aboutsummaryrefslogtreecommitdiff
path: root/src/pki_container_openssh.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/pki_container_openssh.c')
-rw-r--r--src/pki_container_openssh.c47
1 files changed, 27 insertions, 20 deletions
diff --git a/src/pki_container_openssh.c b/src/pki_container_openssh.c
index bfc6f8d4..54aee4de 100644
--- a/src/pki_container_openssh.c
+++ b/src/pki_container_openssh.c
@@ -69,20 +69,20 @@ static int pki_openssh_import_privkey_blob(ssh_buffer key_blob_buffer,
rc = ssh_buffer_unpack(key_blob_buffer, "s", &type_s);
if (rc == SSH_ERROR){
- ssh_pki_log("Unpack error");
+ SSH_LOG(SSH_LOG_WARN, "Unpack error");
return SSH_ERROR;
}
type = ssh_key_type_from_name(type_s);
if (type == SSH_KEYTYPE_UNKNOWN) {
- ssh_pki_log("Unknown key type found!");
+ SSH_LOG(SSH_LOG_WARN, "Unknown key type found!");
return SSH_ERROR;
}
SAFE_FREE(type_s);
key = ssh_key_new();
if (key == NULL) {
- ssh_pki_log("Out of memory");
+ SSH_LOG(SSH_LOG_WARN, "Out of memory");
return SSH_ERROR;
}
@@ -94,12 +94,12 @@ static int pki_openssh_import_privkey_blob(ssh_buffer key_blob_buffer,
case SSH_KEYTYPE_ED25519:
rc = ssh_buffer_unpack(key_blob_buffer, "SS", &pubkey, &privkey);
if (rc != SSH_OK){
- ssh_pki_log("Unpack error");
+ SSH_LOG(SSH_LOG_WARN, "Unpack error");
goto fail;
}
if(ssh_string_len(pubkey) != ED25519_PK_LEN ||
ssh_string_len(privkey) != ED25519_SK_LEN){
- ssh_pki_log("Invalid ed25519 key len");
+ SSH_LOG(SSH_LOG_WARN, "Invalid ed25519 key len");
goto fail;
}
key->ed25519_privkey = malloc(ED25519_SK_LEN);
@@ -120,10 +120,10 @@ static int pki_openssh_import_privkey_blob(ssh_buffer key_blob_buffer,
case SSH_KEYTYPE_RSA1:
case SSH_KEYTYPE_ECDSA:
/* curve_name, group, privkey */
- ssh_pki_log("Unsupported private key method %s", key->type_c);
+ SSH_LOG(SSH_LOG_WARN, "Unsupported private key method %s", key->type_c);
goto fail;
case SSH_KEYTYPE_UNKNOWN:
- ssh_pki_log("Unknown private key protocol %s", key->type_c);
+ SSH_LOG(SSH_LOG_WARN, "Unknown private key protocol %s", key->type_c);
goto fail;
}
@@ -213,18 +213,21 @@ static int pki_private_key_decrypt(ssh_string blob,
/* We need material for key (keysize bits / 8) and IV (blocksize) */
key_material_len = cipher.keysize/8 + cipher.blocksize;
if (key_material_len > sizeof(key_material)) {
- ssh_pki_log("Key material too big");
+ SSH_LOG(SSH_LOG_WARN, "Key material too big");
return SSH_ERROR;
}
- ssh_pki_log("Decryption: %d key, %d IV, %d rounds, %zu bytes salt",
- cipher.keysize/8,
- cipher.blocksize, rounds, ssh_string_len(salt));
+ SSH_LOG(SSH_LOG_DEBUG,
+ "Decryption: %d key, %d IV, %d rounds, %zu bytes salt",
+ cipher.keysize/8,
+ cipher.blocksize,
+ rounds,
+ ssh_string_len(salt));
if (passphrase == NULL) {
if (auth_fn == NULL) {
SAFE_FREE(salt);
- ssh_pki_log("No passphrase provided");
+ SSH_LOG(SSH_LOG_WARN, "No passphrase provided");
return SSH_ERROR;
}
rc = auth_fn("Passphrase",
@@ -339,7 +342,11 @@ ssh_key ssh_pki_openssh_privkey_import(const char *text_key,
SSH_LOG(SSH_LOG_WARN, "Not an OpenSSH private key (bad magic)");
goto error;
}
- ssh_pki_log("Opening OpenSSH private key: ciphername: %s, kdf: %s, nkeys: %d\n", ciphername, kdfname, nkeys);
+ SSH_LOG(SSH_LOG_INFO,
+ "Opening OpenSSH private key: ciphername: %s, kdf: %s, nkeys: %d\n",
+ ciphername,
+ kdfname,
+ nkeys);
if (nkeys != 1){
SSH_LOG(SSH_LOG_WARN, "Opening OpenSSH private key: only 1 key supported (%d available)", nkeys);
goto error;
@@ -383,7 +390,7 @@ ssh_key ssh_pki_openssh_privkey_import(const char *text_key,
if (padding != i){
ssh_key_free(key);
key = NULL;
- ssh_pki_log("Invalid padding");
+ SSH_LOG(SSH_LOG_WARN, "Invalid padding");
goto error;
}
}
@@ -419,7 +426,7 @@ static int pki_openssh_export_privkey_blob(const ssh_key privkey,
int rc;
if (privkey->type != SSH_KEYTYPE_ED25519) {
- ssh_pki_log("Type %s not supported", privkey->type_c);
+ SSH_LOG(SSH_LOG_WARN, "Type %s not supported", privkey->type_c);
return SSH_ERROR;
}
if (privkey->ed25519_privkey == NULL ||
@@ -494,17 +501,17 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer,
/* We need material for key (keysize bits / 8) and IV (blocksize) */
key_material_len = cipher.keysize/8 + cipher.blocksize;
if (key_material_len > sizeof(key_material)){
- ssh_pki_log("Key material too big");
+ SSH_LOG(SSH_LOG_WARN, "Key material too big");
return SSH_ERROR;
}
- ssh_pki_log("Encryption: %d key, %d IV, %d rounds, %zu bytes salt",
+ SSH_LOG(SSH_LOG_WARN, "Encryption: %d key, %d IV, %d rounds, %zu bytes salt",
cipher.keysize/8,
cipher.blocksize, rounds, ssh_string_len(salt));
if (passphrase == NULL){
if (auth_fn == NULL){
- ssh_pki_log("No passphrase provided");
+ SSH_LOG(SSH_LOG_WARN, "No passphrase provided");
return SSH_ERROR;
}
rc = auth_fn("Passphrase",
@@ -573,11 +580,11 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
return NULL;
}
if (privkey->type != SSH_KEYTYPE_ED25519){
- ssh_pki_log("Unsupported key type %s", privkey->type_c);
+ SSH_LOG(SSH_LOG_WARN, "Unsupported key type %s", privkey->type_c);
return NULL;
}
if (passphrase != NULL || auth_fn != NULL){
- ssh_pki_log("Enabling encryption for private key export");
+ SSH_LOG(SSH_LOG_INFO, "Enabling encryption for private key export");
to_encrypt = 1;
}
buffer = ssh_buffer_new();
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 17:48:04 +0000