summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--dns.c30
-rw-r--r--dns.h7
-rw-r--r--hostfile.c74
-rw-r--r--hostfile.h11
-rw-r--r--kex.h4
-rw-r--r--msg.c25
-rw-r--r--msg.h7
-rw-r--r--readconf.c5
-rw-r--r--readconf.h4
-rw-r--r--ssh-keygen.c773
-rw-r--r--ssh-keysign.c120
-rw-r--r--ssh-pkcs11.c24
-rw-r--r--ssh-pkcs11.h4
13 files changed, 594 insertions, 494 deletions
diff --git a/dns.c b/dns.c
index 4b8ae44cf..f45bec0bf 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dns.c,v 1.32 2014/12/21 22:27:56 djm Exp $ */ 1/* $OpenBSD: dns.c,v 1.33 2015/01/15 09:40:00 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2003 Wesley Griffin. All rights reserved. 4 * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -38,7 +38,8 @@
38#include <stdlib.h> 38#include <stdlib.h>
39 39
40#include "xmalloc.h" 40#include "xmalloc.h"
41#include "key.h" 41#include "sshkey.h"
42#include "ssherr.h"
42#include "dns.h" 43#include "dns.h"
43#include "log.h" 44#include "log.h"
44#include "digest.h" 45#include "digest.h"
@@ -78,9 +79,9 @@ dns_result_totext(unsigned int res)
78 */ 79 */
79static int 80static int
80dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, 81dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type,
81 u_char **digest, u_int *digest_len, Key *key) 82 u_char **digest, size_t *digest_len, struct sshkey *key)
82{ 83{
83 int success = 0; 84 int r, success = 0;
84 int fp_alg = -1; 85 int fp_alg = -1;
85 86
86 switch (key->type) { 87 switch (key->type) {
@@ -121,9 +122,10 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type,
121 } 122 }
122 123
123 if (*algorithm && *digest_type) { 124 if (*algorithm && *digest_type) {
124 *digest = key_fingerprint_raw(key, fp_alg, digest_len); 125 if ((r = sshkey_fingerprint_raw(key, fp_alg, digest,
125 if (*digest == NULL) 126 digest_len)) != 0)
126 fatal("dns_read_key: null from key_fingerprint_raw()"); 127 fatal("%s: sshkey_fingerprint_raw: %s", __func__,
128 ssh_err(r));
127 success = 1; 129 success = 1;
128 } else { 130 } else {
129 *digest = NULL; 131 *digest = NULL;
@@ -139,7 +141,7 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type,
139 */ 141 */
140static int 142static int
141dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, 143dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
142 u_char **digest, u_int *digest_len, u_char *rdata, int rdata_len) 144 u_char **digest, size_t *digest_len, u_char *rdata, int rdata_len)
143{ 145{
144 int success = 0; 146 int success = 0;
145 147
@@ -200,7 +202,7 @@ is_numeric_hostname(const char *hostname)
200 */ 202 */
201int 203int
202verify_host_key_dns(const char *hostname, struct sockaddr *address, 204verify_host_key_dns(const char *hostname, struct sockaddr *address,
203 Key *hostkey, int *flags) 205 struct sshkey *hostkey, int *flags)
204{ 206{
205 u_int counter; 207 u_int counter;
206 int result; 208 int result;
@@ -209,12 +211,12 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
209 u_int8_t hostkey_algorithm; 211 u_int8_t hostkey_algorithm;
210 u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED; 212 u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED;
211 u_char *hostkey_digest; 213 u_char *hostkey_digest;
212 u_int hostkey_digest_len; 214 size_t hostkey_digest_len;
213 215
214 u_int8_t dnskey_algorithm; 216 u_int8_t dnskey_algorithm;
215 u_int8_t dnskey_digest_type; 217 u_int8_t dnskey_digest_type;
216 u_char *dnskey_digest; 218 u_char *dnskey_digest;
217 u_int dnskey_digest_len; 219 size_t dnskey_digest_len;
218 220
219 *flags = 0; 221 *flags = 0;
220 222
@@ -310,13 +312,13 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
310 * Export the fingerprint of a key as a DNS resource record 312 * Export the fingerprint of a key as a DNS resource record
311 */ 313 */
312int 314int
313export_dns_rr(const char *hostname, Key *key, FILE *f, int generic) 315export_dns_rr(const char *hostname, struct sshkey *key, FILE *f, int generic)
314{ 316{
315 u_int8_t rdata_pubkey_algorithm = 0; 317 u_int8_t rdata_pubkey_algorithm = 0;
316 u_int8_t rdata_digest_type = SSHFP_HASH_RESERVED; 318 u_int8_t rdata_digest_type = SSHFP_HASH_RESERVED;
317 u_int8_t dtype; 319 u_int8_t dtype;
318 u_char *rdata_digest; 320 u_char *rdata_digest;
319 u_int i, rdata_digest_len; 321 size_t i, rdata_digest_len;
320 int success = 0; 322 int success = 0;
321 323
322 for (dtype = SSHFP_HASH_SHA1; dtype < SSHFP_HASH_MAX; dtype++) { 324 for (dtype = SSHFP_HASH_SHA1; dtype < SSHFP_HASH_MAX; dtype++) {
@@ -324,7 +326,7 @@ export_dns_rr(const char *hostname, Key *key, FILE *f, int generic)
324 if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, 326 if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type,
325 &rdata_digest, &rdata_digest_len, key)) { 327 &rdata_digest, &rdata_digest_len, key)) {
326 if (generic) { 328 if (generic) {
327 fprintf(f, "%s IN TYPE%d \\# %d %02x %02x ", 329 fprintf(f, "%s IN TYPE%d \\# %zu %02x %02x ",
328 hostname, DNS_RDATATYPE_SSHFP, 330 hostname, DNS_RDATATYPE_SSHFP,
329 2 + rdata_digest_len, 331 2 + rdata_digest_len,
330 rdata_pubkey_algorithm, rdata_digest_type); 332 rdata_pubkey_algorithm, rdata_digest_type);
diff --git a/dns.h b/dns.h
index b9feae6be..815f073a1 100644
--- a/dns.h
+++ b/dns.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: dns.h,v 1.13 2014/04/20 09:24:26 logan Exp $ */ 1/* $OpenBSD: dns.h,v 1.14 2015/01/15 09:40:00 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2003 Wesley Griffin. All rights reserved. 4 * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -50,7 +50,8 @@ enum sshfp_hashes {
50#define DNS_VERIFY_MATCH 0x00000002 50#define DNS_VERIFY_MATCH 0x00000002
51#define DNS_VERIFY_SECURE 0x00000004 51#define DNS_VERIFY_SECURE 0x00000004
52 52
53int verify_host_key_dns(const char *, struct sockaddr *, Key *, int *); 53int verify_host_key_dns(const char *, struct sockaddr *,
54int export_dns_rr(const char *, Key *, FILE *, int); 54 struct sshkey *, int *);
55int export_dns_rr(const char *, struct sshkey *, FILE *, int);
55 56
56#endif /* DNS_H */ 57#endif /* DNS_H */
diff --git a/hostfile.c b/hostfile.c
index ad5acb68e..40dbbd478 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: hostfile.c,v 1.58 2014/10/20 03:43:01 djm Exp $ */ 1/* $OpenBSD: hostfile.c,v 1.59 2015/01/15 09:40:00 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -51,10 +51,11 @@
51 51
52#include "xmalloc.h" 52#include "xmalloc.h"
53#include "match.h" 53#include "match.h"
54#include "key.h" 54#include "sshkey.h"
55#include "hostfile.h" 55#include "hostfile.h"
56#include "log.h" 56#include "log.h"
57#include "misc.h" 57#include "misc.h"
58#include "ssherr.h"
58#include "digest.h" 59#include "digest.h"
59#include "hmac.h" 60#include "hmac.h"
60 61
@@ -155,15 +156,16 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
155 */ 156 */
156 157
157int 158int
158hostfile_read_key(char **cpp, int *bitsp, Key *ret) 159hostfile_read_key(char **cpp, u_int *bitsp, struct sshkey *ret)
159{ 160{
160 char *cp; 161 char *cp;
162 int r;
161 163
162 /* Skip leading whitespace. */ 164 /* Skip leading whitespace. */
163 for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++) 165 for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++)
164 ; 166 ;
165 167
166 if (key_read(ret, &cp) != 1) 168 if ((r = sshkey_read(ret, &cp)) != 0)
167 return 0; 169 return 0;
168 170
169 /* Skip trailing whitespace. */ 171 /* Skip trailing whitespace. */
@@ -172,15 +174,13 @@ hostfile_read_key(char **cpp, int *bitsp, Key *ret)
172 174
173 /* Return results. */ 175 /* Return results. */
174 *cpp = cp; 176 *cpp = cp;
175 if (bitsp != NULL) { 177 if (bitsp != NULL)
176 if ((*bitsp = key_size(ret)) <= 0) 178 *bitsp = sshkey_size(ret);
177 return 0;
178 }
179 return 1; 179 return 1;
180} 180}
181 181
182static int 182static int
183hostfile_check_key(int bits, const Key *key, const char *host, 183hostfile_check_key(int bits, const struct sshkey *key, const char *host,
184 const char *filename, u_long linenum) 184 const char *filename, u_long linenum)
185{ 185{
186#ifdef WITH_SSH1 186#ifdef WITH_SSH1
@@ -249,8 +249,8 @@ load_hostkeys(struct hostkeys *hostkeys, const char *host, const char *path)
249 u_long linenum = 0, num_loaded = 0; 249 u_long linenum = 0, num_loaded = 0;
250 char *cp, *cp2, *hashed_host; 250 char *cp, *cp2, *hashed_host;
251 HostkeyMarker marker; 251 HostkeyMarker marker;
252 Key *key; 252 struct sshkey *key;
253 int kbits; 253 u_int kbits;
254 254
255 if ((f = fopen(path, "r")) == NULL) 255 if ((f = fopen(path, "r")) == NULL)
256 return; 256 return;
@@ -296,13 +296,19 @@ load_hostkeys(struct hostkeys *hostkeys, const char *host, const char *path)
296 * Extract the key from the line. This will skip any leading 296 * Extract the key from the line. This will skip any leading
297 * whitespace. Ignore badly formatted lines. 297 * whitespace. Ignore badly formatted lines.
298 */ 298 */
299 key = key_new(KEY_UNSPEC); 299 if ((key = sshkey_new(KEY_UNSPEC)) == NULL) {
300 error("%s: sshkey_new failed", __func__);
301 break;
302 }
300 if (!hostfile_read_key(&cp, &kbits, key)) { 303 if (!hostfile_read_key(&cp, &kbits, key)) {
301 key_free(key); 304 sshkey_free(key);
302#ifdef WITH_SSH1 305#ifdef WITH_SSH1
303 key = key_new(KEY_RSA1); 306 if ((key = sshkey_new(KEY_RSA1)) == NULL) {
307 error("%s: sshkey_new failed", __func__);
308 break;
309 }
304 if (!hostfile_read_key(&cp, &kbits, key)) { 310 if (!hostfile_read_key(&cp, &kbits, key)) {
305 key_free(key); 311 sshkey_free(key);
306 continue; 312 continue;
307 } 313 }
308#else 314#else
@@ -315,7 +321,7 @@ load_hostkeys(struct hostkeys *hostkeys, const char *host, const char *path)
315 debug3("%s: found %skey type %s in file %s:%lu", __func__, 321 debug3("%s: found %skey type %s in file %s:%lu", __func__,
316 marker == MRK_NONE ? "" : 322 marker == MRK_NONE ? "" :
317 (marker == MRK_CA ? "ca " : "revoked "), 323 (marker == MRK_CA ? "ca " : "revoked "),
318 key_type(key), path, linenum); 324 sshkey_type(key), path, linenum);
319 hostkeys->entries = xrealloc(hostkeys->entries, 325 hostkeys->entries = xrealloc(hostkeys->entries,
320 hostkeys->num_entries + 1, sizeof(*hostkeys->entries)); 326 hostkeys->num_entries + 1, sizeof(*hostkeys->entries));
321 hostkeys->entries[hostkeys->num_entries].host = xstrdup(host); 327 hostkeys->entries[hostkeys->num_entries].host = xstrdup(host);
@@ -339,7 +345,7 @@ free_hostkeys(struct hostkeys *hostkeys)
339 for (i = 0; i < hostkeys->num_entries; i++) { 345 for (i = 0; i < hostkeys->num_entries; i++) {
340 free(hostkeys->entries[i].host); 346 free(hostkeys->entries[i].host);
341 free(hostkeys->entries[i].file); 347 free(hostkeys->entries[i].file);
342 key_free(hostkeys->entries[i].key); 348 sshkey_free(hostkeys->entries[i].key);
343 explicit_bzero(hostkeys->entries + i, sizeof(*hostkeys->entries)); 349 explicit_bzero(hostkeys->entries + i, sizeof(*hostkeys->entries));
344 } 350 }
345 free(hostkeys->entries); 351 free(hostkeys->entries);
@@ -348,18 +354,18 @@ free_hostkeys(struct hostkeys *hostkeys)
348} 354}
349 355
350static int 356static int
351check_key_not_revoked(struct hostkeys *hostkeys, Key *k) 357check_key_not_revoked(struct hostkeys *hostkeys, struct sshkey *k)
352{ 358{
353 int is_cert = key_is_cert(k); 359 int is_cert = sshkey_is_cert(k);
354 u_int i; 360 u_int i;
355 361
356 for (i = 0; i < hostkeys->num_entries; i++) { 362 for (i = 0; i < hostkeys->num_entries; i++) {
357 if (hostkeys->entries[i].marker != MRK_REVOKE) 363 if (hostkeys->entries[i].marker != MRK_REVOKE)
358 continue; 364 continue;
359 if (key_equal_public(k, hostkeys->entries[i].key)) 365 if (sshkey_equal_public(k, hostkeys->entries[i].key))
360 return -1; 366 return -1;
361 if (is_cert && 367 if (is_cert &&
362 key_equal_public(k->cert->signature_key, 368 sshkey_equal_public(k->cert->signature_key,
363 hostkeys->entries[i].key)) 369 hostkeys->entries[i].key))
364 return -1; 370 return -1;
365 } 371 }
@@ -383,11 +389,11 @@ check_key_not_revoked(struct hostkeys *hostkeys, Key *k)
383 */ 389 */
384static HostStatus 390static HostStatus
385check_hostkeys_by_key_or_type(struct hostkeys *hostkeys, 391check_hostkeys_by_key_or_type(struct hostkeys *hostkeys,
386 Key *k, int keytype, const struct hostkey_entry **found) 392 struct sshkey *k, int keytype, const struct hostkey_entry **found)
387{ 393{
388 u_int i; 394 u_int i;
389 HostStatus end_return = HOST_NEW; 395 HostStatus end_return = HOST_NEW;
390 int want_cert = key_is_cert(k); 396 int want_cert = sshkey_is_cert(k);
391 HostkeyMarker want_marker = want_cert ? MRK_CA : MRK_NONE; 397 HostkeyMarker want_marker = want_cert ? MRK_CA : MRK_NONE;
392 int proto = (k ? k->type : keytype) == KEY_RSA1 ? 1 : 2; 398 int proto = (k ? k->type : keytype) == KEY_RSA1 ? 1 : 2;
393 399
@@ -411,7 +417,7 @@ check_hostkeys_by_key_or_type(struct hostkeys *hostkeys,
411 break; 417 break;
412 } 418 }
413 if (want_cert) { 419 if (want_cert) {
414 if (key_equal_public(k->cert->signature_key, 420 if (sshkey_equal_public(k->cert->signature_key,
415 hostkeys->entries[i].key)) { 421 hostkeys->entries[i].key)) {
416 /* A matching CA exists */ 422 /* A matching CA exists */
417 end_return = HOST_OK; 423 end_return = HOST_OK;
@@ -420,7 +426,7 @@ check_hostkeys_by_key_or_type(struct hostkeys *hostkeys,
420 break; 426 break;
421 } 427 }
422 } else { 428 } else {
423 if (key_equal(k, hostkeys->entries[i].key)) { 429 if (sshkey_equal(k, hostkeys->entries[i].key)) {
424 end_return = HOST_OK; 430 end_return = HOST_OK;
425 if (found != NULL) 431 if (found != NULL)
426 *found = hostkeys->entries + i; 432 *found = hostkeys->entries + i;
@@ -441,7 +447,7 @@ check_hostkeys_by_key_or_type(struct hostkeys *hostkeys,
441} 447}
442 448
443HostStatus 449HostStatus
444check_key_in_hostkeys(struct hostkeys *hostkeys, Key *key, 450check_key_in_hostkeys(struct hostkeys *hostkeys, struct sshkey *key,
445 const struct hostkey_entry **found) 451 const struct hostkey_entry **found)
446{ 452{
447 if (key == NULL) 453 if (key == NULL)
@@ -463,11 +469,11 @@ lookup_key_in_hostkeys_by_type(struct hostkeys *hostkeys, int keytype,
463 */ 469 */
464 470
465int 471int
466add_host_to_hostfile(const char *filename, const char *host, const Key *key, 472add_host_to_hostfile(const char *filename, const char *host,
467 int store_hash) 473 const struct sshkey *key, int store_hash)
468{ 474{
469 FILE *f; 475 FILE *f;
470 int success = 0; 476 int r, success = 0;
471 char *hashed_host = NULL; 477 char *hashed_host = NULL;
472 478
473 if (key == NULL) 479 if (key == NULL)
@@ -485,12 +491,12 @@ add_host_to_hostfile(const char *filename, const char *host, const Key *key,
485 } 491 }
486 fprintf(f, "%s ", store_hash ? hashed_host : host); 492 fprintf(f, "%s ", store_hash ? hashed_host : host);
487 493
488 if (key_write(key, f)) { 494 if ((r = sshkey_write(key, f)) != 0) {
495 error("%s: saving key in %s failed: %s",
496 __func__, filename, ssh_err(r));
497 } else
489 success = 1; 498 success = 1;
490 } else { 499 fputs("\n", f);
