key.c revision 106130
1230479Snetchild/* 2230479Snetchild * read_bignum(): 3230479Snetchild * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4230479Snetchild * 5230479Snetchild * As far as I am concerned, the code I have written for this software 6230479Snetchild * can be used freely for any purpose. Any derived versions of this 7230479Snetchild * software must be clearly marked as such, and if the derived work is 8230479Snetchild * incompatible with the protocol description in the RFC file, it must be 9230479Snetchild * called by a name other than "ssh" or "Secure Shell". 10230479Snetchild * 11230479Snetchild * 12230479Snetchild * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 13230479Snetchild * 14230479Snetchild * Redistribution and use in source and binary forms, with or without 15230479Snetchild * modification, are permitted provided that the following conditions 16230479Snetchild * are met: 17230479Snetchild * 1. Redistributions of source code must retain the above copyright 18230479Snetchild * notice, this list of conditions and the following disclaimer. 19230479Snetchild * 2. Redistributions in binary form must reproduce the above copyright 20230479Snetchild * notice, this list of conditions and the following disclaimer in the 21230479Snetchild * documentation and/or other materials provided with the distribution. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 24 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 27 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 28 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34#include "includes.h" 35RCSID("$OpenBSD: key.c,v 1.49 2002/09/09 14:54:14 markus Exp $"); 36RCSID("$FreeBSD: head/crypto/openssh/key.c 106130 2002-10-29 10:16:02Z des $"); 37 38#include <openssl/evp.h> 39 40#include "xmalloc.h" 41#include "key.h" 42#include "rsa.h" 43#include "ssh-dss.h" 44#include "ssh-rsa.h" 45#include "uuencode.h" 46#include "buffer.h" 47#include "bufaux.h" 48#include "log.h" 49 50Key * 51key_new(int type) 52{ 53 Key *k; 54 RSA *rsa; 55 DSA *dsa; 56 k = xmalloc(sizeof(*k)); 57 k->type = type; 58 k->flags = 0; 59 k->dsa = NULL; 60 k->rsa = NULL; 61 switch (k->type) { 62 case KEY_RSA1: 63 case KEY_RSA: 64 if ((rsa = RSA_new()) == NULL) 65 fatal("key_new: RSA_new failed"); 66 if ((rsa->n = BN_new()) == NULL) 67 fatal("key_new: BN_new failed"); 68 if ((rsa->e = BN_new()) == NULL) 69 fatal("key_new: BN_new failed"); 70 k->rsa = rsa; 71 break; 72 case KEY_DSA: 73 if ((dsa = DSA_new()) == NULL) 74 fatal("key_new: DSA_new failed"); 75 if ((dsa->p = BN_new()) == NULL) 76 fatal("key_new: BN_new failed"); 77 if ((dsa->q = BN_new()) == NULL) 78 fatal("key_new: BN_new failed"); 79 if ((dsa->g = BN_new()) == NULL) 80 fatal("key_new: BN_new failed"); 81 if ((dsa->pub_key = BN_new()) == NULL) 82 fatal("key_new: BN_new failed"); 83 k->dsa = dsa; 84 break; 85 case KEY_UNSPEC: 86 break; 87 default: 88 fatal("key_new: bad key type %d", k->type); 89 break; 90 } 91 return k; 92} 93 94Key * 95key_new_private(int