- itojun@cvs.openbsd.org 2002/05/13 02:37:39

[openssh.git] / key.c

diff --git a/key.c b/key.c
index 8b1057e8ece774cf9d5b68b18530a66ea056b0a7..1ce0a87a33bdedf23aebb915ec3307fd2c7e25fe 100644 (file)
--- a/key.c
+++ b/key.c
@@ -32,7 +32,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.39 2002/01/25 22:07:40 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.43 2002/03/19 10:49:35 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -172,11 +172,11 @@ key_equal(Key *a, Key *b)
 static u_char*
 key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
 {
-       EVP_MD *md = NULL;
+       const EVP_MD *md = NULL;
        EVP_MD_CTX ctx;
        u_char *blob = NULL;
        u_char *retval = NULL;
-       int len = 0;
+       u_int len = 0;
        int nlen, elen;
 
        *dgst_raw_length = 0;
@@ -488,8 +488,9 @@ key_read(Key *ret, char **cpp)
 int
 key_write(Key *key, FILE *f)
 {
-       int success = 0;
-       u_int bits = 0;
+       int n, success = 0;
+       u_int len, bits = 0;
+       u_char *blob, *uu;
 
        if (key->type == KEY_RSA1 && key->rsa != NULL) {
                /* size of modulus 'n' */
@@ -503,8 +504,6 @@ key_write(Key *key, FILE *f)
                }
        } else if ((key->type == KEY_DSA && key->dsa != NULL) ||
            (key->type == KEY_RSA && key->rsa != NULL)) {
-               int len, n;
-               u_char *blob, *uu;
                key_to_blob(key, &blob, &len);
                uu = xmalloc(2*len);
                n = uuencode(blob, len, uu, 2*len);
@@ -763,8 +762,8 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp)
 int
 key_sign(
     Key *key,
-    u_char **sigp, int *lenp,
-    u_char *data, int datalen)
+    u_char **sigp, u_int *lenp,
+    u_char *data, u_int datalen)
 {
        switch (key->type) {
        case KEY_DSA:
@@ -783,8 +782,8 @@ key_sign(
 int
 key_verify(
     Key *key,
-    u_char *signature, int signaturelen,
-    u_char *data, int datalen)
+    u_char *signature, u_int signaturelen,
+    u_char *data, u_int datalen)
 {
        if (signaturelen == 0)
                return -1;
@@ -802,3 +801,46 @@ key_verify(
                break;
        }
 }
+
+/* Converts a private to a public key */
+
+Key *
+key_demote(Key *k)
+{
+       Key *pk;
+
+       pk = xmalloc(sizeof(*pk));
+       pk->type = k->type;
+       pk->flags = k->flags;
+       pk->dsa = NULL;
+       pk->rsa = NULL;
+
+       switch (k->type) {
+       case KEY_RSA1:
+       case KEY_RSA:
+               if ((pk->rsa = RSA_new()) == NULL)
+                       fatal("key_demote: RSA_new failed");
+               if ((pk->rsa->e = BN_dup(k->rsa->e)) == NULL)
+                       fatal("key_demote: BN_dup failed");
+               if ((pk->rsa->n = BN_dup(k->rsa->n)) == NULL)
+                       fatal("key_demote: BN_dup failed");
+               break;
+       case KEY_DSA:
+               if ((pk->dsa = DSA_new()) == NULL)
+                       fatal("key_demote: DSA_new failed");
+               if ((pk->dsa->p = BN_dup(k->dsa->p)) == NULL)
+                       fatal("key_demote: BN_dup failed");
+               if ((pk->dsa->q = BN_dup(k->dsa->q)) == NULL)
+                       fatal("key_demote: BN_dup failed");
+               if ((pk->dsa->g = BN_dup(k->dsa->g)) == NULL)
+                       fatal("key_demote: BN_dup failed");
+               if ((pk->dsa->pub_key = BN_dup(k->dsa->pub_key)) == NULL)
+                       fatal("key_demote: BN_dup failed");
+               break;
+       default:
+               fatal("key_free: bad key type %d", k->type);
+               break;
+       }
+
+       return (pk);
+}