aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/libssh/libssh.h8
-rw-r--r--include/libssh/priv.h6
-rw-r--r--libssh/dh.c6
-rw-r--r--libssh/keyfiles.c12
-rw-r--r--libssh/keys.c72
-rw-r--r--libssh/server.c8
-rw-r--r--libssh/wrapper.c4
-rw-r--r--tests/unittests/torture_keyfiles.c8
8 files changed, 63 insertions, 61 deletions
diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h
index 22a8e1ec..54c43ff0 100644
--- a/include/libssh/libssh.h
+++ b/include/libssh/libssh.h
@@ -219,6 +219,14 @@ enum ssh_error_types_e {
SSH_EINTR
};
+/* some types for keys */
+enum ssh_keytypes_e{
+ SSH_KEYTYPE_UNKNOWN=0,
+ SSH_KEYTYPE_DSS=1,
+ SSH_KEYTYPE_RSA,
+ SSH_KEYTYPE_RSA1
+};
+
/* Error return codes */
#define SSH_OK 0 /* No error */
#define SSH_ERROR -1 /* Error of some kind */
diff --git a/include/libssh/priv.h b/include/libssh/priv.h
index 122dc129..47039149 100644
--- a/include/libssh/priv.h
+++ b/include/libssh/priv.h
@@ -55,12 +55,6 @@
#define CLIENTBANNER1 "SSH-1.5-libssh-" SSH_STRINGIFY(LIBSSH_VERSION)
#define CLIENTBANNER2 "SSH-2.0-libssh-" SSH_STRINGIFY(LIBSSH_VERSION)
#define KBDINT_MAX_PROMPT 256 /* more than openssh's :) */
-/* some types for public keys */
-enum public_key_types_e{
- TYPE_DSS=1,
- TYPE_RSA,
- TYPE_RSA1
-};
#ifdef __cplusplus
extern "C" {
diff --git a/libssh/dh.c b/libssh/dh.c
index 34263c26..86de9a2d 100644
--- a/libssh/dh.c
+++ b/libssh/dh.c
@@ -919,7 +919,7 @@ int sig_verify(ssh_session session, ssh_public_key pubkey,
#endif
switch(pubkey->type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
#ifdef HAVE_LIBGCRYPT
valid = gcry_sexp_build(&gcryhash, NULL, "%b", SHA_DIGEST_LEN + 1, hash);
if (valid != 0) {
@@ -954,8 +954,8 @@ int sig_verify(ssh_session session, ssh_public_key pubkey,
ssh_set_error(session, SSH_FATAL, "Invalid DSA signature");
return -1;
- case TYPE_RSA:
- case TYPE_RSA1:
+ case SSH_KEYTYPE_RSA:
+ case SSH_KEYTYPE_RSA1:
#ifdef HAVE_LIBGCRYPT
valid = gcry_sexp_build(&gcryhash, NULL,
"(data(flags pkcs1)(hash sha1 %b))", SHA_DIGEST_LEN, hash + 1);
diff --git a/libssh/keyfiles.c b/libssh/keyfiles.c
index f05cd736..0fa67b33 100644
--- a/libssh/keyfiles.c
+++ b/libssh/keyfiles.c
@@ -619,10 +619,10 @@ static int privatekey_type_from_file(FILE *fp) {
}
fseek(fp, 0, SEEK_SET);
if (strncmp(buffer, DSA_HEADER_BEGIN, strlen(DSA_HEADER_BEGIN)) == 0) {
- return TYPE_DSS;
+ return SSH_KEYTYPE_DSS;
}
if (strncmp(buffer, RSA_HEADER_BEGIN, strlen(RSA_HEADER_BEGIN)) == 0) {
- return TYPE_RSA;
+ return SSH_KEYTYPE_RSA;
}
return 0;
}
@@ -691,7 +691,7 @@ ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
}
}
switch (type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
if (passphrase == NULL) {
if (session->callbacks && session->callbacks->auth_function) {
auth_cb = session->callbacks->auth_function;
@@ -731,7 +731,7 @@ ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
return NULL;
}
break;
- case TYPE_RSA:
+ case SSH_KEYTYPE_RSA:
if (passphrase == NULL) {
if (session->callbacks && session->callbacks->auth_function) {
auth_cb = session->callbacks->auth_function;
@@ -832,7 +832,7 @@ ssh_private_key _privatekey_from_file(void *session, const char *filename,
