/** @brief import a base64 formated key from a memory c-string * * @param key The key to fill, created with ssh_key_new() * @param session The ssh session * @param b64_key The c-string holding the base64 encoded key * @param passphrase The passphrase to decrypt the key, or NULL * * @return SSH_ERROR in case of error, SSH_OK otherwise */ int ssh_pki_import_privkey_base64(ssh_session session, const char *b64_key, const char *passphrase, ssh_key *pkey) { ssh_key key; if (pkey == NULL || session == NULL) { return SSH_ERROR; } if (b64_key == NULL || !*b64_key) { return SSH_ERROR; } ssh_log(session, SSH_LOG_RARE, "Trying to decode privkey passphrase=%s", passphrase ? "true" : "false"); key = pki_private_key_from_base64(session, b64_key, passphrase); if (key == NULL) { return SSH_ERROR; } *pkey = key; return SSH_OK; }
/** * @brief import a base64 formated key from a memory c-string * * @param[in] b64_key The c-string holding the base64 encoded key * * @param[in] passphrase The passphrase to decrypt the key, or NULL * * @param[in] auth_fn An auth function you may want to use or NULL. * * @param[in] auth_data Private data passed to the auth function. * * @param[out] pkey A pointer where the allocated key can be stored. You * need to free the memory. * * @return SSH_ERROR in case of error, SSH_OK otherwise. * * @see ssh_key_free() */ int ssh_pki_import_privkey_base64(const char *b64_key, const char *passphrase, ssh_auth_callback auth_fn, void *auth_data, ssh_key *pkey) { ssh_key key; if (b64_key == NULL || pkey == NULL) { return SSH_ERROR; } if (b64_key == NULL || !*b64_key) { return SSH_ERROR; } ssh_pki_log("Trying to decode privkey passphrase=%s", passphrase ? "true" : "false"); key = pki_private_key_from_base64(b64_key, passphrase, auth_fn, auth_data); if (key == NULL) { return SSH_ERROR; } *pkey = key; return SSH_OK; }
ssh_private_key privatekey_from_base64(ssh_session session, const char *b64_pkey, int type, const char *passphrase) { ssh_private_key privkey; ssh_key key; (void) type; /* unused */ key = pki_private_key_from_base64(session, b64_pkey, passphrase); if (key == NULL) { return NULL; } privkey = malloc(sizeof(struct ssh_private_key_struct)); if (privkey == NULL) { ssh_key_free(key); return NULL; } privkey->type = key->type; privkey->dsa_priv = key->dsa; privkey->rsa_priv = key->rsa; return privkey; }
/** * @brief import a base64 formated key from a memory c-string * * @param[in] b64_key The c-string holding the base64 encoded key * * @param[in] passphrase The passphrase to decrypt the key, or NULL * * @param[in] auth_fn An auth function you may want to use or NULL. * * @param[in] auth_data Private data passed to the auth function. * * @param[out] pkey A pointer where the allocated key can be stored. You * need to free the memory. * * @return SSH_ERROR in case of error, SSH_OK otherwise. * * @see ssh_key_free() */ int ssh_pki_import_privkey_base64(const char *b64_key, const char *passphrase, ssh_auth_callback auth_fn, void *auth_data, ssh_key *pkey) { ssh_key key; int cmp; if (b64_key == NULL || pkey == NULL) { return SSH_ERROR; } if (b64_key == NULL || !*b64_key) { return SSH_ERROR; } SSH_LOG(SSH_LOG_INFO, "Trying to decode privkey passphrase=%s", passphrase ? "true" : "false"); /* Test for OpenSSH key format first */ cmp = strncmp(b64_key, OPENSSH_HEADER_BEGIN, strlen(OPENSSH_HEADER_BEGIN)); if (cmp == 0) { key = ssh_pki_openssh_privkey_import(b64_key, passphrase, auth_fn, auth_data); } else { /* fallback on PEM decoder */ key = pki_private_key_from_base64(b64_key, passphrase, auth_fn, auth_data); } if (key == NULL) { return SSH_ERROR; } *pkey = key; return SSH_OK; }
