diff options
Diffstat (limited to 'authfd.c')
-rw-r--r-- | authfd.c | 63 |
1 files changed, 6 insertions, 57 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.c,v 1.88 2013/11/08 00:39:14 djm Exp $ */ | 1 | /* $OpenBSD: authfd.c,v 1.91 2013/12/29 04:29:25 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -42,8 +42,8 @@ | |||
42 | #include <sys/socket.h> | 42 | #include <sys/socket.h> |
43 | 43 | ||
44 | #include <openssl/evp.h> | 44 | #include <openssl/evp.h> |
45 | |||
46 | #include <openssl/crypto.h> | 45 | #include <openssl/crypto.h> |
46 | |||
47 | #include <fcntl.h> | 47 | #include <fcntl.h> |
48 | #include <stdlib.h> | 48 | #include <stdlib.h> |
49 | #include <signal.h> | 49 | #include <signal.h> |
@@ -474,58 +474,7 @@ ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) | |||
474 | static void | 474 | static void |
475 | ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) | 475 | ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) |
476 | { | 476 | { |
477 | buffer_put_cstring(b, key_ssh_name(key)); | 477 | key_private_serialize(key, b); |
478 | switch (key->type) { | ||
479 | case KEY_RSA: | ||
480 | buffer_put_bignum2(b, key->rsa->n); | ||
481 | buffer_put_bignum2(b, key->rsa->e); | ||
482 | buffer_put_bignum2(b, key->rsa->d); | ||
483 | buffer_put_bignum2(b, key->rsa->iqmp); | ||
484 | buffer_put_bignum2(b, key->rsa->p); | ||
485 | buffer_put_bignum2(b, key->rsa->q); | ||
486 | break; | ||
487 | case KEY_RSA_CERT_V00: | ||
488 | case KEY_RSA_CERT: | ||
489 | if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0) | ||
490 | fatal("%s: no cert/certblob", __func__); | ||
491 | buffer_put_string(b, buffer_ptr(&key->cert->certblob), | ||
492 | buffer_len(&key->cert->certblob)); | ||
493 | buffer_put_bignum2(b, key->rsa->d); | ||
494 | buffer_put_bignum2(b, key->rsa->iqmp); | ||
495 | buffer_put_bignum2(b, key->rsa->p); | ||
496 | buffer_put_bignum2(b, key->rsa->q); | ||
497 | break; | ||
498 | case KEY_DSA: | ||
499 | buffer_put_bignum2(b, key->dsa->p); | ||
500 | buffer_put_bignum2(b, key->dsa->q); | ||
501 | buffer_put_bignum2(b, key->dsa->g); | ||
502 | buffer_put_bignum2(b, key->dsa->pub_key); | ||
503 | buffer_put_bignum2(b, key->dsa->priv_key); | ||
504 | break; | ||
505 | case KEY_DSA_CERT_V00: | ||
506 | case KEY_DSA_CERT: | ||
507 | if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0) | ||
508 | fatal("%s: no cert/certblob", __func__); | ||
509 | buffer_put_string(b, buffer_ptr(&key->cert->certblob), | ||
510 | buffer_len(&key->cert->certblob)); | ||
511 | buffer_put_bignum2(b, key->dsa->priv_key); | ||
512 | break; | ||
513 | #ifdef OPENSSL_HAS_ECC | ||
514 | case KEY_ECDSA: | ||
515 | buffer_put_cstring(b, key_curve_nid_to_name(key->ecdsa_nid)); | ||
516 | buffer_put_ecpoint(b, EC_KEY_get0_group(key->ecdsa), | ||
517 | EC_KEY_get0_public_key(key->ecdsa)); | ||
518 | buffer_put_bignum2(b, EC_KEY_get0_private_key(key->ecdsa)); | ||
519 | break; | ||
520 | case KEY_ECDSA_CERT: | ||
521 | if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0) | ||
522 | fatal("%s: no cert/certblob", __func__); | ||
523 | buffer_put_string(b, buffer_ptr(&key->cert->certblob), | ||
524 | buffer_len(&key->cert->certblob)); | ||
525 | buffer_put_bignum2(b, EC_KEY_get0_private_key(key->ecdsa)); | ||
526 | break; | ||
527 | #endif | ||
528 | } | ||
529 | buffer_put_cstring(b, comment); | 478 | buffer_put_cstring(b, comment); |
530 | } | 479 | } |
531 | 480 | ||
@@ -559,6 +508,8 @@ ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key, | |||
559 | case KEY_DSA_CERT_V00: | 508 | case KEY_DSA_CERT_V00: |
560 | case KEY_ECDSA: | 509 | case KEY_ECDSA: |
561 | case KEY_ECDSA_CERT: | 510 | case KEY_ECDSA_CERT: |
511 | case KEY_ED25519: | ||
512 | case KEY_ED25519_CERT: | ||
562 | type = constrained ? | 513 | type = constrained ? |
563 | SSH2_AGENTC_ADD_ID_CONSTRAINED : | 514 | SSH2_AGENTC_ADD_ID_CONSTRAINED : |
564 | SSH2_AGENTC_ADD_IDENTITY; | 515 | SSH2_AGENTC_ADD_IDENTITY; |
@@ -606,9 +557,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) | |||
606 | buffer_put_int(&msg, BN_num_bits(key->rsa->n)); | 557 | buffer_put_int(&msg, BN_num_bits(key->rsa->n)); |
607 | buffer_put_bignum(&msg, key->rsa->e); | 558 | buffer_put_bignum(&msg, key->rsa->e); |
608 | buffer_put_bignum(&msg, key->rsa->n); | 559 | buffer_put_bignum(&msg, key->rsa->n); |
609 | } else if (key_type_plain(key->type) == KEY_DSA || | 560 | } else if (key->type != KEY_UNSPEC) { |
610 | key_type_plain(key->type) == KEY_RSA || | ||
611 | key_type_plain(key->type) == KEY_ECDSA) { | ||
612 | key_to_blob(key, &blob, &blen); | 561 | key_to_blob(key, &blob, &blen); |
613 | buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY); | 562 | buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY); |
614 | buffer_put_string(&msg, blob, blen); | 563 | buffer_put_string(&msg, blob, blen); |