diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-06-25 04:47:54 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-06-25 04:47:54 +0000 |
| commit | 34f91883a6f3123656b0a8017d68b658f7cf2403 (patch) | |
| tree | cd6d3386df38e8a2a6702bcdbf08365f12ba9472 | |
| parent | 90fd060bc852072ebe351ddacaced7c267d53f96 (diff) | |
- markus@cvs.openbsd.org 2001/06/23 06:41:10
[ssh-keygen.c]
try to decode ssh-3.0.0 private rsa keys
(allow migration to openssh, not vice versa), #910
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | ssh-keygen.c | 31 |
2 files changed, 26 insertions, 11 deletions
@@ -63,6 +63,10 @@ - deraadt@cvs.openbsd.org 2001/06/23 05:57:09 [sftp.1 sftp-server.8 ssh-keygen.1] ok, tmac is now fixed + - markus@cvs.openbsd.org 2001/06/23 06:41:10 + [ssh-keygen.c] + try to decode ssh-3.0.0 private rsa keys + (allow migration to openssh, not vice versa), #910 20010622 - (stevesk) handle systems without pw_expire and pw_change. @@ -5747,4 +5751,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1313 2001/06/25 04:45:33 mouring Exp $ +$Id: ChangeLog,v 1.1314 2001/06/25 04:47:54 mouring Exp $ diff --git a/ssh-keygen.c b/ssh-keygen.c index d1b2a583..bd7eea9a 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.61 2001/05/25 14:37:32 markus Exp $"); +RCSID("$OpenBSD: ssh-keygen.c,v 1.62 2001/06/23 06:41:10 markus Exp $"); #include <openssl/evp.h> #include <openssl/pem.h> @@ -187,7 +187,8 @@ do_convert_private_ssh2_from_blob(char *blob, int blen) { Buffer b; Key *key = NULL; - int ignore, magic, rlen, ktype; + int magic, rlen, ktype, i1, i2, i3, i4; + u_long e; char *type, *cipher; buffer_init(&b); @@ -199,13 +200,13 @@ do_convert_private_ssh2_from_blob(char *blob, int blen) buffer_free(&b); return NULL; } - ignore = buffer_get_int(&b); + i1 = buffer_get_int(&b); type = buffer_get_string(&b, NULL); cipher = buffer_get_string(&b, NULL); - ignore = buffer_get_int(&b); - ignore = buffer_get_int(&b); - ignore = buffer_get_int(&b); - + i2 = buffer_get_int(&b); + i3 = buffer_get_int(&b); + i4 = buffer_get_int(&b); + debug("ignore (%d %d %d %d)", i1,i2,i3,i4); if (strcmp(cipher, "none") != 0) { error("unsupported cipher %s", cipher); xfree(cipher); @@ -235,7 +236,17 @@ do_convert_private_ssh2_from_blob(char *blob, int blen) buffer_get_bignum_bits(&b, key->dsa->priv_key); break; case KEY_RSA: - if (!BN_set_word(key->rsa->e, (u_long) buffer_get_char(&b))) { + e = buffer_get_char(&b); + debug("e %lx", e); + if (e < 30) { + e <<= 8; + e += buffer_get_char(&b); + debug("e %lx", e); + e <<= 8; + e += buffer_get_char(&b); + debug("e %lx", e); + } + if (!BN_set_word(key->rsa->e, e)) { buffer_free(&b); key_free(key); return NULL; @@ -258,8 +269,8 @@ do_convert_private_ssh2_from_blob(char *blob, int blen) u_int slen; u_char *sig, data[10] = "abcde12345"; - key_sign(key, &sig, &slen, data, sizeof data); - key_verify(key, sig, slen, data, sizeof data); + key_sign(key, &sig, &slen, data, sizeof(data)); + key_verify(key, sig, slen, data, sizeof(data)); xfree(sig); } #endif |