From a599bd062f4ea739b0dc3fc86be2914411d91c54 Mon Sep 17 00:00:00 2001
From: mouring <mouring>
Date: Mon, 25 Jun 2001 05:04:58 +0000
Subject: [PATCH 1/1]    - markus@cvs.openbsd.org 2001/06/23 17:05:22     
 [ssh-keygen.c]      fix import for (broken?) ssh.com/f-secure private keys   
   (i tested > 1000 RSA keys)

---
 ChangeLog    |  6 +++++-
 ssh-keygen.c | 22 +++++++++++-----------
 2 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 5efe7fcf..f6d32dab 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -32,7 +32,7 @@
    - markus@cvs.openbsd.org 2001/06/22 22:21:20
      [sftp-server.c]
      allow long usernames/groups in readdir
-  - markus@cvs.openbsd.org 2001/06/22 23:35:21
+   - markus@cvs.openbsd.org 2001/06/22 23:35:21
      [ssh.c]
      don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@
    - deraadt@cvs.openbsd.org 2001/06/23 00:16:16
@@ -78,6 +78,10 @@
      more strict prototypes.  raise warning level in Makefile.inc.  
      markus ok'ed
      TODO; cleanup headers
+   - markus@cvs.openbsd.org 2001/06/23 17:05:22
+     [ssh-keygen.c]
+     fix import for (broken?) ssh.com/f-secure private keys
+     (i tested > 1000 RSA keys)
 
 20010622
  - (stevesk) handle systems without pw_expire and pw_change.
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 22946587..51b00340 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.63 2001/06/23 15:12:20 itojun Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.64 2001/06/23 17:05:22 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -187,9 +187,11 @@ do_convert_private_ssh2_from_blob(char *blob, int blen)
 {
 	Buffer b;
 	Key *key = NULL;
+	char *type, *cipher;
+	u_char *sig, data[10] = "abcde12345";
 	int magic, rlen, ktype, i1, i2, i3, i4;
+	u_int slen;
 	u_long e;
-	char *type, *cipher;
 
 	buffer_init(&b);
 	buffer_append(&b, blob, blen);
@@ -264,16 +266,11 @@ do_convert_private_ssh2_from_blob(char *blob, int blen)
 		error("do_convert_private_ssh2_from_blob: "
 		    "remaining bytes in key blob %d", rlen);
 	buffer_free(&b);
-#ifdef DEBUG_PK
-	{
-		u_int slen;
-		u_char *sig, data[10] = "abcde12345";
 
-		key_sign(key, &sig, &slen, data, sizeof(data));
-		key_verify(key, sig, slen, data, sizeof(data));
-		xfree(sig);
-	}
-#endif
+	/* try the key */
+	key_sign(key, &sig, &slen, data, sizeof(data));
+	key_verify(key, sig, slen, data, sizeof(data));
+	xfree(sig);
 	return key;
 }
 
@@ -312,6 +309,9 @@ do_convert_from_ssh2(struct passwd *pw)
 		    strstr(line, ": ") != NULL) {
 			if (strstr(line, SSH_COM_PRIVATE_BEGIN) != NULL)
 				private = 1;
+			if (strstr(line, " END ") != NULL) {
+				break;
+			}
 			/* fprintf(stderr, "ignore: %s", line); */
 			continue;
 		}
-- 
2.45.2