tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-27 07:44:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream commit

Browse Source 
remove unused wrapper functions from key.[ch]; ok djm@

Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
This commit is contained in:
markus@openbsd.org 2017-05-30 14:16:41 +00:00 committed by Damien Miller
parent ff7371afd0
commit 7da5df11ac
4 changed files with 14 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

177
key.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: key.c,v 1.130 2016/05/02 09:36:42 djm Exp $ */ /* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */
/* /*
* placed in the public domain * placed in the public domain
*/ */
@ -20,68 +20,6 @@
#include "log.h" #include "log.h"
#include "authfile.h" #include "authfile.h"
void
key_add_private(Key *k)
{
int r;
if ((r = sshkey_add_private(k)) != 0)
fatal("%s: %s", __func__, ssh_err(r));
}
Key *
key_new_private(int type)
{
Key *ret = NULL;
if ((ret = sshkey_new_private(type)) == NULL)
fatal("%s: failed", __func__);
return ret;
}
int
key_read(Key *ret, char **cpp)
{
return sshkey_read(ret, cpp) == 0 ? 1 : -1;
}
int
key_write(const Key *key, FILE *f)
{
return sshkey_write(key, f) == 0 ? 1 : 0;
}
Key *
key_generate(int type, u_int bits)
{
int r;
Key *ret = NULL;
if ((r = sshkey_generate(type, bits, &ret)) != 0)
fatal("%s: %s", __func__, ssh_err(r));
return ret;
}
void
key_cert_copy(const Key *from_key, Key *to_key)
{
int r;
if ((r = sshkey_cert_copy(from_key, to_key)) != 0)
fatal("%s: %s", __func__, ssh_err(r));
}
Key *
key_from_private(const Key *k)
{
int r;
Key *ret = NULL;
if ((r = sshkey_from_private(k, &ret)) != 0)
fatal("%s: %s", __func__, ssh_err(r));
return ret;
}
static void static void
fatal_on_fatal_errors(int r, const char *func, int extra_fatal) fatal_on_fatal_errors(int r, const char *func, int extra_fatal)
{ {
@ -183,19 +121,6 @@ key_demote(const Key *k)
return ret; return ret;
} }
int
key_to_certified(Key *k)
{
int r;
if ((r = sshkey_to_certified(k)) != 0) {
fatal_on_fatal_errors(r, __func__, 0);
error("%s: %s", __func__, ssh_err(r));
return -1;
}
return 0;
}
int int
key_drop_cert(Key *k) key_drop_cert(Key *k)
{ {
@ -209,19 +134,6 @@ key_drop_cert(Key *k)
return 0; return 0;
} }
int
key_certify(Key *k, Key *ca)
{
int r;
if ((r = sshkey_certify(k, ca, NULL)) != 0) {
fatal_on_fatal_errors(r, __func__, 0);
error("%s: %s", __func__, ssh_err(r));
return -1;
}
return 0;
}
int int
key_cert_check_authority(const Key *k, int want_host, int require_principal, key_cert_check_authority(const Key *k, int want_host, int require_principal,
const char *name, const char **reason) const char *name, const char **reason)
@ -237,88 +149,8 @@ key_cert_check_authority(const Key *k, int want_host, int require_principal,
return 0; return 0;
} }
#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
int
key_ec_validate_public(const EC_GROUP *group, const EC_POINT *public)
{
int r;
if ((r = sshkey_ec_validate_public(group, public)) != 0) {
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
error("%s: %s", __func__, ssh_err(r));
return -1;
}
return 0;
}
int
key_ec_validate_private(const EC_KEY *key)
{
int r;
if ((r = sshkey_ec_validate_private(key)) != 0) {
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
error("%s: %s", __func__, ssh_err(r));
return -1;
}
return 0;
}
#endif /* WITH_OPENSSL */
void
key_private_serialize(const Key *key, struct sshbuf *b)
{
int r;
if ((r = sshkey_private_serialize(key, b)) != 0)
fatal("%s: %s", __func__, ssh_err(r));
}
Key *
key_private_deserialize(struct sshbuf *blob)
{
int r;
Key *ret = NULL;
if ((r = sshkey_private_deserialize(blob, &ret)) != 0) {
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
error("%s: %s", __func__, ssh_err(r));
return NULL;
}
return ret;
}
/* authfile.c */ /* authfile.c */
int
key_save_private(Key *key, const char *filename, const char *passphrase,
const char *comment, int force_new_format, const char *new_format_cipher,
int new_format_rounds)
{
int r;
if ((r = sshkey_save_private(key, filename, passphrase, comment,
force_new_format, new_format_cipher, new_format_rounds)) != 0) {
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
error("%s: %s", __func__, ssh_err(r));
return 0;
}
return 1;
}
int
key_load_file(int fd, const char *filename, struct sshbuf *blob)
{
int r;
if ((r = sshkey_load_file(fd, blob)) != 0) {
fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
error("%s: %s", __func__, ssh_err(r));
return 0;
}
return 1;
}
Key * Key *
key_load_cert(const char *filename) key_load_cert(const char *filename)
{ {
@ -417,10 +249,3 @@ key_load_private_type(int type, const char *filename, const char *passphrase,
} }
return ret; return ret;
} }
int
key_perm_ok(int fd, const char *filename)
{
return sshkey_perm_ok(fd, filename) == 0 ? 1 : 0;
}