491 error("add_host_to_hostfile: saving key in %s failed", filename);
492 }
493 fprintf(f, "\n");
494 fclose(f); 500 fclose(f);
495 return success; 501 return success;
496} 502}
diff --git a/hostfile.h b/hostfile.h
index 679c034f3..d90973f42 100644
--- a/hostfile.h
+++ b/hostfile.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: hostfile.h,v 1.20 2013/07/12 00:19:58 djm Exp $ */ 1/* $OpenBSD: hostfile.h,v 1.21 2015/01/15 09:40:00 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -26,7 +26,7 @@ struct hostkey_entry {
26 char *host; 26 char *host;
27 char *file; 27 char *file;
28 u_long line; 28 u_long line;
29 Key *key; 29 struct sshkey *key;
30 HostkeyMarker marker; 30 HostkeyMarker marker;
31}; 31};
32struct hostkeys; 32struct hostkeys;
@@ -35,13 +35,14 @@ struct hostkeys *init_hostkeys(void);
35void load_hostkeys(struct hostkeys *, const char *, const char *); 35void load_hostkeys(struct hostkeys *, const char *, const char *);
36void free_hostkeys(struct hostkeys *); 36void free_hostkeys(struct hostkeys *);
37 37
38HostStatus check_key_in_hostkeys(struct hostkeys *, Key *, 38HostStatus check_key_in_hostkeys(struct hostkeys *, struct sshkey *,
39 const struct hostkey_entry **); 39 const struct hostkey_entry **);
40int lookup_key_in_hostkeys_by_type(struct hostkeys *, int, 40int lookup_key_in_hostkeys_by_type(struct hostkeys *, int,
41 const struct hostkey_entry **); 41 const struct hostkey_entry **);
42 42
43int hostfile_read_key(char **, int *, Key *); 43int hostfile_read_key(char **, u_int *, struct sshkey *);
44int add_host_to_hostfile(const char *, const char *, const Key *, int); 44int add_host_to_hostfile(const char *, const char *,
45 const struct sshkey *, int);
45 46
46#define HASH_MAGIC "|1|" 47#define HASH_MAGIC "|1|"
47#define HASH_DELIM '|' 48#define HASH_DELIM '|'
diff --git a/kex.h b/kex.h
index dbcc0816f..ef4a1f096 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.h,v 1.65 2015/01/13 19:31:40 markus Exp $ */ 1/* $OpenBSD: kex.h,v 1.66 2015/01/15 09:40:00 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -27,6 +27,8 @@
27#define KEX_H 27#define KEX_H
28 28
29#include "mac.h" 29#include "mac.h"
30#include "buffer.h" /* XXX for typedef */
31#include "key.h" /* XXX for typedef */
30 32
31#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) 33#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
32#include <openssl/ec.h> 34#include <openssl/ec.h>
diff --git a/msg.c b/msg.c
index cd5f98c4f..5a7b8ca91 100644
--- a/msg.c
+++ b/msg.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: msg.c,v 1.15 2006/08/03 03:34:42 deraadt Exp $ */ 1/* $OpenBSD: msg.c,v 1.16 2015/01/15 09:40:00 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -34,17 +34,18 @@
34#include <unistd.h> 34#include <unistd.h>
35#include <stdarg.h> 35#include <stdarg.h>
36 36
37#include "buffer.h" 37#include "sshbuf.h"
38#include "ssherr.h"
38#include "log.h" 39#include "log.h"
39#include "atomicio.h" 40#include "atomicio.h"
40#include "msg.h" 41#include "msg.h"
41#include "misc.h" 42#include "misc.h"
42 43
43int 44int
44ssh_msg_send(int fd, u_char type, Buffer *m) 45ssh_msg_send(int fd, u_char type, struct sshbuf *m)
45{ 46{
46 u_char buf[5]; 47 u_char buf[5];
47 u_int mlen = buffer_len(m); 48 u_int mlen = sshbuf_len(m);
48 49
49 debug3("ssh_msg_send: type %u", (unsigned int)type & 0xff); 50 debug3("ssh_msg_send: type %u", (unsigned int)type & 0xff);
50 51
@@ -54,7 +55,7 @@ ssh_msg_send(int fd, u_char type, Buffer *m)
54 error("ssh_msg_send: write"); 55 error("ssh_msg_send: write");
55 return (-1); 56 return (-1);
56 } 57 }
57 if (atomicio(vwrite, fd, buffer_ptr(m), mlen) != mlen) { 58 if (atomicio(vwrite, fd, (u_char *)sshbuf_ptr(m), mlen) != mlen) {
58 error("ssh_msg_send: write"); 59 error("ssh_msg_send: write");
59 return (-1); 60 return (-1);
60 } 61 }
@@ -62,10 +63,11 @@ ssh_msg_send(int fd, u_char type, Buffer *m)
62} 63}
63 64
64int 65int
65ssh_msg_recv(int fd, Buffer *m) 66ssh_msg_recv(int fd, struct sshbuf *m)
66{ 67{
67 u_char buf[4]; 68 u_char buf[4], *p;
68 u_int msg_len; 69 u_int msg_len;
70 int r;
69 71
70 debug3("ssh_msg_recv entering"); 72 debug3("ssh_msg_recv entering");
71 73
@@ -79,9 +81,12 @@ ssh_msg_recv(int fd, Buffer *m)
79 error("ssh_msg_recv: read: bad msg_len %u", msg_len); 81 error("ssh_msg_recv: read: bad msg_len %u", msg_len);
80 return (-1); 82 return (-1);
81 } 83 }
82 buffer_clear(m); 84 sshbuf_reset(m);
83 buffer_append_space(m, msg_len); 85 if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) {
84 if (atomicio(read, fd, buffer_ptr(m), msg_len) != msg_len) { 86 error("%s: buffer error: %s", __func__, ssh_err(r));
87 return -1;
88 }
89 if (atomicio(read, fd, p, msg_len) != msg_len) {
85 error("ssh_msg_recv: read: %s", strerror(errno)); 90 error("ssh_msg_recv: read: %s", strerror(errno));
86 return (-1); 91 return (-1);
87 } 92 }
diff --git a/msg.h b/msg.h
index b0cb9b52b..dfb34247c 100644
--- a/msg.h
+++ b/msg.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: msg.h,v 1.4 2006/03/25 22:22:43 djm Exp $ */ 1/* $OpenBSD: msg.h,v 1.5 2015/01/15 09:40:00 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -25,7 +25,8 @@
25#ifndef SSH_MSG_H 25#ifndef SSH_MSG_H
26#define SSH_MSG_H 26#define SSH_MSG_H
27 27
28int ssh_msg_send(int, u_char, Buffer *); 28struct sshbuf;
29int ssh_msg_recv(int, Buffer *); 29int ssh_msg_send(int, u_char, struct sshbuf *);
30int ssh_msg_recv(int, struct sshbuf *);
30 31
31#endif 32#endif
diff --git a/readconf.c b/readconf.c
index d7f1cf036..a122d176d 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.c,v 1.226 2015/01/13 07:39:19 djm Exp $ */ 1/* $OpenBSD: readconf.c,v 1.227 2015/01/15 09:40:00 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -51,11 +51,10 @@
51#include "cipher.h" 51#include "cipher.h"
52#include "pathnames.h" 52#include "pathnames.h"
53#include "log.h" 53#include "log.h"
54#include "key.h" 54#include "sshkey.h"
55#include "misc.h" 55#include "misc.h"
56#include "readconf.h" 56#include "readconf.h"
57#include "match.h" 57#include "match.h"
58#include "buffer.h"
59#include "kex.h" 58#include "kex.h"
60#include "mac.h" 59#include "mac.h"
61#include "uidswap.h" 60#include "uidswap.h"
diff --git a/readconf.h b/readconf.h
index 11a7332c2..a23da1107 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.h,v 1.105 2014/12/21 22:27:56 djm Exp $ */ 1/* $OpenBSD: readconf.h,v 1.106 2015/01/15 09:40:00 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -93,7 +93,7 @@ typedef struct {
93 int num_identity_files; /* Number of files for RSA/DSA identities. */ 93 int num_identity_files; /* Number of files for RSA/DSA identities. */
94 char *identity_files[SSH_MAX_IDENTITY_FILES]; 94 char *identity_files[SSH_MAX_IDENTITY_FILES];
95 int identity_file_userprovided[SSH_MAX_IDENTITY_FILES]; 95 int identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
96 Key *identity_keys[SSH_MAX_IDENTITY_FILES]; 96 struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES];
97 97
98 /* Local TCP/IP forward requests. */ 98 /* Local TCP/IP forward requests. */
99 int num_local_forwards; 99 int num_local_forwards;
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 7f775ff16..c8b05e079 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.251 2014/12/21 22:27:56 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.252 2015/01/15 09:40:00 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -39,11 +39,11 @@
39#include <unistd.h> 39#include <unistd.h>
40 40
41#include "xmalloc.h" 41#include "xmalloc.h"
42#include "key.h" 42#include "sshkey.h"
43#include "rsa.h" 43#include "rsa.h"
44#include "authfile.h" 44#include "authfile.h"
45#include "uuencode.h" 45#include "uuencode.h"
46#include "buffer.h" 46#include "sshbuf.h"
47#include "pathnames.h" 47#include "pathnames.h"
48#include "log.h" 48#include "log.h"
49#include "misc.h" 49#include "misc.h"
@@ -52,6 +52,7 @@
52#include "dns.h" 52#include "dns.h"
53#include "ssh.h" 53#include "ssh.h"
54#include "ssh2.h" 54#include "ssh2.h"
55#include "ssherr.h"
55#include "ssh-pkcs11.h" 56#include "ssh-pkcs11.h"
56#include "atomicio.h" 57#include "atomicio.h"
57#include "krl.h" 58#include "krl.h"
@@ -208,7 +209,7 @@ type_bits_valid(int type, u_int32_t *bitsp)
208 fatal("DSA keys must be 1024 bits"); 209 fatal("DSA keys must be 1024 bits");
209 else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768) 210 else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)
210 fatal("Key must at least be 768 bits"); 211 fatal("Key must at least be 768 bits");
211 else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(*bitsp) == -1) 212 else if (type == KEY_ECDSA && sshkey_ecdsa_bits_to_nid(*bitsp) == -1)
212 fatal("Invalid ECDSA key length - valid lengths are " 213 fatal("Invalid ECDSA key length - valid lengths are "
213 "256, 384 or 521 bits"); 214 "256, 384 or 521 bits");
214#endif 215#endif
@@ -223,7 +224,7 @@ ask_filename(struct passwd *pw, const char *prompt)
223 if (key_type_name == NULL) 224 if (key_type_name == NULL)
224 name = _PATH_SSH_CLIENT_ID_RSA; 225 name = _PATH_SSH_CLIENT_ID_RSA;
225 else { 226 else {
226 switch (key_type_from_name(key_type_name)) { 227 switch (sshkey_type_from_name(key_type_name)) {
227 case KEY_RSA1: 228 case KEY_RSA1:
228 name = _PATH_SSH_CLIENT_IDENTITY; 229 name = _PATH_SSH_CLIENT_IDENTITY;
229 break; 230 break;
@@ -263,23 +264,26 @@ ask_filename(struct passwd *pw, const char *prompt)
263 have_identity = 1; 264 have_identity = 1;
264} 265}
265 266
266static Key * 267static struct sshkey *
267load_identity(char *filename) 268load_identity(char *filename)
268{ 269{
269 char *pass; 270 char *pass;
270 Key *prv; 271 struct sshkey *prv;
272 int r;
271 273
272 prv = key_load_private(filename, "", NULL); 274 if ((r = sshkey_load_private(filename, "", &prv, NULL)) == 0)
273 if (prv == NULL) { 275 return prv;
274 if (identity_passphrase) 276 if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
275 pass = xstrdup(identity_passphrase); 277 fatal("Load key \"%s\": %s", filename, ssh_err(r));
276 else 278 if (identity_passphrase)
277 pass = read_passphrase("Enter passphrase: ", 279 pass = xstrdup(identity_passphrase);
278 RP_ALLOW_STDIN); 280 else
279 prv = key_load_private(filename, pass, NULL); 281 pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN);
280 explicit_bzero(pass, strlen(pass)); 282 r = sshkey_load_private(filename, pass, &prv, NULL);
281 free(pass); 283 explicit_bzero(pass, strlen(pass));
282 } 284 free(pass);
285 if (r != 0)
286 fatal("Load key \"%s\": %s", filename, ssh_err(r));
283 return prv; 287 return prv;
284} 288}
285 289
@@ -290,39 +294,40 @@ load_identity(char *filename)
290 294
291#ifdef WITH_OPENSSL 295#ifdef WITH_OPENSSL
292static void 296static void
293do_convert_to_ssh2(struct passwd *pw, Key *k) 297do_convert_to_ssh2(struct passwd *pw, struct sshkey *k)
294{ 298{
295 u_int len; 299 size_t len;
296 u_char *blob; 300 u_char *blob;
297 char comment[61]; 301 char comment[61];
302 int r;
298 303
299 if (k->type == KEY_RSA1) { 304 if (k->type == KEY_RSA1) {
300 fprintf(stderr, "version 1 keys are not supported\n"); 305 fprintf(stderr, "version 1 keys are not supported\n");
301 exit(1); 306 exit(1);
302 } 307 }
303 if (key_to_blob(k, &blob, &len) <= 0) { 308 if ((r = sshkey_to_blob(k, &blob, &len)) != 0) {
304 fprintf(stderr, "key_to_blob failed\n"); 309 fprintf(stderr, "key_to_blob failed: %s\n", ssh_err(r));
305 exit(1); 310 exit(1);
306 } 311 }
307 /* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */ 312 /* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */
308 snprintf(comment, sizeof(comment), 313 snprintf(comment, sizeof(comment),
309 "%u-bit %s, converted by %s@%s from OpenSSH", 314 "%u-bit %s, converted by %s@%s from OpenSSH",
310 key_size(k), key_type(k), 315 sshkey_size(k), sshkey_type(k),
311 pw->pw_name, hostname); 316 pw->pw_name, hostname);
312 317
313 fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN); 318 fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
314 fprintf(stdout, "Comment: \"%s\"\n", comment); 319 fprintf(stdout, "Comment: \"%s\"\n", comment);
315 dump_base64(stdout, blob, len); 320 dump_base64(stdout, blob, len);
316 fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END); 321 fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END);
317 key_free(k); 322 sshkey_free(k);
318 free(blob); 323 free(blob);
319 exit(0); 324 exit(0);
320} 325}
321 326
322static void 327static void
323do_convert_to_pkcs8(Key *k) 328do_convert_to_pkcs8(struct sshkey *k)
324{ 329{
325 switch (key_type_plain(k->type)) { 330 switch (sshkey_type_plain(k->type)) {
326 case KEY_RSA1: 331 case KEY_RSA1:
327 case KEY_RSA: 332 case KEY_RSA:
328 if (!PEM_write_RSA_PUBKEY(stdout, k->rsa)) 333 if (!PEM_write_RSA_PUBKEY(stdout, k->rsa))
@@ -339,15 +344,15 @@ do_convert_to_pkcs8(Key *k)
339 break; 344 break;
340#endif 345#endif
341 default: 346 default:
342 fatal("%s: unsupported key type %s", __func__, key_type(k)); 347 fatal("%s: unsupported key type %s", __func__, sshkey_type(k));
343 } 348 }
344 exit(0); 349 exit(0);
345} 350}
346 351
347static void 352static void
348do_convert_to_pem(Key *k) 353do_convert_to_pem(struct sshkey *k)
349{ 354{
350 switch (key_type_plain(k->type)) { 355 switch (sshkey_type_plain(k->type)) {
351 case KEY_RSA1: 356 case KEY_RSA1:
352 case KEY_RSA: 357 case KEY_RSA:
353 if (!PEM_write_RSAPublicKey(stdout, k->rsa)) 358 if (!PEM_write_RSAPublicKey(stdout, k->rsa))
@@ -361,7 +366,7 @@ do_convert_to_pem(Key *k)
361#endif 366#endif
362 /* XXX ECDSA? */ 367 /* XXX ECDSA? */
363 default: 368 default:
364 fatal("%s: unsupported key type %s", __func__, key_type(k)); 369 fatal("%s: unsupported key type %s", __func__, sshkey_type(k));
365 } 370 }
366 exit(0); 371 exit(0);
367} 372}
@@ -369,20 +374,16 @@ do_convert_to_pem(Key *k)
369static void 374static void
370do_convert_to(struct passwd *pw) 375do_convert_to(struct passwd *pw)
371{ 376{
372 Key *k; 377 struct sshkey *k;
373 struct stat st; 378 struct stat st;
379 int r;
374 380
375 if (!have_identity) 381 if (!have_identity)
376 ask_filename(pw, "Enter file in which the key is"); 382 ask_filename(pw, "Enter file in which the key is");
377 if (stat(identity_file, &st) < 0) 383 if (stat(identity_file, &st) < 0)
378 fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); 384 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
379 if ((k = key_load_public(identity_file, NULL)) == NULL) { 385 if ((r = sshkey_load_public(identity_file, &k, NULL)) != 0)
380 if ((k = load_identity(identity_file)) == NULL) { 386 k = load_identity(identity_file);
381 fprintf(stderr, "load failed\n");
382 exit(1);
383 }
384 }
385
386 switch (convert_format) { 387 switch (convert_format) {
387 case FMT_RFC4716: 388 case FMT_RFC4716:
388 do_convert_to_ssh2(pw, k); 389 do_convert_to_ssh2(pw, k);
@@ -399,51 +400,63 @@ do_convert_to(struct passwd *pw)
399 exit(0); 400 exit(0);
400} 401}
401 402
403/*
404 * This is almost exactly the bignum1 encoding, but with 32 bit for length
405 * instead of 16.
