diff options
author | markus@openbsd.org <markus@openbsd.org> | 2017-05-30 14:16:41 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-05-31 10:49:50 +1000 |
commit | 7da5df11ac788bc1133d8d598d298e33500524cc (patch) | |
tree | 9c201ad7bfbb674771d3cd17bda0c90d2523ffaa | |
parent | ff7371afd08ac0bbd957d90451d4dcd0da087ef5 (diff) |
upstream commit
remove unused wrapper functions from key.[ch]; ok djm@
Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
-rw-r--r-- | key.c | 177 | ||||
-rw-r--r-- | key.h | 36 | ||||
-rw-r--r-- | ssh-add.c | 4 | ||||
-rw-r--r-- | ssh-keygen.c | 20 |
4 files changed, 14 insertions, 223 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: key.c,v 1.130 2016/05/02 09:36:42 djm Exp $ */ | 1 | /* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * placed in the public domain | 3 | * placed in the public domain |
4 | */ | 4 | */ |
@@ -20,68 +20,6 @@ | |||
20 | #include "log.h" | 20 | #include "log.h" |
21 | #include "authfile.h" | 21 | #include "authfile.h" |
22 | 22 | ||
23 | void | ||
24 | key_add_private(Key *k) | ||
25 | { | ||
26 | int r; | ||
27 | |||
28 | if ((r = sshkey_add_private(k)) != 0) | ||
29 | fatal("%s: %s", __func__, ssh_err(r)); | ||
30 | } | ||
31 | |||
32 | Key * | ||
33 | key_new_private(int type) | ||
34 | { | ||
35 | Key *ret = NULL; | ||
36 | |||
37 | if ((ret = sshkey_new_private(type)) == NULL) | ||
38 | fatal("%s: failed", __func__); | ||
39 | return ret; | ||
40 | } | ||
41 | |||
42 | int | ||
43 | key_read(Key *ret, char **cpp) | ||
44 | { | ||
45 | return sshkey_read(ret, cpp) == 0 ? 1 : -1; | ||
46 | } | ||
47 | |||
48 | int | ||
49 | key_write(const Key *key, FILE *f) | ||
50 | { | ||
51 | return sshkey_write(key, f) == 0 ? 1 : 0; | ||
52 | } | ||
53 | |||
54 | Key * | ||
55 | key_generate(int type, u_int bits) | ||
56 | { | ||
57 | int r; | ||
58 | Key *ret = NULL; | ||
59 | |||
60 | if ((r = sshkey_generate(type, bits, &ret)) != 0) | ||
61 | fatal("%s: %s", __func__, ssh_err(r)); | ||
62 | return ret; | ||
63 | } | ||
64 | |||
65 | void | ||
66 | key_cert_copy(const Key *from_key, Key *to_key) | ||
67 | { | ||
68 | int r; | ||
69 | |||
70 | if ((r = sshkey_cert_copy(from_key, to_key)) != 0) | ||
71 | fatal("%s: %s", __func__, ssh_err(r)); | ||
72 | } | ||
73 | |||
74 | Key * | ||
75 | key_from_private(const Key *k) | ||
76 | { | ||
77 | int r; | ||
78 | Key *ret = NULL; | ||
79 | |||
80 | if ((r = sshkey_from_private(k, &ret)) != 0) | ||
81 | fatal("%s: %s", __func__, ssh_err(r)); | ||
82 | return ret; | ||
83 | } | ||
84 | |||
85 | static void | 23 | static void |
86 | fatal_on_fatal_errors(int r, const char *func, int extra_fatal) | 24 | fatal_on_fatal_errors(int r, const char *func, int extra_fatal) |
87 | { | 25 | { |
@@ -184,19 +122,6 @@ key_demote(const Key *k) | |||
184 | } | 122 | } |
185 | 123 | ||
186 | int | 124 | int |
187 | key_to_certified(Key *k) | ||
188 | { | ||
189 | int r; | ||
190 | |||
191 | if ((r = sshkey_to_certified(k)) != 0) { | ||
192 | fatal_on_fatal_errors(r, __func__, 0); | ||
193 | error("%s: %s", __func__, ssh_err(r)); | ||
194 | return -1; | ||
195 | } | ||
196 | return 0; | ||
197 | } | ||
198 | |||
199 | int | ||
200 | key_drop_cert(Key *k) | 125 | key_drop_cert(Key *k) |
201 | { | 126 | { |
202 | int r; | 127 | int r; |
@@ -210,19 +135,6 @@ key_drop_cert(Key *k) | |||
210 | } | 135 | } |
211 | 136 | ||
212 | int | 137 | int |
213 | key_certify(Key *k, Key *ca) | ||
214 | { | ||
215 | int r; | ||
216 | |||
217 | if ((r = sshkey_certify(k, ca, NULL)) != 0) { | ||
218 | fatal_on_fatal_errors(r, __func__, 0); | ||
219 | error("%s: %s", __func__, ssh_err(r)); | ||
220 | return -1; | ||
221 | } | ||
222 | return 0; | ||
223 | } | ||
224 | |||
225 | int | ||
226 | key_cert_check_authority(const Key *k, int want_host, int require_principal, | 138 | key_cert_check_authority(const Key *k, int want_host, int require_principal, |
227 | const char *name, const char **reason) | 139 | const char *name, const char **reason) |
228 | { | 140 | { |
@@ -237,88 +149,8 @@ key_cert_check_authority(const Key *k, int want_host, int require_principal, | |||
237 | return 0; | 149 | return 0; |
238 | } | 150 | } |
239 | 151 | ||
240 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) | ||
241 | int | ||
242 | key_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | ||
243 | { | ||
244 | int r; | ||
245 | |||
246 | if ((r = sshkey_ec_validate_public(group, public)) != 0) { | ||
247 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
248 | error("%s: %s", __func__, ssh_err(r)); | ||
249 | return -1; | ||
250 | } | ||
251 | return 0; | ||
252 | } | ||
253 | |||
254 | int | ||
255 | key_ec_validate_private(const EC_KEY *key) | ||
256 | { | ||
257 | int r; | ||
258 | |||
259 | if ((r = sshkey_ec_validate_private(key)) != 0) { | ||
260 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
261 | error("%s: %s", __func__, ssh_err(r)); | ||
262 | return -1; | ||
263 | } | ||
264 | return 0; | ||
265 | } | ||
266 | #endif /* WITH_OPENSSL */ | ||
267 | |||
268 | void | ||
269 | key_private_serialize(const Key *key, struct sshbuf *b) | ||
270 | { | ||
271 | int r; | ||
272 | |||
273 | if ((r = sshkey_private_serialize(key, b)) != 0) | ||
274 | fatal("%s: %s", __func__, ssh_err(r)); | ||
275 | } | ||
276 | |||
277 | Key * | ||
278 | key_private_deserialize(struct sshbuf *blob) | ||
279 | { | ||
280 | int r; | ||
281 | Key *ret = NULL; | ||
282 | |||
283 | if ((r = sshkey_private_deserialize(blob, &ret)) != 0) { | ||
284 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
285 | error("%s: %s", __func__, ssh_err(r)); | ||
286 | return NULL; | ||
287 | } | ||
288 | return ret; | ||
289 | } | ||
290 | |||
291 | /* authfile.c */ | 152 | /* authfile.c */ |
292 | 153 | ||
293 | int | ||
294 | key_save_private(Key *key, const char *filename, const char *passphrase, | ||
295 | const char *comment, int force_new_format, const char *new_format_cipher, | ||
296 | int new_format_rounds) | ||
297 | { | ||
298 | int r; | ||
299 | |||
300 | if ((r = sshkey_save_private(key, filename, passphrase, comment, | ||
301 | force_new_format, new_format_cipher, new_format_rounds)) != 0) { | ||
302 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
303 | error("%s: %s", __func__, ssh_err(r)); | ||
304 | return 0; | ||
305 | } | ||
306 | return 1; | ||
307 | } | ||
308 | |||
309 | int | ||
310 | key_load_file(int fd, const char *filename, struct sshbuf *blob) | ||
311 | { | ||
312 | int r; | ||
313 | |||
314 | if ((r = sshkey_load_file(fd, blob)) != 0) { | ||
315 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
316 | error("%s: %s", __func__, ssh_err(r)); | ||
317 | return 0; | ||
318 | } | ||
319 | return 1; | ||
320 | } | ||
321 | |||
322 | Key * | 154 | Key * |
323 | key_load_cert(const char *filename) | 155 | key_load_cert(const char *filename) |
324 | { | 156 | { |
@@ -417,10 +249,3 @@ key_load_private_type(int type, const char *filename, const char *passphrase, | |||
417 | } | 249 | } |
418 | return ret; | 250 | return ret; |
419 | } | 251 | } |
420 | |||
421 | int | ||
422 | key_perm_ok(int fd, const char *filename) | ||
423 | { | ||