type) 96{ 97 Key *k = key_new(type); 98 switch (k->type) { 99 case KEY_RSA1: 100 case KEY_RSA: 101 if ((k->rsa->d = BN_new()) == NULL) 102 fatal("key_new_private: BN_new failed"); 103 if ((k->rsa->iqmp = BN_new()) == NULL) 104 fatal("key_new_private: BN_new failed"); 105 if ((k->rsa->q = BN_new()) == NULL) 106 fatal("key_new_private: BN_new failed"); 107 if ((k->rsa->p = BN_new()) == NULL) 108 fatal("key_new_private: BN_new failed"); 109 if ((k->rsa->dmq1 = BN_new()) == NULL) 110 fatal("key_new_private: BN_new failed"); 111 if ((k->rsa->dmp1 = BN_new()) == NULL) 112 fatal("key_new_private: BN_new failed"); 113 break; 114 case KEY_DSA: 115 if ((k->dsa->priv_key = BN_new()) == NULL) 116 fatal("key_new_private: BN_new failed"); 117 break; 118 case KEY_UNSPEC: 119 break; 120 default: 121 break; 122 } 123 return k; 124} 125 126void 127key_free(Key *k) 128{ 129 switch (k->type) { 130 case KEY_RSA1: 131 case KEY_RSA: 132 if (k->rsa != NULL) 133 RSA_free(k->rsa); 134 k->rsa = NULL; 135 break; 136 case KEY_DSA: 137 if (k->dsa != NULL) 138 DSA_free(k->dsa); 139 k->dsa = NULL; 140 break; 141 case KEY_UNSPEC: 142 break; 143 default: 144 fatal("key_free: bad key type %d", k->type); 145 break; 146 } 147 xfree(k); 148} 149int 150key_equal(Key *a, Key *b) 151{ 152 if (a == NULL || b == NULL || a->type != b->type) 153 return 0; 154 switch (a->type) { 155 case KEY_RSA1: 156 case KEY_RSA: 157 return a->rsa != NULL && b->rsa != NULL && 158 BN_cmp(a->rsa->e, b->rsa->e) == 0 && 159 BN_cmp(a->rsa->n, b->rsa->n) == 0; 160 break; 161 case KEY_DSA: 162 return a->dsa != NULL && b->dsa != NULL && 163 BN_cmp(a->dsa->p, b->dsa->p) == 0 && 164 BN_cmp(a->dsa->q, b->dsa->q) == 0 && 165 BN_cmp(a->dsa->g, b->dsa->g) == 0 && 166 BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0; 167 break; 168 default: 169 fatal("key_equal: bad key type %d", a->type); 170 break; 171 } 172 return 0; 173} 174 175static u_char * 176key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length) 177{ 178 const EVP_MD *md = NULL; 179 EVP_MD_CTX ctx; 180 u_char *blob = NULL; 181 u_char *retval = NULL; 182 u_int len = 0; 183 int nlen, elen; 184 185 *dgst_raw_length = 0; 186 187 switch (dgst_type) { 188 case SSH_FP_MD5: 189 md = EVP_md5(); 190 break; 191 case SSH_FP_SHA1: 192 md = EVP_sha1(); 193 break; 194 default: 195 fatal("key_fingerprint_raw: bad digest type %d", 196 dgst_type); 197 } 198 switch (k->type) { 199 case KEY_RSA1: 200 nlen = BN_num_bytes(k->rsa->n); 201 elen = BN_num_bytes(k->rsa->e); 202 len = nlen + elen; 203 blob = xmalloc(len); 204 BN_bn2bin(k->rsa->n, blob); 205 BN_bn2bin(k->rsa->e, blob + nlen); 206 break; 207 case KEY_DSA: 208 case KEY_RSA: 209 key_to_blob(k, &blob, &len); 210 break; 211 case KEY_UNSPEC: 212 return retval; 213 break; 214 default: 215 fatal("key_fingerprint_raw: bad key type %d", k->type); 216 break; 217 } 218 if (blob != NULL) { 219 retval = xmalloc(EVP_MAX_MD_SIZE); 220 EVP_DigestInit(&ctx, md); 221 EVP_DigestUpdate(&ctx, blob, len); 222 EVP_DigestFinal(&ctx, retval, dgst_raw_length); 223 memset(blob, 0, len); 224 xfree(blob); 225 } else { 226 fatal("key_fingerprint_raw: blob is null"); 227 } 228 return retval; 229} 230 231static char * 232key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len) 233{ 234 char *retval; 235 int i; 236 237 retval = xmalloc(dgst_raw_len * 3 + 1); 238 retval[0] = '\0'; 239 for (i = 0; i < dgst_raw_len; i++) { 240 char hex[4]; 241 snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]); 242 strlcat(retval, hex, dgst_raw_len * 3); 243 } 244 retval[(dgst_raw_len * 3) - 1] = '\0'; 245 return retval; 246} 247 248static char * 249key_fingerprint_bubblebabble(u_char *dgst_raw, u_int dgst_raw_len) 250{ 251 char vowels[] = { 'a', 'e', 'i', 'o', 'u', 'y' }; 252 char consonants[] = { 'b', 'c', 'd', 'f', 'g', 'h', 'k', 'l', 'm', 253 'n', 'p', 'r', 's', 't', 'v', 'z', 'x' }; 254 u_int i, j = 0, rounds, seed = 1; 255 char *retval; 256 257 rounds = (dgst_raw_len / 2) + 1; 258 retval = xmalloc(sizeof(char) * (rounds*6)); 259 retval[j++] = 'x'; 260 for (i = 0; i < rounds; i++) { 261 u_int idx0, idx1, idx2, idx3, idx4; 262 if ((i + 1 < rounds) || (dgst_raw_len % 2 != 0)) { 263 idx0 = (((((u_int)(dgst_raw[2 * i])) >> 6) & 3) + 264 seed) % 6; 265 idx1 = (((u_int)(dgst_raw[2 * i])) >> 2) & 15; 266 idx2 = ((((u_int)(dgst_raw[2 * i])) & 3) + 267 (seed / 6)) % 6; 268 retval[j++] = vowels[idx0]; 269 retval[j++] = consonants[idx1]; 270 retval[j++] = vowels[idx2]; 271 if ((i + 1) < rounds) { 272 idx3 = (((u_int)(dgst_raw[(2 * i) + 1])) >> 4) & 15; 273 idx4 = (((u_int)(dgst_raw[(2 * i) + 1]))) & 15; 274 retval[j++] = consonants[idx3]; 275 retval[j++] = '-'; 276 retval[j++] = consonants[idx4]; 277 seed = ((seed * 5) + 278 ((((u_int)(dgst_raw[2 * i])) * 7) + 279 ((u_int)(dgst_raw[(2 * i) + 1])))) % 36; 280 } 281 } else { 282 idx0 = seed % 6; 283 idx1 = 16; 284 idx2 = seed / 6; 285 retval[j++] = vowels[idx0]; 286 retval[j++] = consonants[idx1]; 287 retval[j++] = vowels[idx2]; 288 } 289 } 290 retval[j++] = 'x'; 291 retval[j++] = '\0'; 292 return retval; 293} 294 295char * 296key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) 297{ 298 char *retval = NULL; 299 u_char *dgst_raw; 300 u_int dgst_raw_len; 301 302 dgst_raw = key_fingerprint_raw(k, dgst_type, &dgst_raw_len); 303 if (!dgst_raw) 304 fatal("key_fingerprint: null from key_fingerprint_raw()"); 305 switch (dgst_rep) { 306 case SSH_FP_HEX: 307 retval = key_fingerprint_hex(dgst_raw, dgst_raw_len); 308 break; 309 case SSH_FP_BUBBLEBABBLE: 310 retval = key_fingerprint_bubblebabble(dgst_raw, dgst_raw_len); 311 break; 312 default: 313 fatal("key_fingerprint_ex: bad digest representation %d", 314 dgst_rep); 315 break; 316 } 317 memset(dgst_raw, 0, dgst_raw_len); 318 xfree(dgst_raw); 319 return retval; 320} 321 322/* 323 * Reads a multiple-precision integer in decimal from the buffer, and advances 324 * the pointer. The integer must already be initialized. This function is 325 * permitted to modify the buffer. This leaves *cpp to point just beyond the 326 * last processed (and maybe modified) character. Note that this may modify 327 * the buffer containing the number. 