406 */
402static void 407static void
403buffer_get_bignum_bits(Buffer *b, BIGNUM *value) 408buffer_get_bignum_bits(struct sshbuf *b, BIGNUM *value)
404{ 409{
405 u_int bignum_bits = buffer_get_int(b); 410 u_int bytes, bignum_bits;
406 u_int bytes = (bignum_bits + 7) / 8; 411 int r;
407 412
408 if (buffer_len(b) < bytes) 413 if ((r = sshbuf_get_u32(b, &bignum_bits)) != 0)
409 fatal("buffer_get_bignum_bits: input buffer too small: " 414 fatal("%s: buffer error: %s", __func__, ssh_err(r));
410 "need %d have %d", bytes, buffer_len(b)); 415 bytes = (bignum_bits + 7) / 8;
411 if (BN_bin2bn(buffer_ptr(b), bytes, value) == NULL) 416 if (sshbuf_len(b) < bytes)
412 fatal("buffer_get_bignum_bits: BN_bin2bn failed"); 417 fatal("%s: input buffer too small: need %d have %zu",
413 buffer_consume(b, bytes); 418 __func__, bytes, sshbuf_len(b));
419 if (BN_bin2bn(sshbuf_ptr(b), bytes, value) == NULL)
420 fatal("%s: BN_bin2bn failed", __func__);
421 if ((r = sshbuf_consume(b, bytes)) != 0)
422 fatal("%s: buffer error: %s", __func__, ssh_err(r));
414} 423}
415 424
416static Key * 425static struct sshkey *
417do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) 426do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
418{ 427{
419 Buffer b; 428 struct sshbuf *b;
420 Key *key = NULL; 429 struct sshkey *key = NULL;
421 char *type, *cipher; 430 char *type, *cipher;
422 u_char *sig = NULL, data[] = "abcde12345"; 431 u_char e1, e2, e3, *sig = NULL, data[] = "abcde12345";
423 int magic, rlen, ktype, i1, i2, i3, i4; 432 int r, rlen, ktype;
424 u_int slen; 433 u_int magic, i1, i2, i3, i4;
434 size_t slen;
425 u_long e; 435 u_long e;
426 436
427 buffer_init(&b); 437 if ((b = sshbuf_from(blob, blen)) == NULL)
428 buffer_append(&b, blob, blen); 438 fatal("%s: sshbuf_from failed", __func__);
439 if ((r = sshbuf_get_u32(b, &magic)) != 0)
440 fatal("%s: buffer error: %s", __func__, ssh_err(r));
429 441
430 magic = buffer_get_int(&b);
431 if (magic != SSH_COM_PRIVATE_KEY_MAGIC) { 442 if (magic != SSH_COM_PRIVATE_KEY_MAGIC) {
432 error("bad magic 0x%x != 0x%x", magic, SSH_COM_PRIVATE_KEY_MAGIC); 443 error("bad magic 0x%x != 0x%x", magic,
433 buffer_free(&b); 444 SSH_COM_PRIVATE_KEY_MAGIC);
445 sshbuf_free(b);
434 return NULL; 446 return NULL;
435 } 447 }
436 i1 = buffer_get_int(&b); 448 if ((r = sshbuf_get_u32(b, &i1)) != 0 ||
437 type = buffer_get_string(&b, NULL); 449 (r = sshbuf_get_cstring(b, &type, NULL)) != 0 ||
438 cipher = buffer_get_string(&b, NULL); 450 (r = sshbuf_get_cstring(b, &cipher, NULL)) != 0 ||
439 i2 = buffer_get_int(&b); 451 (r = sshbuf_get_u32(b, &i2)) != 0 ||
440 i3 = buffer_get_int(&b); 452 (r = sshbuf_get_u32(b, &i3)) != 0 ||
441 i4 = buffer_get_int(&b); 453 (r = sshbuf_get_u32(b, &i4)) != 0)
454 fatal("%s: buffer error: %s", __func__, ssh_err(r));
442 debug("ignore (%d %d %d %d)", i1, i2, i3, i4); 455 debug("ignore (%d %d %d %d)", i1, i2, i3, i4);
443 if (strcmp(cipher, "none") != 0) { 456 if (strcmp(cipher, "none") != 0) {
444 error("unsupported cipher %s", cipher); 457 error("unsupported cipher %s", cipher);
445 free(cipher); 458 free(cipher);
446 buffer_free(&b); 459 sshbuf_free(b);
447 free(type); 460 free(type);
448 return NULL; 461 return NULL;
449 } 462 }
@@ -454,56 +467,64 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
454 } else if (strstr(type, "rsa")) { 467 } else if (strstr(type, "rsa")) {
455 ktype = KEY_RSA; 468 ktype = KEY_RSA;
456 } else { 469 } else {
457 buffer_free(&b); 470 sshbuf_free(b);
458 free(type); 471 free(type);
459 return NULL; 472 return NULL;
460 } 473 }
461 key = key_new_private(ktype); 474 if ((key = sshkey_new_private(ktype)) == NULL)
475 fatal("key_new_private failed");
462 free(type); 476 free(type);
463 477
464 switch (key->type) { 478 switch (key->type) {
465 case KEY_DSA: 479 case KEY_DSA:
466 buffer_get_bignum_bits(&b, key->dsa->p); 480 buffer_get_bignum_bits(b, key->dsa->p);
467 buffer_get_bignum_bits(&b, key->dsa->g); 481 buffer_get_bignum_bits(b, key->dsa->g);
468 buffer_get_bignum_bits(&b, key->dsa->q); 482 buffer_get_bignum_bits(b, key->dsa->q);
469 buffer_get_bignum_bits(&b, key->dsa->pub_key); 483 buffer_get_bignum_bits(b, key->dsa->pub_key);
470 buffer_get_bignum_bits(&b, key->dsa->priv_key); 484 buffer_get_bignum_bits(b, key->dsa->priv_key);
471 break; 485 break;
472 case KEY_RSA: 486 case KEY_RSA:
473 e = buffer_get_char(&b); 487 if ((r = sshbuf_get_u8(b, &e1)) != 0 ||
488 (e1 < 30 && (r = sshbuf_get_u8(b, &e2)) != 0) ||
489 (e1 < 30 && (r = sshbuf_get_u8(b, &e3)) != 0))
490 fatal("%s: buffer error: %s", __func__, ssh_err(r));
491 e = e1;
474 debug("e %lx", e); 492 debug("e %lx", e);
475 if (e < 30) { 493 if (e < 30) {
476 e <<= 8; 494 e <<= 8;
477 e += buffer_get_char(&b); 495 e += e2;
478 debug("e %lx", e); 496 debug("e %lx", e);
479 e <<= 8; 497 e <<= 8;
480 e += buffer_get_char(&b); 498 e += e3;
481 debug("e %lx", e); 499 debug("e %lx", e);
482 } 500 }
483 if (!BN_set_word(key->rsa->e, e)) { 501 if (!BN_set_word(key->rsa->e, e)) {
484 buffer_free(&b); 502 sshbuf_free(b);
485 key_free(key); 503 sshkey_free(key);
486 return NULL; 504 return NULL;
487 } 505 }
488 buffer_get_bignum_bits(&b, key->rsa->d); 506 buffer_get_bignum_bits(b, key->rsa->d);
489 buffer_get_bignum_bits(&b, key->rsa->n); 507 buffer_get_bignum_bits(b, key->rsa->n);
490 buffer_get_bignum_bits(&b, key->rsa->iqmp); 508 buffer_get_bignum_bits(b, key->rsa->iqmp);
491 buffer_get_bignum_bits(&b, key->rsa->q); 509 buffer_get_bignum_bits(b, key->rsa->q);
492 buffer_get_bignum_bits(&b, key->rsa->p); 510 buffer_get_bignum_bits(b, key->rsa->p);
493 if (rsa_generate_additional_parameters(key->rsa) != 0) 511 if ((r = rsa_generate_additional_parameters(key->rsa)) != 0)
494 fatal("%s: rsa_generate_additional_parameters " 512 fatal("generate RSA parameters failed: %s", ssh_err(r));
495 "error", __func__);
496 break; 513 break;
497 } 514 }
498 rlen = buffer_len(&b); 515 rlen = sshbuf_len(b);
499 if (rlen != 0) 516 if (rlen != 0)
500 error("do_convert_private_ssh2_from_blob: " 517 error("do_convert_private_ssh2_from_blob: "
501 "remaining bytes in key blob %d", rlen); 518 "remaining bytes in key blob %d", rlen);
502 buffer_free(&b); 519 sshbuf_free(b);
503 520
504 /* try the key */ 521 /* try the key */
505 key_sign(key, &sig, &slen, data, sizeof(data)); 522 if (sshkey_sign(key, &sig, &slen, data, sizeof(data), 0) != 0 ||
506 key_verify(key, sig, slen, data, sizeof(data)); 523 sshkey_verify(key, sig, slen, data, sizeof(data), 0) != 0) {
524 sshkey_free(key);
525 free(sig);
526 return NULL;
527 }
507 free(sig); 528 free(sig);
508 return key; 529 return key;
509} 530}
@@ -539,14 +560,13 @@ get_line(FILE *fp, char *line, size_t len)
539} 560}
540 561
541static void 562static void
542do_convert_from_ssh2(struct passwd *pw, Key **k, int *private) 563do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private)
543{ 564{
544 int blen; 565 int r, blen, escaped = 0;
545 u_int len; 566 u_int len;
546 char line[1024]; 567 char line[1024];
547 u_char blob[8096]; 568 u_char blob[8096];
548 char encoded[8096]; 569 char encoded[8096];
549 int escaped = 0;
550 FILE *fp; 570 FILE *fp;
551 571
552 if ((fp = fopen(identity_file, "r")) == NULL) 572 if ((fp = fopen(identity_file, "r")) == NULL)
@@ -583,18 +603,17 @@ do_convert_from_ssh2(struct passwd *pw, Key **k, int *private)
583 fprintf(stderr, "uudecode failed.\n"); 603 fprintf(stderr, "uudecode failed.\n");
584 exit(1); 604 exit(1);
585 } 605 }
586 *k = *private ? 606 if (*private)
587 do_convert_private_ssh2_from_blob(blob, blen) : 607 *k = do_convert_private_ssh2_from_blob(blob, blen);
588 key_from_blob(blob, blen); 608 else if ((r = sshkey_from_blob(blob, blen, k)) != 0) {
589 if (*k == NULL) { 609 fprintf(stderr, "decode blob failed: %s\n", ssh_err(r));
590 fprintf(stderr, "decode blob failed.\n");
591 exit(1); 610 exit(1);
592 } 611 }
593 fclose(fp); 612 fclose(fp);
594} 613}
595 614
596static void 615static void
597do_convert_from_pkcs8(Key **k, int *private) 616do_convert_from_pkcs8(struct sshkey **k, int *private)
598{ 617{
599 EVP_PKEY *pubkey; 618 EVP_PKEY *pubkey;
600 FILE *fp; 619 FILE *fp;
@@ -608,21 +627,24 @@ do_convert_from_pkcs8(Key **k, int *private)
608 fclose(fp); 627 fclose(fp);
609 switch (EVP_PKEY_type(pubkey->type)) { 628 switch (EVP_PKEY_type(pubkey->type)) {
610 case EVP_PKEY_RSA: 629 case EVP_PKEY_RSA:
611 *k = key_new(KEY_UNSPEC); 630 if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
631 fatal("sshkey_new failed");
612 (*k)->type = KEY_RSA; 632 (*k)->type = KEY_RSA;
613 (*k)->rsa = EVP_PKEY_get1_RSA(pubkey); 633 (*k)->rsa = EVP_PKEY_get1_RSA(pubkey);
614 break; 634 break;
615 case EVP_PKEY_DSA: 635 case EVP_PKEY_DSA:
616 *k = key_new(KEY_UNSPEC); 636 if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
637 fatal("sshkey_new failed");
617 (*k)->type = KEY_DSA; 638 (*k)->type = KEY_DSA;
618 (*k)->dsa = EVP_PKEY_get1_DSA(pubkey); 639 (*k)->dsa = EVP_PKEY_get1_DSA(pubkey);
619 break; 640 break;
620#ifdef OPENSSL_HAS_ECC 641#ifdef OPENSSL_HAS_ECC
621 case EVP_PKEY_EC: 642 case EVP_PKEY_EC:
622 *k = key_new(KEY_UNSPEC); 643 if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
644 fatal("sshkey_new failed");
623 (*k)->type = KEY_ECDSA; 645 (*k)->type = KEY_ECDSA;
624 (*k)->ecdsa = EVP_PKEY_get1_EC_KEY(pubkey); 646 (*k)->ecdsa = EVP_PKEY_get1_EC_KEY(pubkey);
625 (*k)->ecdsa_nid = key_ecdsa_key_to_nid((*k)->ecdsa); 647 (*k)->ecdsa_nid = sshkey_ecdsa_key_to_nid((*k)->ecdsa);
626 break; 648 break;
627#endif 649#endif
628 default: 650 default:
@@ -634,7 +656,7 @@ do_convert_from_pkcs8(Key **k, int *private)
634} 656}
635 657
636static void 658static void
637do_convert_from_pem(Key **k, int *private) 659do_convert_from_pem(struct sshkey **k, int *private)
638{ 660{
639 FILE *fp; 661 FILE *fp;
640 RSA *rsa; 662 RSA *rsa;
@@ -645,7 +667,8 @@ do_convert_from_pem(Key **k, int *private)
645 if ((fp = fopen(identity_file, "r")) == NULL) 667 if ((fp = fopen(identity_file, "r")) == NULL)
646 fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); 668 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
647 if ((rsa = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL)) != NULL) { 669 if ((rsa = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL)) != NULL) {
648 *k = key_new(KEY_UNSPEC); 670 if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
671 fatal("sshkey_new failed");
649 (*k)->type = KEY_RSA; 672 (*k)->type = KEY_RSA;
650 (*k)->rsa = rsa; 673 (*k)->rsa = rsa;
651 fclose(fp); 674 fclose(fp);
@@ -654,7 +677,8 @@ do_convert_from_pem(Key **k, int *private)
654#if notyet /* OpenSSH 0.9.8 lacks this function */ 677#if notyet /* OpenSSH 0.9.8 lacks this function */
655 rewind(fp); 678 rewind(fp);
656 if ((dsa = PEM_read_DSAPublicKey(fp, NULL, NULL, NULL)) != NULL) { 679 if ((dsa = PEM_read_DSAPublicKey(fp, NULL, NULL, NULL)) != NULL) {
657 *k = key_new(KEY_UNSPEC); 680 if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
681 fatal("sshkey_new failed");
658 (*k)->type = KEY_DSA; 682 (*k)->type = KEY_DSA;
659 (*k)->dsa = dsa; 683 (*k)->dsa = dsa;
660 fclose(fp); 684 fclose(fp);
@@ -668,8 +692,8 @@ do_convert_from_pem(Key **k, int *private)
