summaryrefslogtreecommitdiff
path: root/sshkey.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2020-04-08 00:07:19 +0000
committerDamien Miller <djm@mindrot.org>2020-04-08 10:14:21 +1000
commit8d514eea4ae089626a55e11c7bc1745c8d9683e4 (patch)
treed45a18e437ce388cb2ae20d013690bb451825b8c /sshkey.c
parent421169d0e758351b105eabfcebf42378ebf17217 (diff)
upstream: simplify sshkey_parse_private_fileblob_type()
Try new format parser for all key types first, fall back to PEM parser only for invalid format errors. ok markus@ OpenBSD-Commit-ID: 0173bbb3a5cface77b0679d4dca0e15eb5600b77
Diffstat (limited to 'sshkey.c')
-rw-r--r--sshkey.c21
1 files changed, 5 insertions, 16 deletions
diff --git a/sshkey.c b/sshkey.c
index a134e5816..e87572c17 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.105 2020/04/08 00:05:59 djm Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.106 2020/04/08 00:07:19 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -4366,7 +4366,6 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase,
4366 return r; 4366 return r;
4367} 4367}
4368 4368
4369
4370#ifdef WITH_OPENSSL 4369#ifdef WITH_OPENSSL
4371/* convert SSH v2 key to PEM or PKCS#8 format */ 4370/* convert SSH v2 key to PEM or PKCS#8 format */
4372static int 4371static int
@@ -4692,24 +4691,16 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
4692 *commentp = NULL; 4691 *commentp = NULL;
4693 4692
4694 switch (type) { 4693 switch (type) {
4695#ifdef WITH_OPENSSL
4696 case KEY_DSA:
4697 case KEY_ECDSA:
4698 case KEY_RSA:
4699 return sshkey_parse_private_pem_fileblob(blob, type,
4700 passphrase, keyp);
4701#endif /* WITH_OPENSSL */
4702 case KEY_ED25519: 4694 case KEY_ED25519:
4703#ifdef WITH_XMSS
4704 case KEY_XMSS: 4695 case KEY_XMSS:
4705#endif /* WITH_XMSS */ 4696 /* No fallback for new-format-only keys */
4706 return sshkey_parse_private2(blob, type, passphrase, 4697 return sshkey_parse_private2(blob, type, passphrase,
4707 keyp, commentp); 4698 keyp, commentp);
4708 case KEY_UNSPEC: 4699 default:
4709 r = sshkey_parse_private2(blob, type, passphrase, keyp, 4700 r = sshkey_parse_private2(blob, type, passphrase, keyp,
4710 commentp); 4701 commentp);
4711 /* Do not fallback to PEM parser if only passphrase is wrong. */ 4702 /* Only fallback to PEM parser if a format error occurred. */
4712 if (r == 0 || r == SSH_ERR_KEY_WRONG_PASSPHRASE) 4703 if (r != SSH_ERR_INVALID_FORMAT)
4713 return r; 4704 return r;
4714#ifdef WITH_OPENSSL 4705#ifdef WITH_OPENSSL
4715 return sshkey_parse_private_pem_fileblob(blob, type, 4706 return sshkey_parse_private_pem_fileblob(blob, type,
@@ -4717,8 +4708,6 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
4717#else 4708#else
4718 return SSH_ERR_INVALID_FORMAT; 4709 return SSH_ERR_INVALID_FORMAT;
4719#endif /* WITH_OPENSSL */ 4710#endif /* WITH_OPENSSL */
4720 default:
4721 return SSH_ERR_KEY_TYPE_UNKNOWN;
4722 } 4711 }
4723} 4712}
4724 4713
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-10 15:14:43 +0000