Attachment #918 for bug #1044

View | Details | Raw Unified | Return to bug 1044
Collapse All | Expand All

Lines 598-604 Link Here

(-)authfile.c.orig (-1 / +1 lines)
598	return prv;	598	return prv;
599	}	599	}
600		600
601	static int	601	int
602	key_try_load_public(Key k, const char filename, char **commentp)	602	key_try_load_public(Key k, const char filename, char **commentp)
603	{	603	{
604	FILE *f;	604	FILE *f;

Lines 18-23 Link Here

(-)authfile.h.orig (+1 lines)
18	int key_save_private(Key , const char , const char , const char );	18	int key_save_private(Key , const char , const char , const char );
19	Key key_load_public(const char , char **);	19	Key key_load_public(const char , char **);
20	Key key_load_public_type(int, const char , char **);	20	Key key_load_public_type(int, const char , char **);
		21	int key_try_load_public(Key , const char , char **);
21	Key key_load_private(const char , const char , char *);	22	Key key_load_private(const char , const char , char *);
22	Key key_load_private_type(int, const char , const char , char *);	23	Key key_load_private_type(int, const char , const char , char *);
23	Key key_load_private_pem(int, int, const char , char **);	24	Key key_load_private_pem(int, int, const char , char **);




#include "uuencode.h"
#include "buffer.h"
#include "bufaux.h"
#include "getput.h"
#include "pathnames.h"
#include "log.h"
#include "misc.h"

#define SSH_COM_PUBLIC_BEGIN		"---- BEGIN SSH2 PUBLIC KEY ----"
#define SSH_COM_PUBLIC_END		"---- END SSH2 PUBLIC KEY ----"
#define SSH_COM_PRIVATE_BEGIN		"---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"
#define SSH_COM_PRIVATE_END		"---- END SSH2 ENCRYPTED PRIVATE KEY ----"
#define	SSH_COM_PRIVATE_KEY_MAGIC	0x3f6ff9eb

static int
buffer_put_bignum_bits(Buffer *b, const BIGNUM *value)
{
	u_int bignum_bits = BN_num_bits(value);
	u_int bytes = (bignum_bits + 7) / 8;
	u_char *buf = xmalloc(bytes);
	int oi;

	/* Get the value of in binary */
	oi = BN_bn2bin(value, buf);
	if (oi != bytes) {
		error("buffer_put_bignum_bits: BN_bn2bin() failed: oi %d != bytes %d",
		    oi, bytes);
		return (-1);
	}

	buffer_put_int(b, bignum_bits);
	/* Store the binary data. */
	buffer_append(b, (char *)buf, oi);

	memset(buf, 0, bytes);
	xfree(buf);

	return (0);
}

static int
do_convert_private_ssh2_to_blob(const Key *key, u_char **blobp, u_int *lenp)
{
	Buffer b;
	int len, len1;
	char *pb;

	if (key == NULL) {
		error("do_convert_private_ssh2_to_blob: key == NULL");
		return 0;
	}
	buffer_init(&b);
	buffer_put_int(&b, SSH_COM_PRIVATE_KEY_MAGIC);
	buffer_put_int(&b, 0);

	switch (key->type) {
	case KEY_DSA:
	       	buffer_put_cstring(&b, "dl-modp{sign{dsa-nist-sha1},dh{plain}}");
		break;
	case KEY_RSA:
	       	buffer_put_cstring(&b, "if-modn{sign{rsa-pkcs1-md5}}");
		break;
	default:
		error("do_convert_private_ssh2_to_blob: unsupported key type %d",
		      key->type);
		buffer_free(&b);
		return 0;
	}

       	buffer_put_cstring(&b, "none");

	len1 = buffer_len(&b);
	buffer_put_int(&b, 0);
	buffer_put_int(&b, 0);

	switch (key->type) {
	case KEY_DSA:
		buffer_put_int(&b, 0);
		buffer_put_bignum_bits(&b, key->dsa->p);
		buffer_put_bignum_bits(&b, key->dsa->g);
		buffer_put_bignum_bits(&b, key->dsa->q);
		buffer_put_bignum_bits(&b, key->dsa->pub_key);
		buffer_put_bignum_bits(&b, key->dsa->priv_key);
		break;
	case KEY_RSA:
		buffer_put_bignum_bits(&b, key->rsa->e);
		buffer_put_bignum_bits(&b, key->rsa->d);
		buffer_put_bignum_bits(&b, key->rsa->n);
		buffer_put_bignum_bits(&b, key->rsa->iqmp);
		buffer_put_bignum_bits(&b, key->rsa->q);
		buffer_put_bignum_bits(&b, key->rsa->p);
		break;
	}
	len = buffer_len(&b);
	if (lenp != NULL)
		*lenp = len;
	pb = buffer_ptr(&b);
	PUT_32BIT(pb + 4, len);
	PUT_32BIT(pb + len1, len - len1 - 4);
	PUT_32BIT(pb + len1 + 4, len - len1 - 8);
	if (blobp != NULL) {
		*blobp = xmalloc(len);
		memcpy(*blobp, pb, len);
	}
	memset(pb, 0, len);
	buffer_free(&b);
	return len;
}

static void
do_convert_to_ssh2(struct passwd *pw)
{

	u_int len;
	u_char *blob;
	struct stat st;
	int private = 0;

	if (!have_identity)
		ask_filename(pw, "Enter file in which the key is");

		perror(identity_file);
		exit(1);
	}
	k = key_new(KEY_UNSPEC);
	if (key_try_load_public(k, identity_file, NULL) != 1) {
		if ((k = load_identity(identity_file)) == NULL) {
			fprintf(stderr, "load failed\n");
			exit(1);
		}
		private = 1;
	}
	if (k->type == KEY_RSA1) {
		fprintf(stderr, "version 1 keys are not supported\n");
		exit(1);
	}
	if (private) {
		if (do_convert_private_ssh2_to_blob(k, &blob, &len) <= 0) {
			fprintf(stderr, "do_convert_private_ssh2_to_blob failed\n");
			exit(1);
		}
	}
	else {
		if (key_to_blob(k, &blob, &len) <= 0) {
			fprintf(stderr, "key_to_blob failed\n");
			exit(1);
		}
	}
	fprintf(stdout, "%s\n",
	    private?SSH_COM_PRIVATE_BEGIN:SSH_COM_PUBLIC_BEGIN);
	fprintf(stdout,
	    "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n",
	    key_size(k), key_type(k),
	    pw->pw_name, hostname);
	dump_base64(stdout, blob, len);
	fprintf(stdout, "%s\n",
	    private?SSH_COM_PRIVATE_END:SSH_COM_PUBLIC_END);
	key_free(k);
	xfree(blob);
	exit(0);

	u_char *sig, data[] = "abcde12345";
	int magic, rlen, ktype, i1, i2, i3, i4;
	u_int slen;
	u_long e;

	buffer_init(&b);
	buffer_append(&b, blob, blen);

	cipher = buffer_get_string(&b, NULL);
	i2 = buffer_get_int(&b);
	i3 = buffer_get_int(&b);
	debug("ignore (%d %d %d)", i1,i2,i3);
	debug("ignore (%d %d %d %d)", i1,i2,i3,i4);
	if (strcmp(cipher, "none") != 0) {
		error("unsupported cipher %s", cipher);
		xfree(cipher);


	switch (key->type) {
	case KEY_DSA:
		i4 = buffer_get_int(&b);
		buffer_get_bignum_bits(&b, key->dsa->p);
		buffer_get_bignum_bits(&b, key->dsa->g);
		buffer_get_bignum_bits(&b, key->dsa->q);

		buffer_get_bignum_bits(&b, key->dsa->priv_key);
		break;
	case KEY_RSA:
		buffer_get_bignum_bits(&b, key->rsa->e);
		debug("e %lx", e);
		if (e < 30) {
			e <<= 8;
			e += buffer_get_char(&b);
			debug("e %lx", e);
			e <<= 8;
			e += buffer_get_char(&b);
			debug("e %lx", e);
		}
		if (!BN_set_word(key->rsa->e, e)) {
			buffer_free(&b);
			key_free(key);
			return NULL;
		}
		buffer_get_bignum_bits(&b, key->rsa->d);
		buffer_get_bignum_bits(&b, key->rsa->n);
		buffer_get_bignum_bits(&b, key->rsa->iqmp);

