- markus@cvs.openbsd.org 2001/06/23 06:41:10
[ssh-keygen.c] try to decode ssh-3.0.0 private rsa keys (allow migration to openssh, not vice versa), #910
This commit is contained in:
parent
90fd060bc8
commit
34f91883a6
|
@ -63,6 +63,10 @@
|
|||
- deraadt@cvs.openbsd.org 2001/06/23 05:57:09
|
||||
[sftp.1 sftp-server.8 ssh-keygen.1]
|
||||
ok, tmac is now fixed
|
||||
- markus@cvs.openbsd.org 2001/06/23 06:41:10
|
||||
[ssh-keygen.c]
|
||||
try to decode ssh-3.0.0 private rsa keys
|
||||
(allow migration to openssh, not vice versa), #910
|
||||
|
||||
20010622
|
||||
- (stevesk) handle systems without pw_expire and pw_change.
|
||||
|
@ -5747,4 +5751,4 @@
|
|||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.1313 2001/06/25 04:45:33 mouring Exp $
|
||||
$Id: ChangeLog,v 1.1314 2001/06/25 04:47:54 mouring Exp $
|
||||
|
|
31
ssh-keygen.c
31
ssh-keygen.c
|
@ -12,7 +12,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: ssh-keygen.c,v 1.61 2001/05/25 14:37:32 markus Exp $");
|
||||
RCSID("$OpenBSD: ssh-keygen.c,v 1.62 2001/06/23 06:41:10 markus Exp $");
|
||||
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/pem.h>
|
||||
|
@ -187,7 +187,8 @@ do_convert_private_ssh2_from_blob(char *blob, int blen)
|
|||
{
|
||||
Buffer b;
|
||||
Key *key = NULL;
|
||||
int ignore, magic, rlen, ktype;
|
||||
int magic, rlen, ktype, i1, i2, i3, i4;
|
||||
u_long e;
|
||||
char *type, *cipher;
|
||||
|
||||
buffer_init(&b);
|
||||
|
@ -199,13 +200,13 @@ do_convert_private_ssh2_from_blob(char *blob, int blen)
|
|||
buffer_free(&b);
|
||||
return NULL;
|
||||
}
|
||||
ignore = buffer_get_int(&b);
|
||||
i1 = buffer_get_int(&b);
|
||||
type = buffer_get_string(&b, NULL);
|
||||
cipher = buffer_get_string(&b, NULL);
|
||||
ignore = buffer_get_int(&b);
|
||||
ignore = buffer_get_int(&b);
|
||||
ignore = buffer_get_int(&b);
|
||||
|
||||
i2 = buffer_get_int(&b);
|
||||
i3 = buffer_get_int(&b);
|
||||
i4 = buffer_get_int(&b);
|
||||
debug("ignore (%d %d %d %d)", i1,i2,i3,i4);
|
||||
if (strcmp(cipher, "none") != 0) {
|
||||
error("unsupported cipher %s", cipher);
|
||||
xfree(cipher);
|
||||
|
@ -235,7 +236,17 @@ do_convert_private_ssh2_from_blob(char *blob, int blen)
|
|||
buffer_get_bignum_bits(&b, key->dsa->priv_key);
|
||||
break;
|
||||
case KEY_RSA:
|
||||
if (!BN_set_word(key->rsa->e, (u_long) buffer_get_char(&b))) {
|
||||
e = buffer_get_char(&b);
|
||||
debug("e %lx", e);
|
||||
if (e < 30) {
|
||||
e <<= 8;
|
||||
e += buffer_get_char(&b);
|
||||
debug("e %lx", e);
|
||||
e <<= 8;
|
||||
e += buffer_get_char(&b);
|
||||
debug("e %lx", e);
|
||||
}
|
||||
if (!BN_set_word(key->rsa->e, e)) {
|
||||
buffer_free(&b);
|
||||
key_free(key);
|
||||
return NULL;
|
||||
|
@ -258,8 +269,8 @@ do_convert_private_ssh2_from_blob(char *blob, int blen)
|
|||
u_int slen;
|
||||
u_char *sig, data[10] = "abcde12345";
|
||||
|
||||
key_sign(key, &sig, &slen, data, sizeof data);
|
||||
key_verify(key, sig, slen, data, sizeof data);
|
||||
key_sign(key, &sig, &slen, data, sizeof(data));
|
||||
key_verify(key, sig, slen, data, sizeof(data));
|
||||
xfree(sig);
|
||||
}
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue