2 * Generic SSH public-key handling operations. In particular,
3 * reading of SSH public-key files, and also the generic `sign'
4 * operation for ssh2 (which checks the type of the key and
5 * dispatches to the appropriate key-type specific function).
13 #define GET_32BIT(cp) \
14 (((unsigned long)(unsigned char)(cp)[0] << 24) | \
15 ((unsigned long)(unsigned char)(cp)[1] << 16) | \
16 ((unsigned long)(unsigned char)(cp)[2] << 8) | \
17 ((unsigned long)(unsigned char)(cp)[3]))
19 #define rsa_signature "SSH PRIVATE KEY FILE FORMAT 1.1\n"
21 #define BASE64_TOINT(x) ( (x)-'A'<26 ? (x)-'A'+0 :\
22 (x)-'a'<26 ? (x)-'a'+26 :\
23 (x)-'0'<10 ? (x)-'0'+52 :\
27 static int loadrsakey_main(FILE *fp
, struct RSAKey
*key
,
28 char **commentptr
, char *passphrase
) {
29 unsigned char buf
[16384];
30 unsigned char keybuf
[16];
34 struct MD5Context md5c
;
37 /* Slurp the whole file (minus the header) into a buffer. */
38 len
= fread(buf
, 1, sizeof(buf
), fp
);
40 if (len
< 0 || len
== sizeof(buf
))
41 goto end
; /* file too big or not read */
46 * A zero byte. (The signature includes a terminating NUL.)
48 if (len
-i
< 1 || buf
[i
] != 0)
52 /* One byte giving encryption type, and one reserved uint32. */
56 if (ciphertype
!= 0 && ciphertype
!= SSH_CIPHER_3DES
)
60 goto end
; /* reserved field not present */
61 if (buf
[i
] != 0 || buf
[i
+1] != 0 || buf
[i
+2] != 0 || buf
[i
+3] != 0)
62 goto end
; /* reserved field nonzero, panic! */
65 /* Now the serious stuff. An ordinary SSH 1 public key. */
66 i
+= makekey(buf
+i
, key
, NULL
, 1);
68 goto end
; /* overran */
70 /* Next, the comment field. */
73 if (len
-i
< j
) goto end
;
74 comment
= malloc(j
+1);
76 memcpy(comment
, buf
+i
, j
);
81 *commentptr
= comment
;
83 key
->comment
= comment
;
85 return ciphertype
!= 0;
89 * Decrypt remainder of buffer.
93 MD5Update(&md5c
, passphrase
, strlen(passphrase
));
94 MD5Final(keybuf
, &md5c
);
95 des3_decrypt_pubkey(keybuf
, buf
+i
, (len
-i
+7)&~7);
96 memset(keybuf
, 0, sizeof(keybuf
)); /* burn the evidence */
100 * We are now in the secret part of the key. The first four
101 * bytes should be of the form a, b, a, b.
103 if (len
-i
< 4) goto end
;
104 if (buf
[i
] != buf
[i
+2] || buf
[i
+1] != buf
[i
+3]) { ret
= -1; goto end
; }
108 * After that, we have one further bignum which is our
109 * decryption modulus, and then we're done.
111 i
+= makeprivate(buf
+i
, key
);
112 if (len
-i
< 0) goto end
;
116 memset(buf
, 0, sizeof(buf
)); /* burn the evidence */
120 int loadrsakey(char *filename
, struct RSAKey
*key
, char *passphrase
) {
122 unsigned char buf
[64];
124 fp
= fopen(filename
, "rb");
126 return 0; /* doesn't even exist */
129 * Read the first line of the file and see if it's a v1 private
132 if (fgets(buf
, sizeof(buf
), fp
) &&
133 !strcmp(buf
, rsa_signature
)) {
134 return loadrsakey_main(fp
, key
, NULL
, passphrase
);
138 * Otherwise, we have nothing. Return empty-handed.
145 * See whether an RSA key is encrypted. Return its comment field as
148 int rsakey_encrypted(char *filename
, char **comment
) {
150 unsigned char buf
[64];
152 fp
= fopen(filename
, "rb");
154 return 0; /* doesn't even exist */
157 * Read the first line of the file and see if it's a v1 private
160 if (fgets(buf
, sizeof(buf
), fp
) &&
161 !strcmp(buf
, rsa_signature
)) {
162 return loadrsakey_main(fp
, NULL
, comment
, NULL
);
164 return 0; /* wasn't the right kind of file */