Attachment 193 Details for Bug 459 – A quick hack to export unencrypted private keys

[patch] A quick hack to export unencrypted private keys

ssh-keygen.c.patch (text/plain), 5.13 KB, created by Antti Tapaninen on 2003-01-05 09:56:55 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: Antti Tapaninen

Created: 2003-01-05 09:56:55 AEDT

Size: 5.13 KB

patch

obsolete

>Index: ssh-keygen.c
>===================================================================
>RCS file: /cvs/openssh/ssh-keygen.c,v
>retrieving revision 1.102
>diff -u -r1.102 ssh-keygen.c
>--- ssh-keygen.c	23 Dec 2002 02:11:03 -0000	1.102
>+++ ssh-keygen.c	4 Jan 2003 22:45:43 -0000
>@@ -24,6 +24,7 @@
> #include "uuencode.h"
> #include "buffer.h"
> #include "bufaux.h"
>+#include "getput.h"
> #include "pathnames.h"
> #include "log.h"
> #include "readpass.h"
>@@ -141,8 +142,115 @@
> #define SSH_COM_PUBLIC_BEGIN		"---- BEGIN SSH2 PUBLIC KEY ----"
> #define SSH_COM_PUBLIC_END		"---- END SSH2 PUBLIC KEY ----"
> #define SSH_COM_PRIVATE_BEGIN		"---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"
>+#define SSH_COM_PRIVATE_END		"---- END SSH2 ENCRYPTED PRIVATE KEY ----"
> #define	SSH_COM_PRIVATE_KEY_MAGIC	0x3f6ff9eb
> 
>+void
>+buffer_put_bignum_bits(Buffer *buffer, BIGNUM *value)
>+{
>+	int bits = BN_num_bits(value), bytes = BN_num_bytes(value);
>+	u_char *buf = xmalloc(bytes+1);
>+	int oi;
>+
>+	buf[0] = '\0';
>+	/* Get the value of in binary */
>+	oi = BN_bn2bin(value, buf+1);
>+	if (oi != bytes)
>+		fatal("buffer_put_bignum_bits: BN_bn2bin() failed: oi %d != bin_size %d",
>+		    oi, bytes);
>+	if (value->neg) {
>+		/**XXX should be two's-complement */
>+		int i, carry;
>+		u_char *uc = buf;
>+		log("negativ!");
>+		for (i = bytes, carry = 1; i>=0; i--) {
>+			uc[i] ^= 0xff;
>+			if (carry)
>+				carry = !++uc[i];
>+		}
>+	}
>+	buffer_put_int(buffer, bits);
>+	buffer_append(buffer, buf+1, bytes);
>+	memset(buf, 0, bytes);
>+	xfree(buf);
>+}
>+
>+/* A quick hack to export unencrypted private keys. <aet@cc.hut.fi> */
>+
>+void do_convert_private_key_to_ssh2_key(Key *key)
>+{
>+	Buffer b, encrypted;
>+	u_char *type = NULL, *cipher = NULL, *ptr = NULL;
>+	u_int h1, h2, h3, h4;
>+	u_int h1p, h2p, h3p;
>+	u_long e;
>+
>+	h1 = 0;
>+	h2 = 8;
>+	h3 = 4;
>+	cipher = "none";
>+
>+	switch (key->type) {
>+	case KEY_DSA:
>+		type = "dl-modp{sign{dsa-nist-sha1},dh{plain}}";
>+		h4 = 0;
>+		break;
>+	case KEY_RSA:
>+		type = "if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}";
>+		h4 = 17;
>+		break;
>+	default:
>+		return;
>+	}
>+
>+	buffer_init(&b);
>+	buffer_put_int(&b, (u_int) SSH_COM_PRIVATE_KEY_MAGIC);
>+	h1p = buffer_len(&b);
>+	buffer_put_int(&b, h1);
>+	buffer_put_string(&b, type, strlen(type));
>+	buffer_put_string(&b, cipher, strlen(cipher));
>+	h2p = buffer_len(&b);
>+	buffer_put_int(&b, h2);
>+	h3p = buffer_len(&b);
>+	buffer_put_int(&b, h3);
>+	buffer_put_int(&b, h4);
>+
>+	buffer_init(&encrypted);
>+	switch (key->type) {
>+	case KEY_DSA:
>+		buffer_put_bignum_bits(&encrypted, key->dsa->p);
>+		buffer_put_bignum_bits(&encrypted, key->dsa->g);
>+		buffer_put_bignum_bits(&encrypted, key->dsa->q);
>+		buffer_put_bignum_bits(&encrypted, key->dsa->pub_key);
>+		buffer_put_bignum_bits(&encrypted, key->dsa->priv_key);
>+		break;
>+	case KEY_RSA:
>+		e = BN_get_word(key->rsa->e);
>+		buffer_put_char(&encrypted, e >> 0);
>+		buffer_put_char(&encrypted, e >> 8);
>+		buffer_put_char(&encrypted, e >> 16);
>+		buffer_put_bignum_bits(&encrypted, key->rsa->d);
>+		buffer_put_bignum_bits(&encrypted, key->rsa->n);
>+		buffer_put_bignum_bits(&encrypted, key->rsa->iqmp);
>+		buffer_put_bignum_bits(&encrypted, key->rsa->q);
>+		buffer_put_bignum_bits(&encrypted, key->rsa->p);
>+		break;
>+	}
>+	buffer_append(&b, buffer_ptr(&encrypted), buffer_len(&encrypted));
>+
>+	ptr = buffer_ptr(&b);
>+	h1 = buffer_len(&b);
>+	PUT_32BIT(ptr + h1p, h1);
>+	h2 += buffer_len(&encrypted);
>+	PUT_32BIT(ptr + h2p, h2);
>+	h3 += buffer_len(&encrypted);
>+	PUT_32BIT(ptr + h3p, h3);
>+
>+	dump_base64(stdout, b.buf, b.end);
>+	buffer_free(&encrypted);
>+	buffer_free(&b);
>+}
>+
> static void
> do_convert_to_ssh2(struct passwd *pw)
> {
>@@ -150,6 +258,7 @@
> 	u_int len;
> 	u_char *blob;
> 	struct stat st;
>+	int private;
> 
> 	if (!have_identity)
> 		ask_filename(pw, "Enter file in which the key is");
>@@ -157,25 +266,31 @@
> 		perror(identity_file);
> 		exit(1);
> 	}
>-	if ((k = key_load_public(identity_file, NULL)) == NULL) {
>-		if ((k = load_identity(identity_file)) == NULL) {
>+	private = 1;
>+	if ((k = load_identity(identity_file)) == NULL) {
>+		private = 0;
>+		if ((k = key_load_public(identity_file, NULL)) == NULL) {
> 			fprintf(stderr, "load failed\n");
> 			exit(1);
> 		}
>+		if (key_to_blob(k, &blob, &len) <= 0) {
>+			fprintf(stderr, "key_to_blob failed\n");
>+			exit(1);
>+		}
> 	}
>-	if (key_to_blob(k, &blob, &len) <= 0) {
>-		fprintf(stderr, "key_to_blob failed\n");
>-		exit(1);
>-	}
>-	fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
>+	fprintf(stdout, "%s\n", private ? SSH_COM_PRIVATE_BEGIN : SSH_COM_PUBLIC_BEGIN);
> 	fprintf(stdout,
> 	    "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n",
> 	    key_size(k), key_type(k),
> 	    pw->pw_name, hostname);
>-	dump_base64(stdout, blob, len);
>-	fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END);
>+	if (private) {
>+		do_convert_private_key_to_ssh2_key(k);
>+	} else {
>+		dump_base64(stdout, blob, len);
>+		xfree(blob);
>+	}
>+	fprintf(stdout, "%s\n", private ? SSH_COM_PRIVATE_END : SSH_COM_PUBLIC_END);
> 	key_free(k);
>-	xfree(blob);
> 	exit(0);
> }
> 
>@@ -214,7 +329,9 @@
> 	}
> 	i1 = buffer_get_int(&b);
> 	type   = buffer_get_string(&b, NULL);
>+	debug("type: %s", type);
> 	cipher = buffer_get_string(&b, NULL);
>+	debug("cipher: %s", cipher);
> 	i2 = buffer_get_int(&b);
> 	i3 = buffer_get_int(&b);
> 	i4 = buffer_get_int(&b);

Actions: View | Diff

Attachments on bug 459: 193