668static void 692static void
669do_convert_from(struct passwd *pw) 693do_convert_from(struct passwd *pw)
670{ 694{
671 Key *k = NULL; 695 struct sshkey *k = NULL;
672 int private = 0, ok = 0; 696 int r, private = 0, ok = 0;
673 struct stat st; 697 struct stat st;
674 698
675 if (!have_identity) 699 if (!have_identity)
@@ -692,7 +716,8 @@ do_convert_from(struct passwd *pw)
692 } 716 }
693 717
694 if (!private) 718 if (!private)
695 ok = key_write(k, stdout); 719 if ((r = sshkey_write(k, stdout)) == 0)
720 ok = 1;
696 if (ok) 721 if (ok)
697 fprintf(stdout, "\n"); 722 fprintf(stdout, "\n");
698 else { 723 else {
@@ -713,7 +738,7 @@ do_convert_from(struct passwd *pw)
713 break; 738 break;
714 default: 739 default:
715 fatal("%s: unsupported key type %s", __func__, 740 fatal("%s: unsupported key type %s", __func__,
716 key_type(k)); 741 sshkey_type(k));
717 } 742 }
718 } 743 }
719 744
@@ -721,7 +746,7 @@ do_convert_from(struct passwd *pw)
721 fprintf(stderr, "key write failed\n"); 746 fprintf(stderr, "key write failed\n");
722 exit(1); 747 exit(1);
723 } 748 }
724 key_free(k); 749 sshkey_free(k);
725 exit(0); 750 exit(0);
726} 751}
727#endif 752#endif
@@ -729,8 +754,9 @@ do_convert_from(struct passwd *pw)
729static void 754static void
730do_print_public(struct passwd *pw) 755do_print_public(struct passwd *pw)
731{ 756{
732 Key *prv; 757 struct sshkey *prv;
733 struct stat st; 758 struct stat st;
759 int r;
734 760
735 if (!have_identity) 761 if (!have_identity)
736 ask_filename(pw, "Enter file in which the key is"); 762 ask_filename(pw, "Enter file in which the key is");
@@ -739,13 +765,9 @@ do_print_public(struct passwd *pw)
739 exit(1); 765 exit(1);
740 } 766 }
741 prv = load_identity(identity_file); 767 prv = load_identity(identity_file);
742 if (prv == NULL) { 768 if ((r = sshkey_write(prv, stdout)) != 0)
743 fprintf(stderr, "load failed\n"); 769 fprintf(stderr, "key_write failed: %s", ssh_err(r));
744 exit(1); 770 sshkey_free(prv);
745 }
746 if (!key_write(prv, stdout))
747 fprintf(stderr, "key_write failed");
748 key_free(prv);
749 fprintf(stdout, "\n"); 771 fprintf(stdout, "\n");
750 exit(0); 772 exit(0);
751} 773}
@@ -754,9 +776,9 @@ static void
754do_download(struct passwd *pw) 776do_download(struct passwd *pw)
755{ 777{
756#ifdef ENABLE_PKCS11 778#ifdef ENABLE_PKCS11
757 Key **keys = NULL; 779 struct sshkey **keys = NULL;
758 int i, nkeys; 780 int i, nkeys;
759 enum fp_rep rep; 781 enum sshkey_fp_rep rep;
760 int fptype; 782 int fptype;
761 char *fp, *ra; 783 char *fp, *ra;
762 784
@@ -769,20 +791,20 @@ do_download(struct passwd *pw)
769 fatal("cannot read public key from pkcs11"); 791 fatal("cannot read public key from pkcs11");
770 for (i = 0; i < nkeys; i++) { 792 for (i = 0; i < nkeys; i++) {
771 if (print_fingerprint) { 793 if (print_fingerprint) {
772 fp = key_fingerprint(keys[i], fptype, rep); 794 fp = sshkey_fingerprint(keys[i], fptype, rep);
773 ra = key_fingerprint(keys[i], fingerprint_hash, 795 ra = sshkey_fingerprint(keys[i], fingerprint_hash,
774 SSH_FP_RANDOMART); 796 SSH_FP_RANDOMART);
775 printf("%u %s %s (PKCS11 key)\n", key_size(keys[i]), 797 printf("%u %s %s (PKCS11 key)\n", sshkey_size(keys[i]),
776 fp, key_type(keys[i])); 798 fp, sshkey_type(keys[i]));
777 if (log_level >= SYSLOG_LEVEL_VERBOSE) 799 if (log_level >= SYSLOG_LEVEL_VERBOSE)
778 printf("%s\n", ra); 800 printf("%s\n", ra);
779 free(ra); 801 free(ra);
780 free(fp); 802 free(fp);
781 } else { 803 } else {
782 key_write(keys[i], stdout); 804 (void) sshkey_write(keys[i], stdout); /* XXX check */
783 fprintf(stdout, "\n"); 805 fprintf(stdout, "\n");
784 } 806 }
785 key_free(keys[i]); 807 sshkey_free(keys[i]);
786 } 808 }
787 free(keys); 809 free(keys);
788 pkcs11_terminate(); 810 pkcs11_terminate();
@@ -796,10 +818,10 @@ static void
796do_fingerprint(struct passwd *pw) 818do_fingerprint(struct passwd *pw)
797{ 819{
798 FILE *f; 820 FILE *f;
799 Key *public; 821 struct sshkey *public;
800 char *comment = NULL, *cp, *ep, line[16*1024], *fp, *ra; 822 char *comment = NULL, *cp, *ep, line[16*1024], *fp, *ra;
801 int i, skip = 0, num = 0, invalid = 1; 823 int r, i, skip = 0, num = 0, invalid = 1;
802 enum fp_rep rep; 824 enum sshkey_fp_rep rep;
803 int fptype; 825 int fptype;
804 struct stat st; 826 struct stat st;
805 827
@@ -811,16 +833,18 @@ do_fingerprint(struct passwd *pw)
811 perror(identity_file); 833 perror(identity_file);
812 exit(1); 834 exit(1);
813 } 835 }
814 public = key_load_public(identity_file, &comment); 836 if ((r = sshkey_load_public(identity_file, &public, &comment)) != 0)
815 if (public != NULL) { 837 error("Error loading public key \"%s\": %s",
816 fp = key_fingerprint(public, fptype, rep); 838 identity_file, ssh_err(r));
817 ra = key_fingerprint(public, fingerprint_hash, 839 else {
840 fp = sshkey_fingerprint(public, fptype, rep);
841 ra = sshkey_fingerprint(public, fingerprint_hash,
818 SSH_FP_RANDOMART); 842 SSH_FP_RANDOMART);
819 printf("%u %s %s (%s)\n", key_size(public), fp, comment, 843 printf("%u %s %s (%s)\n", sshkey_size(public), fp, comment,
820 key_type(public)); 844 sshkey_type(public));
821 if (log_level >= SYSLOG_LEVEL_VERBOSE) 845 if (log_level >= SYSLOG_LEVEL_VERBOSE)
822 printf("%s\n", ra); 846 printf("%s\n", ra);
823 key_free(public); 847 sshkey_free(public);
824 free(comment); 848 free(comment);
825 free(ra); 849 free(ra);
826 free(fp); 850 free(fp);
@@ -869,27 +893,29 @@ do_fingerprint(struct passwd *pw)
869 *cp++ = '\0'; 893 *cp++ = '\0';
870 } 894 }
871 ep = cp; 895 ep = cp;
872 public = key_new(KEY_RSA1); 896 if ((public = sshkey_new(KEY_RSA1)) == NULL)
873 if (key_read(public, &cp) != 1) { 897 fatal("sshkey_new failed");
898 if ((r = sshkey_read(public, &cp)) != 0) {
874 cp = ep; 899 cp = ep;
875 key_free(public); 900 sshkey_free(public);
876 public = key_new(KEY_UNSPEC); 901 if ((public = sshkey_new(KEY_UNSPEC)) == NULL)
877 if (key_read(public, &cp) != 1) { 902 fatal("sshkey_new failed");
878 key_free(public); 903 if ((r = sshkey_read(public, &cp)) != 0) {
904 sshkey_free(public);
879 continue; 905 continue;
880 } 906 }
881 } 907 }
882 comment = *cp ? cp : comment; 908 comment = *cp ? cp : comment;
883 fp = key_fingerprint(public, fptype, rep); 909 fp = sshkey_fingerprint(public, fptype, rep);
884 ra = key_fingerprint(public, fingerprint_hash, 910 ra = sshkey_fingerprint(public, fingerprint_hash,
885 SSH_FP_RANDOMART); 911 SSH_FP_RANDOMART);
886 printf("%u %s %s (%s)\n", key_size(public), fp, 912 printf("%u %s %s (%s)\n", sshkey_size(public), fp,
887 comment ? comment : "no comment", key_type(public)); 913 comment ? comment : "no comment", sshkey_type(public));
888 if (log_level >= SYSLOG_LEVEL_VERBOSE) 914 if (log_level >= SYSLOG_LEVEL_VERBOSE)
889 printf("%s\n", ra); 915 printf("%s\n", ra);
890 free(ra); 916 free(ra);
891 free(fp); 917 free(fp);
892 key_free(public); 918 sshkey_free(public);
893 invalid = 0; 919 invalid = 0;
894 } 920 }
895 fclose(f); 921 fclose(f);
@@ -921,9 +947,9 @@ do_gen_all_hostkeys(struct passwd *pw)
921 947
922 int first = 0; 948 int first = 0;
923 struct stat st; 949 struct stat st;
924 Key *private, *public; 950 struct sshkey *private, *public;
925 char comment[1024]; 951 char comment[1024];
926 int i, type, fd; 952 int i, type, fd, r;
927 FILE *f; 953 FILE *f;
928 954
929 for (i = 0; key_types[i].key_type; i++) { 955 for (i = 0; key_types[i].key_type; i++) {
@@ -942,34 +968,36 @@ do_gen_all_hostkeys(struct passwd *pw)
942 } 968 }
943 printf("%s ", key_types[i].key_type_display); 969 printf("%s ", key_types[i].key_type_display);
944 fflush(stdout); 970 fflush(stdout);
945 type = key_type_from_name(key_types[i].key_type); 971 type = sshkey_type_from_name(key_types[i].key_type);
946 strlcpy(identity_file, key_types[i].path, sizeof(identity_file)); 972 strlcpy(identity_file, key_types[i].path, sizeof(identity_file));
947 bits = 0; 973 bits = 0;
948 type_bits_valid(type, &bits); 974 type_bits_valid(type, &bits);
949 private = key_generate(type, bits); 975 if ((r = sshkey_generate(type, bits, &private)) != 0) {
950 if (private == NULL) { 976 fprintf(stderr, "key_generate failed: %s\n",
951 fprintf(stderr, "key_generate failed\n"); 977 ssh_err(r));
952 first = 0; 978 first = 0;
953 continue; 979 continue;
954 } 980 }
955 public = key_from_private(private); 981 if ((r = sshkey_from_private(private, &public)) != 0)
982 fatal("sshkey_from_private failed: %s", ssh_err(r));
956 snprintf(comment, sizeof comment, "%s@%s", pw->pw_name, 983 snprintf(comment, sizeof comment, "%s@%s", pw->pw_name,
957 hostname); 984 hostname);
958 if (!key_save_private(private, identity_file, "", comment, 985 if ((r = sshkey_save_private(private, identity_file, "",
959 use_new_format, new_format_cipher, rounds)) { 986 comment, use_new_format, new_format_cipher, rounds)) != 0) {
960 printf("Saving the key failed: %s.\n", identity_file); 987 printf("Saving key \"%s\" failed: %s\n", identity_file,
961 key_free(private); 988 ssh_err(r));
962 key_free(public); 989 sshkey_free(private);
990 sshkey_free(public);
963 first = 0; 991 first = 0;
964 continue; 992 continue;
965 } 993 }
966 key_free(private); 994 sshkey_free(private);
967 strlcat(identity_file, ".pub", sizeof(identity_file)); 995 strlcat(identity_file, ".pub", sizeof(identity_file));
968 fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644); 996 fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
969 if (fd == -1) { 997 if (fd == -1) {
970 printf("Could not save your public key in %s\n", 998 printf("Could not save your public key in %s\n",
971 identity_file); 999 identity_file);
972 key_free(public); 1000 sshkey_free(public);
973 first = 0; 1001 first = 0;
974 continue; 1002 continue;
975 } 1003 }
@@ -977,20 +1005,20 @@ do_gen_all_hostkeys(struct passwd *pw)
977 if (f == NULL) { 1005 if (f == NULL) {
978 printf("fdopen %s failed\n", identity_file); 1006 printf("fdopen %s failed\n", identity_file);
979 close(fd); 1007 close(fd);
980 key_free(public); 1008 sshkey_free(public);
981 first = 0; 1009 first = 0;
982 continue; 1010 continue;
983 } 1011 }
984 if (!key_write(public, f)) { 1012 if (!sshkey_write(public, f)) {
985 fprintf(stderr, "write key failed\n"); 1013 fprintf(stderr, "write key failed\n");
986 fclose(f); 1014 fclose(f);
987 key_free(public); 1015 sshkey_free(public);
988 first = 0; 1016 first = 0;
989 continue; 1017 continue;
990 } 1018 }
991 fprintf(f, " %s\n", comment); 1019 fprintf(f, " %s\n", comment);
992 fclose(f); 1020 fclose(f);
993 key_free(public); 1021 sshkey_free(public);
994 1022
995 } 1023 }
996 if (first != 0) 1024 if (first != 0)
@@ -998,32 +1026,35 @@ do_gen_all_hostkeys(struct passwd *pw)
998} 1026}
999 1027
1000static void 1028static void
1001printhost(FILE *f, const char *name, Key *public, int ca, int revoked, int hash) 1029printhost(FILE *f, const char *name, struct sshkey *public,
1030 int ca, int revoked, int hash)
1002{ 1031{
1003 if (print_fingerprint) { 1032 if (print_fingerprint) {
1004 enum fp_rep rep; 1033 enum sshkey_fp_rep rep;
1005 int fptype; 1034 int fptype;
1006 char *fp, *ra; 1035 char *fp, *ra;
1007 1036
1008 fptype = print_bubblebabble ? 1037 fptype = print_bubblebabble ?
