diff options
author | Colin Watson <cjwatson@debian.org> | 2017-10-04 11:23:58 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2017-10-04 11:23:58 +0100 |
commit | 62f54f20bf351468e0124f63cc2902ee40d9b0e9 (patch) | |
tree | 3e090f2711b94ca5029d3fa3e8047b1ed1448b1f /key.c | |
parent | 6fabaf6fd9b07cc8bc6a17c9c4a5b76849cfc874 (diff) | |
parent | 66bf74a92131b7effe49fb0eefe5225151869dc5 (diff) |
Import openssh_7.6p1.orig.tar.gz
Diffstat (limited to 'key.c')
-rw-r--r-- | key.c | 177 |
1 files changed, 1 insertions, 176 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: key.c,v 1.130 2016/05/02 09:36:42 djm Exp $ */ | 1 | /* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * placed in the public domain | 3 | * placed in the public domain |
4 | */ | 4 | */ |
@@ -20,68 +20,6 @@ | |||
20 | #include "log.h" | 20 | #include "log.h" |
21 | #include "authfile.h" | 21 | #include "authfile.h" |
22 | 22 | ||
23 | void | ||
24 | key_add_private(Key *k) | ||
25 | { | ||
26 | int r; | ||
27 | |||
28 | if ((r = sshkey_add_private(k)) != 0) | ||
29 | fatal("%s: %s", __func__, ssh_err(r)); | ||
30 | } | ||
31 | |||
32 | Key * | ||
33 | key_new_private(int type) | ||
34 | { | ||
35 | Key *ret = NULL; | ||
36 | |||
37 | if ((ret = sshkey_new_private(type)) == NULL) | ||
38 | fatal("%s: failed", __func__); | ||
39 | return ret; | ||
40 | } | ||
41 | |||
42 | int | ||
43 | key_read(Key *ret, char **cpp) | ||
44 | { | ||
45 | return sshkey_read(ret, cpp) == 0 ? 1 : -1; | ||
46 | } | ||
47 | |||
48 | int | ||
49 | key_write(const Key *key, FILE *f) | ||
50 | { | ||
51 | return sshkey_write(key, f) == 0 ? 1 : 0; | ||
52 | } | ||
53 | |||
54 | Key * | ||
55 | key_generate(int type, u_int bits) | ||
56 | { | ||
57 | int r; | ||
58 | Key *ret = NULL; | ||
59 | |||
60 | if ((r = sshkey_generate(type, bits, &ret)) != 0) | ||
61 | fatal("%s: %s", __func__, ssh_err(r)); | ||
62 | return ret; | ||
63 | } | ||
64 | |||
65 | void | ||
66 | key_cert_copy(const Key *from_key, Key *to_key) | ||
67 | { | ||
68 | int r; | ||
69 | |||
70 | if ((r = sshkey_cert_copy(from_key, to_key)) != 0) | ||
71 | fatal("%s: %s", __func__, ssh_err(r)); | ||
72 | } | ||
73 | |||
74 | Key * | ||
75 | key_from_private(const Key *k) | ||
76 | { | ||
77 | int r; | ||
78 | Key *ret = NULL; | ||
79 | |||
80 | if ((r = sshkey_from_private(k, &ret)) != 0) | ||
81 | fatal("%s: %s", __func__, ssh_err(r)); | ||
82 | return ret; | ||
83 | } | ||
84 | |||
85 | static void | 23 | static void |
86 | fatal_on_fatal_errors(int r, const char *func, int extra_fatal) | 24 | fatal_on_fatal_errors(int r, const char *func, int extra_fatal) |
87 | { | 25 | { |
@@ -184,19 +122,6 @@ key_demote(const Key *k) | |||
184 | } | 122 | } |
185 | 123 | ||
186 | int | 124 | int |
187 | key_to_certified(Key *k) | ||
188 | { | ||
189 | int r; | ||
190 | |||
191 | if ((r = sshkey_to_certified(k)) != 0) { | ||
192 | fatal_on_fatal_errors(r, __func__, 0); | ||
193 | error("%s: %s", __func__, ssh_err(r)); | ||
194 | return -1; | ||
195 | } | ||
196 | return 0; | ||
197 | } | ||
198 | |||
199 | int | ||
200 | key_drop_cert(Key *k) | 125 | key_drop_cert(Key *k) |
201 | { | 126 | { |
202 | int r; | 127 | int r; |
@@ -210,19 +135,6 @@ key_drop_cert(Key *k) | |||
210 | } | 135 | } |
211 | 136 | ||
212 | int | 137 | int |
213 | key_certify(Key *k, Key *ca) | ||
214 | { | ||
215 | int r; | ||
216 | |||
217 | if ((r = sshkey_certify(k, ca, NULL)) != 0) { | ||
218 | fatal_on_fatal_errors(r, __func__, 0); | ||
219 | error("%s: %s", __func__, ssh_err(r)); | ||
220 | return -1; | ||
221 | } | ||
