| /openssh-portable/ |
| H A D | auth2-hostbased.c | 64 struct sshkey *key = NULL; in userauth_hostbased() local
95 if (key == NULL) { in userauth_hostbased()
99 if (key->type != pktype) { in userauth_hostbased()
112 __func__, sshkey_type(key)); in userauth_hostbased()
118 (key->cert == NULL || key->cert->signature_type == NULL) ? in userauth_hostbased()
151 chost, key)) && in userauth_hostbased()
160 sshkey_free(key); in userauth_hostbased()
179 if (auth_key_is_revoked(key)) in hostbased_key_allowed()
216 if (sshkey_is_cert(key) && in hostbased_key_allowed()
236 if (sshkey_is_cert(key)) { in hostbased_key_allowed()
[all …]
|
| H A D | ssh-xmss.c | 53 if (key == NULL || in ssh_xmss_sign()
54 sshkey_type_plain(key->type) != KEY_XMSS || in ssh_xmss_sign()
55 key->xmss_sk == NULL || in ssh_xmss_sign()
56 sshkey_xmss_params(key) == NULL) in ssh_xmss_sign()
67 if ((ret = xmss_sign(key->xmss_sk, sshkey_xmss_bds_state(key), sig, &smlen, in ssh_xmss_sign()
115 ssh_xmss_verify(const struct sshkey *key, in ssh_xmss_verify() argument
127 if (key == NULL || in ssh_xmss_verify()
128 sshkey_type_plain(key->type) != KEY_XMSS || in ssh_xmss_verify()
129 key->xmss_pk == NULL || in ssh_xmss_verify()
130 sshkey_xmss_params(key) == NULL || in ssh_xmss_verify()
[all …]
|
| H A D | auth2-pubkey.c | 93 struct sshkey *key = NULL; in userauth_pubkey() local
132 if (key == NULL) { in userauth_pubkey()
136 if (key->type != pktype) { in userauth_pubkey()
159 (key->cert == NULL || key->cert->signature_type == NULL) ? in userauth_pubkey()
163 key_s = format_key(key); in userauth_pubkey()
164 if (sshkey_is_cert(key)) in userauth_pubkey()
261 sshkey_free(key); in userauth_pubkey()
582 int want_keytype = sshkey_is_cert(key) ? KEY_UNSPEC : key->type; in check_authkey_line()
621 if (sshkey_is_cert(key)) { in check_authkey_line()
686 key->cert->key_id, in check_authkey_line()
[all …]
|
| H A D | xmss_hash.c | 51 buf[i+n] = key[i]; in core_hash_SHA2()
74 int prf(unsigned char *out, const unsigned char *in, const unsigned char *key, unsigned int keylen) in prf() argument
76 return core_hash_SHA2(out, 3, key, keylen, in, 32, keylen); in prf()
82 …t, const unsigned char *in, unsigned long long inlen, const unsigned char *key, const unsigned int… in h_msg() argument
88 return core_hash_SHA2(out, 2, key, keylen, in, inlen, n); in h_msg()
98 unsigned char key[n]; in hash_h() local
105 prf(key, byte_addr, pub_seed, n); in hash_h()
116 return core_hash_SHA2(out, 1, key, n, buf, 2*n, n); in hash_h()
122 unsigned char key[n]; in hash_f() local
129 prf(key, byte_addr, pub_seed, n); in hash_f()
[all …]
|
| H A D | sshkey.c | 738 if (key == NULL) in to_blob_buf()
747 type = force_plain ? sshkey_type_plain(key->type) : key->type; in to_blob_buf()
809 if (key->xmss_name == NULL || key->xmss_pk == NULL || in to_blob_buf()
815 key->xmss_pk, sshkey_xmss_pklen(key))) != 0 || in to_blob_buf()
2151 key->cert->nprincipals, key->cert->nprincipals + 1, in cert_parse()