}
switch (type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
#ifdef HAVE_LIBGCRYPT
valid = read_dsa_privatekey(file, &dsa, NULL, NULL, NULL);
@@ -853,7 +853,7 @@ ssh_private_key _privatekey_from_file(void *session, const char *filename,
return NULL;
}
break;
- case TYPE_RSA:
+ case SSH_KEYTYPE_RSA:
#ifdef HAVE_LIBGCRYPT
valid = read_rsa_privatekey(file, &rsa, NULL, NULL, NULL);
diff --git a/libssh/keys.c b/libssh/keys.c
index 1414be01..5578171e 100644
--- a/libssh/keys.c
+++ b/libssh/keys.c
@@ -46,11 +46,11 @@
/* Public key decoding functions */
const char *ssh_type_to_char(int type) {
switch (type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
return "ssh-dss";
- case TYPE_RSA:
+ case SSH_KEYTYPE_RSA:
return "ssh-rsa";
- case TYPE_RSA1:
+ case SSH_KEYTYPE_RSA1:
return "ssh-rsa1";
default:
return NULL;
@@ -59,17 +59,17 @@ const char *ssh_type_to_char(int type) {
int ssh_type_from_name(const char *name) {
if (strcmp(name, "rsa1") == 0) {
- return TYPE_RSA1;
+ return SSH_KEYTYPE_RSA1;
} else if (strcmp(name, "rsa") == 0) {
- return TYPE_RSA;
+ return SSH_KEYTYPE_RSA;
} else if (strcmp(name, "dsa") == 0) {
- return TYPE_DSS;
+ return SSH_KEYTYPE_DSS;
} else if (strcmp(name, "ssh-rsa1") == 0) {
- return TYPE_RSA1;
+ return SSH_KEYTYPE_RSA1;
} else if (strcmp(name, "ssh-rsa") == 0) {
- return TYPE_RSA;
+ return SSH_KEYTYPE_RSA;
} else if (strcmp(name, "ssh-dss") == 0) {
- return TYPE_DSS;
+ return SSH_KEYTYPE_DSS;
}
return -1;
@@ -88,7 +88,7 @@ ssh_public_key publickey_make_dss(ssh_session session, ssh_buffer buffer) {
return NULL;
}
- key->type = TYPE_DSS;
+ key->type = SSH_KEYTYPE_DSS;
key->type_c = ssh_type_to_char(key->type);
p = buffer_get_ssh_string(buffer);
@@ -234,15 +234,15 @@ void publickey_free(ssh_public_key key) {
}
switch(key->type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
#ifdef HAVE_LIBGCRYPT
gcry_sexp_release(key->dsa_pub);
#elif HAVE_LIBCRYPTO
DSA_free(key->dsa_pub);
#endif
break;
- case TYPE_RSA:
- case TYPE_RSA1:
+ case SSH_KEYTYPE_RSA:
+ case SSH_KEYTYPE_RSA1:
#ifdef HAVE_LIBGCRYPT
gcry_sexp_release(key->rsa_pub);
#elif defined HAVE_LIBCRYPTO
@@ -286,10 +286,10 @@ ssh_public_key publickey_from_string(ssh_session session, ssh_string pubkey_s) {
SAFE_FREE(type_c);
switch (type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
return publickey_make_dss(session, tmpbuf);
- case TYPE_RSA:
- case TYPE_RSA1:
+ case SSH_KEYTYPE_RSA:
+ case SSH_KEYTYPE_RSA1:
return publickey_make_rsa(session, tmpbuf, type);
}
@@ -331,7 +331,7 @@ ssh_public_key publickey_from_privatekey(ssh_private_key prv) {
key->type = prv->type;
switch(key->type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
#ifdef HAVE_LIBGCRYPT
sexp = gcry_sexp_find_token(prv->dsa_priv, "p", 0);
if (sexp == NULL) {
@@ -413,8 +413,8 @@ ssh_public_key publickey_from_privatekey(ssh_private_key prv) {
}
#endif /* HAVE_LIBCRYPTO */
break;
- case TYPE_RSA:
- case TYPE_RSA1:
+ case SSH_KEYTYPE_RSA:
+ case SSH_KEYTYPE_RSA1:
#ifdef HAVE_LIBGCRYPT
sexp = gcry_sexp_find_token(prv->rsa_priv, "n", 0);
if (sexp == NULL) {
@@ -693,13 +693,13 @@ ssh_string publickey_to_string(ssh_public_key key) {