Return to bug 1044

Lines 24-29 Link Here

(-)ssh-keygen.c.orig (-24 / +119 lines)
24	#include "uuencode.h"	24	#include "uuencode.h"
25	#include "buffer.h"	25	#include "buffer.h"
26	#include "bufaux.h"	26	#include "bufaux.h"
		27	#include "getput.h"
27	#include "pathnames.h"	28	#include "pathnames.h"
28	#include "log.h"	29	#include "log.h"
29	#include "misc.h"	30	#include "misc.h"
Lines 152-159 Link Here
152	#define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----"	153	#define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----"
153	#define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----"	154	#define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----"
154	#define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"	155	#define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"
		156	#define SSH_COM_PRIVATE_END "---- END SSH2 ENCRYPTED PRIVATE KEY ----"
155	#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb	157	#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb
156		158
		159	static int
		160	buffer_put_bignum_bits(Buffer b, const BIGNUM value)
		161	{
		162	u_int bignum_bits = BN_num_bits(value);
		163	u_int bytes = (bignum_bits + 7) / 8;
		164	u_char *buf = xmalloc(bytes);
		165	int oi;
		166
		167	/* Get the value of in binary */
		168	oi = BN_bn2bin(value, buf);
		169	if (oi != bytes) {
		170	error("buffer_put_bignum_bits: BN_bn2bin() failed: oi %d != bytes %d",
		171	oi, bytes);
		172	return (-1);
		173	}
		174
		175	buffer_put_int(b, bignum_bits);
		176	/* Store the binary data. */
		177	buffer_append(b, (char *)buf, oi);
		178
		179	memset(buf, 0, bytes);
		180	xfree(buf);
		181
		182	return (0);
		183	}
		184
		185	static int
		186	do_convert_private_ssh2_to_blob(const Key key, u_char blobp, u_int lenp)
		187	{
		188	Buffer b;
		189	int len, len1;
		190	char *pb;
		191
		192	if (key == NULL) {
		193	error("do_convert_private_ssh2_to_blob: key == NULL");
		194	return 0;
		195	}
		196	buffer_init(&b);
		197	buffer_put_int(&b, SSH_COM_PRIVATE_KEY_MAGIC);
		198	buffer_put_int(&b, 0);
		199
		200	switch (key->type) {
		201	case KEY_DSA:
		202	buffer_put_cstring(&b, "dl-modp{sign{dsa-nist-sha1},dh{plain}}");
		203	break;
		204	case KEY_RSA:
		205	buffer_put_cstring(&b, "if-modn{sign{rsa-pkcs1-md5}}");
		206	break;
		207	default:
		208	error("do_convert_private_ssh2_to_blob: unsupported key type %d",
		209	key->type);
		210	buffer_free(&b);
		211	return 0;
		212	}
		213
		214	buffer_put_cstring(&b, "none");
		215
		216	len1 = buffer_len(&b);
		217	buffer_put_int(&b, 0);
		218	buffer_put_int(&b, 0);
		219
		220	switch (key->type) {
		221	case KEY_DSA:
		222	buffer_put_int(&b, 0);
223	buffer_put_bignum_bits(&b, key->dsa->p);
224	buffer_put_bignum_bits(&b, key->dsa->g);
225	buffer_put_bignum_bits(&b, key->dsa->q);
226	buffer_put_bignum_bits(&b, key->dsa->pub_key);
227	buffer_put_bignum_bits(&b, key->dsa->priv_key);
228	break;
229	case KEY_RSA:
230	buffer_put_bignum_bits(&b, key->rsa->e);
231	buffer_put_bignum_bits(&b, key->rsa->d);
232	buffer_put_bignum_bits(&b, key->rsa->n);
233	buffer_put_bignum_bits(&b, key->rsa->iqmp);
234	buffer_put_bignum_bits(&b, key->rsa->q);
235	buffer_put_bignum_bits(&b, key->rsa->p);
236	break;
237	}
238	len = buffer_len(&b);
239	if (lenp != NULL)
240	*lenp = len;
241	pb = buffer_ptr(&b);
242	PUT_32BIT(pb + 4, len);
243	PUT_32BIT(pb + len1, len - len1 - 4);
244	PUT_32BIT(pb + len1 + 4, len - len1 - 8);
245	if (blobp != NULL) {
246	*blobp = xmalloc(len);
247	memcpy(*blobp, pb, len);
248	}
249	memset(pb, 0, len);
250	buffer_free(&b);
251	return len;
252	}
253
157	static void	254	static void
158	do_convert_to_ssh2(struct passwd *pw)	255	do_convert_to_ssh2(struct passwd *pw)
159	{	256	{
Lines 161-166 Link Here
161	u_int len;	258	u_int len;
162	u_char *blob;	259	u_char *blob;
163	struct stat st;	260	struct stat st;
		261	int private = 0;
164		262
165	if (!have_identity)	263	if (!have_identity)
166	ask_filename(pw, "Enter file in which the key is");	264	ask_filename(pw, "Enter file in which the key is");