2353 if ((key->ecdsa = EC_KEY_new_by_curve_name(key->ecdsa_nid)) in sshkey_from_blob_internal()
2449 *keyp = key; in sshkey_from_blob_internal()
2450 key = NULL; in sshkey_from_blob_internal()
2544 if (key->cert == NULL || key->cert->signature_type == NULL) in sshkey_check_cert_sigtype()
3731 free(key); in sshkey_private_to_blob2()
[all …]
|
| H A D | ssh-ecdsa.c | 50 ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, in ssh_ecdsa_sign() argument
66 if (key == NULL || key->ecdsa == NULL || in ssh_ecdsa_sign()
67 sshkey_type_plain(key->type) != KEY_ECDSA) in ssh_ecdsa_sign()
70 if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || in ssh_ecdsa_sign()
77 if ((sig = ECDSA_do_sign(digest, dlen, key->ecdsa)) == NULL) { in ssh_ecdsa_sign()
114 ssh_ecdsa_verify(const struct sshkey *key, in ssh_ecdsa_verify() argument
127 if (key == NULL || key->ecdsa == NULL || in ssh_ecdsa_verify()
128 sshkey_type_plain(key->type) != KEY_ECDSA || in ssh_ecdsa_verify()
132 if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || in ssh_ecdsa_verify()
144 if (strcmp(sshkey_ssh_name_plain(key), ktype) != 0) { in ssh_ecdsa_verify()
[all …]
|
| H A D | ssh-rsa.c | 117 if (key == NULL || key->rsa == NULL || in ssh_rsa_complete_crt_parameters()
118 sshkey_type_plain(key->type) != KEY_RSA) in ssh_rsa_complete_crt_parameters()
121 RSA_get0_key(key->rsa, NULL, NULL, &rsa_d); in ssh_rsa_complete_crt_parameters()
122 RSA_get0_factors(key->rsa, &rsa_p, &rsa_q); in ssh_rsa_complete_crt_parameters()
183 if (key == NULL || key->rsa == NULL || hash_alg == -1 || in ssh_rsa_sign()
186 RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); in ssh_rsa_sign()
189 slen = RSA_size(key->rsa); in ssh_rsa_sign()
245 ssh_rsa_verify(const struct sshkey *key, in ssh_rsa_verify() argument
256 if (key == NULL || key->rsa == NULL || in ssh_rsa_verify()
297 modlen = RSA_size(key->rsa); in ssh_rsa_verify()
[all …]
|
| H A D | ssh-ed25519.c | 36 ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, in ssh_ed25519_sign() argument
50 if (key == NULL || in ssh_ed25519_sign()
51 sshkey_type_plain(key->type) != KEY_ED25519 || in ssh_ed25519_sign()
52 key->ed25519_sk == NULL || in ssh_ed25519_sign()
60 key->ed25519_sk)) != 0 || smlen <= datalen) { in ssh_ed25519_sign()
95 ssh_ed25519_verify(const struct sshkey *key, in ssh_ed25519_verify() argument
107 if (key == NULL || in ssh_ed25519_verify()
108 sshkey_type_plain(key->type) != KEY_ED25519 || in ssh_ed25519_verify()
109 key->ed25519_pk == NULL || in ssh_ed25519_verify()
144 key->ed25519_pk)) != 0) { in ssh_ed25519_verify()
|
| H A D | authfile.c | 384 struct sshkey *key = NULL, *cert = NULL; in sshkey_load_private_cert() local
405 passphrase, &key, NULL)) != 0 || in sshkey_load_private_cert()
410 if (sshkey_equal_public(key, cert) == 0) { in sshkey_load_private_cert()
415 if ((r = sshkey_to_certified(key)) != 0 || in sshkey_load_private_cert()
416 (r = sshkey_cert_copy(cert, key)) != 0) in sshkey_load_private_cert()
420 *keyp = key; in sshkey_load_private_cert()