}
switch (key->type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
if (dsa_public_to_string(key->dsa_pub, buf) < 0) {
goto error;
}
break;
- case TYPE_RSA:
- case TYPE_RSA1:
+ case SSH_KEYTYPE_RSA:
+ case SSH_KEYTYPE_RSA1:
if (rsa_public_to_string(key->rsa_pub, buf) < 0) {
goto error;
}
@@ -755,7 +755,7 @@ static ssh_string signature_to_string(SIGNATURE *sign) {
string_free(tmp);
switch(sign->type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
#ifdef HAVE_LIBGCRYPT
sexp = gcry_sexp_find_token(sign->dsa_sign, "r", 0);
if (sexp == NULL) {
@@ -816,8 +816,8 @@ static ssh_string signature_to_string(SIGNATURE *sign) {
}
break;
- case TYPE_RSA:
- case TYPE_RSA1:
+ case SSH_KEYTYPE_RSA:
+ case SSH_KEYTYPE_RSA1:
#ifdef HAVE_LIBGCRYPT
sexp = gcry_sexp_find_token(sign->rsa_sign, "s", 0);
if (sexp == NULL) {
@@ -929,7 +929,7 @@ SIGNATURE *signature_from_string(ssh_session session, ssh_string signature,
}
switch(needed_type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
rs = buffer_get_ssh_string(tmpbuf);
buffer_free(tmpbuf);
@@ -990,11 +990,11 @@ SIGNATURE *signature_from_string(ssh_session session, ssh_string signature,
#endif
string_free(rs);
- sign->type = TYPE_DSS;
+ sign->type = SSH_KEYTYPE_DSS;
sign->dsa_sign = sig;
return sign;
- case TYPE_RSA:
+ case SSH_KEYTYPE_RSA:
e = buffer_get_ssh_string(tmpbuf);
buffer_free(tmpbuf);
if (e == NULL) {
@@ -1019,7 +1019,7 @@ SIGNATURE *signature_from_string(ssh_session session, ssh_string signature,
ssh_log(session, SSH_LOG_RARE, "RSA signature len %d < %d",
len, rsalen);
}
- sign->type = TYPE_RSA;
+ sign->type = SSH_KEYTYPE_RSA;
#ifdef HAVE_LIBGCRYPT
if (gcry_sexp_build(&sig, NULL, "(sig-val(rsa(s %b)))",
string_len(e), string_data(e))) {
@@ -1056,15 +1056,15 @@ void signature_free(SIGNATURE *sign) {
}
switch(sign->type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
#ifdef HAVE_LIBGCRYPT
gcry_sexp_release(sign->dsa_sign);
#elif defined HAVE_LIBCRYPTO
DSA_SIG_free(sign->dsa_sign);
#endif
break;
- case TYPE_RSA:
- case TYPE_RSA1:
+ case SSH_KEYTYPE_RSA:
+ case SSH_KEYTYPE_RSA1:
#ifdef HAVE_LIBGCRYPT
gcry_sexp_release(sign->rsa_sign);
#elif defined HAVE_LIBCRYPTO
@@ -1273,7 +1273,7 @@ ssh_string ssh_do_sign(ssh_session session, ssh_buffer sigbuf,
}
switch(privatekey->type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
#ifdef HAVE_LIBGCRYPT
if (gcry_sexp_build(&gcryhash, NULL, "%b", SHA_DIGEST_LEN + 1, hash) ||
gcry_pk_sign(&sign->dsa_sign, gcryhash, privatekey->dsa_priv)) {
@@ -1297,7 +1297,7 @@ ssh_string ssh_do_sign(ssh_session session, ssh_buffer sigbuf,
#endif /* HAVE_LIBCRYPTO */
sign->rsa_sign = NULL;
break;
- case TYPE_RSA:
+ case SSH_KEYTYPE_RSA:
#ifdef HAVE_LIBGCRYPT
if (gcry_sexp_build(&gcryhash, NULL, "(data(flags pkcs1)(hash sha1 %b))",
SHA_DIGEST_LEN, hash + 1) ||
@@ -1426,7 +1426,7 @@ ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey)
}
switch(privatekey->type) {
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
#ifdef HAVE_LIBGCRYPT
if (gcry_sexp_build(&data_sexp, NULL, "%b", SHA_DIGEST_LEN + 1, hash) ||
gcry_pk_sign(&sign->dsa_sign, data_sexp, privatekey->dsa_priv)) {
