sync with OpenBSD -current
This commit is contained in:
parent
e247f83c76
commit
b5dda3c267
GPG key ID:
F42C07F07E2E35B7
69 changed files with 3745 additions and 3354 deletions
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ssh-keygen.c,v 1.472 2024/01/11 01:45:36 djm Exp $ */
|
||||
/* $OpenBSD: ssh-keygen.c,v 1.473 2024/08/15 00:51:51 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
|
@ -362,7 +362,8 @@ do_convert_to_pkcs8(struct sshkey *k)
|
|||
{
|
||||
switch (sshkey_type_plain(k->type)) {
|
||||
case KEY_RSA:
|
||||
if (!PEM_write_RSA_PUBKEY(stdout, k->rsa))
|
||||
if (!PEM_write_RSA_PUBKEY(stdout,
|
||||
EVP_PKEY_get0_RSA(k->pkey)))
|
||||
fatal("PEM_write_RSA_PUBKEY failed");
|
||||
break;
|
||||
#ifdef WITH_DSA
|
||||
|
|
@ -372,7 +373,8 @@ do_convert_to_pkcs8(struct sshkey *k)
|
|||
break;
|
||||
#endif
|
||||
case KEY_ECDSA:
|
||||
if (!PEM_write_EC_PUBKEY(stdout, k->ecdsa))
|
||||
if (!PEM_write_EC_PUBKEY(stdout,
|
||||
EVP_PKEY_get0_EC_KEY(k->pkey)))
|
||||
fatal("PEM_write_EC_PUBKEY failed");
|
||||
break;
|
||||
default:
|
||||
|
|
@ -386,7 +388,8 @@ do_convert_to_pem(struct sshkey *k)
|
|||
{
|
||||
switch (sshkey_type_plain(k->type)) {
|
||||
case KEY_RSA:
|
||||
if (!PEM_write_RSAPublicKey(stdout, k->rsa))
|
||||
if (!PEM_write_RSAPublicKey(stdout,
|
||||
EVP_PKEY_get0_RSA(k->pkey)))
|
||||
fatal("PEM_write_RSAPublicKey failed");
|
||||
break;
|
||||
#ifdef WITH_DSA
|
||||
|
|
@ -396,7 +399,8 @@ do_convert_to_pem(struct sshkey *k)
|
|||
break;
|
||||
#endif
|
||||
case KEY_ECDSA:
|
||||
if (!PEM_write_EC_PUBKEY(stdout, k->ecdsa))
|
||||
if (!PEM_write_EC_PUBKEY(stdout,
|
||||
EVP_PKEY_get0_EC_KEY(k->pkey)))
|
||||
fatal("PEM_write_EC_PUBKEY failed");
|
||||
break;
|
||||
default:
|
||||
|
|
@ -473,6 +477,8 @@ do_convert_private_ssh2(struct sshbuf *b)
|
|||
#endif
|
||||
BIGNUM *rsa_n = NULL, *rsa_e = NULL, *rsa_d = NULL;
|
||||
BIGNUM *rsa_p = NULL, *rsa_q = NULL, *rsa_iqmp = NULL;
|
||||
BIGNUM *rsa_dmp1 = NULL, *rsa_dmq1 = NULL;
|
||||
RSA *rsa = NULL;
|
||||
|
||||
if ((r = sshbuf_get_u32(b, &magic)) != 0)
|
||||
fatal_fr(r, "parse magic");
|
||||
|
|
@ -567,15 +573,25 @@ do_convert_private_ssh2(struct sshbuf *b)
|
|||
buffer_get_bignum_bits(b, rsa_iqmp);
|
||||
buffer_get_bignum_bits(b, rsa_q);
|
||||
buffer_get_bignum_bits(b, rsa_p);
|
||||
if (!RSA_set0_key(key->rsa, rsa_n, rsa_e, rsa_d))
|
||||
if ((r = ssh_rsa_complete_crt_parameters(rsa_d, rsa_p, rsa_q,
|
||||
rsa_iqmp, &rsa_dmp1, &rsa_dmq1)) != 0)
|
||||
fatal_fr(r, "generate RSA CRT parameters");
|
||||
if ((key->pkey = EVP_PKEY_new()) == NULL)
|
||||
fatal_f("EVP_PKEY_new failed");
|
||||
if ((rsa = RSA_new()) == NULL)
|
||||
fatal_f("RSA_new failed");
|
||||
if (!RSA_set0_key(rsa, rsa_n, rsa_e, rsa_d))
|
||||
fatal_f("RSA_set0_key failed");
|
||||
rsa_n = rsa_e = rsa_d = NULL; /* transferred */
|
||||
if (!RSA_set0_factors(key->rsa, rsa_p, rsa_q))
