summaryrefslogtreecommitdiff
path: root/sshkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshkey.c')
-rw-r--r--sshkey.c63
1 files changed, 7 insertions, 56 deletions
diff --git a/sshkey.c b/sshkey.c
index 1741d9b19..0f6468197 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.47 2017/04/30 23:15:04 djm Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.48 2017/04/30 23:18:44 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -235,10 +235,6 @@ sshkey_names_valid2(const char *names, int allow_wildcard)
235 for ((p = strsep(&cp, ",")); p && *p != '\0'; 235 for ((p = strsep(&cp, ",")); p && *p != '\0';
236 (p = strsep(&cp, ","))) { 236 (p = strsep(&cp, ","))) {
237 type = sshkey_type_from_name(p); 237 type = sshkey_type_from_name(p);
238 if (type == KEY_RSA1) {
239 free(s);
240 return 0;
241 }
242 if (type == KEY_UNSPEC) { 238 if (type == KEY_UNSPEC) {
243 if (allow_wildcard) { 239 if (allow_wildcard) {
244 /* 240 /*
@@ -247,8 +243,6 @@ sshkey_names_valid2(const char *names, int allow_wildcard)
247 * the component is accepted. 243 * the component is accepted.
248 */ 244 */
249 for (kt = keytypes; kt->type != -1; kt++) { 245 for (kt = keytypes; kt->type != -1; kt++) {
250 if (kt->type == KEY_RSA1)
251 continue;
252 if (match_pattern_list(kt->name, 246 if (match_pattern_list(kt->name,
253 p, 0) != 0) 247 p, 0) != 0)
254 break; 248 break;
@@ -269,7 +263,6 @@ sshkey_size(const struct sshkey *k)
269{ 263{
270 switch (k->type) { 264 switch (k->type) {
271#ifdef WITH_OPENSSL 265#ifdef WITH_OPENSSL
272 case KEY_RSA1:
273 case KEY_RSA: 266 case KEY_RSA:
274 case KEY_RSA_CERT: 267 case KEY_RSA_CERT:
275 return BN_num_bits(k->rsa->n); 268 return BN_num_bits(k->rsa->n);
@@ -472,7 +465,6 @@ sshkey_new(int type)
472 k->ed25519_pk = NULL; 465 k->ed25519_pk = NULL;
473 switch (k->type) { 466 switch (k->type) {
474#ifdef WITH_OPENSSL 467#ifdef WITH_OPENSSL
475 case KEY_RSA1:
476 case KEY_RSA: 468 case KEY_RSA:
477 case KEY_RSA_CERT: 469 case KEY_RSA_CERT:
478 if ((rsa = RSA_new()) == NULL || 470 if ((rsa = RSA_new()) == NULL ||
@@ -530,7 +522,6 @@ sshkey_add_private(struct sshkey *k)
530{ 522{
531 switch (k->type) { 523 switch (k->type) {
532#ifdef WITH_OPENSSL 524#ifdef WITH_OPENSSL
533 case KEY_RSA1:
534 case KEY_RSA: 525 case KEY_RSA:
535 case KEY_RSA_CERT: 526 case KEY_RSA_CERT:
536#define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL) 527#define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL)
@@ -586,7 +577,6 @@ sshkey_free(struct sshkey *k)
586 return; 577 return;
587 switch (k->type) { 578 switch (k->type) {
588#ifdef WITH_OPENSSL 579#ifdef WITH_OPENSSL
589 case KEY_RSA1:
590 case KEY_RSA: 580 case KEY_RSA:
591 case KEY_RSA_CERT: 581 case KEY_RSA_CERT:
592 if (k->rsa != NULL) 582 if (k->rsa != NULL)
@@ -664,7 +654,6 @@ sshkey_equal_public(const struct sshkey *a, const struct sshkey *b)
664 654
665 switch (a->type) { 655 switch (a->type) {
666#ifdef WITH_OPENSSL 656#ifdef WITH_OPENSSL
667 case KEY_RSA1:
668 case KEY_RSA_CERT: 657 case KEY_RSA_CERT:
669 case KEY_RSA: 658 case KEY_RSA:
670 return a->rsa != NULL && b->rsa != NULL && 659 return a->rsa != NULL && b->rsa != NULL &&
@@ -881,25 +870,7 @@ sshkey_fingerprint_raw(const struct sshkey *k, int dgst_alg,
881 r = SSH_ERR_INVALID_ARGUMENT; 870 r = SSH_ERR_INVALID_ARGUMENT;
882 goto out; 871 goto out;
883 } 872 }
884 873 if ((r = to_blob(k, &blob, &blob_len, 1)) != 0)
885 if (k->type == KEY_RSA1) {
886#ifdef WITH_OPENSSL
887 int nlen = BN_num_bytes(k->rsa->n);
888 int elen = BN_num_bytes(k->rsa->e);
889
890 if (nlen < 0 || elen < 0 || nlen >= INT_MAX - elen) {
891 r = SSH_ERR_INVALID_FORMAT;
892 goto out;
893 }
894 blob_len = nlen + elen;
