crypt_common.c File Reference

Detailed Description

Crypto functions independent of openssl/libgcrypt.

Functions
int	decode_public_key (const char *filename, unsigned char **blob, size_t *decoded_size)
int	check_private_key_file (const char *file)
void	hash_to_asc (const unsigned char *hash, char *asc)
int	hash_compare (const unsigned char *h1, const unsigned char *h2)
int	find_openssh_bignum_offset (const unsigned char *data, int len)
int	decode_private_key (const char *key_file, unsigned char **result, size_t *blob_size)

Macros
#define	BASE64_MAX_DECODED_SIZE(_encoded_size)
#define	PAD64
#define	KEY_TYPE_TXT
#define	PRIVATE_OPENSSH_KEY_HEADER
#define	PRIVATE_OPENSSH_KEY_FOOTER

Function Documentation

decode_public_key()

int decode_public_key	(	const char *	filename,
		unsigned char **	blob,
		size_t *	decoded_size
	)

Perform sanity checks and base64-decode an ssh-rsa key.

Parameters

filename	The public key file (usually id_rsa.pub).
blob	Pointer to base64-decoded blob is returned here.
decoded_size	The size of the decoded blob.

The memory pointed at by the returned blob pointer has to be freed by the caller.

Returns

On success, the offset in bytes of the start of the key values (modulus, exponent..). This is the number of bytes to skip from the blob until the start of the first encoded number. On failure, a negative error code is returned.

Referenced by apc_get_pubkey().

check_private_key_file()

int check_private_key_file

(

const char *

file

)

Check existence and permissions of a private key file.

Parameters

file	The path of the key file.

This checks whether the file exists and its permissions are restrictive enough. It is considered an error if we own the file and it is readable for others.

Returns

Standard.

Referenced by apc_priv_decrypt().

hash_to_asc()

void hash_to_asc	(	const unsigned char *	hash,
		char *	asc
	)

Convert a hash value to ascii format.

Parameters

hash	the hash value.
asc	Result pointer.

The function writes exactly 2 * HASH_SIZE + 1 bytes to fill the result buffer with the ascii representation of the hash value and a terminating NUL byte.

hash_compare()

int hash_compare	(	const unsigned char *	h1,
		const unsigned char *	h2
	)

Compare two hashes.

Parameters

h1	Pointer to the first hash value.
h2	Pointer to the second hash value.

Returns

1, -1, or zero, depending on whether h1 is greater than, less than or equal to h2, respectively.

find_openssh_bignum_offset()

int find_openssh_bignum_offset	(	const unsigned char *	data,
		int	len
	)

Check header of an openssh private key and compute bignum offset.

Parameters

data	The base64-decoded key.
len	The size of the decoded key.

Several assumptions are made about the key. Most notably, we only support single unencrypted keys without comments.

Returns

The offset at which the first bignum of the private key (the public exponent n) starts. Negative error code on failure.

decode_private_key()

int decode_private_key	(	const char *	key_file,
		unsigned char **	result,
		size_t *	blob_size
	)

Decode an openssh-v1 (aka RFC4716) private key.

Parameters

key_file	The private key file (usually id_rsa).
result	Pointer to base64-decoded blob is returned here.
blob_size	The size of the decoded blob.

This only checks header and footer and base64-decodes the part in between. No attempt to read the decoded part is made.

Returns

Standard.

Macro Definition Documentation

BASE64_MAX_DECODED_SIZE

#define BASE64_MAX_DECODED_SIZE

(

_encoded_size

)

Maximal possible size of the decoded data.

PAD64

#define PAD64

KEY_TYPE_TXT

#define KEY_TYPE_TXT

If the key begins with this text, we treat it as an ssh key.

PRIVATE_OPENSSH_KEY_HEADER

#define PRIVATE_OPENSSH_KEY_HEADER

Private OPENSSH keys (RFC4716) start with this header.

PRIVATE_OPENSSH_KEY_FOOTER

#define PRIVATE_OPENSSH_KEY_FOOTER

Private OPENSSH keys (RFC4716) end with this footer.