328 */ 329static int 330read_bignum(char **cpp, BIGNUM * value) 331{ 332 char *cp = *cpp; 333 int old; 334 335 /* Skip any leading whitespace. */ 336 for (; *cp == ' ' || *cp == '\t'; cp++) 337 ; 338 339 /* Check that it begins with a decimal digit. */ 340 if (*cp < '0' || *cp > '9') 341 return 0; 342 343 /* Save starting position. */ 344 *cpp = cp; 345 346 /* Move forward until all decimal digits skipped. */ 347 for (; *cp >= '0' && *cp <= '9'; cp++) 348 ; 349 350 /* Save the old terminating character, and replace it by \0. */ 351 old = *cp; 352 *cp = 0; 353 354 /* Parse the number. */ 355 if (BN_dec2bn(&value, *cpp) == 0) 356 return 0; 357 358 /* Restore old terminating character. */ 359 *cp = old; 360 361 /* Move beyond the number and return success. */ 362 *cpp = cp; 363 return 1; 364} 365 366static int 367write_bignum(FILE *f, BIGNUM *num) 368{ 369 char *buf = BN_bn2dec(num); 370 if (buf == NULL) { 371 error("write_bignum: BN_bn2dec() failed"); 372 return 0; 373 } 374 fprintf(f, " %s", buf); 375 OPENSSL_free(buf); 376 return 1; 377} 378 379/* returns 1 ok, -1 error */ 380int 381key_read(Key *ret, char **cpp) 382{ 383 Key *k; 384 int success = -1; 385 char *cp, *space; 386 int len, n, type; 387 u_int bits; 388 u_char *blob; 389 390 cp = *cpp; 391 392 switch (ret->type) { 393 case KEY_RSA1: 394 /* Get number of bits. */ 395 if (*cp < '0' || *cp > '9') 396 return -1; /* Bad bit count... */ 397 for (bits = 0; *cp >= '0' && *cp <= '9'; cp++) 398 bits = 10 * bits + *cp - '0'; 399 if (bits == 0) 400 return -1; 401 *cpp = cp; 402 /* Get public exponent, public modulus. */ 403 if (!read_bignum(cpp, ret->rsa->e)) 404 return -1; 405 if (!read_bignum(cpp, ret->rsa->n)) 406 return -1; 407 success = 1; 408 break; 409 case KEY_UNSPEC: 410 case KEY_RSA: 411 case KEY_DSA: 412 space = strchr(cp, ' '); 413 if (space == NULL) { 414 debug3("key_read: no space"); 415 return -1; 416 } 417 *space = '\0'; 418 type = key_type_from_name(cp); 419 *space = ' '; 420 if (type == KEY_UNSPEC) { 421 debug3("key_read: no key found"); 422 return -1; 423 } 424 cp = space+1; 425 if (*cp == '\0') { 426 debug3("key_read: short string"); 427 return -1; 428 } 429 if (ret->type == KEY_UNSPEC) { 430 ret->type = type; 431 } else if (ret->type != type) { 432 /* is a key, but different type */ 433 debug3("key_read: type mismatch"); 434 return -1; 435 } 436 len = 2*strlen(cp); 437 blob = xmalloc(len); 438 n = uudecode(cp, blob, len); 439 if (n < 0) { 440 error("key_read: uudecode %s failed", cp); 441 xfree(blob); 442 return -1; 443 } 444 k = key_from_blob(blob, n); 445 xfree(blob); 446 if (k == NULL) { 447 error("key_read: key_from_blob %s failed", cp); 448 return -1; 449 } 450 if (k->type != type) { 451 error("key_read: type mismatch: encoding error"); 452 key_free(k); 453 return -1; 454 } 455/*XXXX*/ 456 if (ret->type == KEY_RSA) { 457 if (ret->rsa != NULL) 458 RSA_free(ret->rsa); 459 ret->rsa = k->rsa; 460 k->rsa = NULL; 461 success = 1; 462#ifdef DEBUG_PK 463 RSA_print_fp(stderr, ret->rsa, 8); 464#endif 465 } else { 466 if (ret->dsa != NULL) 467 DSA_free(ret->dsa); 468 ret->dsa = k->dsa; 469 k->dsa = NULL; 470 success = 1; 471#ifdef DEBUG_PK 472 DSA_print_fp(stderr, ret->dsa, 8); 473#endif 474 } 475/*XXXX*/ 476 key_free(k); 477 if (success != 1) 478 break; 479 /* advance cp: skip whitespace and data */ 480 while (*cp == ' ' || *cp == '\t') 481 cp++; 482 while (*cp != '\0' && *cp != ' ' && *cp != '\t') 483 cp++; 484 *cpp = cp; 485 break; 486 default: 487 fatal("key_read: bad key type: %d", ret->type); 488 break; 489 } 490 return success; 491} 492 493int 494key_write(Key *key, FILE *f) 495{ 496 int n, success = 0; 497 u_int len, bits = 0; 498 u_char *blob; 499 char *uu; 500 501 if (key->type == KEY_RSA1 && key->rsa != NULL) { 502 /* size of modulus 'n' */ 503 bits = BN_num_bits(key->rsa->n); 504 fprintf(f, "%u", bits); 505 if (write_bignum(f, key->rsa->e) && 506 write_bignum(f, key->rsa->n)) { 507 success = 1; 508 } else { 509 error("key_write: failed for RSA key"); 510 } 511 } else if ((key->type == KEY_DSA && key->dsa != NULL) || 512 (key->type == KEY_RSA && key->rsa != NULL)) { 513 key_to_blob(key, &blob, &len); 514 uu = xmalloc(2*len); 515 n = uuencode(blob, len, uu, 2*len); 516 if (n > 0) { 517 fprintf(f, "%s %s", key_ssh_name(key), uu); 518 success = 1; 519 } 520 xfree(blob); 521 xfree(uu); 522 } 523 return success; 524} 525 526char * 527key_type(Key *k) 528{ 529 switch (k->type) { 530 case KEY_RSA1: 531 return "RSA1"; 532 break; 533 case KEY_RSA: 534 return "RSA"; 535 break; 536 case KEY_DSA: 537 return "DSA"; 538 break; 539 } 540 return "unknown"; 541} 542 543char * 544key_ssh_name(Key *k) 545{ 546 switch (k->type) { 547 case KEY_RSA: 548 return "ssh-rsa"; 549 break; 550 case KEY_DSA: 551 return "ssh-dss"; 552 break; 553 } 554 return "ssh-unknown"; 555} 556 557u_int 558key_size(Key *k) 559{ 560 switch (k->type) { 561 case KEY_RSA1: 562 case KEY_RSA: 563 return BN_num_bits(k->rsa->n); 564 break; 565 case KEY_DSA: 566 return BN_num_bits(k->dsa->p); 567 break; 568 } 569 return 0; 570} 571 572static RSA * 573rsa_generate_private_key(u_int bits) 574{ 575 RSA *private; 576 private = RSA_generate_key(bits, 35, NULL, NULL); 577 if (private == NULL) 578 fatal("rsa_generate_private_key: key generation failed."); 579 return private; 580} 581 582static DSA* 583dsa_generate_private_key(u_int bits) 584{ 585 DSA *private = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL); 586 if (private == NULL) 587 fatal("dsa_generate_private_key: DSA_generate_parameters failed"); 588 if (!DSA_generate_key(private)) 589 fatal("dsa_generate_private_key: DSA_generate_key failed."); 590 if (private == NULL) 591 fatal("dsa_generate_private_key: NULL."); 592 return private; 593} 594 595Key * 596key_generate(int type, u_int bits) 597{ 598 Key *k = key_new(KEY_UNSPEC); 599 switch (type) { 600 case KEY_DSA: 601 k->dsa = dsa_generate_private_key(bits); 602 