aboutsummaryrefslogtreecommitdiff
path: root/src/pki_gcrypt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/pki_gcrypt.c')
-rw-r--r--src/pki_gcrypt.c366
1 files changed, 0 insertions, 366 deletions
diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c
index 55a96656..30448c2d 100644
--- a/src/pki_gcrypt.c
+++ b/src/pki_gcrypt.c
@@ -198,23 +198,6 @@ static int asn1_check_sequence(ssh_buffer buffer) {
return 1;
}
-static int read_line(char *data, unsigned int len, FILE *fp) {
- char tmp;
- unsigned int i;
-
- for (i = 0; fread(&tmp, 1, 1, fp) && tmp != '\n' && i < len; data[i++] = tmp)
- ;
- if (tmp == '\n') {
- return i;
- }
-
- if (i >= len) {
- return -1;
- }
-
- return 0;
-}
-
static int passphrase_to_key(char *data, unsigned int datalen,
unsigned char *salt, unsigned char *key, unsigned int keylen) {
MD5CTX md;
@@ -488,117 +471,6 @@ static ssh_buffer privatekey_string_to_buffer(const char *pkey, int type,
return out;
}
-static ssh_buffer privatekey_file_to_buffer(FILE *fp, int type,
- ssh_auth_callback cb, void *userdata, const char *desc) {
- ssh_buffer buffer = NULL;
- ssh_buffer out = NULL;
- char buf[MAXLINESIZE] = {0};
- unsigned char *iv = NULL;
- const char *header_begin;
- const char *header_end;
- unsigned int header_begin_size;
- unsigned int header_end_size;
- unsigned int key_len = 0;
- unsigned int iv_len = 0;
- int algo = 0;
- int mode = 0;
- int len;
-
- buffer = ssh_buffer_new();
- if (buffer == NULL) {
- return NULL;
- }
-
- switch(type) {
- case SSH_KEYTYPE_DSS:
- header_begin = DSA_HEADER_BEGIN;
- header_end = DSA_HEADER_END;
- break;
- case SSH_KEYTYPE_RSA:
- header_begin = RSA_HEADER_BEGIN;
- header_end = RSA_HEADER_END;
- break;
- default:
- ssh_buffer_free(buffer);
- return NULL;
- }
-
- header_begin_size = strlen(header_begin);
- header_end_size = strlen(header_end);
-
- while (read_line(buf, MAXLINESIZE, fp) &&
- strncmp(buf, header_begin, header_begin_size))
- ;
-
- len = read_line(buf, MAXLINESIZE, fp);
- if (len > 11 && strncmp("Proc-Type: 4,ENCRYPTED", buf, 11) == 0) {
- len = read_line(buf, MAXLINESIZE, fp);
- if (len > 10 && strncmp("DEK-Info: ", buf, 10) == 0) {
- if (privatekey_dek_header(buf + 10, len - 10, &algo, &mode, &key_len,
- &iv, &iv_len) < 0) {
- ssh_buffer_free(buffer);
- SAFE_FREE(iv);
- return NULL;
- }
- } else {
- ssh_buffer_free(buffer);
- SAFE_FREE(iv);
- return NULL;
- }
- } else {
- if (buffer_add_data(buffer, buf, len) < 0) {
- ssh_buffer_free(buffer);
- SAFE_FREE(iv);
- return NULL;
- }
- }
-
- while ((len = read_line(buf,MAXLINESIZE,fp)) &&
- strncmp(buf, header_end, header_end_size) != 0) {
- if (len == -1) {
- ssh_buffer_free(buffer);
- SAFE_FREE(iv);
- return NULL;
- }
- if (buffer_add_data(buffer, buf, len) < 0) {
- ssh_buffer_free(buffer);
- SAFE_FREE(iv);
- return NULL;
- }
- }
-
- if (strncmp(buf,header_end,header_end_size) != 0) {
- ssh_buffer_free(buffer);
- SAFE_FREE(iv);
- return NULL;
- }
-
- if (buffer_add_data(buffer, "\0", 1) < 0) {
- ssh_buffer_free(buffer);
- SAFE_FREE(iv);
- return NULL;
- }
-
- out = base64_to_bin(ssh_buffer_get_begin(buffer));