36
key.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: key.h,v 1.50 2016/09/12 23:31:27 djm Exp $ */ /* $OpenBSD: key.h,v 1.51 2017/05/30 14:16:41 markus Exp $ */
/* /*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@ -35,51 +35,24 @@ typedef struct sshkey Key;
#define fp_rep sshkey_fp_rep #define fp_rep sshkey_fp_rep
#ifndef SSH_KEY_NO_DEFINE #ifndef SSH_KEY_NO_DEFINE
#define key_new sshkey_new
#define key_free sshkey_free #define key_free sshkey_free
#define key_equal_public sshkey_equal_public #define key_equal_public sshkey_equal_public
#define key_equal sshkey_equal #define key_equal sshkey_equal
#define key_type sshkey_type #define key_type sshkey_type
#define key_cert_type sshkey_cert_type
#define key_ssh_name sshkey_ssh_name #define key_ssh_name sshkey_ssh_name
#define key_ssh_name_plain sshkey_ssh_name_plain #define key_ssh_name_plain sshkey_ssh_name_plain
#define key_type_from_name sshkey_type_from_name #define key_type_from_name sshkey_type_from_name
#define key_ecdsa_nid_from_name sshkey_ecdsa_nid_from_name
#define key_type_is_cert sshkey_type_is_cert
#define key_size sshkey_size
#define key_ecdsa_bits_to_nid sshkey_ecdsa_bits_to_nid
#define key_ecdsa_key_to_nid sshkey_ecdsa_key_to_nid
#define key_is_cert sshkey_is_cert #define key_is_cert sshkey_is_cert
#define key_type_plain sshkey_type_plain #define key_type_plain sshkey_type_plain
#define key_curve_name_to_nid sshkey_curve_name_to_nid
#define key_curve_nid_to_bits sshkey_curve_nid_to_bits
#define key_curve_nid_to_name sshkey_curve_nid_to_name
#define key_ec_nid_to_hash_alg sshkey_ec_nid_to_hash_alg
#define key_dump_ec_point sshkey_dump_ec_point
#define key_dump_ec_key sshkey_dump_ec_key
#endif #endif
void key_add_private(Key *);
Key *key_new_private(int);
void key_free(Key *); void key_free(Key *);
Key *key_demote(const Key *); Key *key_demote(const Key *);
int key_write(const Key *, FILE *);
int key_read(Key *, char **);
Key *key_generate(int, u_int);
Key *key_from_private(const Key *);
int key_to_certified(Key *);
int key_drop_cert(Key *); int key_drop_cert(Key *);
int key_certify(Key *, Key *);
void key_cert_copy(const Key *, Key *);
int key_cert_check_authority(const Key *, int, int, const char *, int key_cert_check_authority(const Key *, int, int, const char *,
const char **); const char **);
#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
int key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
int key_ec_validate_private(const EC_KEY *);
#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
Key *key_from_blob(const u_char *, u_int); Key *key_from_blob(const u_char *, u_int);
int key_to_blob(const Key *, u_char **, u_int *); int key_to_blob(const Key *, u_char **, u_int *);
@ -87,18 +60,11 @@ int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int,
const char *); const char *);
int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
void key_private_serialize(const Key *, struct sshbuf *);
Key *key_private_deserialize(struct sshbuf *);
/* authfile.c */ /* authfile.c */
int key_save_private(Key *, const char *, const char *, const char *,
int, const char *, int);
int key_load_file(int, const char *, struct sshbuf *);
Key *key_load_cert(const char *); Key *key_load_cert(const char *);
Key *key_load_public(const char *, char **); Key *key_load_public(const char *, char **);
Key *key_load_private(const char *, const char *, char **); Key *key_load_private(const char *, const char *, char **);
Key *key_load_private_cert(int, const char *, const char *, int *); Key *key_load_private_cert(int, const char *, const char *, int *);
Key *key_load_private_type(int, const char *, const char *, char **, int *); Key *key_load_private_type(int, const char *, const char *, char **, int *);
int key_perm_ok(int, const char *);
#endif #endif

4
ssh-add.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */ /* $OpenBSD: ssh-add.c,v 1.132 2017/05/30 14:16:41 markus Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -306,7 +306,7 @@ add_file(int agent_fd, const char *filename, int key_only)
goto out; goto out;
} }
if ((r = sshkey_cert_copy(cert, private)) != 0) { if ((r = sshkey_cert_copy(cert, private)) != 0) {
error("%s: key_cert_copy: %s", __func__, ssh_err(r)); error("%s: sshkey_cert_copy: %s", __func__, ssh_err(r));
sshkey_free(cert); sshkey_free(cert);
goto out; goto out;
} }

