paraslash Paraslash Audio Streaming
About   News   Download   Documentation   Development
Macros | Functions
crypt_backend.h File Reference

Non-public crypto interface. More...

Macros

#define AES_CRT128_BLOCK_SIZE   16
 AES block size in bytes. More...
 
#define PKT_PEM   (0)
 Legacy PEM keys (openssh-7.7 and earlier, paraslash.0.6.2 and earlier) More...
 
#define PKT_OPENSSH   (1)
 OPENSSH keys (since openssh-7.8, paraslash.0.6.3) More...
 

Functions

int decode_public_key (const char *filename, unsigned char **blob, size_t *decoded_size)
 Perform sanity checks and base64-decode an ssh-rsa key. More...
 
int decode_private_key (const char *key_file, unsigned char **result, size_t *blob_size)
 Decode an openssh-v1 (aka RFC4716) or PEM (aka ASN.1) private key. More...
 
int check_private_key_file (const char *file)
 Check existence and permissions of a private key file. More...
 
int find_openssh_bignum_offset (const unsigned char *data, int len)
 Check header of an openssh private key and compute bignum offset. More...
 

Detailed Description

Non-public crypto interface.

Macro Definition Documentation

◆ AES_CRT128_BLOCK_SIZE

#define AES_CRT128_BLOCK_SIZE   16

AES block size in bytes.

◆ PKT_PEM

#define PKT_PEM   (0)

Legacy PEM keys (openssh-7.7 and earlier, paraslash.0.6.2 and earlier)

◆ PKT_OPENSSH

#define PKT_OPENSSH   (1)

OPENSSH keys (since openssh-7.8, paraslash.0.6.3)

Function Documentation

◆ decode_public_key()

int decode_public_key ( const char *  filename,
unsigned char **  blob,
size_t *  decoded_size 
)

Perform sanity checks and base64-decode an ssh-rsa key.

Parameters
filenameThe public key file (usually id_rsa.pub).
blobPointer to base64-decoded blob is returned here.
decoded_sizeThe size of the decoded blob.

The memory pointed at by the returned blob pointer has to be freed by the caller.

Returns
On success, the offset in bytes of the start of the key values (modulus, exponent..). This is the number of bytes to skip from the blob until the start of the first encoded number. On failure, a negative error code is returned.
See also
uudecode().

References mmap_full_file().

Referenced by apc_get_pubkey().

◆ decode_private_key()

int decode_private_key ( const char *  key_file,
unsigned char **  result,
size_t *  blob_size 
)

Decode an openssh-v1 (aka RFC4716) or PEM (aka ASN.1) private key.

Parameters
key_fileThe private key file (usually id_rsa).
resultPointer to base64-decoded blob is returned here.
blob_sizeThe size of the decoded blob.

This only checks header and footer and base64-decodes the part in between. No attempt to read the decoded part is made.

Returns
Negative on errors, PKT_PEM or PKT_OPENSSH on success, indicating the type of key.

References alloc(), base64_decode(), mmap_full_file(), PARA_INFO_LOG, para_isspace, para_munmap(), PARA_WARNING_LOG, PKT_OPENSSH, PKT_PEM, PRIVATE_OPENSSH_KEY_FOOTER, PRIVATE_OPENSSH_KEY_HEADER, PRIVATE_PEM_KEY_FOOTER, and PRIVATE_PEM_KEY_HEADER.

◆ check_private_key_file()

int check_private_key_file ( const char *  file)

Check existence and permissions of a private key file.

Parameters
fileThe path of the key file.

This checks whether the file exists and its permissions are restrictive enough. It is considered an error if we own the file and it is readable for others.

Returns
Standard.

References ERRNO_TO_PARA_ERROR.

Referenced by apc_priv_decrypt().

◆ find_openssh_bignum_offset()

int find_openssh_bignum_offset ( const unsigned char *  data,
int  len 
)

Check header of an openssh private key and compute bignum offset.

Parameters
dataThe base64-decoded key.
lenThe size of the decoded key.

Several assumptions are made about the key. Most notably, we only support single unencrypted keys without comments.

Returns
The offset at which the first bignum of the private key (the public exponent n) starts. Negative error code on failure.