static void *dss_newkey(char *data, int len) { char *p; int slen; struct dss_key *dss; dss = snew(struct dss_key); if (!dss) return NULL; getstring(&data, &len, &p, &slen); #ifdef DEBUG_DSS { int i; printf("key:"); for (i = 0; i < len; i++) printf(" %02x", (unsigned char) (data[i])); printf("\n"); } #endif if (!p || memcmp(p, "ssh-dss", 7)) { sfree(dss); return NULL; } dss->p = getmp(&data, &len); dss->q = getmp(&data, &len); dss->g = getmp(&data, &len); dss->y = getmp(&data, &len); return dss; }
static void *dss_openssh_createkey(unsigned char **blob, int *len) { char **b = (char **) blob; struct dss_key *dss; dss = snew(struct dss_key); if (!dss) return NULL; dss->p = getmp(b, len); dss->q = getmp(b, len); dss->g = getmp(b, len); dss->y = getmp(b, len); dss->x = getmp(b, len); if (!dss->p || !dss->q || !dss->g || !dss->y || !dss->x) { sfree(dss->p); sfree(dss->q); sfree(dss->g); sfree(dss->y); sfree(dss->x); sfree(dss); return NULL; } return dss; }
bool RSAKey::LoadFromPublicBlob( const CString &str ) { int len = str.size(); const char *data = str.data(); const char *p; int slen; getstring(&data, &len, &p, &slen); if (!p || slen != 7 || memcmp(p, "ssh-rsa", 7)) { return false; } struct RSAKey *rsa = new RSAKey; rsa->exponent = getmp(&data, &len); rsa->modulus = getmp(&data, &len); rsa->private_exponent = NULL; return true; }
static void *rsa2_createkey(unsigned char *pub_blob, int pub_len, unsigned char *priv_blob, int priv_len) { struct RSAKey *rsa; char *pb = (char *) priv_blob; rsa = rsa2_newkey((char *) pub_blob, pub_len); rsa->private_exponent = getmp(&pb, &priv_len); rsa->p = getmp(&pb, &priv_len); rsa->q = getmp(&pb, &priv_len); rsa->iqmp = getmp(&pb, &priv_len); if (!rsa_verify(rsa)) { rsa2_freekey(rsa); return NULL; } return rsa; }
static void *dss_createkey(unsigned char *pub_blob, int pub_len, unsigned char *priv_blob, int priv_len) { dss_key *dss; char *pb = (char *) priv_blob; char *hash; int hashlen; SHA_State s; unsigned char digest[20]; Bignum ytest; dss = dss_newkey((char *) pub_blob, pub_len); if (!dss) return NULL; dss->x = getmp(&pb, &priv_len); if (!dss->x) { dss_freekey(dss); return NULL; } /* * Check the obsolete hash in the old DSS key format. */ hashlen = -1; getstring(&pb, &priv_len, &hash, &hashlen); if (hashlen == 20) { SHA_Init(&s); sha_mpint(&s, dss->p); sha_mpint(&s, dss->q); sha_mpint(&s, dss->g); SHA_Final(&s, digest); if (0 != memcmp(hash, digest, 20)) { dss_freekey(dss); return NULL; } } /* * Now ensure g^x mod p really is y. */ ytest = modpow(dss->g, dss->x, dss->p); if (0 != bignum_cmp(ytest, dss->y)) { dss_freekey(dss); freebn(ytest); return NULL; } freebn(ytest); return dss; }
static void *rsa2_openssh_createkey(unsigned char **blob, int *len) { char **b = (char **) blob; struct RSAKey *rsa; rsa = snew(struct RSAKey); if (!rsa) return NULL; rsa->comment = NULL; rsa->modulus = getmp(b, len); rsa->exponent = getmp(b, len); rsa->private_exponent = getmp(b, len); rsa->iqmp = getmp(b, len); rsa->p = getmp(b, len); rsa->q = getmp(b, len); if (!rsa->modulus || !rsa->exponent || !rsa->private_exponent || !rsa->iqmp || !rsa->p || !rsa->q) { sfree(rsa->modulus); sfree(rsa->exponent); sfree(rsa->private_exponent); sfree(rsa->iqmp); sfree(rsa->p); sfree(rsa->q); sfree(rsa); return NULL; } return rsa; }
static void *dss_newkey(char *data, int len) { char *p; int slen; dss_key *dss; dss = snewn(1,dss_key); getstring(&data, &len, &p, &slen); #ifdef DEBUG_DSS { int i; printf("key:"); for (i = 0; i < len; i++) printf(" %02x", (unsigned char) (data[i])); printf("\n"); } #endif if (!p || slen != 7 || memcmp(p, "ssh-dss", 7)) { sfree(dss); return NULL; } dss->p = getmp(&data, &len); dss->q = getmp(&data, &len); dss->g = getmp(&data, &len); dss->y = getmp(&data, &len); dss->x = NULL; if (!dss->p || !dss->q || !dss->g || !dss->y || !bignum_cmp(dss->q, Zero) || !bignum_cmp(dss->p, Zero)) { /* Invalid key. */ dss_freekey(dss); return NULL; } return dss; }
static void *rsa2_newkey(char *data, int len) { char *p; int slen; struct RSAKey *rsa; rsa = snew(struct RSAKey); if (!rsa) return NULL; getstring(&data, &len, &p, &slen); if (!p || slen != 7 || memcmp(p, "ssh-rsa", 7)) { sfree(rsa); return NULL; } rsa->exponent = getmp(&data, &len); rsa->modulus = getmp(&data, &len); rsa->private_exponent = NULL; rsa->comment = NULL; return rsa; }
static void *dss_openssh_createkey(unsigned char **blob, int *len) { char **b = (char **) blob; struct dss_key *dss; dss = snew(struct dss_key); dss->p = getmp(b, len); dss->q = getmp(b, len); dss->g = getmp(b, len); dss->y = getmp(b, len); dss->x = getmp(b, len); if (!dss->p || !dss->q || !dss->g || !dss->y || !dss->x || !bignum_cmp(dss->q, Zero) || !bignum_cmp(dss->p, Zero)) { /* Invalid key. */ dss_freekey(dss); return NULL; } return dss; }
static struct inode * getinode(struct vfs *vfsp, dev_t dev, ino_t inode, int *perror) { struct mount *mp = (vfsp ? VFSTOM(vfsp) : 0); struct inode *pip; *perror = 0; if (!mp && !(mp = getmp(dev))) { u.u_error = ENXIO; return (NULL); } pip = iget(dev, mp, inode); if (!pip) *perror = BAD_IGET; return (pip); }
static int rsa2_verifysig(void *key, char *sig, int siglen, char *data, int datalen) { struct RSAKey *rsa = (struct RSAKey *) key; Bignum in, out; char *p; int slen; int bytes, i, j, ret; unsigned char hash[20]; getstring(&sig, &siglen, &p, &slen); if (!p || slen != 7 || memcmp(p, "ssh-rsa", 7)) { return 0; } in = getmp(&sig, &siglen); out = modpow(in, rsa->exponent, rsa->modulus); freebn(in); ret = 1; bytes = (bignum_bitcount(rsa->modulus)+7) / 8; /* Top (partial) byte should be zero. */ if (bignum_byte(out, bytes - 1) != 0) ret = 0; /* First whole byte should be 1. */ if (bignum_byte(out, bytes - 2) != 1) ret = 0; /* Most of the rest should be FF. */ for (i = bytes - 3; i >= 20 + ASN1_LEN; i--) { if (bignum_byte(out, i) != 0xFF) ret = 0; } /* Then we expect to see the asn1_weird_stuff. */ for (i = 20 + ASN1_LEN - 1, j = 0; i >= 20; i--, j++) { if (bignum_byte(out, i) != asn1_weird_stuff[j]) ret = 0; } /* Finally, we expect to see the SHA-1 hash of the signed data. */ SHA_Simple(data, datalen, hash); for (i = 19, j = 0; i >= 0; i--, j++) { if (bignum_byte(out, i) != hash[j]) ret = 0; } freebn(out); return ret; }
bool RSAKey::LoadFromPrivateBlob( const CString &str ) { int len = str.size(); const char *data = str.data(); this->exponent = getmp(&data, &len); this->modulus = getmp(&data, &len); this->private_exponent = getmp(&data, &len); this->p = getmp(&data, &len); this->q = getmp(&data, &len); this->iqmp = getmp(&data, &len); if (!this->Check()) return false; return true; }