20
ssh-keygen.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-keygen.c,v 1.303 2017/05/07 23:15:59 djm Exp $ */ /* $OpenBSD: ssh-keygen.c,v 1.304 2017/05/30 14:16:41 markus Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -488,7 +488,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
return NULL; return NULL;
} }
if ((key = sshkey_new_private(ktype)) == NULL) if ((key = sshkey_new_private(ktype)) == NULL)
fatal("key_new_private failed"); fatal("sshkey_new_private failed");
free(type); free(type);
switch (key->type) { switch (key->type) {
@ -770,7 +770,7 @@ do_print_public(struct passwd *pw)
fatal("%s: %s", identity_file, strerror(errno)); fatal("%s: %s", identity_file, strerror(errno));
prv = load_identity(identity_file); prv = load_identity(identity_file);
if ((r = sshkey_write(prv, stdout)) != 0) if ((r = sshkey_write(prv, stdout)) != 0)
error("key_write failed: %s", ssh_err(r)); error("sshkey_write failed: %s", ssh_err(r));
sshkey_free(prv); sshkey_free(prv);
fprintf(stdout, "\n"); fprintf(stdout, "\n");
exit(0); exit(0);
@ -1019,7 +1019,7 @@ do_gen_all_hostkeys(struct passwd *pw)
bits = 0; bits = 0;
type_bits_valid(type, NULL, &bits); type_bits_valid(type, NULL, &bits);
if ((r = sshkey_generate(type, bits, &private)) != 0) { if ((r = sshkey_generate(type, bits, &private)) != 0) {
error("key_generate failed: %s", ssh_err(r)); error("sshkey_generate failed: %s", ssh_err(r));
first = 0; first = 0;
continue; continue;
} }
@ -1475,7 +1475,7 @@ do_change_comment(struct passwd *pw)
explicit_bzero(passphrase, strlen(passphrase)); explicit_bzero(passphrase, strlen(passphrase));
free(passphrase); free(passphrase);
if ((r = sshkey_from_private(private, &public)) != 0) if ((r = sshkey_from_private(private, &public)) != 0)
fatal("key_from_private failed: %s", ssh_err(r)); fatal("sshkey_from_private failed: %s", ssh_err(r));
sshkey_free(private); sshkey_free(private);
strlcat(identity_file, ".pub", sizeof(identity_file)); strlcat(identity_file, ".pub", sizeof(identity_file));
@ -1662,7 +1662,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
OPTIONS_EXTENSIONS); OPTIONS_EXTENSIONS);
if ((r = sshkey_from_private(ca, if ((r = sshkey_from_private(ca,
&public->cert->signature_key)) != 0) &public->cert->signature_key)) != 0)
fatal("key_from_private (ca key): %s", ssh_err(r)); fatal("sshkey_from_private (ca key): %s", ssh_err(r));
if ((r = sshkey_certify(public, ca, key_type_name)) != 0) if ((r = sshkey_certify(public, ca, key_type_name)) != 0)
fatal("Couldn't certify key %s: %s", tmp, ssh_err(r)); fatal("Couldn't certify key %s: %s", tmp, ssh_err(r));
@ -1980,7 +1980,7 @@ do_show_cert(struct passwd *pw)
if (*cp == '#' || *cp == '\0') if (*cp == '#' || *cp == '\0')
continue; continue;
if ((key = sshkey_new(KEY_UNSPEC)) == NULL) if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
fatal("key_new"); fatal("sshkey_new");
if ((r = sshkey_read(key, &cp)) != 0) { if ((r = sshkey_read(key, &cp)) != 0) {
error("%s:%lu: invalid key: %s", path, error("%s:%lu: invalid key: %s", path,
lnum, ssh_err(r)); lnum, ssh_err(r));
@ -2126,7 +2126,7 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
*/ */
} }
if ((key = sshkey_new(KEY_UNSPEC)) == NULL) if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
fatal("key_new"); fatal("sshkey_new");
if ((r = sshkey_read(key, &cp)) != 0) if ((r = sshkey_read(key, &cp)) != 0)
fatal("%s:%lu: invalid key: %s", fatal("%s:%lu: invalid key: %s",
path, lnum, ssh_err(r)); path, lnum, ssh_err(r));
@ -2667,9 +2667,9 @@ main(int argc, char **argv)
printf("Generating public/private %s key pair.\n", printf("Generating public/private %s key pair.\n",
key_type_name); key_type_name);
if ((r = sshkey_generate(type, bits, &private)) != 0) if ((r = sshkey_generate(type, bits, &private)) != 0)
fatal("key_generate failed"); fatal("sshkey_generate failed");
if ((r = sshkey_from_private(private, &public)) != 0) if ((r = sshkey_from_private(private, &public)) != 0)
fatal("key_from_private failed: %s\n", ssh_err(r)); fatal("sshkey_from_private failed: %s\n", ssh_err(r));
if (!have_identity) if (!have_identity)
ask_filename(pw, "Enter file in which to save the key"); ask_filename(pw, "Enter file in which to save the key");