1009 SSH_DIGEST_SHA1 : fingerprint_hash; 1038 SSH_DIGEST_SHA1 : fingerprint_hash;
1010 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; 1039 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
1011 fp = key_fingerprint(public, fptype, rep); 1040 fp = sshkey_fingerprint(public, fptype, rep);
1012 ra = key_fingerprint(public, fingerprint_hash, 1041 ra = sshkey_fingerprint(public, fingerprint_hash,
1013 SSH_FP_RANDOMART); 1042 SSH_FP_RANDOMART);
1014 printf("%u %s %s (%s)\n", key_size(public), fp, name, 1043 printf("%u %s %s (%s)\n", sshkey_size(public), fp, name,
1015 key_type(public)); 1044 sshkey_type(public));
1016 if (log_level >= SYSLOG_LEVEL_VERBOSE) 1045 if (log_level >= SYSLOG_LEVEL_VERBOSE)
1017 printf("%s\n", ra); 1046 printf("%s\n", ra);
1018 free(ra); 1047 free(ra);
1019 free(fp); 1048 free(fp);
1020 } else { 1049 } else {
1050 int r;
1051
1021 if (hash && (name = host_hash(name, NULL, 0)) == NULL) 1052 if (hash && (name = host_hash(name, NULL, 0)) == NULL)
1022 fatal("hash_host failed"); 1053 fatal("hash_host failed");
1023 fprintf(f, "%s%s%s ", ca ? CA_MARKER " " : "", 1054 fprintf(f, "%s%s%s ", ca ? CA_MARKER " " : "",
1024 revoked ? REVOKE_MARKER " " : "" , name); 1055 revoked ? REVOKE_MARKER " " : "" , name);
1025 if (!key_write(public, f)) 1056 if ((r = sshkey_write(public, f)) != 0)
1026 fatal("key_write failed"); 1057 fatal("key_write failed: %s", ssh_err(r));
1027 fprintf(f, "\n"); 1058 fprintf(f, "\n");
1028 } 1059 }
1029} 1060}
@@ -1032,11 +1063,11 @@ static void
1032do_known_hosts(struct passwd *pw, const char *name) 1063do_known_hosts(struct passwd *pw, const char *name)
1033{ 1064{
1034 FILE *in, *out = stdout; 1065 FILE *in, *out = stdout;
1035 Key *pub; 1066 struct sshkey *pub;
1036 char *cp, *cp2, *kp, *kp2; 1067 char *cp, *cp2, *kp, *kp2;
1037 char line[16*1024], tmp[MAXPATHLEN], old[MAXPATHLEN]; 1068 char line[16*1024], tmp[MAXPATHLEN], old[MAXPATHLEN];
1038 int c, skip = 0, inplace = 0, num = 0, invalid = 0, has_unhashed = 0; 1069 int c, skip = 0, inplace = 0, num = 0, invalid = 0, has_unhashed = 0;
1039 int ca, revoked; 1070 int r, ca, revoked;
1040 int found_key = 0; 1071 int found_key = 0;
1041 1072
1042 if (!have_identity) { 1073 if (!have_identity) {
@@ -1106,7 +1137,7 @@ do_known_hosts(struct passwd *pw, const char *name)
1106 sizeof(REVOKE_MARKER) - 1) == 0 && 1137 sizeof(REVOKE_MARKER) - 1) == 0 &&
1107 (cp[sizeof(REVOKE_MARKER) - 1] == ' ' || 1138 (cp[sizeof(REVOKE_MARKER) - 1] == ' ' ||
1108 cp[sizeof(REVOKE_MARKER) - 1] == '\t')) { 1139 cp[sizeof(REVOKE_MARKER) - 1] == '\t')) {
1109 revoked = 1; 1140 revoked = 1;
1110 cp += sizeof(REVOKE_MARKER); 1141 cp += sizeof(REVOKE_MARKER);
1111 } else 1142 } else
1112 revoked = 0; 1143 revoked = 0;
@@ -1124,15 +1155,17 @@ do_known_hosts(struct passwd *pw, const char *name)
1124 *kp++ = '\0'; 1155 *kp++ = '\0';
1125 kp2 = kp; 1156 kp2 = kp;
1126 1157
1127 pub = key_new(KEY_RSA1); 1158 if ((pub = sshkey_new(KEY_RSA1)) == NULL)
1128 if (key_read(pub, &kp) != 1) { 1159 fatal("sshkey_new failed");
1160 if ((r = sshkey_read(pub, &kp)) != 0) {
1129 kp = kp2; 1161 kp = kp2;
1130 key_free(pub); 1162 sshkey_free(pub);
1131 pub = key_new(KEY_UNSPEC); 1163 if ((pub = sshkey_new(KEY_UNSPEC)) == NULL)
1132 if (key_read(pub, &kp) != 1) { 1164 fatal("sshkey_new failed");
1165 if ((r = sshkey_read(pub, &kp)) != 0) {
1133 error("line %d invalid key: %.40s...", 1166 error("line %d invalid key: %.40s...",
1134 num, line); 1167 num, line);
1135 key_free(pub); 1168 sshkey_free(pub);
1136 invalid = 1; 1169 invalid = 1;
1137 continue; 1170 continue;
1138 } 1171 }
@@ -1152,7 +1185,7 @@ do_known_hosts(struct passwd *pw, const char *name)
1152 if (!quiet) 1185 if (!quiet)
1153 printf("# Host %s found: " 1186 printf("# Host %s found: "
1154 "line %d type %s%s\n", name, 1187 "line %d type %s%s\n", name,
1155 num, key_type(pub), 1188 num, sshkey_type(pub),
1156 ca ? " (CA key)" : 1189 ca ? " (CA key)" :
1157 revoked? " (revoked)" : ""); 1190 revoked? " (revoked)" : "");
1158 printhost(out, cp, pub, ca, revoked, 0); 1191 printhost(out, cp, pub, ca, revoked, 0);
@@ -1165,7 +1198,7 @@ do_known_hosts(struct passwd *pw, const char *name)
1165 } else { 1198 } else {
1166 printf("# Host %s found: " 1199 printf("# Host %s found: "
1167 "line %d type %s\n", name, 1200 "line %d type %s\n", name,
1168 num, key_type(pub)); 1201 num, sshkey_type(pub));
1169 } 1202 }
1170 } 1203 }
1171 } else if (hash_hosts) 1204 } else if (hash_hosts)
@@ -1178,7 +1211,7 @@ do_known_hosts(struct passwd *pw, const char *name)
1178 if (!quiet) 1211 if (!quiet)
1179 printf("# Host %s found: " 1212 printf("# Host %s found: "
1180 "line %d type %s%s\n", name, 1213 "line %d type %s%s\n", name,
1181 num, key_type(pub), 1214 num, sshkey_type(pub),
1182 ca ? " (CA key)" : ""); 1215 ca ? " (CA key)" : "");
1183 printhost(out, name, pub, ca, revoked, 1216 printhost(out, name, pub, ca, revoked,
1184 hash_hosts && !(ca || revoked)); 1217 hash_hosts && !(ca || revoked));
@@ -1191,7 +1224,7 @@ do_known_hosts(struct passwd *pw, const char *name)
1191 } else { 1224 } else {
1192 printf("# Host %s found: " 1225 printf("# Host %s found: "
1193 "line %d type %s\n", name, 1226 "line %d type %s\n", name,
1194 num, key_type(pub)); 1227 num, sshkey_type(pub));
1195 } 1228 }
1196 } 1229 }
1197 } else if (hash_hosts && (ca || revoked)) { 1230 } else if (hash_hosts && (ca || revoked)) {
@@ -1219,7 +1252,7 @@ do_known_hosts(struct passwd *pw, const char *name)
1219 } 1252 }
1220 } 1253 }
1221 } 1254 }
1222 key_free(pub); 1255 sshkey_free(pub);
1223 } 1256 }
1224 fclose(in); 1257 fclose(in);
1225 1258
@@ -1276,7 +1309,8 @@ do_change_passphrase(struct passwd *pw)
1276 char *comment; 1309 char *comment;
1277 char *old_passphrase, *passphrase1, *passphrase2; 1310 char *old_passphrase, *passphrase1, *passphrase2;
1278 struct stat st; 1311 struct stat st;
1279 Key *private; 1312 struct sshkey *private;
1313 int r;
1280 1314
1281 if (!have_identity) 1315 if (!have_identity)
1282 ask_filename(pw, "Enter file in which the key is"); 1316 ask_filename(pw, "Enter file in which the key is");
@@ -1285,22 +1319,25 @@ do_change_passphrase(struct passwd *pw)
1285 exit(1); 1319 exit(1);
1286 } 1320 }
1287 /* Try to load the file with empty passphrase. */ 1321 /* Try to load the file with empty passphrase. */
1288 private = key_load_private(identity_file, "", &comment); 1322 r = sshkey_load_private(identity_file, "", &private, &comment);
1289 if (private == NULL) { 1323 if (r == SSH_ERR_KEY_WRONG_PASSPHRASE) {
1290 if (identity_passphrase) 1324 if (identity_passphrase)
1291 old_passphrase = xstrdup(identity_passphrase); 1325 old_passphrase = xstrdup(identity_passphrase);
1292 else 1326 else
1293 old_passphrase = 1327 old_passphrase =
1294 read_passphrase("Enter old passphrase: ", 1328 read_passphrase("Enter old passphrase: ",
1295 RP_ALLOW_STDIN); 1329 RP_ALLOW_STDIN);
1296 private = key_load_private(identity_file, old_passphrase, 1330 r = sshkey_load_private(identity_file, old_passphrase,
1297 &comment); 1331 &private, &comment);
1298 explicit_bzero(old_passphrase, strlen(old_passphrase)); 1332 explicit_bzero(old_passphrase, strlen(old_passphrase));
1299 free(old_passphrase); 1333 free(old_passphrase);
1300 if (private == NULL) { 1334 if (r != 0)
1301 printf("Bad passphrase.\n"); 1335 goto badkey;
1302 exit(1); 1336 } else if (r != 0) {
1303 } 1337 badkey:
1338 fprintf(stderr, "Failed to load key \"%s\": %s\n",
1339 identity_file, ssh_err(r));
1340 exit(1);
1304 } 1341 }
1305 printf("Key has comment '%s'\n", comment); 1342 printf("Key has comment '%s'\n", comment);
1306 1343
@@ -1330,19 +1367,20 @@ do_change_passphrase(struct passwd *pw)
1330 } 1367 }
1331 1368
1332 /* Save the file using the new passphrase. */ 1369 /* Save the file using the new passphrase. */
1333 if (!key_save_private(private, identity_file, passphrase1, comment, 1370 if ((r = sshkey_save_private(private, identity_file, passphrase1,
1334 use_new_format, new_format_cipher, rounds)) { 1371 comment, use_new_format, new_format_cipher, rounds)) != 0) {
1335 printf("Saving the key failed: %s.\n", identity_file); 1372 printf("Saving key \"%s\" failed: %s.\n",
1373 identity_file, ssh_err(r));
1336 explicit_bzero(passphrase1, strlen(passphrase1)); 1374 explicit_bzero(passphrase1, strlen(passphrase1));
1337 free(passphrase1); 1375 free(passphrase1);
1338 key_free(private); 1376 sshkey_free(private);
1339 free(comment); 1377 free(comment);
1340 exit(1); 1378 exit(1);
1341 } 1379 }
1342 /* Destroy the passphrase and the copy of the key in memory. */ 1380 /* Destroy the passphrase and the copy of the key in memory. */
1343 explicit_bzero(passphrase1, strlen(passphrase1)); 1381 explicit_bzero(passphrase1, strlen(passphrase1));
1344 free(passphrase1); 1382 free(passphrase1);
1345 key_free(private); /* Destroys contents */ 1383 sshkey_free(private); /* Destroys contents */
1346 free(comment); 1384 free(comment);
1347 1385
1348 printf("Your identification has been saved with the new passphrase.\n"); 1386 printf("Your identification has been saved with the new passphrase.\n");
@@ -1355,9 +1393,10 @@ do_change_passphrase(struct passwd *pw)
1355static int 1393static int
1356do_print_resource_record(struct passwd *pw, char *fname, char *hname) 1394do_print_resource_record(struct passwd *pw, char *fname, char *hname)
1357{ 1395{
1358 Key *public; 1396 struct sshkey *public;
1359 char *comment = NULL; 1397 char *comment = NULL;
1360 struct stat st; 1398 struct stat st;
1399 int r;
1361 1400
1362 if (fname == NULL) 1401 if (fname == NULL)
1363 fatal("%s: no filename", __func__); 1402 fatal("%s: no filename", __func__);
@@ -1367,18 +1406,15 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname)
1367 perror(fname); 1406 perror(fname);
1368 exit(1); 1407 exit(1);
1369 } 1408 }
1370 public = key_load_public(fname, &comment); 1409 if ((r = sshkey_load_public(fname, &public, &comment)) != 0) {
1371 if (public != NULL) { 1410 printf("Failed to read v2 public key from \"%s\": %s.\n",
1372 export_dns_rr(hname, public, stdout, print_generic); 1411 fname, ssh_err(r));
1373 key_free(public); 1412 exit(1);
1374 free(comment);
1375 return 1;
1376 } 1413 }
1377 if (comment) 1414 export_dns_rr(hname, public, stdout, print_generic);
1378 free(comment); 1415 sshkey_free(public);
1379 1416 free(comment);
1380 printf("failed to read v2 public key from %s.\n", fname); 1417 return 1;
1381 exit(1);
1382} 1418}
1383 1419
1384/* 1420/*
@@ -1388,11 +1424,11 @@ static void
1388do_change_comment(struct passwd *pw) 1424do_change_comment(struct passwd *pw)
1389{ 1425{
1390 char new_comment[1024], *comment, *passphrase; 1426 char new_comment[1024], *comment, *passphrase;
1391 Key *private; 1427 struct sshkey *private;
1392 Key *public; 1428 struct sshkey *public;
1393 struct stat st; 1429 struct stat st;
1394 FILE *f; 1430 FILE *f;
1395 int fd; 1431 int r, fd;
1396 1432
1397 if (!have_identity) 1433 if (!have_identity)
1398 ask_filename(pw, "Enter file in which the key is"); 1434 ask_filename(pw, "Enter file in which the key is");
@@ -1400,8 +1436,14 @@ do_change_comment(struct passwd *pw)
1400 perror(identity_file); 1436 perror(identity_file);
1401 exit(1); 1437 exit(1);
1402 } 1438 }
1403 private = key_load_private(identity_file, "", &comment); 1439 if ((r = sshkey_load_private(identity_file, "",
1404 if (private == NULL) { 1440 &private, &comment)) == 0)
1441 passphrase = xstrdup("");
1442 else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
1443 printf("Cannot load private key \"%s\": %s.\n",
1444 identity_file, ssh_err(r));
1445 exit(1);
1446 } else {
1405 if (identity_passphrase) 1447 if (identity_passphrase)
1406 passphrase = xstrdup(identity_passphrase); 1448 passphrase = xstrdup(identity_passphrase);
1407 else if (identity_new_passphrase) 1449 else if (identity_new_passphrase)
@@ -1410,19 +1452,18 @@ do_change_comment(struct passwd *pw)
1410 passphrase = read_passphrase("Enter passphrase: ", 1452 passphrase = read_passphrase("Enter passphrase: ",
1411 RP_ALLOW_STDIN); 1453 RP_ALLOW_STDIN);
1412 /* Try to load using the passphrase. */ 1454 /* Try to load using the passphrase. */
1413 private = key_load_private(identity_file, passphrase, &comment); 1455 if ((r = sshkey_load_private(identity_file, passphrase,
1414 if (private == NULL) { 1456 &private, &comment)) != 0) {
1415 explicit_bzero(passphrase, strlen(passphrase)); 1457 explicit_bzero(passphrase, strlen(passphrase));
1416 free(passphrase); 1458 free(passphrase);
1417 printf("Bad passphrase.\n"); 1459 printf("Cannot load private key \"%s\": %s.\n",
1460 identity_file, ssh_err(r));
1418 exit(1); 1461 exit(1);
1419 } 1462 }
1420 } else {
1421 passphrase = xstrdup("");
1422 } 1463 }
1423 if (private->type != KEY_RSA1) { 1464 if (private->type != KEY_RSA1) {
1424 fprintf(stderr, "Comments are only supported for RSA1 keys.\n"); 1465 fprintf(stderr, "Comments are only supported for RSA1 keys.\n");
1425 key_free(private); 1466 sshkey_free(private);
1426 exit(1); 1467 exit(1);
1427 } 1468 }
1428 printf("Key now has comment '%s'\n", comment); 1469 printf("Key now has comment '%s'\n", comment);
@@ -1434,26 +1475,28 @@ do_change_comment(struct passwd *pw)
1434 fflush(stdout); 1475 fflush(stdout);
1435 if (!fgets(new_comment, sizeof(new_comment), stdin)) { 1476 if (!fgets(new_comment, sizeof(new_comment), stdin)) {
1436 explicit_bzero(passphrase, strlen(passphrase)); 1477 explicit_bzero(passphrase, strlen(passphrase));
1437 key_free(private); 1478 sshkey_free(private);
1438 exit(1); 1479 exit(1);
1439 } 1480 }
1440 new_comment[strcspn(new_comment, "\n")] = '\0'; 1481 new_comment[strcspn(new_comment, "\n")] = '\0';
1441 } 1482 }
1442 1483
1443 /* Save the file using the new passphrase. */ 1484 /* Save the file using the new passphrase. */
1444 if (!key_save_private(private, identity_file, passphrase, new_comment, 1485 if ((r = sshkey_save_private(private, identity_file, passphrase,
1445 use_new_format, new_format_cipher, rounds)) { 1486 new_comment, use_new_format, new_format_cipher, rounds)) != 0) {
1446 printf("Saving the key failed: %s.\n", identity_file); 1487 printf("Saving key \"%s\" failed: %s\n",
1488 identity_file, ssh_err(r));
1447 explicit_bzero(passphrase, strlen(passphrase)); 1489 explicit_bzero(passphrase, strlen(passphrase));
1448 free(passphrase); 1490 free(passphrase);
1449 key_free(private); 1491 sshkey_free(private);
1450 free(comment); 1492 free(comment);
1451 exit(1); 1493 exit(1);
1452 } 1494 }
1453 explicit_bzero(passphrase, strlen(passphrase)); 1495 explicit_bzero(passphrase, strlen(passphrase));
1454 free(passphrase); 1496 free(passphrase);
1455 public = key_from_private(private); 1497 if ((r = sshkey_from_private(private, &public)) != 0)
1456 key_free(private); 1498 fatal("key_from_private failed: %s", ssh_err(r));
1499 sshkey_free(private);
1457 1500
1458 strlcat(identity_file, ".pub", sizeof(identity_file)); 1501 strlcat(identity_file, ".pub", sizeof(identity_file));
1459 fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644); 1502 fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
@@ -1466,9 +1509,9 @@ do_change_comment(struct passwd *pw)
1466 printf("fdopen %s failed\n", identity_file); 1509 printf("fdopen %s failed\n", identity_file);
1467 exit(1); 1510 exit(1);
1468 } 1511 }
1469 if (!key_write(public, f)) 1512 if ((r = sshkey_write(public, f)) != 0)
1470 fprintf(stderr, "write key failed\n"); 1513 fprintf(stderr, "write key failed: %s\n", ssh_err(r));
1471 key_free(public); 1514 sshkey_free(public);
1472 fprintf(f, " %s\n", new_comment); 1515 fprintf(f, " %s\n", new_comment);
1473 fclose(f); 1516 fclose(f);
1474 1517
@@ -1517,34 +1560,39 @@ fmt_validity(u_int64_t valid_from, u_int64_t valid_to)
1517} 1560}
1518 1561
1519static void 1562static void
1520add_flag_option(Buffer *c, const char *name) 1563add_flag_option(struct sshbuf *c, const char *name)
1521{ 1564{
1565 int r;
1566
1522 debug3("%s: %s", __func__, name); 1567 debug3("%s: %s", __func__, name);
1523 buffer_put_cstring(c, name); 1568 if ((r = sshbuf_put_cstring(c, name)) != 0 ||