break; 603 case KEY_RSA: 604 case KEY_RSA1: 605 k->rsa = rsa_generate_private_key(bits); 606 break; 607 default: 608 fatal("key_generate: unknown type %d", type); 609 } 610 k->type = type; 611 return k; 612} 613 614Key * 615key_from_private(Key *k) 616{ 617 Key *n = NULL; 618 switch (k->type) { 619 case KEY_DSA: 620 n = key_new(k->type); 621 BN_copy(n->dsa->p, k->dsa->p); 622 BN_copy(n->dsa->q, k->dsa->q); 623 BN_copy(n->dsa->g, k->dsa->g); 624 BN_copy(n->dsa->pub_key, k->dsa->pub_key); 625 break; 626 case KEY_RSA: 627 case KEY_RSA1: 628 n = key_new(k->type); 629 BN_copy(n->rsa->n, k->rsa->n); 630 BN_copy(n->rsa->e, k->rsa->e); 631 break; 632 default: 633 fatal("key_from_private: unknown type %d", k->type); 634 break; 635 } 636 return n; 637} 638 639int 640key_type_from_name(char *name) 641{ 642 if (strcmp(name, "rsa1") == 0) { 643 return KEY_RSA1; 644 } else if (strcmp(name, "rsa") == 0) { 645 return KEY_RSA; 646 } else if (strcmp(name, "dsa") == 0) { 647 return KEY_DSA; 648 } else if (strcmp(name, "ssh-rsa") == 0) { 649 return KEY_RSA; 650 } else if (strcmp(name, "ssh-dss") == 0) { 651 return KEY_DSA; 652 } 653 debug2("key_type_from_name: unknown key type '%s'", name); 654 return KEY_UNSPEC; 655} 656 657int 658key_names_valid2(const char *names) 659{ 660 char *s, *cp, *p; 661 662 if (names == NULL || strcmp(names, "") == 0) 663 return 0; 664 s = cp = xstrdup(names); 665 for ((p = strsep(&cp, ",")); p && *p != '\0'; 666 (p = strsep(&cp, ","))) { 667 switch (key_type_from_name(p)) { 668 case KEY_RSA1: 669 case KEY_UNSPEC: 670 xfree(s); 671 return 0; 672 } 673 } 674 debug3("key names ok: [%s]", names); 675 xfree(s); 676 return 1; 677} 678 679Key * 680key_from_blob(u_char *blob, int blen) 681{ 682 Buffer b; 683 char *ktype; 684 int rlen, type; 685 Key *key = NULL; 686 687#ifdef DEBUG_PK 688 dump_base64(stderr, blob, blen); 689#endif 690 buffer_init(&b); 691 buffer_append(&b, blob, blen); 692 ktype = buffer_get_string(&b, NULL); 693 type = key_type_from_name(ktype); 694 695 switch (type) { 696 case KEY_RSA: 697 key = key_new(type); 698 buffer_get_bignum2(&b, key->rsa->e); 699 buffer_get_bignum2(&b, key->rsa->n); 700#ifdef DEBUG_PK 701 RSA_print_fp(stderr, key->rsa, 8); 702#endif 703 break; 704 case KEY_DSA: 705 key = key_new(type); 706 buffer_get_bignum2(&b, key->dsa->p); 707 buffer_get_bignum2(&b, key->dsa->q); 708 buffer_get_bignum2(&b, key->dsa->g); 709 buffer_get_bignum2(&b, key->dsa->pub_key); 710#ifdef DEBUG_PK 711 DSA_print_fp(stderr, key->dsa, 8); 712#endif 713 break; 714 case KEY_UNSPEC: 715 key = key_new(type); 716 break; 717 default: 718 error("key_from_blob: cannot handle type %s", ktype); 719 break; 720 } 721 rlen = buffer_len(&b); 722 if (key != NULL && rlen != 0) 723 error("key_from_blob: remaining bytes in key blob %d", rlen); 724 xfree(ktype); 725 buffer_free(&b); 726 return key; 727} 728 729int 730key_to_blob(Key *key, u_char **blobp, u_int *lenp) 731{ 732 Buffer b; 733 int len; 734 735 if (key == NULL) { 736 error("key_to_blob: key == NULL"); 737 return 0; 738 } 739 buffer_init(&b); 740 switch (key->type) { 741 case KEY_DSA: 742 buffer_put_cstring(&b, key_ssh_name(key)); 743 buffer_put_bignum2(&b, key->dsa->p); 744 buffer_put_bignum2(&b, key->dsa->q); 745 buffer_put_bignum2(&b, key->dsa->g); 746 buffer_put_bignum2(&b, key->dsa->pub_key); 747 break; 748 case KEY_RSA: 749 buffer_put_cstring(&b, key_ssh_name(key)); 750 buffer_put_bignum2(&b, key->rsa->e); 751 buffer_put_bignum2(&b, key->rsa->n); 752 break; 753 default: 754 error("key_to_blob: unsupported key type %d", key->type); 755 buffer_free(&b); 756 return 0; 757 } 758 len = buffer_len(&b); 759 if (lenp != NULL) 760 *lenp = len; 761 if (blobp != NULL) { 762 *blobp = xmalloc(len); 763 memcpy(*blobp, buffer_ptr(&b), len); 764 } 765 memset(buffer_ptr(&b), 0, len); 766 buffer_free(&b); 767 return len; 768} 769 770int 771key_sign( 772 Key *key, 773 u_char **sigp, u_int *lenp, 774 u_char *data, u_int datalen) 775{ 776 switch (key->type) { 777 case KEY_DSA: 778 return ssh_dss_sign(key, sigp, lenp, data, datalen); 779 break; 780 case KEY_RSA: 781 return ssh_rsa_sign(key, sigp, lenp, data, datalen); 782 break; 783 default: 784 error("key_sign: illegal key type %d", key->type); 785 return -1; 786 break; 787 } 788} 789 790/* 791 * key_verify returns 1 for a correct signature, 0 for an incorrect signature 792 * and -1 on error. 793 */ 794int 795key_verify( 796 Key *key, 797 u_char *signature, u_int signaturelen, 798 u_char *data, u_int datalen) 799{ 800 if (signaturelen == 0) 801 return -1; 802 803 switch (key->type) { 804 case KEY_DSA: 805 return ssh_dss_verify(key, signature, signaturelen, data, datalen); 806 break; 807 case KEY_RSA: 808 return ssh_rsa_verify(key, signature, signaturelen, data, datalen); 809 break; 810 default: 811 error("key_verify: illegal key type %d", key->type); 812 return -1; 813 break; 814 } 815} 816 817/* Converts a private to a public key */ 818Key * 819key_demote(Key *k) 820{ 821 Key *pk; 822 823 pk = xmalloc(sizeof(*pk)); 824 pk->type = k->type; 825 pk->flags = k->flags; 826 pk->dsa = NULL; 827 pk->rsa = NULL; 828 829 switch (k->type) { 830 case KEY_RSA1: 831 case KEY_RSA: 832 if ((pk->rsa = RSA_new()) == NULL) 833 fatal("key_demote: RSA_new failed"); 834 if ((pk->rsa->e = BN_dup(k->rsa->e)) == NULL) 835 fatal("key_demote: BN_dup failed"); 836 if ((pk->rsa->n = BN_dup(k->rsa->n)) == NULL) 837 fatal("key_demote: BN_dup failed"); 838 break; 839 case KEY_DSA: 840 if ((pk->dsa = DSA_new()) == NULL) 841 fatal("key_demote: DSA_new failed"); 842 if ((pk->dsa->p = BN_dup(k->dsa->p)) == NULL) 843 fatal("key_demote: BN_dup failed"); 844 if ((pk->dsa->q = BN_dup(k->dsa->q)) == NULL) 845 fatal("key_demote: BN_dup failed"); 846 if ((pk->dsa->g = BN_dup(k->dsa->g)) == NULL) 847 fatal("key_demote: BN_dup failed"); 848 if ((pk->dsa->pub_key = BN_dup(k->dsa->pub_key)) == NULL) 849 fatal("key_demote: BN_dup failed"); 850 break; 851 default: 852 fatal("key_free: bad key type %d", k->type); 853 break; 854 } 855 856 return (pk); 857} 858