/** * @brief Import a key from a file. * * @param[in] session The SSH Session to use. If a authentication callback is * set, it will be used to ask for the passphrase. * * @param[in] filename The filename of the the private key. * * @param[in] passphrase The passphrase to decrypt the private key. Set to NULL * if none is needed or it is unknown. * * @param[out] pkey A pointer to store the ssh_key. You need to free the * key. * * @returns SSH_OK on success, SSH_ERROR otherwise. * * @see ssh_key_free() **/ int ssh_pki_import_privkey_file(ssh_session session, const char *filename, const char *passphrase, ssh_key *pkey) { struct stat sb; char *key_buf; ssh_key key; FILE *file; off_t size; int rc; if (session == NULL || pkey == NULL) { return SSH_ERROR; } if (filename == NULL || *filename == '\0') { return SSH_ERROR; } rc = stat(filename, &sb); if (rc < 0) { ssh_set_error(session, SSH_REQUEST_DENIED, "Error gettint stat of %s: %s", filename, strerror(errno)); return SSH_ERROR; } file = fopen(filename, "r"); if (file == NULL) { ssh_set_error(session, SSH_REQUEST_DENIED, "Error opening %s: %s", filename, strerror(errno)); return SSH_ERROR; } key_buf = malloc(sb.st_size + 1); if (key_buf == NULL) { ssh_set_error_oom(session); return SSH_ERROR; } size = fread(key_buf, 1, sb.st_size, file); fclose(file); if (size != sb.st_size) { SAFE_FREE(key_buf); ssh_set_error(session, SSH_FATAL, "Error reading %s: %s", filename, strerror(errno)); return SSH_ERROR; } key = pki_private_key_from_base64(session, key_buf, passphrase); SAFE_FREE(key_buf); if (key == NULL) { return SSH_ERROR; } *pkey = key; return SSH_OK; }
/** * @brief Import a key from a file. * * @param[in] filename The filename of the the private key. * * @param[in] passphrase The passphrase to decrypt the private key. Set to NULL * if none is needed or it is unknown. * * @param[in] auth_fn An auth function you may want to use or NULL. * * @param[in] auth_data Private data passed to the auth function. * * @param[out] pkey A pointer to store the allocated ssh_key. You need to * free the key. * * @returns SSH_OK on success, SSH_EOF if the file doesn't exist or permission * denied, SSH_ERROR otherwise. * * @see ssh_key_free() **/ int ssh_pki_import_privkey_file(const char *filename, const char *passphrase, ssh_auth_callback auth_fn, void *auth_data, ssh_key *pkey) { struct stat sb; char *key_buf; ssh_key key; FILE *file; off_t size; int rc; if (pkey == NULL || filename == NULL || *filename == '\0') { return SSH_ERROR; } file = fopen(filename, "rb"); if (file == NULL) { ssh_pki_log("Error opening %s: %s", filename, strerror(errno)); return SSH_EOF; } rc = fstat(fileno(file), &sb); if (rc < 0) { fclose(file); ssh_pki_log("Error getting stat of %s: %s", filename, strerror(errno)); switch (errno) { case ENOENT: case EACCES: return SSH_EOF; } return SSH_ERROR; } if (sb.st_size > MAX_PRIVKEY_SIZE) { ssh_pki_log("Private key is bigger than 4M."); fclose(file); return SSH_ERROR; } key_buf = malloc(sb.st_size + 1); if (key_buf == NULL) { fclose(file); ssh_pki_log("Out of memory!"); return SSH_ERROR; } size = fread(key_buf, 1, sb.st_size, file); fclose(file); if (size != sb.st_size) { SAFE_FREE(key_buf); ssh_pki_log("Error reading %s: %s", filename, strerror(errno)); return SSH_ERROR; } key_buf[size] = 0; key = pki_private_key_from_base64(key_buf, passphrase, auth_fn, auth_data); SAFE_FREE(key_buf); if (key == NULL) { return SSH_ERROR; } *pkey = key; return SSH_OK; }