Lines 168-194 Link Here
168	perror(identity_file);	266	perror(identity_file);
169	exit(1);	267	exit(1);
170	}	268	}
171	if ((k = key_load_public(identity_file, NULL)) == NULL) {	269	k = key_new(KEY_UNSPEC);
		270	if (key_try_load_public(k, identity_file, NULL) != 1) {
172	if ((k = load_identity(identity_file)) == NULL) {	271	if ((k = load_identity(identity_file)) == NULL) {
173	fprintf(stderr, "load failed\n");	272	fprintf(stderr, "load failed\n");
174	exit(1);	273	exit(1);
175	}	274	}
		275	private = 1;
176	}	276	}
177	if (k->type == KEY_RSA1) {	277	if (k->type == KEY_RSA1) {
178	fprintf(stderr, "version 1 keys are not supported\n");	278	fprintf(stderr, "version 1 keys are not supported\n");
179	exit(1);	279	exit(1);
180	}	280	}
181	if (key_to_blob(k, &blob, &len) <= 0) {	281	if (private) {
182	fprintf(stderr, "key_to_blob failed\n");	282	if (do_convert_private_ssh2_to_blob(k, &blob, &len) <= 0) {
183	exit(1);	283	fprintf(stderr, "do_convert_private_ssh2_to_blob failed\n");
		284	exit(1);
		285	}
184	}	286	}
185	fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);	287	else {
		288	if (key_to_blob(k, &blob, &len) <= 0) {
		289	fprintf(stderr, "key_to_blob failed\n");
		290	exit(1);
		291	}
		292	}
		293	fprintf(stdout, "%s\n",
		294	private?SSH_COM_PRIVATE_BEGIN:SSH_COM_PUBLIC_BEGIN);
186	fprintf(stdout,	295	fprintf(stdout,
187	"Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n",	296	"Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n",
188	key_size(k), key_type(k),	297	key_size(k), key_type(k),
189	pw->pw_name, hostname);	298	pw->pw_name, hostname);
190	dump_base64(stdout, blob, len);	299	dump_base64(stdout, blob, len);
191	fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END);	300	fprintf(stdout, "%s\n",
		301	private?SSH_COM_PRIVATE_END:SSH_COM_PUBLIC_END);
192	key_free(k);	302	key_free(k);
193	xfree(blob);	303	xfree(blob);
194	exit(0);	304	exit(0);
Lines 216-222 Link Here
216	u_char *sig, data[] = "abcde12345";	326	u_char *sig, data[] = "abcde12345";
217	int magic, rlen, ktype, i1, i2, i3, i4;	327	int magic, rlen, ktype, i1, i2, i3, i4;
218	u_int slen;	328	u_int slen;
219	u_long e;
220		329
221	buffer_init(&b);	330	buffer_init(&b);
222	buffer_append(&b, blob, blen);	331	buffer_append(&b, blob, blen);
Lines 232-239 Link Here
232	cipher = buffer_get_string(&b, NULL);	341	cipher = buffer_get_string(&b, NULL);
233	i2 = buffer_get_int(&b);	342	i2 = buffer_get_int(&b);
234	i3 = buffer_get_int(&b);	343	i3 = buffer_get_int(&b);
235	i4 = buffer_get_int(&b);	344	debug("ignore (%d %d %d)", i1,i2,i3);
236	debug("ignore (%d %d %d %d)", i1,i2,i3,i4);
237	if (strcmp(cipher, "none") != 0) {	345	if (strcmp(cipher, "none") != 0) {
238	error("unsupported cipher %s", cipher);	346	error("unsupported cipher %s", cipher);
239	xfree(cipher);	347	xfree(cipher);
Lines 257-262 Link Here
257		365
258	switch (key->type) {	366	switch (key->type) {
259	case KEY_DSA:	367	case KEY_DSA:
		368	i4 = buffer_get_int(&b);
260	buffer_get_bignum_bits(&b, key->dsa->p);	369	buffer_get_bignum_bits(&b, key->dsa->p);
261	buffer_get_bignum_bits(&b, key->dsa->g);	370	buffer_get_bignum_bits(&b, key->dsa->g);
262	buffer_get_bignum_bits(&b, key->dsa->q);	371	buffer_get_bignum_bits(&b, key->dsa->q);
Lines 264-284 Link Here
264	buffer_get_bignum_bits(&b, key->dsa->priv_key);	373	buffer_get_bignum_bits(&b, key->dsa->priv_key);
265	break;	374	break;
266	case KEY_RSA:	375	case KEY_RSA:
267	e = buffer_get_char(&b);	376	buffer_get_bignum_bits(&b, key->rsa->e);
268	debug("e %lx", e);
269	if (e < 30) {
270	e <<= 8;
271	e += buffer_get_char(&b);
272	debug("e %lx", e);
273	e <<= 8;
274	e += buffer_get_char(&b);
275	debug("e %lx", e);
276	}
277	if (!BN_set_word(key->rsa->e, e)) {
278	buffer_free(&b);
279	key_free(key);
280	return NULL;
281	}
282	buffer_get_bignum_bits(&b, key->rsa->d);	377	buffer_get_bignum_bits(&b, key->rsa->d);
283	buffer_get_bignum_bits(&b, key->rsa->n);	378	buffer_get_bignum_bits(&b, key->rsa->n);
284	buffer_get_bignum_bits(&b, key->rsa->iqmp);	379	buffer_get_bignum_bits(&b, key->rsa->iqmp);