421 key = NULL; in sshkey_load_private_cert()
424 sshkey_free(key); in sshkey_load_private_cert()
482 if (sshkey_compare(key, pub) || in sshkey_in_file()
483 (check_ca && sshkey_is_cert(key) && in sshkey_in_file()
[all …]
|
| H A D | sshkey.h | 223 int sshkey_private_serialize(struct sshkey *key, struct sshbuf *buf);
224 int sshkey_private_serialize_opt(struct sshkey *key, struct sshbuf *buf,
229 int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob,
254 int ssh_rsa_sign(const struct sshkey *key,
257 int ssh_rsa_verify(const struct sshkey *key,
260 int ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
262 int ssh_dss_verify(const struct sshkey *key,
267 int ssh_ecdsa_verify(const struct sshkey *key,
272 int ssh_ed25519_verify(const struct sshkey *key,
275 int ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
[all …]
|
| H A D | ssh-keysign.c | 70 struct sshkey *key = NULL; in valid_request() local
124 } else if (key->type != pktype) in valid_request()
157 sshkey_free(key); in valid_request()
159 *ret = key; in valid_request()
170 struct sshkey *keys[NUM_KEYTYPES], *key = NULL; in main() local
229 NULL, &key, NULL); in main()
233 else if (key != NULL) { in main()
234 keys[i] = key; in main()
261 if (valid_request(pw, host, &key, data, dlen) < 0) in main()
268 sshkey_equal_public(key, keys[i])) { in main()
[all …]
|
| H A D | sshd.c | 617 struct sshkey *key; local
625 if (key == NULL)
627 if (key == NULL)
644 if (key == NULL)
673 struct sshkey *key; local
690 if (key != NULL && key->type == type &&
691 (key->type != KEY_ECDSA || key->ecdsa_nid == nid))
757 struct sshkey *key; local
770 if (key == NULL || key->type == KEY_UNSPEC ||
1430 struct sshkey *key; local
[all …]
|
| H A D | sshconnect2.c | 611 id->key ? sshkey_type(id->key) : "", id->key ? " " : "", in format_identity()
662 if (sshkey_equal(key, id->key)) { in input_userauth_pk_ok()
1111 (key->type != KEY_RSA && key->type != KEY_RSA_CERT) || in key_sig_algorithm()
1230 if (sshkey_equal_public(id->key, private_id->key) && in sign_and_send_pubkey()
1231 id->key->type != private_id->key->type) { in sign_and_send_pubkey()
1523 if (key && key->cert && key->cert->type != SSH2_CERT_TYPE_USER) in pubkey_prepare()
1528 id->key = key; in pubkey_prepare()
1536 if (!sshkey_is_cert(key) || key->cert == NULL || in pubkey_prepare()
1541 id->key = key; in pubkey_prepare()
1600 if (sshkey_equal(id->key, id2->key)) { in pubkey_prepare()
[all …]
|
| H A D | ssh-dss.c | 52 ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, in ssh_dss_sign() argument
67 if (key == NULL || key->dsa == NULL || in ssh_dss_sign()
68 sshkey_type_plain(key->type) != KEY_DSA) in ssh_dss_sign()
77 if ((sig = DSA_do_sign(digest, dlen, key->dsa)) == NULL) { in ssh_dss_sign()
120 ssh_dss_verify(const struct sshkey *key, in ssh_dss_verify() argument
132 if (key == NULL || key->dsa == NULL || in ssh_dss_verify()
133 sshkey_type_plain(key->type) != KEY_DSA || in ssh_dss_verify()