- ssh_buffer_free(buffer);
- if (out == NULL) {
- SAFE_FREE(iv);
- return NULL;
- }
-
- if (algo) {
- if (privatekey_decrypt(algo, mode, key_len, iv, iv_len, out,
- cb, userdata, desc) < 0) {
- ssh_buffer_free(out);
- SAFE_FREE(iv);
- return NULL;
- }
- }
- SAFE_FREE(iv);
-
- return out;
-}
-
static int b64decode_rsa_privatekey(const char *pkey, gcry_sexp_t *r,
ssh_auth_callback cb, void *userdata, const char *desc) {
ssh_string n = NULL;
@@ -671,138 +543,6 @@ error:
return rc;
}
-static int read_rsa_privatekey(FILE *fp, gcry_sexp_t *r,
- ssh_auth_callback cb, void *userdata, const char *desc) {
- ssh_string n = NULL;
- ssh_string e = NULL;
- ssh_string d = NULL;
- ssh_string p = NULL;
- ssh_string q = NULL;
- ssh_string unused1 = NULL;
- ssh_string unused2 = NULL;
- ssh_string u = NULL;
- ssh_string v = NULL;
- ssh_buffer buffer = NULL;
- int rc = 1;
-
- buffer = privatekey_file_to_buffer(fp, SSH_KEYTYPE_RSA, cb, userdata, desc);
- if (buffer == NULL) {
- return 0;
- }
-
- if (!asn1_check_sequence(buffer)) {
- ssh_buffer_free(buffer);
- return 0;
- }
-
- v = asn1_get_int(buffer);
- if (ntohl(v->size) != 1 || v->string[0] != 0) {
- ssh_buffer_free(buffer);
- return 0;
- }
-
- n = asn1_get_int(buffer);
- e = asn1_get_int(buffer);
- d = asn1_get_int(buffer);
- q = asn1_get_int(buffer);
- p = asn1_get_int(buffer);
- unused1 = asn1_get_int(buffer);
- unused2 = asn1_get_int(buffer);
- u = asn1_get_int(buffer);
-
- ssh_buffer_free(buffer);
-
- if (n == NULL || e == NULL || d == NULL || p == NULL || q == NULL ||
- unused1 == NULL || unused2 == NULL|| u == NULL) {
- rc = 0;
- goto error;
- }
-
- if (gcry_sexp_build(r, NULL,
- "(private-key(rsa(n %b)(e %b)(d %b)(p %b)(q %b)(u %b)))",
- ntohl(n->size), n->string,
- ntohl(e->size), e->string,
- ntohl(d->size), d->string,
- ntohl(p->size), p->string,
- ntohl(q->size), q->string,
- ntohl(u->size), u->string)) {
- rc = 0;
- }
-
-error:
- ssh_string_free(n);
- ssh_string_free(e);
- ssh_string_free(d);
- ssh_string_free(p);
- ssh_string_free(q);
- ssh_string_free(unused1);
- ssh_string_free(unused2);
- ssh_string_free(u);
- ssh_string_free(v);
-
- return rc;
-}
-
-static int read_dsa_privatekey(FILE *fp, gcry_sexp_t *r, ssh_auth_callback cb,
- void *userdata, const char *desc) {
- ssh_buffer buffer = NULL;
- ssh_string p = NULL;
- ssh_string q = NULL;
- ssh_string g = NULL;
- ssh_string y = NULL;
- ssh_string x = NULL;
- ssh_string v = NULL;
- int rc = 1;
-
- buffer = privatekey_file_to_buffer(fp, SSH_KEYTYPE_DSS, cb, userdata, desc);
- if (buffer == NULL) {
- return 0;
- }
-
- if (!asn1_check_sequence(buffer)) {
- ssh_buffer_free(buffer);
- return 0;
- }
-
- v = asn1_get_int(buffer);
- if (ntohl(v->size) != 1 || v->string[0] != 0) {
- ssh_buffer_free(buffer);
- return 0;
- }
-
- p = asn1_get_int(buffer);
- q = asn1_get_int(buffer);
- g = asn1_get_int(buffer);
- y = asn1_get_int(buffer);
- x = asn1_get_int(buffer);
- ssh_buffer_free(buffer);
-
- if (p == NULL || q == NULL || g == NULL || y == NULL || x == NULL) {
- rc = 0;
- goto error;
- }
-
- if (gcry_sexp_build(r, NULL,