1524 buffer_put_string(c, NULL, 0); 1569 (r = sshbuf_put_string(c, NULL, 0)) != 0)
1570 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1525} 1571}
1526 1572
1527static void 1573static void
1528add_string_option(Buffer *c, const char *name, const char *value) 1574add_string_option(struct sshbuf *c, const char *name, const char *value)
1529{ 1575{
1530 Buffer b; 1576 struct sshbuf *b;
1577 int r;
1531 1578
1532 debug3("%s: %s=%s", __func__, name, value); 1579 debug3("%s: %s=%s", __func__, name, value);
1533 buffer_init(&b); 1580 if ((b = sshbuf_new()) == NULL)
1534 buffer_put_cstring(&b, value); 1581 fatal("%s: sshbuf_new failed", __func__);
1535 1582 if ((r = sshbuf_put_cstring(b, value)) != 0 ||
1536 buffer_put_cstring(c, name); 1583 (r = sshbuf_put_cstring(c, name)) != 0 ||
1537 buffer_put_string(c, buffer_ptr(&b), buffer_len(&b)); 1584 (r = sshbuf_put_stringb(c, b)) != 0)
1538 1585 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1539 buffer_free(&b); 1586
1587 sshbuf_free(b);
1540} 1588}
1541 1589
1542#define OPTIONS_CRITICAL 1 1590#define OPTIONS_CRITICAL 1
1543#define OPTIONS_EXTENSIONS 2 1591#define OPTIONS_EXTENSIONS 2
1544static void 1592static void
1545prepare_options_buf(Buffer *c, int which) 1593prepare_options_buf(struct sshbuf *c, int which)
1546{ 1594{
1547 buffer_clear(c); 1595 sshbuf_reset(c);
1548 if ((which & OPTIONS_CRITICAL) != 0 && 1596 if ((which & OPTIONS_CRITICAL) != 0 &&
1549 certflags_command != NULL) 1597 certflags_command != NULL)
1550 add_string_option(c, "force-command", certflags_command); 1598 add_string_option(c, "force-command", certflags_command);
@@ -1568,29 +1616,30 @@ prepare_options_buf(Buffer *c, int which)
1568 add_string_option(c, "source-address", certflags_src_addr); 1616 add_string_option(c, "source-address", certflags_src_addr);
1569} 1617}
1570 1618
1571static Key * 1619static struct sshkey *
1572load_pkcs11_key(char *path) 1620load_pkcs11_key(char *path)
1573{ 1621{
1574#ifdef ENABLE_PKCS11 1622#ifdef ENABLE_PKCS11
1575 Key **keys = NULL, *public, *private = NULL; 1623 struct sshkey **keys = NULL, *public, *private = NULL;
1576 int i, nkeys; 1624 int r, i, nkeys;
1577 1625
1578 if ((public = key_load_public(path, NULL)) == NULL) 1626 if ((r = sshkey_load_public(path, &public, NULL)) != 0)
1579 fatal("Couldn't load CA public key \"%s\"", path); 1627 fatal("Couldn't load CA public key \"%s\": %s",
1628 path, ssh_err(r));
1580 1629
1581 nkeys = pkcs11_add_provider(pkcs11provider, identity_passphrase, &keys); 1630 nkeys = pkcs11_add_provider(pkcs11provider, identity_passphrase, &keys);
1582 debug3("%s: %d keys", __func__, nkeys); 1631 debug3("%s: %d keys", __func__, nkeys);
1583 if (nkeys <= 0) 1632 if (nkeys <= 0)
1584 fatal("cannot read public key from pkcs11"); 1633 fatal("cannot read public key from pkcs11");
1585 for (i = 0; i < nkeys; i++) { 1634 for (i = 0; i < nkeys; i++) {
1586 if (key_equal_public(public, keys[i])) { 1635 if (sshkey_equal_public(public, keys[i])) {
1587 private = keys[i]; 1636 private = keys[i];
1588 continue; 1637 continue;
1589 } 1638 }
1590 key_free(keys[i]); 1639 sshkey_free(keys[i]);
1591 } 1640 }
1592 free(keys); 1641 free(keys);
1593 key_free(public); 1642 sshkey_free(public);
1594 return private; 1643 return private;
1595#else 1644#else
1596 fatal("no pkcs11 support"); 1645 fatal("no pkcs11 support");
@@ -1600,15 +1649,15 @@ load_pkcs11_key(char *path)
1600static void 1649static void
1601do_ca_sign(struct passwd *pw, int argc, char **argv) 1650do_ca_sign(struct passwd *pw, int argc, char **argv)
1602{ 1651{
1603 int i, fd; 1652 int r, i, fd;
1604 u_int n; 1653 u_int n;
1605 Key *ca, *public; 1654 struct sshkey *ca, *public;
1606 char *otmp, *tmp, *cp, *out, *comment, **plist = NULL; 1655 char *otmp, *tmp, *cp, *out, *comment, **plist = NULL;
1607 FILE *f; 1656 FILE *f;
1608 int v00 = 0; /* legacy keys */ 1657 int v00 = 0; /* legacy keys */
1609 1658
1610 if (key_type_name != NULL) { 1659 if (key_type_name != NULL) {
1611 switch (key_type_from_name(key_type_name)) { 1660 switch (sshkey_type_from_name(key_type_name)) {
1612 case KEY_RSA_CERT_V00: 1661 case KEY_RSA_CERT_V00:
1613 case KEY_DSA_CERT_V00: 1662 case KEY_DSA_CERT_V00:
1614 v00 = 1; 1663 v00 = 1;
@@ -1633,8 +1682,8 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1633 if (pkcs11provider != NULL) { 1682 if (pkcs11provider != NULL) {
1634 if ((ca = load_pkcs11_key(tmp)) == NULL) 1683 if ((ca = load_pkcs11_key(tmp)) == NULL)
1635 fatal("No PKCS#11 key matching %s found", ca_key_path); 1684 fatal("No PKCS#11 key matching %s found", ca_key_path);
1636 } else if ((ca = load_identity(tmp)) == NULL) 1685 } else
1637 fatal("Couldn't load CA key \"%s\"", tmp); 1686 ca = load_identity(tmp);
1638 free(tmp); 1687 free(tmp);
1639 1688
1640 for (i = 0; i < argc; i++) { 1689 for (i = 0; i < argc; i++) {
@@ -1652,16 +1701,18 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1652 } 1701 }
1653 1702
1654 tmp = tilde_expand_filename(argv[i], pw->pw_uid); 1703 tmp = tilde_expand_filename(argv[i], pw->pw_uid);
1655 if ((public = key_load_public(tmp, &comment)) == NULL) 1704 if ((r = sshkey_load_public(tmp, &public, &comment)) != 0)
1656 fatal("%s: unable to open \"%s\"", __func__, tmp); 1705 fatal("%s: unable to open \"%s\": %s",
1706 __func__, tmp, ssh_err(r));
1657 if (public->type != KEY_RSA && public->type != KEY_DSA && 1707 if (public->type != KEY_RSA && public->type != KEY_DSA &&
1658 public->type != KEY_ECDSA && public->type != KEY_ED25519) 1708 public->type != KEY_ECDSA && public->type != KEY_ED25519)
1659 fatal("%s: key \"%s\" type %s cannot be certified", 1709 fatal("%s: key \"%s\" type %s cannot be certified",
1660 __func__, tmp, key_type(public)); 1710 __func__, tmp, sshkey_type(public));
1661 1711
1662 /* Prepare certificate to sign */ 1712 /* Prepare certificate to sign */
1663 if (key_to_certified(public, v00) != 0) 1713 if ((r = sshkey_to_certified(public, v00)) != 0)
1664 fatal("Could not upgrade key %s to certificate", tmp); 1714 fatal("Could not upgrade key %s to certificate: %s",
1715 tmp, ssh_err(r));
1665 public->cert->type = cert_key_type; 1716 public->cert->type = cert_key_type;
1666 public->cert->serial = (u_int64_t)cert_serial; 1717 public->cert->serial = (u_int64_t)cert_serial;
1667 public->cert->key_id = xstrdup(cert_key_id); 1718 public->cert->key_id = xstrdup(cert_key_id);
@@ -1678,9 +1729,11 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1678 prepare_options_buf(public->cert->extensions, 1729 prepare_options_buf(public->cert->extensions,
1679 OPTIONS_EXTENSIONS); 1730 OPTIONS_EXTENSIONS);
1680 } 1731 }
1681 public->cert->signature_key = key_from_private(ca); 1732 if ((r = sshkey_from_private(ca,
1733 &public->cert->signature_key)) != 0)
1734 fatal("key_from_private (ca key): %s", ssh_err(r));
1682 1735
1683 if (key_certify(public, ca) != 0) 1736 if (sshkey_certify(public, ca) != 0)
1684 fatal("Couldn't not certify key %s", tmp); 1737 fatal("Couldn't not certify key %s", tmp);
1685 1738
1686 if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0) 1739 if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0)
@@ -1693,14 +1746,15 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1693 strerror(errno)); 1746 strerror(errno));
1694 if ((f = fdopen(fd, "w")) == NULL) 1747 if ((f = fdopen(fd, "w")) == NULL)
1695 fatal("%s: fdopen: %s", __func__, strerror(errno)); 1748 fatal("%s: fdopen: %s", __func__, strerror(errno));
1696 if (!key_write(public, f)) 1749 if ((r = sshkey_write(public, f)) != 0)
1697 fatal("Could not write certified key to %s", out); 1750 fatal("Could not write certified key to %s: %s",
1751 out, ssh_err(r));
1698 fprintf(f, " %s\n", comment); 1752 fprintf(f, " %s\n", comment);
1699 fclose(f); 1753 fclose(f);
1700 1754
1701 if (!quiet) { 1755 if (!quiet) {
1702 logit("Signed %s key %s: id \"%s\" serial %llu%s%s " 1756 logit("Signed %s key %s: id \"%s\" serial %llu%s%s "
1703 "valid %s", key_cert_type(public), 1757 "valid %s", sshkey_cert_type(public),
1704 out, public->cert->key_id, 1758 out, public->cert->key_id,
1705 (unsigned long long)public->cert->serial, 1759 (unsigned long long)public->cert->serial,
1706 cert_principals != NULL ? " for " : "", 1760 cert_principals != NULL ? " for " : "",
@@ -1708,7 +1762,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1708 fmt_validity(cert_valid_from, cert_valid_to)); 1762 fmt_validity(cert_valid_from, cert_valid_to));
1709 } 1763 }
1710 1764
1711 key_free(public); 1765 sshkey_free(public);
1712 free(out); 1766 free(out);
1713 } 1767 }
1714#ifdef ENABLE_PKCS11 1768#ifdef ENABLE_PKCS11
@@ -1859,21 +1913,20 @@ add_cert_option(char *opt)
1859} 1913}
1860 1914
1861static void 1915static void
1862show_options(const Buffer *optbuf, int v00, int in_critical) 1916show_options(struct sshbuf *optbuf, int v00, int in_critical)
1863{ 1917{
1864 char *name, *arg; 1918 char *name, *arg;
1865 const u_char *data; 1919 struct sshbuf *options, *option = NULL;
1866 u_int dlen; 1920 int r;
1867 Buffer options, option; 1921
1868 1922 if ((options = sshbuf_fromb(optbuf)) == NULL)
1869 buffer_init(&options); 1923 fatal("%s: sshbuf_fromb failed", __func__);
1870 buffer_append(&options, buffer_ptr(optbuf), buffer_len(optbuf)); 1924 while (sshbuf_len(options) != 0) {
1871 1925 sshbuf_free(option);
1872 buffer_init(&option); 1926 option = NULL;
1873 while (buffer_len(&options) != 0) { 1927 if ((r = sshbuf_get_cstring(options, &name, NULL)) != 0 ||
1874 name = buffer_get_string(&options, NULL); 1928 (r = sshbuf_froms(options, &option)) != 0)
1875 data = buffer_get_string_ptr(&options, &dlen); 1929 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1876 buffer_append(&option, data, dlen);
1877 printf(" %s", name); 1930 printf(" %s", name);
1878 if ((v00 || !in_critical) && 1931 if ((v00 || !in_critical) &&
1879 (strcmp(name, "permit-X11-forwarding") == 0 || 1932 (strcmp(name, "permit-X11-forwarding") == 0 ||
@@ -1885,50 +1938,54 @@ show_options(const Buffer *optbuf, int v00, int in_critical)
1885 else if ((v00 || in_critical) && 1938 else if ((v00 || in_critical) &&
1886 (strcmp(name, "force-command") == 0 || 1939 (strcmp(name, "force-command") == 0 ||
1887 strcmp(name, "source-address") == 0)) { 1940 strcmp(name, "source-address") == 0)) {
1888 arg = buffer_get_cstring(&option, NULL); 1941 if ((r = sshbuf_get_cstring(option, &arg, NULL)) != 0)
1942 fatal("%s: buffer error: %s",
1943 __func__, ssh_err(r));
1889 printf(" %s\n", arg); 1944 printf(" %s\n", arg);
1890 free(arg); 1945 free(arg);
1891 } else { 1946 } else {
1892 printf(" UNKNOWN OPTION (len %u)\n", 1947 printf(" UNKNOWN OPTION (len %zu)\n",
1893 buffer_len(&option)); 1948 sshbuf_len(option));
1894 buffer_clear(&option); 1949 sshbuf_reset(option);
1895 } 1950 }
1896 free(name); 1951 free(name);
1897 if (buffer_len(&option) != 0) 1952 if (sshbuf_len(option) != 0)
1898 fatal("Option corrupt: extra data at end"); 1953 fatal("Option corrupt: extra data at end");
1899 } 1954 }
1900 buffer_free(&option); 1955 sshbuf_free(option);
1901 buffer_free(&options); 1956 sshbuf_free(options);
1902} 1957}
1903 1958
1904static void 1959static void
1905do_show_cert(struct passwd *pw) 1960do_show_cert(struct passwd *pw)
1906{ 1961{
1907 Key *key; 1962 struct sshkey *key;
1908 struct stat st; 1963 struct stat st;
1909 char *key_fp, *ca_fp; 1964 char *key_fp, *ca_fp;
1910 u_int i, v00; 1965 u_int i, v00;
1966 int r;
1911 1967
1912 if (!have_identity) 1968 if (!have_identity)
1913 ask_filename(pw, "Enter file in which the key is"); 1969 ask_filename(pw, "Enter file in which the key is");
1914 if (stat(identity_file, &st) < 0) 1970 if (stat(identity_file, &st) < 0)
1915 fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); 1971 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
1916 if ((key = key_load_public(identity_file, NULL)) == NULL) 1972 if ((r = sshkey_load_public(identity_file, &key, NULL)) != 0)
1917 fatal("%s is not a public key", identity_file); 1973 fatal("Cannot load public key \"%s\": %s",
1918 if (!key_is_cert(key)) 1974 identity_file, ssh_err(r));
1975 if (!sshkey_is_cert(key))
1919 fatal("%s is not a certificate", identity_file); 1976 fatal("%s is not a certificate", identity_file);
1920 v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00; 1977 v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00;
1921 1978
1922 key_fp = key_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT); 1979 key_fp = sshkey_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT);
1923 ca_fp = key_fingerprint(key->cert->signature_key, 1980 ca_fp = sshkey_fingerprint(key->cert->signature_key,
1924 fingerprint_hash, SSH_FP_DEFAULT); 1981 fingerprint_hash, SSH_FP_DEFAULT);
1925 1982
1926 printf("%s:\n", identity_file); 1983 printf("%s:\n", identity_file);
1927 printf(" Type: %s %s certificate\n", key_ssh_name(key), 1984 printf(" Type: %s %s certificate\n", sshkey_ssh_name(key),
1928 key_cert_type(key)); 1985 sshkey_cert_type(key));
1929 printf(" Public key: %s %s\n", key_type(key), key_fp); 1986 printf(" Public key: %s %s\n", sshkey_type(key), key_fp);
1930 printf(" Signing CA: %s %s\n", 1987 printf(" Signing CA: %s %s\n",
1931 key_type(key->cert->signature_key), ca_fp); 1988 sshkey_type(key->cert->signature_key), ca_fp);
1932 printf(" Key ID: \"%s\"\n", key->cert->key_id); 1989 printf(" Key ID: \"%s\"\n", key->cert->key_id);
1933 if (!v00) { 1990 if (!v00) {
1934 printf(" Serial: %llu\n", 1991 printf(" Serial: %llu\n",
@@ -1946,7 +2003,7 @@ do_show_cert(struct passwd *pw)
1946 printf("\n"); 2003 printf("\n");
1947 } 2004 }
1948 printf(" Critical Options: "); 2005 printf(" Critical Options: ");
1949 if (buffer_len(key->cert->critical) == 0) 2006 if (sshbuf_len(key->cert->critical) == 0)
1950 printf("(none)\n"); 2007 printf("(none)\n");
1951 else { 2008 else {
1952 printf("\n"); 2009 printf("\n");
@@ -1954,7 +2011,7 @@ do_show_cert(struct passwd *pw)
1954 } 2011 }
1955 if (!v00) { 2012 if (!v00) {
1956 printf(" Extensions: "); 2013 printf(" Extensions: ");
1957 if (buffer_len(key->cert->extensions) == 0) 2014 if (sshbuf_len(key->cert->extensions) == 0)
1958 printf("(none)\n"); 2015 printf("(none)\n");
1959 else { 2016 else {
1960 printf("\n"); 2017 printf("\n");
@@ -1967,27 +2024,28 @@ do_show_cert(struct passwd *pw)
1967static void 2024static void
1968load_krl(const char *path, struct ssh_krl **krlp) 2025load_krl(const char *path, struct ssh_krl **krlp)
1969{ 2026{
1970 Buffer krlbuf; 2027 struct sshbuf *krlbuf;
1971 int fd; 2028 int r, fd;
1972 2029
1973 buffer_init(&krlbuf); 2030 if ((krlbuf = sshbuf_new()) == NULL)
2031 fatal("sshbuf_new failed");
1974 if ((fd = open(path, O_RDONLY)) == -1) 2032 if ((fd = open(path, O_RDONLY)) == -1)
1975 fatal("open %s: %s", path, strerror(errno)); 2033 fatal("open %s: %s", path, strerror(errno));
1976 if (!key_load_file(fd, path, &krlbuf)) 2034 if ((r = sshkey_load_file(fd, krlbuf)) != 0)
1977 fatal("Unable to load KRL"); 2035 fatal("Unable to load KRL: %s", ssh_err(r));
1978 close(fd); 2036 close(fd);
1979 /* XXX check sigs */ 2037 /* XXX check sigs */
1980 if (ssh_krl_from_blob(&krlbuf, krlp, NULL, 0) != 0 || 2038 if ((r = ssh_krl_from_blob(krlbuf, krlp, NULL, 0)) != 0 ||
1981 *krlp == NULL) 2039 *krlp == NULL)
1982 fatal("Invalid KRL file"); 2040 fatal("Invalid KRL file: %s", ssh_err(r));
1983 buffer_free(&krlbuf); 2041 sshbuf_free(krlbuf);
1984} 2042}
1985 2043
1986static void 2044static void
1987update_krl_from_file(struct passwd *pw, const char *file, const Key *ca, 2045update_krl_from_file(struct passwd *pw, const char *file,
1988 struct ssh_krl *krl) 2046 const struct sshkey *ca, struct ssh_krl *krl)
1989{ 2047{
1990 Key *key = NULL; 2048 struct sshkey *key = NULL;
1991 u_long lnum = 0; 2049 u_long lnum = 0;
1992 char *path, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; 2050 char *path, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES];
1993 unsigned long long serial, serial2; 2051 unsigned long long serial, serial2;
@@ -2086,10 +2144,11 @@ update_krl_from_file(struct passwd *pw, const char *file, const Key *ca,
2086 * Parsing will fail if it isn't. 2144 * Parsing will fail if it isn't.