184 switch (DSA_do_verify(digest, dlen, sig, key->dsa)) { in ssh_dss_verify()
|
| H A D | ssh_api.c | 152 sshkey_free(k->key); in ssh_free()
193 k_prv->key = key; in ssh_add_hostkey()
197 k->key = pubkey; in ssh_add_hostkey()
203 k->key = key; in ssh_add_hostkey()
462 if (k->key->type == type && in _ssh_host_public_key()
464 return (k->key); in _ssh_host_public_key()
477 if (k->key->type == type && in _ssh_host_private_key()
479 return (k->key); in _ssh_host_private_key()
492 if (sshkey_equal_public(hostkey, k->key)) in _ssh_verify_host_key()
526 if (k->key->type == ktype || in _ssh_order_hostkeyalgs()
[all …]
|
| H A D | hostfile.c | 260 hostkeys->entries[hostkeys->num_entries].key = l->key; in record_hostkey()
261 l->key = NULL; /* steal it */ in record_hostkey()
319 hostkeys->entries[i].key)) in check_key_not_revoked()
361 k = hostkeys->entries[i].key; in check_hostkeys_by_key_or_type()
366 hostkeys->entries[i].key)) { in check_hostkeys_by_key_or_type()
398 if (key == NULL) in check_key_in_hostkeys()
453 if (key == NULL) in add_host_to_hostfile()
686 sshkey_free(lineinfo.key); in hostkeys_foreach()
817 sshkey_free(lineinfo.key); in hostkeys_foreach()
818 lineinfo.key = NULL; in hostkeys_foreach()
[all …]
|
| H A D | ssh-pkcs11-client.c | 120 struct sshkey *key = NULL; in rsa_encrypt() local
129 if (key == NULL) { in rsa_encrypt()
133 key->type = KEY_RSA; in rsa_encrypt()
135 key->rsa = rsa; in rsa_encrypt()
161 sshkey_free(key); in rsa_encrypt()
171 struct sshkey *key = NULL; in ecdsa_do_sign() local
186 if (key == NULL) { in ecdsa_do_sign()
190 key->ecdsa = ec; in ecdsa_do_sign()
191 key->ecdsa_nid = nid; in ecdsa_do_sign()
192 key->type = KEY_ECDSA; in ecdsa_do_sign()
[all …]
|
| H A D | ssh-pkcs11-helper.c | 47 struct sshkey *key; member
67 ki->key = k; in add_key()
81 sshkey_free(ki->key); in del_keys_by_name()
95 if (sshkey_equal(k, ki->key)) in lookup_key()
96 return (ki->key); in lookup_key()
184 struct sshkey *key, *found; in process_sign() local
200 if (key->type == KEY_RSA) { in process_sign()
201 slen = RSA_size(key->rsa); in process_sign()
210 } else if (key->type == KEY_ECDSA) { in process_sign()
211 u_int xslen = ECDSA_size(key->ecdsa); in process_sign()
[all …]
|
| H A D | krl.c | 458 if (!sshkey_is_cert(key)) in ssh_krl_revoke_key()
461 if (key->cert->serial == 0) { in ssh_krl_revoke_key()
463 key->cert->signature_key, in ssh_krl_revoke_key()
464 key->cert->key_id); in ssh_krl_revoke_key()
468 key->cert->serial); in ssh_krl_revoke_key()
1101 ca_used[nca_used++] = key; in ssh_krl_from_blob()
1102 key = NULL; in ssh_krl_from_blob()
1213 sshkey_free(key); in ssh_krl_from_blob()
1239 if (key->cert->serial == 0) in is_cert_revoked()
1294 if (!sshkey_is_cert(key)) in is_key_revoked()
[all …]
|
| H A D | kexc25519.c | 50 kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) in kexc25519_keygen()
54 arc4random_buf(key, CURVE25519_SIZE); in kexc25519_keygen()
55 crypto_scalarmult_curve25519(pub, key, basepoint); in kexc25519_keygen()
