/openssh-portable/ |
H A D | auth2-hostbased.c | 64 struct sshkey *key = NULL; in userauth_hostbased() local 95 if (key == NULL) { in userauth_hostbased() 99 if (key->type != pktype) { in userauth_hostbased() 112 sshkey_type(key)); in userauth_hostbased() 118 (key->cert == NULL || key->cert->signature_type == NULL) ? in userauth_hostbased() 151 chost, key)) && in userauth_hostbased() 160 sshkey_free(key); in userauth_hostbased() 179 if (auth_key_is_revoked(key)) in hostbased_key_allowed() 215 if (sshkey_is_cert(key) && in hostbased_key_allowed() 235 if (sshkey_is_cert(key)) { in hostbased_key_allowed() [all …]
|
H A D | ssh-sk.c | 237 *keyp = key; in sshsk_ecdsa_assemble() 242 sshkey_free(key); in sshsk_ecdsa_assemble() 272 *keyp = key; in sshsk_ed25519_assemble() 330 *keyp = key; in sshsk_key_from_response() 331 key = NULL; in sshsk_key_from_response() 537 *keyp = key; in sshsk_enroll() 635 provider_path, sshkey_type(key), key->sk_flags, in sshsk_sign() 667 __func__, key->sk_flags, key->sk_application); in sshsk_sign() 738 freezero(rks[i]->key.signature, rks[i]->key.signature_len); in sshsk_free_sk_resident_keys() 794 rks[i]->application, flags, &rks[i]->key, &key)) != 0) in sshsk_load_resident() [all …]
|
H A D | ssh-xmss.c | 53 if (key == NULL || in ssh_xmss_sign() 54 sshkey_type_plain(key->type) != KEY_XMSS || in ssh_xmss_sign() 55 key->xmss_sk == NULL || in ssh_xmss_sign() 56 sshkey_xmss_params(key) == NULL) in ssh_xmss_sign() 65 if ((r = sshkey_xmss_get_state(key, 1)) != 0) in ssh_xmss_sign() 67 if ((ret = xmss_sign(key->xmss_sk, sshkey_xmss_bds_state(key), sig, &smlen, in ssh_xmss_sign() 113 ssh_xmss_verify(const struct sshkey *key, in ssh_xmss_verify() argument 125 if (key == NULL || in ssh_xmss_verify() 127 key->xmss_pk == NULL || in ssh_xmss_verify() 128 sshkey_xmss_params(key) == NULL || in ssh_xmss_verify() [all …]
|
H A D | auth2-pubkey.c | 94 struct sshkey *key = NULL; in userauth_pubkey() local 133 if (key == NULL) { in userauth_pubkey() 137 if (key->type != pktype) { in userauth_pubkey() 154 sshkey_ssh_name(key)); in userauth_pubkey() 160 (key->cert == NULL || key->cert->signature_type == NULL) ? in userauth_pubkey() 164 key_s = format_key(key); in userauth_pubkey() 165 if (sshkey_is_cert(key)) in userauth_pubkey() 287 sshkey_free(key); in userauth_pubkey() 578 int want_keytype = sshkey_is_cert(key) ? KEY_UNSPEC : key->type; in check_authkey_line() 682 key->cert->key_id, in check_authkey_line() [all …]
|
H A D | sshkey.c | 808 if (key == NULL) in to_blob_buf() 817 type = force_plain ? sshkey_type_plain(key->type) : key->type; in to_blob_buf() 893 if (key->xmss_name == NULL || key->xmss_pk == NULL || in to_blob_buf() 899 key->xmss_pk, sshkey_xmss_pklen(key))) != 0 || in to_blob_buf() 2254 key->cert->principals = recallocarray(key->cert->principals, in cert_parse() 2255 key->cert->nprincipals, key->cert->nprincipals + 1, in cert_parse() 2460 if ((key->ecdsa = EC_KEY_new_by_curve_name(key->ecdsa_nid)) in sshkey_from_blob_internal() 2580 *keyp = key; in sshkey_from_blob_internal() 2581 key = NULL; in sshkey_from_blob_internal() 2675 if (key->cert == NULL || key->cert->signature_type == NULL) in sshkey_check_cert_sigtype() [all …]
|
H A D | xmss_hash.c | 51 buf[i+n] = key[i]; in core_hash_SHA2() 74 int prf(unsigned char *out, const unsigned char *in, const unsigned char *key, unsigned int keylen) in prf() argument 76 return core_hash_SHA2(out, 3, key, keylen, in, 32, keylen); in prf() 82 …t, const unsigned char *in, unsigned long long inlen, const unsigned char *key, const unsigned int… in h_msg() argument 88 return core_hash_SHA2(out, 2, key, keylen, in, inlen, n); in h_msg() 98 unsigned char key[n]; in hash_h() local 105 prf(key, byte_addr, pub_seed, n); in hash_h() 116 return core_hash_SHA2(out, 1, key, n, buf, 2*n, n); in hash_h() 122 unsigned char key[n]; in hash_f() local 129 prf(key, byte_addr, pub_seed, n); in hash_f() [all …]
|
H A D | ssh-ecdsa.c | 50 ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, in ssh_ecdsa_sign() argument 66 if (key == NULL || key->ecdsa == NULL || in ssh_ecdsa_sign() 67 sshkey_type_plain(key->type) != KEY_ECDSA) in ssh_ecdsa_sign() 70 if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || in ssh_ecdsa_sign() 77 if ((sig = ECDSA_do_sign(digest, dlen, key->ecdsa)) == NULL) { in ssh_ecdsa_sign() 114 ssh_ecdsa_verify(const struct sshkey *key, in ssh_ecdsa_verify() argument 127 if (key == NULL || key->ecdsa == NULL || in ssh_ecdsa_verify() 128 sshkey_type_plain(key->type) != KEY_ECDSA || in ssh_ecdsa_verify() 132 if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || in ssh_ecdsa_verify() 144 if (strcmp(sshkey_ssh_name_plain(key), ktype) != 0) { in ssh_ecdsa_verify() [all …]
