X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/c7211b0d98a2485c859133b2dc129cdfd93eb67f..fc5f482398c76a2d1e81f88f2ce3e750ad029c19:/server/keymgmt.c diff --git a/server/keymgmt.c b/server/keymgmt.c index ce0d4561..20c60cb6 100644 --- a/server/keymgmt.c +++ b/server/keymgmt.c @@ -98,7 +98,7 @@ done: return (e); } -static const kgops kgdh_ops = { "tripe-dh", kgdh_priv, kgdh_pub }; +static const kgops kgdh_ops = { "dh", kgdh_priv, kgdh_pub }; /* --- Elliptic curve --- */ @@ -154,7 +154,7 @@ done: return (e); } -static const kgops kgec_ops = { "tripe-ec", kgec_priv, kgec_pub }; +static const kgops kgec_ops = { "ec", kgec_priv, kgec_pub }; /* --- Table of supported key types --- */ @@ -315,6 +315,41 @@ static void keymoan(const char *file, int line, const char *msg, void *p) A_END); } +/* --- @keykg@ --- * + * + * Arguments: @key_file *kf@ = pointer to key file + * @key *k@ = pointer to key + * @const char **tyr@ = where to put the type string + * + * Returns: Pointer to indicated key-group options, or null. + * + * Use: Looks up a key's group indicator and tries to find a matching + * table entry. + */ + +static const kgops *keykg(key_file *kf, key *k, const char **tyr) +{ + const char *ty; + const kgops **ko; + + /* --- Look up the key type in the table --- * + * + * There are several places to look for this. The most obvious is the + * `kx-group' key attribute. But there's also the key type itself. + */ + + ty = key_getattr(kf, k, "kx-group"); + if (!ty && strncmp(k->type, "tripe-", 6) == 0) ty = k->type + 6; + if (!ty) ty = "dh"; + if (tyr) *tyr = ty; + + for (ko = kgtab; *ko; ko++) { + if (strcmp((*ko)->ty, ty) == 0) + return (*ko); + } + return (0); +} + /* --- @loadpriv@ --- * * * Arguments: @dstr *d@ = string to write errors in @@ -333,8 +368,8 @@ static int loadpriv(dstr *d) group *g = 0; mp *x = 0; int rc = -1; - const kgops **ko; - const char *e; + const kgops *ko; + const char *e, *tag, *ty; algswitch a; /* --- Open the private key file --- */ @@ -347,25 +382,24 @@ static int loadpriv(dstr *d) /* --- Find the private key --- */ - if (key_qtag(&kf, tag_priv, &t, &k, &kd)) { - dstr_putf(d, "private key `%s' not found in keyring `%s'", - tag_priv, kr_priv); + if (tag_priv ? + key_qtag(&kf, tag = tag_priv, &t, &k, &kd) : + key_qtag(&kf, tag = "tripe", &t, &k, &kd) && + key_qtag(&kf, tag = "tripe-dh", &t, &k, &kd)) { + dstr_putf(d, "private key `%s' not found in keyring `%s'", tag, kr_priv); goto done_1; } /* --- Look up the key type in the table --- */ - for (ko = kgtab; *ko; ko++) { - if (strcmp((*ko)->ty, k->type) == 0) - goto tymatch; + if ((ko = keykg(&kf, k, &ty)) == 0) { + dstr_putf(d, "private key `%s' has unknown type `%s'", t.buf, ty); + goto done_1; } - dstr_putf(d, "private key `%s' has unknown type `%s'", t.buf, k->type); - goto done_1; -tymatch:; /* --- Load the key --- */ - if ((e = (*ko)->loadpriv(*kd, &g, &x, &t)) != 0) { + if ((e = ko->loadpriv(*kd, &g, &x, &t)) != 0) { dstr_putf(d, "error reading private key `%s': %s", t.buf, e); goto done_1; } @@ -566,8 +600,8 @@ int km_getpubkey(const char *tag, ge *kpub, time_t *t_exp) key *k; key_data **kd; dstr t = DSTR_INIT; - const kgops **ko; - const char *e; + const kgops *ko; + const char *e, *ty; group *g = 0; ge *p = 0; algswitch a; @@ -582,20 +616,17 @@ int km_getpubkey(const char *tag, ge *kpub, time_t *t_exp) /* --- Look up the key type in the table --- */ - for (ko = kgtab; *ko; ko++) { - if (strcmp((*ko)->ty, k->type) == 0) - goto tymatch; + if ((ko = keykg(kf_pub, k, &ty)) == 0) { + a_warn("KEYMGMT", + "public-key", "%s", t.buf, + "unknown-type", "%s", ty, + A_END); + goto done; } - a_warn("KEYMGMT", - "public-key", "%s", t.buf, - "unknown-type", "%s", k->type, - A_END); - goto done; -tymatch:; /* --- Load the key --- */ - if ((e = (*ko)->loadpub(*kd, &g, &p, &t)) != 0) { + if ((e = ko->loadpub(*kd, &g, &p, &t)) != 0) { a_warn("KEYMGMT", "public-key", "%s", t.buf, "bad", "%s", e, A_END); goto done; }