|
Lines 24-29
Link Here
|
| 24 |
#include "uuencode.h" |
24 |
#include "uuencode.h" |
| 25 |
#include "buffer.h" |
25 |
#include "buffer.h" |
| 26 |
#include "bufaux.h" |
26 |
#include "bufaux.h" |
|
|
27 |
#include "getput.h" |
| 27 |
#include "pathnames.h" |
28 |
#include "pathnames.h" |
| 28 |
#include "log.h" |
29 |
#include "log.h" |
| 29 |
#include "readpass.h" |
30 |
#include "readpass.h" |
|
Lines 141-148
Link Here
|
| 141 |
#define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----" |
142 |
#define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----" |
| 142 |
#define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----" |
143 |
#define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----" |
| 143 |
#define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----" |
144 |
#define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----" |
|
|
145 |
#define SSH_COM_PRIVATE_END "---- END SSH2 ENCRYPTED PRIVATE KEY ----" |
| 144 |
#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb |
146 |
#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb |
| 145 |
|
147 |
|
|
|
148 |
void |
| 149 |
buffer_put_bignum_bits(Buffer *buffer, BIGNUM *value) |
| 150 |
{ |
| 151 |
int bits = BN_num_bits(value), bytes = BN_num_bytes(value); |
| 152 |
u_char *buf = xmalloc(bytes+1); |
| 153 |
int oi; |
| 154 |
|
| 155 |
buf[0] = '\0'; |
| 156 |
/* Get the value of in binary */ |
| 157 |
oi = BN_bn2bin(value, buf+1); |
| 158 |
if (oi != bytes) |
| 159 |
fatal("buffer_put_bignum_bits: BN_bn2bin() failed: oi %d != bin_size %d", |
| 160 |
oi, bytes); |
| 161 |
if (value->neg) { |
| 162 |
/**XXX should be two's-complement */ |
| 163 |
int i, carry; |
| 164 |
u_char *uc = buf; |
| 165 |
log("negativ!"); |
| 166 |
for (i = bytes, carry = 1; i>=0; i--) { |
| 167 |
uc[i] ^= 0xff; |
| 168 |
if (carry) |
| 169 |
carry = !++uc[i]; |
| 170 |
} |
| 171 |
} |
| 172 |
buffer_put_int(buffer, bits); |
| 173 |
buffer_append(buffer, buf+1, bytes); |
| 174 |
memset(buf, 0, bytes); |
| 175 |
xfree(buf); |
| 176 |
} |
| 177 |
|
| 178 |
/* A quick hack to export unencrypted private keys. <aet@cc.hut.fi> */ |
| 179 |
|
| 180 |
void do_convert_private_key_to_ssh2_key(Key *key) |
| 181 |
{ |
| 182 |
Buffer b, encrypted; |
| 183 |
u_char *type = NULL, *cipher = NULL, *ptr = NULL; |
| 184 |
u_int h1, h2, h3, h4; |
| 185 |
u_int h1p, h2p, h3p; |
| 186 |
u_long e; |
| 187 |
|
| 188 |
h1 = 0; |
| 189 |
h2 = 8; |
| 190 |
h3 = 4; |
| 191 |
cipher = "none"; |
| 192 |
|
| 193 |
switch (key->type) { |
| 194 |
case KEY_DSA: |
| 195 |
type = "dl-modp{sign{dsa-nist-sha1},dh{plain}}"; |
| 196 |
h4 = 0; |
| 197 |
break; |
| 198 |
case KEY_RSA: |
| 199 |
type = "if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}"; |
| 200 |
h4 = 17; |
| 201 |
break; |
| 202 |
default: |
| 203 |
return; |
| 204 |
} |
| 205 |
|
| 206 |
buffer_init(&b); |
| 207 |
buffer_put_int(&b, (u_int) SSH_COM_PRIVATE_KEY_MAGIC); |
| 208 |
h1p = buffer_len(&b); |
| 209 |
buffer_put_int(&b, h1); |
| 210 |
buffer_put_string(&b, type, strlen(type)); |
| 211 |
buffer_put_string(&b, cipher, strlen(cipher)); |
| 212 |
h2p = buffer_len(&b); |
| 213 |
buffer_put_int(&b, h2); |
| 214 |
h3p = buffer_len(&b); |
| 215 |
buffer_put_int(&b, h3); |
| 216 |
buffer_put_int(&b, h4); |
| 217 |
|
| 218 |
buffer_init(&encrypted); |
| 219 |
switch (key->type) { |
| 220 |
case KEY_DSA: |
| 221 |
buffer_put_bignum_bits(&encrypted, key->dsa->p); |
| 222 |
buffer_put_bignum_bits(&encrypted, key->dsa->g); |
| 223 |
buffer_put_bignum_bits(&encrypted, key->dsa->q); |
| 224 |
buffer_put_bignum_bits(&encrypted, key->dsa->pub_key); |
| 225 |
buffer_put_bignum_bits(&encrypted, key->dsa->priv_key); |
| 226 |
break; |
| 227 |
case KEY_RSA: |
| 228 |
e = BN_get_word(key->rsa->e); |
| 229 |
buffer_put_char(&encrypted, e >> 0); |
| 230 |
buffer_put_char(&encrypted, e >> 8); |