59 kexc25519_shared_key_ext(const u_char key[CURVE25519_SIZE], in kexc25519_shared_key_ext()
66 crypto_scalarmult_curve25519(shared_key, key, pub); in kexc25519_shared_key_ext()
85 kexc25519_shared_key(const u_char key[CURVE25519_SIZE], in kexc25519_shared_key()
88 return kexc25519_shared_key_ext(key, pub, out, 0); in kexc25519_shared_key()
|
| H A D | krl.h | 54 int ssh_krl_revoke_key_explicit(struct ssh_krl *krl, const struct sshkey *key);
57 int ssh_krl_revoke_key(struct ssh_krl *krl, const struct sshkey *key);
62 int ssh_krl_check_key(struct ssh_krl *krl, const struct sshkey *key);
63 int ssh_krl_file_contains_key(const char *path, const struct sshkey *key);
|
| H A D | sshkey-xmss.c | 97 if (key->xmss_state != NULL) in sshkey_xmss_init()
131 key->xmss_state = state; in sshkey_xmss_init()
140 sshkey_xmss_free_bds(key); in sshkey_xmss_free_state()
149 key->xmss_state = NULL; in sshkey_xmss_free_state()
176 sshkey_xmss_free_bds(key); in sshkey_xmss_init_bds_state()
839 u_char *cp, *key, *iv = NULL; in sshkey_xmss_encrypt_state() local
861 key = state->enc_keyiv; in sshkey_xmss_encrypt_state()
871 memcpy(iv, key + keylen, ivlen); in sshkey_xmss_encrypt_state()
930 u_char *key, *iv = NULL, *dp; in sshkey_xmss_decrypt_state() local
953 key = state->enc_keyiv; in sshkey_xmss_decrypt_state()
[all …]
|
| H A D | poly1305.c | 34 …OLY1305_TAGLEN], const unsigned char *m, size_t inlen, const unsigned char key[POLY1305_KEYLEN]) { in poly1305_auth()
48 t0 = U8TO32_LE(key+0); in poly1305_auth()
49 t1 = U8TO32_LE(key+4); in poly1305_auth()
50 t2 = U8TO32_LE(key+8); in poly1305_auth()
51 t3 = U8TO32_LE(key+12); in poly1305_auth()
151 f0 = ((h0 ) | (h1 << 26)) + (uint64_t)U8TO32_LE(&key[16]); in poly1305_auth()
152 f1 = ((h1 >> 6) | (h2 << 20)) + (uint64_t)U8TO32_LE(&key[20]); in poly1305_auth()
153 f2 = ((h2 >> 12) | (h3 << 14)) + (uint64_t)U8TO32_LE(&key[24]); in poly1305_auth()
154 f3 = ((h3 >> 18) | (h4 << 8)) + (uint64_t)U8TO32_LE(&key[28]); in poly1305_auth()
|
| H A D | ssh-pkcs11.c | 794 if (key == NULL) { in pkcs11_fetch_ecdsa_pubkey()
799 key->ecdsa = ec; in pkcs11_fetch_ecdsa_pubkey()
815 return (key); in pkcs11_fetch_ecdsa_pubkey()
890 if (key == NULL) { in pkcs11_fetch_rsa_pubkey()
895 key->rsa = rsa; in pkcs11_fetch_rsa_pubkey()
905 return (key); in pkcs11_fetch_rsa_pubkey()
1004 key->rsa = rsa; in pkcs11_fetch_x509_pubkey()
1034 key->ecdsa = ec; in pkcs11_fetch_x509_pubkey()
1052 return (key); in pkcs11_fetch_x509_pubkey()
1131 key = NULL; in pkcs11_fetch_certs()
[all …]
|
| H A D | hmac.c | 66 ssh_hmac_init(struct ssh_hmac_ctx *ctx, const void *key, size_t klen) in ssh_hmac_init() argument
71 if (key != NULL) { in ssh_hmac_init()
74 memcpy(ctx->buf, key, klen); in ssh_hmac_init()
75 else if (ssh_digest_memory(ctx->alg, key, klen, ctx->buf, in ssh_hmac_init()
143 hmac_test(void *key, size_t klen, void *m, size_t mlen, u_char *e, size_t elen) in hmac_test() argument
151 if (ssh_hmac_init(ctx, key, klen) < 0 || in hmac_test()
|