diff options
-rw-r--r-- | include/libssh/libssh.h | 1 | ||||
-rw-r--r-- | src/dh.c | 80 |
2 files changed, 81 insertions, 0 deletions
diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h index 320dc032..f6cce1e4 100644 --- a/include/libssh/libssh.h +++ b/include/libssh/libssh.h @@ -564,6 +564,7 @@ LIBSSH_API int ssh_pki_export_pubkey_file(const ssh_key key, LIBSSH_API const char *ssh_pki_key_ecdsa_name(const ssh_key key); +LIBSSH_API void ssh_print_hash(enum ssh_publickey_hash_type type, unsigned char *hash, size_t len); LIBSSH_API void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len); LIBSSH_API int ssh_send_ignore (ssh_session session, const char *data); LIBSSH_API int ssh_send_debug (ssh_session session, const char *message, int always_display); @@ -1098,6 +1098,38 @@ out: } /** + * @internal + * + * @brief Convert a buffer into an unpadded base64 string. + * The caller has to free the memory. + * + * @param hash What should be converted to a base64 string. + * + * @param len Length of the buffer to convert. + * + * @return The base64 string or NULL on error. + * + * @see ssh_string_free_char() + */ +static char *ssh_get_b64_unpadded(const unsigned char *hash, size_t len) +{ + char *b64_padded = NULL; + char *b64_unpadded = NULL; + size_t k; + + b64_padded = (char *)bin_to_base64(hash, (int)len); + if (b64_padded == NULL) { + return NULL; + } + for (k = strlen(b64_padded); k != 0 && b64_padded[k-1] == '='; k--); + + b64_unpadded = strndup(b64_padded, k); + SAFE_FREE(b64_padded); + + return b64_unpadded; +} + +/** * @brief Convert a buffer into a colon separated hex string. * The caller has to free the memory. * @@ -1135,6 +1167,54 @@ char *ssh_get_hexa(const unsigned char *what, size_t len) { } /** + * @brief Print a hash as a human-readable hex- or base64-string. + * + * This function prints hex strings if the given hash is a md5 sum. + * But prints unpadded base64 strings for sha sums. + * Either way, the output is prepended by the hash-type. + * + * @param type Which sort of hash is given. + * + * @param hash What should be converted to a base64 string. + * + * @param len Length of the buffer to convert. + */ +void ssh_print_hash(enum ssh_publickey_hash_type type, + unsigned char *hash, + size_t len) { + const char *prefix = "UNKNOWN"; + char *fingerprint = NULL; + + switch (type) { + case SSH_PUBLICKEY_HASH_SHA1: + case SSH_PUBLICKEY_HASH_SHA256: + fingerprint = ssh_get_b64_unpadded(hash, len); + break; + case SSH_PUBLICKEY_HASH_MD5: + fingerprint = ssh_get_hexa(hash, len); + break; + } + if (fingerprint == NULL) { + return; + } + + switch (type) { + case SSH_PUBLICKEY_HASH_MD5: + prefix = "MD5"; + break; + case SSH_PUBLICKEY_HASH_SHA1: + prefix = "SHA1"; + break; + case SSH_PUBLICKEY_HASH_SHA256: + prefix = "SHA256"; + break; + } + fprintf(stderr, "%s:%s\n", prefix, fingerprint); + + SAFE_FREE(fingerprint); +} + +/** * @brief Print a buffer as colon separated hex string. * * @param descr Description printed in front of the hex string. |