222 | return 0; | ||
223 | } | ||
224 | |||
225 | int | ||
226 | key_cert_check_authority(const Key *k, int want_host, int require_principal, | 138 | key_cert_check_authority(const Key *k, int want_host, int require_principal, |
227 | const char *name, const char **reason) | 139 | const char *name, const char **reason) |
228 | { | 140 | { |
@@ -237,88 +149,8 @@ key_cert_check_authority(const Key *k, int want_host, int require_principal, | |||
237 | return 0; | 149 | return 0; |
238 | } | 150 | } |
239 | 151 | ||
240 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) | ||
241 | int | ||
242 | key_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | ||
243 | { | ||
244 | int r; | ||
245 | |||
246 | if ((r = sshkey_ec_validate_public(group, public)) != 0) { | ||
247 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
248 | error("%s: %s", __func__, ssh_err(r)); | ||
249 | return -1; | ||
250 | } | ||
251 | return 0; | ||
252 | } | ||
253 | |||
254 | int | ||
255 | key_ec_validate_private(const EC_KEY *key) | ||
256 | { | ||
257 | int r; | ||
258 | |||
259 | if ((r = sshkey_ec_validate_private(key)) != 0) { | ||
260 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
261 | error("%s: %s", __func__, ssh_err(r)); | ||
262 | return -1; | ||
263 | } | ||
264 | return 0; | ||
265 | } | ||
266 | #endif /* WITH_OPENSSL */ | ||
267 | |||
268 | void | ||
269 | key_private_serialize(const Key *key, struct sshbuf *b) | ||
270 | { | ||
271 | int r; | ||
272 | |||
273 | if ((r = sshkey_private_serialize(key, b)) != 0) | ||
274 | fatal("%s: %s", __func__, ssh_err(r)); | ||
275 | } | ||
276 | |||
277 | Key * | ||
278 | key_private_deserialize(struct sshbuf *blob) | ||
279 | { | ||
280 | int r; | ||
281 | Key *ret = NULL; | ||
282 | |||
283 | if ((r = sshkey_private_deserialize(blob, &ret)) != 0) { | ||
284 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
285 | error("%s: %s", __func__, ssh_err(r)); | ||
286 | return NULL; | ||
287 | } | ||
288 | return ret; | ||
289 | } | ||
290 | |||
291 | /* authfile.c */ | 152 | /* authfile.c */ |
292 | 153 | ||
293 | int | ||
294 | key_save_private(Key *key, const char *filename, const char *passphrase, | ||
295 | const char *comment, int force_new_format, const char *new_format_cipher, | ||
296 | int new_format_rounds) | ||
297 | { | ||
298 | int r; | ||
299 | |||
300 | if ((r = sshkey_save_private(key, filename, passphrase, comment, | ||
301 | force_new_format, new_format_cipher, new_format_rounds)) != 0) { | ||
302 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
303 | error("%s: %s", __func__, ssh_err(r)); | ||
304 | return 0; | ||
305 | } | ||
306 | return 1; | ||
307 | } | ||
308 | |||
309 | int | ||
310 | key_load_file(int fd, const char *filename, struct sshbuf *blob) | ||
311 | { | ||
312 | int r; | ||
313 | |||
314 | if ((r = sshkey_load_file(fd, blob)) != 0) { | ||
315 | fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); | ||
316 | error("%s: %s", __func__, ssh_err(r)); | ||
317 | return 0; | ||
318 | } | ||
319 | return 1; | ||
320 | } | ||
321 | |||
322 | Key * | 154 | Key * |
323 | key_load_cert(const char *filename) | 155 | key_load_cert(const char *filename) |
324 | { | 156 | { |
@@ -417,10 +249,3 @@ key_load_private_type(int type, const char *filename, const char *passphrase, | |||
417 | } | 249 | } |
418 | return ret; | 250 | return ret; |
419 | } | 251 | } |
420 | |||
421 | int | ||
422 | key_perm_ok(int fd, const char *filename) | ||
423 | { | ||
424 | return sshkey_perm_ok(fd, filename) == 0 ? 1 : 0; | ||
425 | } | ||
426 | |||