@@ -1452,7 +1452,7 @@ ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey)
#endif /* HAVE_LIBCRYPTO */
sign->rsa_sign = NULL;
break;
- case TYPE_RSA:
+ case SSH_KEYTYPE_RSA:
#ifdef HAVE_LIBGCRYPT
if (gcry_sexp_build(&data_sexp, NULL, "(data(flags pkcs1)(hash sha1 %b))",
SHA_DIGEST_LEN, hash + 1) ||
diff --git a/libssh/server.c b/libssh/server.c
index 268165bb..17ecd6e7 100644
--- a/libssh/server.c
+++ b/libssh/server.c
@@ -204,14 +204,14 @@ int ssh_bind_accept(ssh_bind sshbind, ssh_session session) {
}
if (sshbind->dsakey) {
- dsa = _privatekey_from_file(sshbind, sshbind->dsakey, TYPE_DSS);
+ dsa = _privatekey_from_file(sshbind, sshbind->dsakey, SSH_KEYTYPE_DSS);
if (dsa == NULL) {
return SSH_ERROR;
}
}
if (sshbind->rsakey) {
- rsa = _privatekey_from_file(sshbind, sshbind->rsakey, TYPE_RSA);
+ rsa = _privatekey_from_file(sshbind, sshbind->rsakey, SSH_KEYTYPE_RSA);
if (rsa == NULL) {
privatekey_free(dsa);
return SSH_ERROR;
@@ -410,10 +410,10 @@ static int dh_handshake_server(ssh_session session) {
}
switch(session->hostkeys){
- case TYPE_DSS:
+ case SSH_KEYTYPE_DSS:
prv = session->dsa_key;
break;
- case TYPE_RSA:
+ case SSH_KEYTYPE_RSA:
prv = session->rsa_key;
break;
default:
diff --git a/libssh/wrapper.c b/libssh/wrapper.c
index c3a31237..af5bbe07 100644
--- a/libssh/wrapper.c
+++ b/libssh/wrapper.c
@@ -1087,9 +1087,9 @@ int crypt_set_algorithms_server(ssh_session session){
client=session->client_kex.methods[SSH_HOSTKEYS];
match=ssh_find_matching(server,client);
if(match && !strcmp(match,"ssh-dss"))
- session->hostkeys=TYPE_DSS;
+ session->hostkeys=SSH_KEYTYPE_DSS;
else if(match && !strcmp(match,"ssh-rsa"))
- session->hostkeys=TYPE_RSA;
+ session->hostkeys=SSH_KEYTYPE_RSA;
else {
ssh_set_error(session, SSH_FATAL, "Cannot know what %s is into %s",
match ? match : NULL, server);
diff --git a/tests/unittests/torture_keyfiles.c b/tests/unittests/torture_keyfiles.c
index 200ea799..bbcdff7f 100644
--- a/tests/unittests/torture_keyfiles.c
+++ b/tests/unittests/torture_keyfiles.c
@@ -160,13 +160,13 @@ END_TEST
*/
START_TEST(torture_privatekey_from_file){
ssh_private_key key=NULL;
- key=privatekey_from_file(session, LIBSSH_RSA_TESTKEY, TYPE_RSA, NULL);
+ key=privatekey_from_file(session, LIBSSH_RSA_TESTKEY, SSH_KEYTYPE_RSA, NULL);
ck_assert(key != NULL);
if(key != NULL){
privatekey_free(key);
key=NULL;
}
- key=privatekey_from_file(session, LIBSSH_DSA_TESTKEY, TYPE_DSS, NULL);
+ key=privatekey_from_file(session, LIBSSH_DSA_TESTKEY, SSH_KEYTYPE_DSS, NULL);
ck_assert(key != NULL);
if(key != NULL){
privatekey_free(key);
@@ -194,13 +194,13 @@ END_TEST
*/
START_TEST(torture_privatekey_from_file_passphrase){
ssh_private_key key=NULL;
- key=privatekey_from_file(session, LIBSSH_RSA_TESTKEY, TYPE_RSA, LIBSSH_PASSPHRASE);
+ key=privatekey_from_file(session, LIBSSH_RSA_TESTKEY, SSH_KEYTYPE_RSA, LIBSSH_PASSPHRASE);
ck_assert(key != NULL);
if(key != NULL){
privatekey_free(key);
key=NULL;
}
- key=privatekey_from_file(session, LIBSSH_DSA_TESTKEY, TYPE_DSS, LIBSSH_PASSPHRASE);
+ key=privatekey_from_file(session, LIBSSH_DSA_TESTKEY, SSH_KEYTYPE_DSS, LIBSSH_PASSPHRASE);
ck_assert(key != NULL);
if(key != NULL){
privatekey_free(key);