2087 */ 2145 */
2088 } 2146 }
2089 if ((key = key_new(KEY_UNSPEC)) == NULL) 2147 if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
2090 fatal("key_new"); 2148 fatal("key_new");
2091 if (key_read(key, &cp) != 1) 2149 if ((r = sshkey_read(key, &cp)) != 0)
2092 fatal("%s:%lu: invalid key", path, lnum); 2150 fatal("%s:%lu: invalid key: %s",
2151 path, lnum, ssh_err(r));
2093 if (was_explicit_key) 2152 if (was_explicit_key)
2094 r = ssh_krl_revoke_key_explicit(krl, key); 2153 r = ssh_krl_revoke_key_explicit(krl, key);
2095 else if (was_sha1) 2154 else if (was_sha1)
@@ -2097,8 +2156,9 @@ update_krl_from_file(struct passwd *pw, const char *file, const Key *ca,
2097 else 2156 else
2098 r = ssh_krl_revoke_key(krl, key); 2157 r = ssh_krl_revoke_key(krl, key);
2099 if (r != 0) 2158 if (r != 0)
2100 fatal("%s: revoke key failed", __func__); 2159 fatal("%s: revoke key failed: %s",
2101 key_free(key); 2160 __func__, ssh_err(r));
2161 sshkey_free(key);
2102 } 2162 }
2103 } 2163 }
2104 if (strcmp(path, "-") != 0) 2164 if (strcmp(path, "-") != 0)
@@ -2111,10 +2171,10 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
2111{ 2171{
2112 struct ssh_krl *krl; 2172 struct ssh_krl *krl;
2113 struct stat sb; 2173 struct stat sb;
2114 Key *ca = NULL; 2174 struct sshkey *ca = NULL;
2115 int fd, i; 2175 int fd, i, r;
2116 char *tmp; 2176 char *tmp;
2117 Buffer kbuf; 2177 struct sshbuf *kbuf;
2118 2178
2119 if (*identity_file == '\0') 2179 if (*identity_file == '\0')
2120 fatal("KRL generation requires an output file"); 2180 fatal("KRL generation requires an output file");
@@ -2127,8 +2187,9 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
2127 } 2187 }
2128 if (ca_key_path != NULL) { 2188 if (ca_key_path != NULL) {
2129 tmp = tilde_expand_filename(ca_key_path, pw->pw_uid); 2189 tmp = tilde_expand_filename(ca_key_path, pw->pw_uid);
2130 if ((ca = key_load_public(tmp, NULL)) == NULL) 2190 if ((r = sshkey_load_public(tmp, &ca, NULL)) != 0)
2131 fatal("Cannot load CA public key %s", tmp); 2191 fatal("Cannot load CA public key %s: %s",
2192 tmp, ssh_err(r));
2132 free(tmp); 2193 free(tmp);
2133 } 2194 }
2134 2195
@@ -2145,19 +2206,20 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
2145 for (i = 0; i < argc; i++) 2206 for (i = 0; i < argc; i++)
2146 update_krl_from_file(pw, argv[i], ca, krl); 2207 update_krl_from_file(pw, argv[i], ca, krl);
2147 2208
2148 buffer_init(&kbuf); 2209 if ((kbuf = sshbuf_new()) == NULL)
2149 if (ssh_krl_to_blob(krl, &kbuf, NULL, 0) != 0) 2210 fatal("sshbuf_new failed");
2211 if (ssh_krl_to_blob(krl, kbuf, NULL, 0) != 0)
2150 fatal("Couldn't generate KRL"); 2212 fatal("Couldn't generate KRL");
2151 if ((fd = open(identity_file, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1) 2213 if ((fd = open(identity_file, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1)
2152 fatal("open %s: %s", identity_file, strerror(errno)); 2214 fatal("open %s: %s", identity_file, strerror(errno));
2153 if (atomicio(vwrite, fd, buffer_ptr(&kbuf), buffer_len(&kbuf)) != 2215 if (atomicio(vwrite, fd, (void *)sshbuf_ptr(kbuf), sshbuf_len(kbuf)) !=
2154 buffer_len(&kbuf)) 2216 sshbuf_len(kbuf))
2155 fatal("write %s: %s", identity_file, strerror(errno)); 2217 fatal("write %s: %s", identity_file, strerror(errno));
2156 close(fd); 2218 close(fd);
2157 buffer_free(&kbuf); 2219 sshbuf_free(kbuf);
2158 ssh_krl_free(krl); 2220 ssh_krl_free(krl);
2159 if (ca != NULL) 2221 if (ca != NULL)
2160 key_free(ca); 2222 sshkey_free(ca);
2161} 2223}
2162 2224
2163static void 2225static void
@@ -2166,21 +2228,22 @@ do_check_krl(struct passwd *pw, int argc, char **argv)
2166 int i, r, ret = 0; 2228 int i, r, ret = 0;
2167 char *comment; 2229 char *comment;
2168 struct ssh_krl *krl; 2230 struct ssh_krl *krl;
2169 Key *k; 2231 struct sshkey *k;
2170 2232
2171 if (*identity_file == '\0') 2233 if (*identity_file == '\0')
2172 fatal("KRL checking requires an input file"); 2234 fatal("KRL checking requires an input file");
2173 load_krl(identity_file, &krl); 2235 load_krl(identity_file, &krl);
2174 for (i = 0; i < argc; i++) { 2236 for (i = 0; i < argc; i++) {
2175 if ((k = key_load_public(argv[i], &comment)) == NULL) 2237 if ((r = sshkey_load_public(argv[i], &k, &comment)) != 0)
2176 fatal("Cannot load public key %s", argv[i]); 2238 fatal("Cannot load public key %s: %s",
2239 argv[i], ssh_err(r));
2177 r = ssh_krl_check_key(krl, k); 2240 r = ssh_krl_check_key(krl, k);
2178 printf("%s%s%s%s: %s\n", argv[i], 2241 printf("%s%s%s%s: %s\n", argv[i],
2179 *comment ? " (" : "", comment, *comment ? ")" : "", 2242 *comment ? " (" : "", comment, *comment ? ")" : "",
2180 r == 0 ? "ok" : "REVOKED"); 2243 r == 0 ? "ok" : "REVOKED");
2181 if (r != 0) 2244 if (r != 0)
2182 ret = 1; 2245 ret = 1;
2183 key_free(k); 2246 sshkey_free(k);
2184 free(comment); 2247 free(comment);
2185 } 2248 }
2186 ssh_krl_free(krl); 2249 ssh_krl_free(krl);
@@ -2230,11 +2293,11 @@ main(int argc, char **argv)
2230{ 2293{
2231 char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; 2294 char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2;
2232 char *checkpoint = NULL; 2295 char *checkpoint = NULL;
2233 char out_file[MAXPATHLEN], *ep, *rr_hostname = NULL; 2296 char out_file[MAXPATHLEN], *rr_hostname = NULL, *ep;
2234 Key *private, *public; 2297 struct sshkey *private, *public;
2235 struct passwd *pw; 2298 struct passwd *pw;
2236 struct stat st; 2299 struct stat st;
2237 int opt, type, fd; 2300 int r, opt, type, fd;
2238 u_int32_t memory = 0, generator_wanted = 0; 2301 u_int32_t memory = 0, generator_wanted = 0;
2239 int do_gen_candidates = 0, do_screen_candidates = 0; 2302 int do_gen_candidates = 0, do_screen_candidates = 0;
2240 int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0; 2303 int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0;
@@ -2607,17 +2670,20 @@ main(int argc, char **argv)
2607 if (key_type_name == NULL) 2670 if (key_type_name == NULL)
2608 key_type_name = "rsa"; 2671 key_type_name = "rsa";
2609 2672
2610 type = key_type_from_name(key_type_name); 2673 type = sshkey_type_from_name(key_type_name);
2611 type_bits_valid(type, &bits); 2674 type_bits_valid(type, &bits);
2612 2675
2613 if (!quiet) 2676 if (!quiet)
2614 printf("Generating public/private %s key pair.\n", key_type_name); 2677 printf("Generating public/private %s key pair.\n",
2615 private = key_generate(type, bits); 2678 key_type_name);
2616 if (private == NULL) { 2679 if ((r = sshkey_generate(type, bits, &private)) != 0) {
2617 fprintf(stderr, "key_generate failed\n"); 2680 fprintf(stderr, "key_generate failed\n");
2618 exit(1); 2681 exit(1);
2619 } 2682 }
2620 public = key_from_private(private); 2683 if ((r = sshkey_from_private(private, &public)) != 0) {
2684 fprintf(stderr, "key_from_private failed: %s\n", ssh_err(r));
2685 exit(1);
2686 }
2621 2687
2622 if (!have_identity) 2688 if (!have_identity)
2623 ask_filename(pw, "Enter file in which to save the key"); 2689 ask_filename(pw, "Enter file in which to save the key");
@@ -2685,9 +2751,10 @@ passphrase_again:
2685 } 2751 }
2686 2752
2687 /* Save the key with the given passphrase and comment. */ 2753 /* Save the key with the given passphrase and comment. */
2688 if (!key_save_private(private, identity_file, passphrase1, comment, 2754 if ((r = sshkey_save_private(private, identity_file, passphrase1,
2689 use_new_format, new_format_cipher, rounds)) { 2755 comment, use_new_format, new_format_cipher, rounds)) != 0) {
2690 printf("Saving the key failed: %s.\n", identity_file); 2756 printf("Saving key \"%s\" failed: %s\n",
2757 identity_file, ssh_err(r));
2691 explicit_bzero(passphrase1, strlen(passphrase1)); 2758 explicit_bzero(passphrase1, strlen(passphrase1));
2692 free(passphrase1); 2759 free(passphrase1);
2693 exit(1); 2760 exit(1);
@@ -2697,7 +2764,7 @@ passphrase_again:
2697 free(passphrase1); 2764 free(passphrase1);
2698 2765
2699 /* Clear the private key and the random number generator. */ 2766 /* Clear the private key and the random number generator. */
2700 key_free(private); 2767 sshkey_free(private);
2701 2768
2702 if (!quiet) 2769 if (!quiet)
2703 printf("Your identification has been saved in %s.\n", identity_file); 2770 printf("Your identification has been saved in %s.\n", identity_file);
@@ -2713,15 +2780,15 @@ passphrase_again:
2713 printf("fdopen %s failed\n", identity_file); 2780 printf("fdopen %s failed\n", identity_file);
2714 exit(1); 2781 exit(1);
2715 } 2782 }
2716 if (!key_write(public, f)) 2783 if ((r = sshkey_write(public, f)) != 0)
2717 fprintf(stderr, "write key failed\n"); 2784 fprintf(stderr, "write key failed: %s\n", ssh_err(r));
2718 fprintf(f, " %s\n", comment); 2785 fprintf(f, " %s\n", comment);
2719 fclose(f); 2786 fclose(f);
2720 2787
2721 if (!quiet) { 2788 if (!quiet) {
2722 char *fp = key_fingerprint(public, fingerprint_hash, 2789 char *fp = sshkey_fingerprint(public, fingerprint_hash,
2723 SSH_FP_DEFAULT); 2790 SSH_FP_DEFAULT);
2724 char *ra = key_fingerprint(public, fingerprint_hash, 2791 char *ra = sshkey_fingerprint(public, fingerprint_hash,
2725 SSH_FP_RANDOMART); 2792 SSH_FP_RANDOMART);
2726 printf("Your public key has been saved in %s.\n", 2793 printf("Your public key has been saved in %s.\n",
2727 identity_file); 2794 identity_file);
@@ -2733,6 +2800,6 @@ passphrase_again:
2733 free(fp); 2800 free(fp);
2734 } 2801 }
2735 2802
2736 key_free(public); 2803 sshkey_free(public);
2737 exit(0); 2804 exit(0);
2738} 2805}
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 821939997..8af13fa89 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keysign.c,v 1.45 2015/01/08 10:14:08 djm Exp $ */ 1/* $OpenBSD: ssh-keysign.c,v 1.46 2015/01/15 09:40:00 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -43,11 +43,11 @@
43 43
44#include "xmalloc.h" 44#include "xmalloc.h"
45#include "log.h" 45#include "log.h"
46#include "key.h" 46#include "sshkey.h"
47#include "ssh.h" 47#include "ssh.h"
48#include "ssh2.h" 48#include "ssh2.h"
49#include "misc.h" 49#include "misc.h"
50#include "buffer.h" 50#include "sshbuf.h"
51#include "authfile.h" 51#include "authfile.h"
52#include "msg.h" 52#include "msg.h"
53#include "canohost.h" 53#include "canohost.h"
@@ -63,64 +63,73 @@ uid_t original_real_uid;
63extern char *__progname; 63extern char *__progname;
64 64
65static int 65static int
66valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, 66valid_request(struct passwd *pw, char *host, struct sshkey **ret,
67 u_int datalen) 67 u_char *data, size_t datalen)
68{ 68{
69 Buffer b; 69 struct sshbuf *b;
70 Key *key = NULL; 70 struct sshkey *key = NULL;
71 u_char *pkblob; 71 u_char type, *pkblob;
72 u_int blen, len; 72 char *p;
73 char *pkalg, *p; 73 size_t blen, len;
74 int pktype, fail; 74 char *pkalg, *luser;
75 int r, pktype, fail;
75 76
76 if (ret != NULL) 77 if (ret != NULL)
77 *ret = NULL; 78 *ret = NULL;
78 fail = 0; 79 fail = 0;
79 80
80 buffer_init(&b); 81 if ((b = sshbuf_from(data, datalen)) == NULL)
81 buffer_append(&b, data, datalen); 82 fatal("%s: sshbuf_from failed", __func__);
82 83
83 /* session id, currently limited to SHA1 (20 bytes) or SHA256 (32) */ 84 /* session id, currently limited to SHA1 (20 bytes) or SHA256 (32) */
84 p = buffer_get_string(&b, &len); 85 if ((r = sshbuf_get_string(b, NULL, &len)) != 0)
86 fatal("%s: buffer error: %s", __func__, ssh_err(r));
85 if (len != 20 && len != 32) 87 if (len != 20 && len != 32)
86 fail++; 88 fail++;
87 free(p);
88 89
89 if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) 90 if ((r = sshbuf_get_u8(b, &type)) != 0)
91 fatal("%s: buffer error: %s", __func__, ssh_err(r));
92 if (type != SSH2_MSG_USERAUTH_REQUEST)
90 fail++; 93 fail++;
91 94
92 /* server user */ 95 /* server user */
93 buffer_skip_string(&b); 96 if ((r = sshbuf_skip_string(b)) != 0)
97 fatal("%s: buffer error: %s", __func__, ssh_err(r));
94 98
95 /* service */ 99 /* service */
96 p = buffer_get_string(&b, NULL); 100 if ((r = sshbuf_get_cstring(b, &p, NULL)) != 0)