424 | return sshkey_perm_ok(fd, filename) == 0 ? 1 : 0; | ||
425 | } | ||
426 | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: key.h,v 1.50 2016/09/12 23:31:27 djm Exp $ */ | 1 | /* $OpenBSD: key.h,v 1.51 2017/05/30 14:16:41 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -35,51 +35,24 @@ typedef struct sshkey Key; | |||
35 | #define fp_rep sshkey_fp_rep | 35 | #define fp_rep sshkey_fp_rep |
36 | 36 | ||
37 | #ifndef SSH_KEY_NO_DEFINE | 37 | #ifndef SSH_KEY_NO_DEFINE |
38 | #define key_new sshkey_new | ||
39 | #define key_free sshkey_free | 38 | #define key_free sshkey_free |
40 | #define key_equal_public sshkey_equal_public | 39 | #define key_equal_public sshkey_equal_public |
41 | #define key_equal sshkey_equal | 40 | #define key_equal sshkey_equal |
42 | #define key_type sshkey_type | 41 | #define key_type sshkey_type |
43 | #define key_cert_type sshkey_cert_type | ||
44 | #define key_ssh_name sshkey_ssh_name | 42 | #define key_ssh_name sshkey_ssh_name |
45 | #define key_ssh_name_plain sshkey_ssh_name_plain | 43 | #define key_ssh_name_plain sshkey_ssh_name_plain |
46 | #define key_type_from_name sshkey_type_from_name | 44 | #define key_type_from_name sshkey_type_from_name |
47 | #define key_ecdsa_nid_from_name sshkey_ecdsa_nid_from_name | ||
48 | #define key_type_is_cert sshkey_type_is_cert | ||
49 | #define key_size sshkey_size | ||
50 | #define key_ecdsa_bits_to_nid sshkey_ecdsa_bits_to_nid | ||
51 | #define key_ecdsa_key_to_nid sshkey_ecdsa_key_to_nid | ||
52 | #define key_is_cert sshkey_is_cert | 45 | #define key_is_cert sshkey_is_cert |
53 | #define key_type_plain sshkey_type_plain | 46 | #define key_type_plain sshkey_type_plain |
54 | #define key_curve_name_to_nid sshkey_curve_name_to_nid | ||
55 | #define key_curve_nid_to_bits sshkey_curve_nid_to_bits | ||
56 | #define key_curve_nid_to_name sshkey_curve_nid_to_name | ||
57 | #define key_ec_nid_to_hash_alg sshkey_ec_nid_to_hash_alg | ||
58 | #define key_dump_ec_point sshkey_dump_ec_point | ||
59 | #define key_dump_ec_key sshkey_dump_ec_key | ||
60 | #endif | 47 | #endif |
61 | 48 | ||
62 | void key_add_private(Key *); | ||
63 | Key *key_new_private(int); | ||
64 | void key_free(Key *); | 49 | void key_free(Key *); |
65 | Key *key_demote(const Key *); | 50 | Key *key_demote(const Key *); |
66 | int key_write(const Key *, FILE *); | ||
67 | int key_read(Key *, char **); | ||
68 | 51 | ||
69 | Key *key_generate(int, u_int); | ||
70 | Key *key_from_private(const Key *); | ||
71 | int key_to_certified(Key *); | ||
72 | int key_drop_cert(Key *); | 52 | int key_drop_cert(Key *); |
73 | int key_certify(Key *, Key *); | ||
74 | void key_cert_copy(const Key *, Key *); | ||
75 | int key_cert_check_authority(const Key *, int, int, const char *, | 53 | int key_cert_check_authority(const Key *, int, int, const char *, |
76 | const char **); | 54 | const char **); |
77 | 55 | ||
78 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) | ||
79 | int key_ec_validate_public(const EC_GROUP *, const EC_POINT *); | ||
80 | int key_ec_validate_private(const EC_KEY *); | ||
81 | #endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */ | ||
82 | |||
83 | Key *key_from_blob(const u_char *, u_int); | 56 | Key *key_from_blob(const u_char *, u_int); |
84 | int key_to_blob(const Key *, u_char **, u_int *); | 57 | int key_to_blob(const Key *, u_char **, u_int *); |
85 | 58 | ||
@@ -87,18 +60,11 @@ int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int, | |||
87 | const char *); | 60 | const char *); |
88 | int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); | 61 | int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
89 | 62 | ||
90 | void key_private_serialize(const Key *, struct sshbuf *); | ||
91 | Key *key_private_deserialize(struct sshbuf *); | ||
92 | |||
93 | /* authfile.c */ | 63 | /* authfile.c */ |
94 | int key_save_private(Key *, const char *, const char *, const char *, | ||
95 | int, const char *, int); | ||
96 | int key_load_file(int, const char *, struct sshbuf *); | ||
97 | Key *key_load_cert(const char *); | 64 | Key *key_load_cert(const char *); |
98 | Key *key_load_public(const char *, char **); | 65 | Key *key_load_public(const char *, char **); |
99 | Key *key_load_private(const char *, const char *, char **); | 66 | Key *key_load_private(const char *, const char *, char **); |
100 | Key *key_load_private_cert(int, const char *, const char *, int *); | 67 | Key *key_load_private_cert(int, const char *, const char *, int *); |
101 | Key *key_load_private_type(int, const char *, const char *, char **, int *); | 68 | Key *key_load_private_type(int, const char *, const char *, char **, int *); |
102 | int key_perm_ok(int, const char *); | ||
103 | 69 | ||
104 | #endif | 70 | #endif |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */ | 1 | /* $OpenBSD: ssh-add.c,v 1.132 2017/05/30 14:16:41 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -306,7 +306,7 @@ add_file(int agent_fd, const char *filename, int key_only) | |||
306 | goto out; | 306 | goto out; |
307 | } | 307 | } |
308 | if ((r = sshkey_cert_copy(cert, private)) != 0) { | 308 | if ((r = sshkey_cert_copy(cert, private)) != 0) { |
309 | error("%s: key_cert_copy: %s", __func__, ssh_err(r)); | 309 | error("%s: sshkey_cert_copy: %s", __func__, ssh_err(r)); |
310 | sshkey_free(cert); | 310 | sshkey_free(cert); |
311 | goto out; | 311 | goto out; |
312 | } | 312 | } |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 7886582d7..cc3a7df18 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.303 2017/05/07 23:15:59 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.304 2017/05/30 14:16:41 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -488,7 +488,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) | |||
488 | return NULL; | 488 | return NULL; |
489 | } | 489 | } |
490 | if ((key = sshkey_new_private(ktype)) == NULL) | 490 | if ((key = sshkey_new_private(ktype)) == NULL) |
491 | fatal("key_new_private failed"); | 491 | fatal("sshkey_new_private failed"); |
492 | free(type); | 492 | free(type); |
493 | 493 | ||
494 | switch (key->type) { | 494 | switch (key->type) { |
@@ -770,7 +770,7 @@ do_print_public(struct passwd *pw) | |||
770 | fatal("%s: %s", identity_file, strerror(errno)); | 770 | fatal("%s: %s", identity_file, strerror(errno)); |
771 | prv = load_identity(identity_file); | 771 | prv = load_identity(identity_file); |
772 | if ((r = sshkey_write(prv, stdout)) != 0) | 772 | if ((r = sshkey_write(prv, stdout)) != 0) |
773 | error("key_write failed: %s", ssh_err(r)); | 773 | error("sshkey_write failed: %s", ssh_err(r)); |
774 | sshkey_free(prv); | 774 | sshkey_free(prv); |
775 | fprintf(stdout, "\n"); | 775 | fprintf(stdout, "\n"); |
776 | exit(0); | 776 | exit(0); |
@@ -1019,7 +1019,7 @@ do_gen_all_hostkeys(struct passwd *pw) | |||
1019 | bits = 0; | 1019 | bits = 0; |
1020 | type_bits_valid(type, NULL, &bits); | 1020 | type_bits_valid(type, NULL, &bits); |
1021 | if ((r = sshkey_generate(type, bits, &private)) != 0) { | 1021 | if ((r = sshkey_generate(type, bits, &private)) != 0) { |
1022 | error("key_generate failed: %s", ssh_err(r)); | 1022 | error("sshkey_generate failed: %s", ssh_err(r)); |
1023 | first = 0; | 1023 | first = 0; |
1024 | continue; | 1024 | continue; |
1025 | } | 1025 | } |
@@ -1475,7 +1475,7 @@ do_change_comment(struct passwd *pw) | |||
1475 | explicit_bzero(passphrase, strlen(passphrase)); | 1475 | explicit_bzero(passphrase, strlen(passphrase)); |
1476 | free(passphrase); | 1476 | free(passphrase); |
1477 | if ((r = sshkey_from_private(private, &public)) != 0) | 1477 | if ((r = sshkey_from_private(private, &public)) != 0) |
1478 | fatal("key_from_private failed: %s", ssh_err(r)); | 1478 | fatal("sshkey_from_private failed: %s", ssh_err(r)); |
1479 | sshkey_free(private); | 1479 | sshkey_free(private); |
1480 | 1480 | ||
1481 | strlcat(identity_file, ".pub", sizeof(identity_file)); | 1481 | strlcat(identity_file, ".pub", sizeof(identity_file)); |
@@ -1662,7 +1662,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) | |||
1662 | OPTIONS_EXTENSIONS); | 1662 | OPTIONS_EXTENSIONS); |
1663 | if ((r = sshkey_from_private(ca, | 1663 | if ((r = sshkey_from_private(ca, |
1664 | &public->cert->signature_key)) != 0) | 1664 | &public->cert->signature_key)) != 0) |
1665 | fatal("key_from_private (ca key): %s", ssh_err(r)); | 1665 | fatal("sshkey_from_private (ca key): %s", ssh_err(r)); |
1666 | 1666 | ||
1667 | if ((r = sshkey_certify(public, ca, key_type_name)) != 0) | 1667 | if ((r = sshkey_certify(public, ca, key_type_name)) != 0) |
1668 | fatal("Couldn't certify key %s: %s", tmp, ssh_err(r)); | 1668 | fatal("Couldn't certify key %s: %s", tmp, ssh_err(r)); |
@@ -1980,7 +1980,7 @@ do_show_cert(struct passwd *pw) | |||
1980 | if (*cp == '#' || *cp == '\0') | 1980 | if (*cp == '#' || *cp == '\0') |
1981 | continue; | 1981 | continue; |
1982 | if ((key = sshkey_new(KEY_UNSPEC)) == NULL) | 1982 | if ((key = sshkey_new(KEY_UNSPEC)) == NULL) |
1983 | fatal("key_new"); | 1983 | fatal("sshkey_new"); |
1984 | if ((r = sshkey_read(key, &cp)) != 0) { | 1984 | if ((r = sshkey_read(key, &cp)) != 0) { |
1985 | error("%s:%lu: invalid key: %s", path, | 1985 | error("%s:%lu: invalid key: %s", path, |
1986 | lnum, ssh_err(r)); | 1986 | lnum, ssh_err(r)); |
@@ -2126,7 +2126,7 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca, | |||
2126 | */ | 2126 | */ |
2127 | } | 2127 | } |
2128 | if ((key = sshkey_new(KEY_UNSPEC)) == NULL) | 2128 | if ((key = sshkey_new(KEY_UNSPEC)) == NULL) |
2129 | fatal("key_new"); | 2129 | fatal("sshkey_new"); |
2130 | if ((r = sshkey_read(key, &cp)) != 0) | 2130 | if ((r = sshkey_read(key, &cp)) != 0) |
2131 | fatal("%s:%lu: invalid key: %s", | 2131 | fatal("%s:%lu: invalid key: %s", |
2132 | path, lnum, ssh_err(r)); | 2132 | path, lnum, ssh_err(r)); |
@@ -2667,9 +2667,9 @@ main(int argc, char **argv) | |||
2667 | printf("Generating public/private %s key pair.\n", | 2667 | printf("Generating public/private %s key pair.\n", |
2668 | key_type_name); | 2668 | key_type_name); |
2669 | if ((r = sshkey_generate(type, bits, &private)) != 0) | 2669 | if ((r = sshkey_generate(type, bits, &private)) != 0) |
2670 | fatal("key_generate failed"); | 2670 | fatal("sshkey_generate failed"); |
2671 | if ((r = sshkey_from_private(private, &public)) != 0) | 2671 | if ((r = sshkey_from_private(private, &public)) != 0) |
2672 | fatal("key_from_private failed: %s\n", ssh_err(r)); | 2672 | fatal("sshkey_from_private failed: %s\n", ssh_err(r)); |
2673 | 2673 | ||
2674 | if (!have_identity) | 2674 | if (!have_identity) |
2675 | ask_filename(pw, "Enter file in which to save the key"); | 2675 | ask_filename(pw, "Enter file in which to save the key"); |