key_from_blob(u_char *blob, int blen)
 }
 
 int
-key_to_blob(Key *key, u_char **blobp, u_int *lenp)
+key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
 {
        Buffer b;
        int len;
-       u_char *buf;
 
        if (key == NULL) {
                error("key_to_blob: key == NULL");
@@ -755,22 +757,22 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp)
                return 0;
        }
        len = buffer_len(&b);
-       buf = xmalloc(len);
-       memcpy(buf, buffer_ptr(&b), len);
-       memset(buffer_ptr(&b), 0, len);
-       buffer_free(&b);
        if (lenp != NULL)
                *lenp = len;
-       if (blobp != NULL)
-               *blobp = buf;
+       if (blobp != NULL) {
+               *blobp = xmalloc(len);
+               memcpy(*blobp, buffer_ptr(&b), len);
+       }
+       memset(buffer_ptr(&b), 0, len);
+       buffer_free(&b);
        return len;
 }
 
 int
 key_sign(
-    Key *key,
+    const Key *key,
     u_char **sigp, u_int *lenp,
-    u_char *data, u_int datalen)
+    const u_char *data, u_int datalen)
 {
        switch (key->type) {
        case KEY_DSA:
@@ -792,9 +794,9 @@ key_sign(
  */
 int
 key_verify(
-    Key *key,
-    u_char *signature, u_int signaturelen,
-    u_char *data, u_int datalen)
+    const Key *key,
+    const u_char *signature, u_int signaturelen,
+    const u_char *data, u_int datalen)
 {
        if (signaturelen == 0)
                return -1;
@@ -815,7 +817,7 @@ key_verify(
 
 /* Converts a private to a public key */
 Key *
-key_demote(Key *k)
+key_demote(const Key *k)
 {
        Key *pk;