|
||||
if (!RSA_set0_factors(rsa, rsa_p, rsa_q))
|
||||
fatal_f("RSA_set0_factors failed");
|
||||
rsa_p = rsa_q = NULL; /* transferred */
|
||||
if ((r = ssh_rsa_complete_crt_parameters(key, rsa_iqmp)) != 0)
|
||||
fatal_fr(r, "generate RSA parameters");
|
||||
BN_clear_free(rsa_iqmp);
|
||||
if (RSA_set0_crt_params(rsa, rsa_dmp1, rsa_dmq1, rsa_iqmp) != 1)
|
||||
fatal_f("RSA_set0_crt_params failed");
|
||||
rsa_dmp1 = rsa_dmq1 = rsa_iqmp = NULL;
|
||||
if (EVP_PKEY_set1_RSA(key->pkey, rsa) != 1)
|
||||
fatal_f("EVP_PKEY_set1_RSA failed");
|
||||
RSA_free(rsa);
|
||||
alg = "rsa-sha2-256";
|
||||
break;
|
||||
}
|
||||
|
|
@ -695,7 +711,8 @@ do_convert_from_pkcs8(struct sshkey **k, int *private)
|
|||
if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
|
||||
fatal("sshkey_new failed");
|
||||
(*k)->type = KEY_RSA;
|
||||
(*k)->rsa = EVP_PKEY_get1_RSA(pubkey);
|
||||
(*k)->pkey = pubkey;
|
||||
pubkey = NULL;
|
||||
break;
|
||||
#ifdef WITH_DSA
|
||||
case EVP_PKEY_DSA:
|
||||
|
|
@ -708,9 +725,11 @@ do_convert_from_pkcs8(struct sshkey **k, int *private)
|
|||
case EVP_PKEY_EC:
|
||||
if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
|
||||
fatal("sshkey_new failed");
|
||||
if (((*k)->ecdsa_nid = sshkey_ecdsa_fixup_group(pubkey)) == -1)
|
||||
fatal("sshkey_ecdsa_fixup_group failed");
|
||||
(*k)->type = KEY_ECDSA;
|
||||
(*k)->ecdsa = EVP_PKEY_get1_EC_KEY(pubkey);
|
||||
(*k)->ecdsa_nid = sshkey_ecdsa_key_to_nid((*k)->ecdsa);
|
||||
(*k)->pkey = pubkey;
|
||||
pubkey = NULL;
|
||||
break;
|
||||
default:
|
||||
fatal_f("unsupported pubkey type %d",
|
||||
|
|
@ -731,8 +750,12 @@ do_convert_from_pem(struct sshkey **k, int *private)
|
|||
if ((rsa = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL)) != NULL) {
|
||||
if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
|
||||
fatal("sshkey_new failed");
|
||||
if (((*k)->pkey = EVP_PKEY_new()) == NULL)
|
||||
fatal("EVP_PKEY_new failed");
|
||||
(*k)->type = KEY_RSA;
|
||||
(*k)->rsa = rsa;
|
||||
if (EVP_PKEY_set1_RSA((*k)->pkey, rsa) != 1)
|
||||
fatal("EVP_PKEY_set1_RSA failed");
|
||||
RSA_free(rsa);
|
||||
fclose(fp);
|
||||
return;
|
||||
}
|
||||
|
|
@ -779,12 +802,14 @@ do_convert_from(struct passwd *pw)
|
|||
break;
|
||||
#endif
|
||||
case KEY_ECDSA:
|
||||
ok = PEM_write_ECPrivateKey(stdout, k->ecdsa, NULL,
|
||||
NULL, 0, NULL, NULL);
|
||||
ok = PEM_write_ECPrivateKey(stdout,
|
||||
EVP_PKEY_get0_EC_KEY(k->pkey), NULL, NULL, 0,
|
||||
NULL, NULL);
|
||||
break;
|
||||
case KEY_RSA:
|
||||
ok = PEM_write_RSAPrivateKey(stdout, k->rsa, NULL,
|
||||
NULL, 0, NULL, NULL);
|
||||
ok = PEM_write_RSAPrivateKey(stdout,
|
||||
EVP_PKEY_get0_RSA(k->pkey), NULL, NULL, 0,
|
||||
NULL, NULL);
|
||||
break;
|
||||
default:
|
||||
fatal_f("unsupported key type %s", sshkey_type(k));
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue