authfile.c (204917) | authfile.c (215116) |
---|---|
1/* $OpenBSD: authfile.c,v 1.80 2010/03/04 10:36:03 djm Exp $ */ | 1/* $OpenBSD: authfile.c,v 1.82 2010/08/04 05:49:22 djm Exp $ */ |
2/* 3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * This file contains functions for reading and writing identity files, and 7 * for reading the passphrase from the user. 8 * 9 * As far as I am concerned, the code I have written for this software --- 678 unchanged lines hidden (view full) --- 688 if ((strlcpy(file, filename, sizeof file) < sizeof(file)) && 689 (strlcat(file, ".pub", sizeof file) < sizeof(file)) && 690 (key_try_load_public(pub, file, commentp) == 1)) 691 return pub; 692 key_free(pub); 693 return NULL; 694} 695 | 2/* 3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * This file contains functions for reading and writing identity files, and 7 * for reading the passphrase from the user. 8 * 9 * As far as I am concerned, the code I have written for this software --- 678 unchanged lines hidden (view full) --- 688 if ((strlcpy(file, filename, sizeof file) < sizeof(file)) && 689 (strlcat(file, ".pub", sizeof file) < sizeof(file)) && 690 (key_try_load_public(pub, file, commentp) == 1)) 691 return pub; 692 key_free(pub); 693 return NULL; 694} 695 |
696/* Load the certificate associated with the named private key */ 697Key * 698key_load_cert(const char *filename) 699{ 700 Key *pub; 701 char *file; 702 703 pub = key_new(KEY_UNSPEC); 704 xasprintf(&file, "%s-cert.pub", filename); 705 if (key_try_load_public(pub, file, NULL) == 1) { 706 xfree(file); 707 return pub; 708 } 709 xfree(file); 710 key_free(pub); 711 return NULL; 712} 713 714/* Load private key and certificate */ 715Key * 716key_load_private_cert(int type, const char *filename, const char *passphrase, 717 int *perm_ok) 718{ 719 Key *key, *pub; 720 721 switch (type) { 722 case KEY_RSA: 723 case KEY_DSA: 724 break; 725 default: 726 error("%s: unsupported key type", __func__); 727 return NULL; 728 } 729 730 if ((key = key_load_private_type(type, filename, 731 passphrase, NULL, perm_ok)) == NULL) 732 return NULL; 733 734 if ((pub = key_load_cert(filename)) == NULL) { 735 key_free(key); 736 return NULL; 737 } 738 739 /* Make sure the private key matches the certificate */ 740 if (key_equal_public(key, pub) == 0) { 741 error("%s: certificate does not match private key %s", 742 __func__, filename); 743 } else if (key_to_certified(key, key_cert_is_legacy(pub)) != 0) { 744 error("%s: key_to_certified failed", __func__); 745 } else { 746 key_cert_copy(pub, key); 747 key_free(pub); 748 return key; 749 } 750 751 key_free(key); 752 key_free(pub); 753 return NULL; 754} 755 |
|
696/* 697 * Returns 1 if the specified "key" is listed in the file "filename", 698 * 0 if the key is not listed or -1 on error. 699 * If strict_type is set then the key type must match exactly, 700 * otherwise a comparison that ignores certficiate data is performed. 701 */ 702int 703key_in_file(Key *key, const char *filename, int strict_type) --- 53 unchanged lines hidden --- | 756/* 757 * Returns 1 if the specified "key" is listed in the file "filename", 758 * 0 if the key is not listed or -1 on error. 759 * If strict_type is set then the key type must match exactly, 760 * otherwise a comparison that ignores certficiate data is performed. 761 */ 762int 763key_in_file(Key *key, const char *filename, int strict_type) --- 53 unchanged lines hidden --- |