895 if ((blob = malloc(blob_len)) == NULL) {
896 r = SSH_ERR_ALLOC_FAIL;
897 goto out;
898 }
899 BN_bn2bin(k->rsa->n, blob);
900 BN_bn2bin(k->rsa->e, blob + nlen);
901#endif /* WITH_OPENSSL */
902 } else if ((r = to_blob(k, &blob, &blob_len, 1)) != 0)
903 goto out; 874 goto out;
904 if ((ret = calloc(1, SSH_DIGEST_MAX_LENGTH)) == NULL) { 875 if ((ret = calloc(1, SSH_DIGEST_MAX_LENGTH)) == NULL) {
905 r = SSH_ERR_ALLOC_FAIL; 876 r = SSH_ERR_ALLOC_FAIL;
@@ -1208,8 +1179,6 @@ sshkey_read(struct sshkey *ret, char **cpp)
1208 cp = *cpp; 1179 cp = *cpp;
1209 1180
1210 switch (ret->type) { 1181 switch (ret->type) {
1211 case KEY_RSA1:
1212 break;
1213 case KEY_UNSPEC: 1182 case KEY_UNSPEC:
1214 case KEY_RSA: 1183 case KEY_RSA:
1215 case KEY_DSA: 1184 case KEY_DSA:
@@ -1363,30 +1332,16 @@ sshkey_to_base64(const struct sshkey *key, char **b64p)
1363} 1332}
1364 1333
1365static int 1334static int
1366sshkey_format_rsa1(const struct sshkey *key, struct sshbuf *b)
1367{
1368 int r = SSH_ERR_INTERNAL_ERROR;
1369
1370 return r;
1371}
1372
1373static int
1374sshkey_format_text(const struct sshkey *key, struct sshbuf *b) 1335sshkey_format_text(const struct sshkey *key, struct sshbuf *b)
1375{ 1336{
1376 int r = SSH_ERR_INTERNAL_ERROR; 1337 int r = SSH_ERR_INTERNAL_ERROR;
1377 char *uu = NULL; 1338 char *uu = NULL;
1378 1339
1379 if (key->type == KEY_RSA1) { 1340 if ((r = sshkey_to_base64(key, &uu)) != 0)
1380 if ((r = sshkey_format_rsa1(key, b)) != 0) 1341 goto out;
1381 goto out; 1342 if ((r = sshbuf_putf(b, "%s %s",
1382 } else { 1343 sshkey_ssh_name(key), uu)) != 0)
1383 /* Unsupported key types handled in sshkey_to_base64() */ 1344 goto out;
1384 if ((r = sshkey_to_base64(key, &uu)) != 0)
1385 goto out;
1386 if ((r = sshbuf_putf(b, "%s %s",
1387 sshkey_ssh_name(key), uu)) != 0)
1388 goto out;
1389 }
1390 r = 0; 1345 r = 0;
1391 out: 1346 out:
1392 free(uu); 1347 free(uu);
@@ -1602,7 +1557,6 @@ sshkey_generate(int type, u_int bits, struct sshkey **keyp)
1602 break; 1557 break;
1603# endif /* OPENSSL_HAS_ECC */ 1558# endif /* OPENSSL_HAS_ECC */
1604 case KEY_RSA: 1559 case KEY_RSA:
1605 case KEY_RSA1:
1606 ret = rsa_generate_private_key(bits, &k->rsa); 1560 ret = rsa_generate_private_key(bits, &k->rsa);
1607 break; 1561 break;
1608#endif /* WITH_OPENSSL */ 1562#endif /* WITH_OPENSSL */
@@ -1713,7 +1667,6 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp)
1713 break; 1667 break;
1714# endif /* OPENSSL_HAS_ECC */ 1668# endif /* OPENSSL_HAS_ECC */
1715 case KEY_RSA: 1669 case KEY_RSA:
1716 case KEY_RSA1:
1717 case KEY_RSA_CERT: 1670 case KEY_RSA_CERT:
1718 if ((n = sshkey_new(k->type)) == NULL) 1671 if ((n = sshkey_new(k->type)) == NULL)
1719 return SSH_ERR_ALLOC_FAIL; 1672 return SSH_ERR_ALLOC_FAIL;
@@ -2183,7 +2136,6 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp)
2183 if ((ret = sshkey_cert_copy(k, pk)) != 0) 2136 if ((ret = sshkey_cert_copy(k, pk)) != 0)
2184 goto fail; 2137 goto fail;
2185 /* FALLTHROUGH */ 2138 /* FALLTHROUGH */
2186 case KEY_RSA1:
2187 case KEY_RSA: 2139 case KEY_RSA:
2188 if ((pk->rsa = RSA_new()) == NULL || 2140 if ((pk->rsa = RSA_new()) == NULL ||
2189 (pk->rsa->e = BN_dup(k->rsa->e)) == NULL || 2141 (pk->rsa->e = BN_dup(k->rsa->e)) == NULL ||
@@ -2742,7 +2694,6 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2742 switch (k->type) { 2694 switch (k->type) {
2743 case KEY_RSA: 2695 case KEY_RSA:
2744 case KEY_RSA_CERT: 2696 case KEY_RSA_CERT:
2745 case KEY_RSA1:
2746 if (RSA_blinding_on(k->rsa, NULL) != 1) { 2697 if (RSA_blinding_on(k->rsa, NULL) != 1) {
2747 r = SSH_ERR_LIBCRYPTO_ERROR; 2698 r = SSH_ERR_LIBCRYPTO_ERROR;
2748 goto out; 2699 goto out;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 06:38:34 +0000