| 231 |
buffer_put_char(&encrypted, e >> 16); |
| 232 |
buffer_put_bignum_bits(&encrypted, key->rsa->d); |
| 233 |
buffer_put_bignum_bits(&encrypted, key->rsa->n); |
| 234 |
buffer_put_bignum_bits(&encrypted, key->rsa->iqmp); |
| 235 |
buffer_put_bignum_bits(&encrypted, key->rsa->q); |
| 236 |
buffer_put_bignum_bits(&encrypted, key->rsa->p); |
| 237 |
break; |
| 238 |
} |
| 239 |
buffer_append(&b, buffer_ptr(&encrypted), buffer_len(&encrypted)); |
| 240 |
|
| 241 |
ptr = buffer_ptr(&b); |
| 242 |
h1 = buffer_len(&b); |
| 243 |
PUT_32BIT(ptr + h1p, h1); |
| 244 |
h2 += buffer_len(&encrypted); |
| 245 |
PUT_32BIT(ptr + h2p, h2); |
| 246 |
h3 += buffer_len(&encrypted); |
| 247 |
PUT_32BIT(ptr + h3p, h3); |
| 248 |
|
| 249 |
dump_base64(stdout, b.buf, b.end); |
| 250 |
buffer_free(&encrypted); |
| 251 |
buffer_free(&b); |
| 252 |
} |
| 253 |
|
| 146 |
static void |
254 |
static void |
| 147 |
do_convert_to_ssh2(struct passwd *pw) |
255 |
do_convert_to_ssh2(struct passwd *pw) |
| 148 |
{ |
256 |
{ |
|
Lines 150-155
Link Here
|
| 150 |
u_int len; |
258 |
u_int len; |
| 151 |
u_char *blob; |
259 |
u_char *blob; |
| 152 |
struct stat st; |
260 |
struct stat st; |
|
|
261 |
int private; |
| 153 |
|
262 |
|
| 154 |
if (!have_identity) |
263 |
if (!have_identity) |
| 155 |
ask_filename(pw, "Enter file in which the key is"); |
264 |
ask_filename(pw, "Enter file in which the key is"); |
|
Lines 157-181
Link Here
|
| 157 |
perror(identity_file); |
266 |
perror(identity_file); |
| 158 |
exit(1); |
267 |
exit(1); |
| 159 |
} |
268 |
} |
| 160 |
if ((k = key_load_public(identity_file, NULL)) == NULL) { |
269 |
private = 1; |
| 161 |
if ((k = load_identity(identity_file)) == NULL) { |
270 |
if ((k = load_identity(identity_file)) == NULL) { |
|
|
271 |
private = 0; |
| 272 |
if ((k = key_load_public(identity_file, NULL)) == NULL) { |
| 162 |
fprintf(stderr, "load failed\n"); |
273 |
fprintf(stderr, "load failed\n"); |
| 163 |
exit(1); |
274 |
exit(1); |
| 164 |
} |
275 |
} |
|
|
276 |
if (key_to_blob(k, &blob, &len) <= 0) { |
| 277 |
fprintf(stderr, "key_to_blob failed\n"); |
| 278 |
exit(1); |
| 279 |
} |
| 165 |
} |
280 |
} |
| 166 |
if (key_to_blob(k, &blob, &len) <= 0) { |
281 |
fprintf(stdout, "%s\n", private ? SSH_COM_PRIVATE_BEGIN : SSH_COM_PUBLIC_BEGIN); |
| 167 |
fprintf(stderr, "key_to_blob failed\n"); |
|
|
| 168 |
exit(1); |
| 169 |
} |
| 170 |
fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN); |
| 171 |
fprintf(stdout, |
282 |
fprintf(stdout, |
| 172 |
"Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n", |
283 |
"Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n", |
| 173 |
key_size(k), key_type(k), |
284 |
key_size(k), key_type(k), |
| 174 |
pw->pw_name, hostname); |
285 |
pw->pw_name, hostname); |
| 175 |
dump_base64(stdout, blob, len); |
286 |
if (private) { |
| 176 |
fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END); |
287 |
do_convert_private_key_to_ssh2_key(k); |
|
|
288 |
} else { |
| 289 |
dump_base64(stdout, blob, len); |
| 290 |
xfree(blob); |
| 291 |
} |
| 292 |
fprintf(stdout, "%s\n", private ? SSH_COM_PRIVATE_END : SSH_COM_PUBLIC_END); |
| 177 |
key_free(k); |
293 |
key_free(k); |
| 178 |
xfree(blob); |
|
|
| 179 |
exit(0); |
294 |
exit(0); |
| 180 |
} |
295 |
} |
| 181 |
|
296 |
|
|
Lines 214-220
Link Here
|
| 214 |
} |
329 |
} |
| 215 |
i1 = buffer_get_int(&b); |
330 |
i1 = buffer_get_int(&b); |
| 216 |
type = buffer_get_string(&b, NULL); |
331 |
type = buffer_get_string(&b, NULL); |
|
|
332 |
debug("type: %s", type); |
| 217 |
cipher = buffer_get_string(&b, NULL); |
333 |
cipher = buffer_get_string(&b, NULL); |
|
|
334 |
debug("cipher: %s", cipher); |
| 218 |
i2 = buffer_get_int(&b); |
335 |
i2 = buffer_get_int(&b); |
| 219 |
i3 = buffer_get_int(&b); |
336 |
i3 = buffer_get_int(&b); |
| 220 |
i4 = buffer_get_int(&b); |
337 |
i4 = buffer_get_int(&b); |