- "(private-key(dsa(p %b)(q %b)(g %b)(y %b)(x %b)))",
- ntohl(p->size), p->string,
- ntohl(q->size), q->string,
- ntohl(g->size), g->string,
- ntohl(y->size), y->string,
- ntohl(x->size), x->string)) {
- rc = 0;
- }
-
-error:
- ssh_string_free(p);
- ssh_string_free(q);
- ssh_string_free(g);
- ssh_string_free(y);
- ssh_string_free(x);
- ssh_string_free(v);
-
- return rc;
-}
-
static int b64decode_dsa_privatekey(const char *pkey, gcry_sexp_t *r, ssh_auth_callback cb,
void *userdata, const char *desc) {
ssh_buffer buffer = NULL;
@@ -1138,112 +878,6 @@ enum ssh_keytypes_e ssh_privatekey_type(ssh_private_key privatekey){
return privatekey->type;
}
-/* same that privatekey_from_file() but without any passphrase things. */
-ssh_private_key _privatekey_from_file(void *session, const char *filename,
- int type) {
- ssh_private_key privkey = NULL;
-#ifdef HAVE_LIBGCRYPT
- FILE *file = NULL;
- gcry_sexp_t dsa = NULL;
- gcry_sexp_t rsa = NULL;
- int valid;
-#elif defined HAVE_LIBCRYPTO
- DSA *dsa = NULL;
- RSA *rsa = NULL;
- BIO *bio = NULL;
-#endif
-
-#ifdef HAVE_LIBGCRYPT
- file = fopen(filename,"r");
- if (file == NULL) {
- ssh_set_error(session, SSH_REQUEST_DENIED,
- "Error opening %s: %s", filename, strerror(errno));
- return NULL;
- }
-#elif defined HAVE_LIBCRYPTO
- bio = BIO_new_file(filename,"r");
- if (bio == NULL) {
- ssh_set_error(session, SSH_FATAL, "Could not create BIO.");
- return NULL;
- }
-#endif
-
- switch (type) {
- case SSH_KEYTYPE_DSS:
-#ifdef HAVE_LIBGCRYPT
- valid = read_dsa_privatekey(file, &dsa, NULL, NULL, NULL);
-
- fclose(file);
-
- if (!valid) {
- ssh_set_error(session, SSH_FATAL, "Parsing private key %s", filename);
-#elif defined HAVE_LIBCRYPTO
- dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, NULL);
-
- BIO_free(bio);
-
- if (dsa == NULL) {
- ssh_set_error(session, SSH_FATAL,
- "Parsing private key %s: %s",
- filename, ERR_error_string(ERR_get_error(), NULL));
-#else
- {
-#endif
- return NULL;
- }
- break;
- case SSH_KEYTYPE_RSA:
-#ifdef HAVE_LIBGCRYPT
- valid = read_rsa_privatekey(file, &rsa, NULL, NULL, NULL);
-
- fclose(file);
-
- if (!valid) {
- ssh_set_error(session, SSH_FATAL, "Parsing private key %s", filename);
-#elif defined HAVE_LIBCRYPTO
- rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
-
- BIO_free(bio);
-
- if (rsa == NULL) {
- ssh_set_error(session, SSH_FATAL,
- "Parsing private key %s: %s",
- filename, ERR_error_string(ERR_get_error(), NULL));
-#else
- {
-#endif
- return NULL;
- }
- break;
- default:
-#ifdef HAVE_LIBGCRYPT
- fclose(file);
-#elif defined HAVE_LIBCRYPTO
- BIO_free(bio);
-#endif
- ssh_set_error(session, SSH_FATAL, "Invalid private key type %d", type);
- return NULL;
- }
-
- privkey = malloc(sizeof(struct ssh_private_key_struct));
- if (privkey == NULL) {
-#ifdef HAVE_LIBGCRYPT
- gcry_sexp_release(dsa);
- gcry_sexp_release(rsa);
-#elif defined HAVE_LIBCRYPTO
- DSA_free(dsa);
- RSA_free(rsa);
-#endif
- return NULL;
- }
-
- privkey->type = type;
- privkey->dsa_priv = dsa;
- privkey->rsa_priv = rsa;
-
- return privkey;
-}
-
/**
* @brief Deallocate a private key object.
*