-/* $OpenBSD: key.c,v 1.70 2008/06/11 21:01:35 grunk Exp $ */
+/* $OpenBSD: key.c,v 1.82 2010/01/13 01:10:56 dtucker Exp $ */
/*
* read_bignum():
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
*
*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
+ * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
default:
fatal("key_equal: bad key type %d", a->type);
}
+ /* NOTREACHED */
}
u_char*
* Graphs are not unambiguous, because circles in graphs can be
* walked in either direction.
*/
-#define FLDSIZE_Y 8
-#define FLDSIZE_X FLDSIZE_Y * 2
+
+/*
+ * Field sizes for the random art. Have to be odd, so the starting point
+ * can be in the exact middle of the picture, and FLDBASE should be >=8 .
+ * Else pictures would be too dense, and drawing the frame would
+ * fail, too, because the key type would not fit in anymore.
+ */
+#define FLDBASE 8
+#define FLDSIZE_Y (FLDBASE + 1)
+#define FLDSIZE_X (FLDBASE * 2 + 1)
static char *
-key_fingerprint_randomart(u_char *dgst_raw, u_int dgst_raw_len)
+key_fingerprint_randomart(u_char *dgst_raw, u_int dgst_raw_len, const Key *k)
{
/*
* Chars to be used after each other every time the worm
* intersects with itself. Matter of taste.
*/
- char *augmentation_string = " .o+=*BOX@%&#/^";
+ char *augmentation_string = " .o+=*BOX@%&#/^SE";
char *retval, *p;
- char field[FLDSIZE_X][FLDSIZE_Y];
+ u_char field[FLDSIZE_X][FLDSIZE_Y];
u_int i, b;
int x, y;
+ size_t len = strlen(augmentation_string) - 1;
retval = xcalloc(1, (FLDSIZE_X + 3) * (FLDSIZE_Y + 2));
/* initialize field */
- memset(field, ' ', FLDSIZE_X * FLDSIZE_Y * sizeof(char));
+ memset(field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char));
x = FLDSIZE_X / 2;
y = FLDSIZE_Y / 2;
- field[x][y] = '.';
/* process raw key */
for (i = 0; i < dgst_raw_len; i++) {
y = MIN(y, FLDSIZE_Y - 1);
/* augment the field */
- p = strchr(augmentation_string, field[x][y]);
- if (*++p != '\0')
- field[x][y] = *p;
-
+ if (field[x][y] < len - 2)
+ field[x][y]++;
input = input >> 2;
}
}
+ /* mark starting point and end point*/
+ field[FLDSIZE_X / 2][FLDSIZE_Y / 2] = len - 1;
+ field[x][y] = len;
+
/* fill in retval */
- p = retval;
+ snprintf(retval, FLDSIZE_X, "+--[%4s %4u]", key_type(k), key_size(k));
+ p = strchr(retval, '\0');
/* output upper border */
- *p++ = '+';
- for (i = 0; i < FLDSIZE_X; i++)
+ for (i = p - retval - 1; i < FLDSIZE_X; i++)
*p++ = '-';
*p++ = '+';
*p++ = '\n';
for (y = 0; y < FLDSIZE_Y; y++) {
*p++ = '|';
for (x = 0; x < FLDSIZE_X; x++)
- *p++ = field[x][y];
+ *p++ = augmentation_string[MIN(field[x][y], len)];
*p++ = '|';
*p++ = '\n';
}
retval = key_fingerprint_bubblebabble(dgst_raw, dgst_raw_len);
break;
case SSH_FP_RANDOMART:
- retval = key_fingerprint_randomart(dgst_raw, dgst_raw_len);
+ retval = key_fingerprint_randomart(dgst_raw, dgst_raw_len, k);
break;
default:
- fatal("key_fingerprint_ex: bad digest representation %d",
+ fatal("key_fingerprint: bad digest representation %d",
dgst_rep);
break;
}
return -1;
if (!read_bignum(cpp, ret->rsa->n))
return -1;
+ /* validate the claimed number of bits */
+ if ((u_int)BN_num_bits(ret->rsa->n) != bits) {
+ verbose("key_read: claimed key size %d does not match "
+ "actual %d", bits, BN_num_bits(ret->rsa->n));
+ return -1;
+ }
success = 1;
break;
case KEY_UNSPEC:
{
RSA *private;
- private = RSA_generate_key(bits, 35, NULL, NULL);
+ private = RSA_generate_key(bits, RSA_F4, NULL, NULL);
if (private == NULL)
fatal("rsa_generate_private_key: key generation failed.");
return private;