101 fatal("%s: buffer error: %s", __func__, ssh_err(r));
97 if (strcmp("ssh-connection", p) != 0) 102 if (strcmp("ssh-connection", p) != 0)
98 fail++; 103 fail++;
99 free(p); 104 free(p);
100 105
101 /* method */ 106 /* method */
102 p = buffer_get_string(&b, NULL); 107 if ((r = sshbuf_get_cstring(b, &p, NULL)) != 0)
108 fatal("%s: buffer error: %s", __func__, ssh_err(r));
103 if (strcmp("hostbased", p) != 0) 109 if (strcmp("hostbased", p) != 0)
104 fail++; 110 fail++;
105 free(p); 111 free(p);
106 112
107 /* pubkey */ 113 /* pubkey */
108 pkalg = buffer_get_string(&b, NULL); 114 if ((r = sshbuf_get_cstring(b, &pkalg, NULL)) != 0 ||
109 pkblob = buffer_get_string(&b, &blen); 115 (r = sshbuf_get_string(b, &pkblob, &blen)) != 0)
116 fatal("%s: buffer error: %s", __func__, ssh_err(r));
110 117
111 pktype = key_type_from_name(pkalg); 118 pktype = sshkey_type_from_name(pkalg);
112 if (pktype == KEY_UNSPEC) 119 if (pktype == KEY_UNSPEC)
113 fail++; 120 fail++;
114 else if ((key = key_from_blob(pkblob, blen)) == NULL) 121 else if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) {
122 error("%s: bad key blob: %s", __func__, ssh_err(r));
115 fail++; 123 fail++;
116 else if (key->type != pktype) 124 } else if (key->type != pktype)
117 fail++; 125 fail++;
118 free(pkalg); 126 free(pkalg);
119 free(pkblob); 127 free(pkblob);
120 128
121 /* client host name, handle trailing dot */ 129 /* client host name, handle trailing dot */
122 p = buffer_get_string(&b, &len); 130 if ((r = sshbuf_get_cstring(b, &p, &len)) != 0)
123 debug2("valid_request: check expect chost %s got %s", host, p); 131 fatal("%s: buffer error: %s", __func__, ssh_err(r));
132 debug2("%s: check expect chost %s got %s", __func__, host, p);
124 if (strlen(host) != len - 1) 133 if (strlen(host) != len - 1)
125 fail++; 134 fail++;
126 else if (p[len - 1] != '.') 135 else if (p[len - 1] != '.')
@@ -130,21 +139,22 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
130 free(p); 139 free(p);
131 140
132 /* local user */ 141 /* local user */
133 p = buffer_get_string(&b, NULL); 142 if ((r = sshbuf_get_cstring(b, &luser, NULL)) != 0)
143 fatal("%s: buffer error: %s", __func__, ssh_err(r));
134 144
135 if (strcmp(pw->pw_name, p) != 0) 145 if (strcmp(pw->pw_name, luser) != 0)
136 fail++; 146 fail++;
137 free(p); 147 free(luser);
138 148
139 /* end of message */ 149 /* end of message */
140 if (buffer_len(&b) != 0) 150 if (sshbuf_len(b) != 0)
141 fail++; 151 fail++;
142 buffer_free(&b); 152 sshbuf_free(b);
143 153
144 debug3("valid_request: fail %d", fail); 154 debug3("%s: fail %d", __func__, fail);
145 155
146 if (fail && key != NULL) 156 if (fail && key != NULL)
147 key_free(key); 157 sshkey_free(key);
148 else 158 else
149 *ret = key; 159 *ret = key;
150 160
@@ -154,15 +164,15 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
154int 164int
155main(int argc, char **argv) 165main(int argc, char **argv)
156{ 166{
157 Buffer b; 167 struct sshbuf *b;
158 Options options; 168 Options options;
159#define NUM_KEYTYPES 4 169#define NUM_KEYTYPES 4
160 Key *keys[NUM_KEYTYPES], *key = NULL; 170 struct sshkey *keys[NUM_KEYTYPES], *key = NULL;
161 struct passwd *pw; 171 struct passwd *pw;
162 int r, key_fd[NUM_KEYTYPES], i, found, version = 2, fd; 172 int r, key_fd[NUM_KEYTYPES], i, found, version = 2, fd;
163 u_char *signature, *data; 173 u_char *signature, *data, rver;
164 char *host, *fp; 174 char *host, *fp;
165 u_int slen, dlen; 175 size_t slen, dlen;
166#ifdef WITH_OPENSSL 176#ifdef WITH_OPENSSL
167 u_int32_t rnd[256]; 177 u_int32_t rnd[256];
168#endif 178#endif
@@ -232,18 +242,23 @@ main(int argc, char **argv)
232 if (!found) 242 if (!found)
233 fatal("no hostkey found"); 243 fatal("no hostkey found");
234 244
235 buffer_init(&b); 245 if ((b = sshbuf_new()) == NULL)
236 if (ssh_msg_recv(STDIN_FILENO, &b) < 0) 246 fatal("%s: sshbuf_new failed", __func__);
247 if (ssh_msg_recv(STDIN_FILENO, b) < 0)
237 fatal("ssh_msg_recv failed"); 248 fatal("ssh_msg_recv failed");
238 if (buffer_get_char(&b) != version) 249 if ((r = sshbuf_get_u8(b, &rver)) != 0)
239 fatal("bad version"); 250 fatal("%s: buffer error: %s", __func__, ssh_err(r));
240 fd = buffer_get_int(&b); 251 if (rver != version)
241 if ((fd == STDIN_FILENO) || (fd == STDOUT_FILENO)) 252 fatal("bad version: received %d, expected %d", rver, version);
253 if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0)
254 fatal("%s: buffer error: %s", __func__, ssh_err(r));
255 if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO)
242 fatal("bad fd"); 256 fatal("bad fd");
243 if ((host = get_local_name(fd)) == NULL) 257 if ((host = get_local_name(fd)) == NULL)
244 fatal("cannot get local name for fd"); 258 fatal("cannot get local name for fd");
245 259
246 data = buffer_get_string(&b, &dlen); 260 if ((r = sshbuf_get_string(b, &data, &dlen)) != 0)
261 fatal("%s: buffer error: %s", __func__, ssh_err(r));
247 if (valid_request(pw, host, &key, data, dlen) < 0) 262 if (valid_request(pw, host, &key, data, dlen) < 0)
248 fatal("not a valid request"); 263 fatal("not a valid request");
249 free(host); 264 free(host);
@@ -251,26 +266,27 @@ main(int argc, char **argv)
251 found = 0; 266 found = 0;
252 for (i = 0; i < NUM_KEYTYPES; i++) { 267 for (i = 0; i < NUM_KEYTYPES; i++) {
253 if (keys[i] != NULL && 268 if (keys[i] != NULL &&
254 key_equal_public(key, keys[i])) { 269 sshkey_equal_public(key, keys[i])) {
255 found = 1; 270 found = 1;
256 break; 271 break;
257 } 272 }
258 } 273 }
259 if (!found) { 274 if (!found) {
260 fp = key_fingerprint(key, options.fingerprint_hash, 275 fp = sshkey_fingerprint(key, options.fingerprint_hash,
261 SSH_FP_DEFAULT); 276 SSH_FP_DEFAULT);
262 fatal("no matching hostkey found for key %s %s", 277 fatal("no matching hostkey found for key %s %s",
263 key_type(key), fp); 278 sshkey_type(key), fp ? fp : "");
264 } 279 }
265 280
266 if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) 281 if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, 0)) != 0)
267 fatal("key_sign failed"); 282 fatal("sshkey_sign failed: %s", ssh_err(r));
268 free(data); 283 free(data);
269 284
270 /* send reply */ 285 /* send reply */
271 buffer_clear(&b); 286 sshbuf_reset(b);
272 buffer_put_string(&b, signature, slen); 287 if ((r = sshbuf_put_string(b, signature, slen)) != 0)
273 if (ssh_msg_send(STDOUT_FILENO, version, &b) == -1) 288 fatal("%s: buffer error: %s", __func__, ssh_err(r));
289 if (ssh_msg_send(STDOUT_FILENO, version, b) == -1)
274 fatal("ssh_msg_send failed"); 290 fatal("ssh_msg_send failed");
275 291
276 return (0); 292 return (0);
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index c96be3bd2..e91df8bb1 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-pkcs11.c,v 1.14 2014/06/24 01:13:21 djm Exp $ */ 1/* $OpenBSD: ssh-pkcs11.c,v 1.15 2015/01/15 09:40:00 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2010 Markus Friedl. All rights reserved. 3 * Copyright (c) 2010 Markus Friedl. All rights reserved.
4 * 4 *
@@ -38,7 +38,7 @@
38 38
39#include "log.h" 39#include "log.h"
40#include "misc.h" 40#include "misc.h"
41#include "key.h" 41#include "sshkey.h"
42#include "ssh-pkcs11.h" 42#include "ssh-pkcs11.h"
43#include "xmalloc.h" 43#include "xmalloc.h"
44 44
@@ -385,12 +385,12 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin)
385 * keysp points to an (possibly empty) array with *nkeys keys. 385 * keysp points to an (possibly empty) array with *nkeys keys.
386 */ 386 */
387static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, 387static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG,
388 CK_ATTRIBUTE [], CK_ATTRIBUTE [3], Key ***, int *) 388 CK_ATTRIBUTE [], CK_ATTRIBUTE [3], struct sshkey ***, int *)
389 __attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE)))); 389 __attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE))));
390 390
391static int 391static int
392pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, 392pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx,
393 Key ***keysp, int *nkeys) 393 struct sshkey ***keysp, int *nkeys)
394{ 394{
395 CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY; 395 CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY;
396 CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE; 396 CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE;
@@ -422,12 +422,12 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx,
422} 422}
423 423
424static int 424static int
425pkcs11_key_included(Key ***keysp, int *nkeys, Key *key) 425pkcs11_key_included(struct sshkey ***keysp, int *nkeys, struct sshkey *key)
426{ 426{
427 int i; 427 int i;
428 428
429 for (i = 0; i < *nkeys; i++) 429 for (i = 0; i < *nkeys; i++)
430 if (key_equal(key, (*keysp)[i])) 430 if (sshkey_equal(key, (*keysp)[i]))
431 return (1); 431 return (1);
432 return (0); 432 return (0);
433} 433}
@@ -435,9 +435,9 @@ pkcs11_key_included(Key ***keysp, int *nkeys, Key *key)
435static int 435static int
436pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx, 436pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx,
437 CK_ATTRIBUTE filter[], CK_ATTRIBUTE attribs[3], 437 CK_ATTRIBUTE filter[], CK_ATTRIBUTE attribs[3],
438 Key ***keysp, int *nkeys) 438 struct sshkey ***keysp, int *nkeys)
439{ 439{
440 Key *key; 440 struct sshkey *key;
441 RSA *rsa; 441 RSA *rsa;
442 X509 *x509; 442 X509 *x509;
443 EVP_PKEY *evp; 443 EVP_PKEY *evp;
@@ -517,16 +517,16 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx,
517 } 517 }
518 if (rsa && rsa->n && rsa->e && 518 if (rsa && rsa->n && rsa->e &&
519 pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) { 519 pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) {
520 key = key_new(KEY_UNSPEC); 520 key = sshkey_new(KEY_UNSPEC);
521 key->rsa = rsa; 521 key->rsa = rsa;
522 key->type = KEY_RSA; 522 key->type = KEY_RSA;
523 key->flags |= SSHKEY_FLAG_EXT; 523 key->flags |= SSHKEY_FLAG_EXT;
524 if (pkcs11_key_included(keysp, nkeys, key)) { 524 if (pkcs11_key_included(keysp, nkeys, key)) {
525 key_free(key); 525 sshkey_free(key);
526 } else { 526 } else {
527 /* expand key array and add key */ 527 /* expand key array and add key */
528 *keysp = xrealloc(*keysp, *nkeys + 1, 528 *keysp = xrealloc(*keysp, *nkeys + 1,
529 sizeof(Key *)); 529 sizeof(struct sshkey *));
530 (*keysp)[*nkeys] = key; 530 (*keysp)[*nkeys] = key;
531 *nkeys = *nkeys + 1; 531 *nkeys = *nkeys + 1;
532 debug("have %d keys", *nkeys); 532 debug("have %d keys", *nkeys);
@@ -544,7 +544,7 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx,
544 544
545/* register a new provider, fails if provider already exists */ 545/* register a new provider, fails if provider already exists */
546int 546int
547pkcs11_add_provider(char *provider_id, char *pin, Key ***keyp) 547pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp)
548{ 548{
549 int nkeys, need_finalize = 0; 549 int nkeys, need_finalize = 0;
550 struct pkcs11_provider *p = NULL; 550 struct pkcs11_provider *p = NULL;
diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h
index 4d2efda13..0ced74f29 100644
--- a/ssh-pkcs11.h
+++ b/ssh-pkcs11.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-pkcs11.h,v 1.3 2014/04/29 18:01:49 markus Exp $ */ 1/* $OpenBSD: ssh-pkcs11.h,v 1.4 2015/01/15 09:40:00 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2010 Markus Friedl. All rights reserved. 3 * Copyright (c) 2010 Markus Friedl. All rights reserved.
4 * 4 *
@@ -16,7 +16,7 @@
16 */ 16 */
17int pkcs11_init(int); 17int pkcs11_init(int);
18void pkcs11_terminate(void); 18void pkcs11_terminate(void);
19int pkcs11_add_provider(char *, char *, Key ***); 19int pkcs11_add_provider(char *, char *, struct sshkey ***);
20int pkcs11_del_provider(char *); 20int pkcs11_del_provider(char *);
21 21
22#if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11) 22#if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11)
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-21 05:11:56 +0000