|
H A D | ssh-rsa.c | 117 if (key == NULL || key->rsa == NULL || in ssh_rsa_complete_crt_parameters() 118 sshkey_type_plain(key->type) != KEY_RSA) in ssh_rsa_complete_crt_parameters() 121 RSA_get0_key(key->rsa, NULL, NULL, &rsa_d); in ssh_rsa_complete_crt_parameters() 122 RSA_get0_factors(key->rsa, &rsa_p, &rsa_q); in ssh_rsa_complete_crt_parameters() 183 if (key == NULL || key->rsa == NULL || hash_alg == -1 || in ssh_rsa_sign() 186 RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); in ssh_rsa_sign() 189 slen = RSA_size(key->rsa); in ssh_rsa_sign() 245 ssh_rsa_verify(const struct sshkey *key, in ssh_rsa_verify() argument 256 if (key == NULL || key->rsa == NULL || in ssh_rsa_verify() 297 modlen = RSA_size(key->rsa); in ssh_rsa_verify() [all …]
|
H A D | authfile.c | 322 struct sshkey *key = NULL, *cert = NULL; in sshkey_load_private_cert() local 343 passphrase, &key, NULL)) != 0 || in sshkey_load_private_cert() 348 if (sshkey_equal_public(key, cert) == 0) { in sshkey_load_private_cert() 353 if ((r = sshkey_to_certified(key)) != 0 || in sshkey_load_private_cert() 354 (r = sshkey_cert_copy(cert, key)) != 0) in sshkey_load_private_cert() 358 *keyp = key; in sshkey_load_private_cert() 359 key = NULL; in sshkey_load_private_cert() 362 sshkey_free(key); in sshkey_load_private_cert() 420 if (sshkey_compare(key, pub) || in sshkey_in_file() 421 (check_ca && sshkey_is_cert(key) && in sshkey_in_file() [all …]
|
H A D | ssh-ed25519.c | 36 ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, in ssh_ed25519_sign() argument 50 if (key == NULL || in ssh_ed25519_sign() 51 sshkey_type_plain(key->type) != KEY_ED25519 || in ssh_ed25519_sign() 52 key->ed25519_sk == NULL || in ssh_ed25519_sign() 60 key->ed25519_sk)) != 0 || smlen <= datalen) { in ssh_ed25519_sign() 93 ssh_ed25519_verify(const struct sshkey *key, in ssh_ed25519_verify() argument 105 if (key == NULL || in ssh_ed25519_verify() 106 sshkey_type_plain(key->type) != KEY_ED25519 || in ssh_ed25519_verify() 107 key->ed25519_pk == NULL || in ssh_ed25519_verify() 142 key->ed25519_pk)) != 0) { in ssh_ed25519_verify()
|
H A D | sshkey.h | 254 int sshkey_private_serialize(struct sshkey *key, struct sshbuf *buf); 260 int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, 278 int sshkey_private_serialize_maxsign(struct sshkey *key, 284 int ssh_rsa_sign(const struct sshkey *key, 287 int ssh_rsa_verify(const struct sshkey *key, 292 int ssh_dss_verify(const struct sshkey *key, 297 int ssh_ecdsa_verify(const struct sshkey *key, 300 int ssh_ecdsa_sk_verify(const struct sshkey *key, 306 int ssh_ed25519_verify(const struct sshkey *key, 309 int ssh_ed25519_sk_verify(const struct sshkey *key, [all …]
|
H A D | sshconnect2.c | 677 if (id->key) { in format_identity() 685 id->key ? sshkey_type(id->key) : "", id->key ? " " : "", in format_identity() 735 if (sshkey_equal(key, id->key)) { in input_userauth_pk_ok() 1350 if (sshkey_equal_public(id->key, private_id->key) && in sign_and_send_pubkey() 1351 id->key->type != private_id->key->type) { in sign_and_send_pubkey() 1647 if (key && key->cert && in pubkey_prepare() 1662 id->key = key; in pubkey_prepare() 1670 if (!sshkey_is_cert(key) || key->cert == NULL || in pubkey_prepare() 1685 id->key = key; in pubkey_prepare() 1739 if (sshkey_equal(id->key, id2->key)) { in pubkey_prepare() [all …]
|
H A D | ssh-keysign.c | 69 struct sshkey *key = NULL; in valid_request() local 123 } else if (key->type != pktype) in valid_request() 156 sshkey_free(key); in valid_request() 158 *ret = key; in valid_request() 169 struct sshkey *keys[NUM_KEYTYPES], *key = NULL; in main() local 228 NULL, &key, NULL); in main() 232 else if (key != NULL) { in main() 233 keys[i] = key; in main() 261 if (valid_request(pw, host, &key, data, dlen) < 0) in main() 268 sshkey_equal_public(key, keys[i])) { in main() [all …]
|
H A D | ssh-pkcs11-client.c | 120 struct sshkey *key = NULL; in rsa_encrypt() local 129 if (key == NULL) { in rsa_encrypt() 133 key->type = KEY_RSA; in rsa_encrypt() 135 key->rsa = rsa; in rsa_encrypt() 161 sshkey_free(key); in rsa_encrypt() 171 struct sshkey *key = NULL; in ecdsa_do_sign() local 186 if (key == NULL) { in ecdsa_do_sign() 190 key->ecdsa = ec; in ecdsa_do_sign() 191 key->ecdsa_nid = nid; in ecdsa_do_sign() 192 key->type = KEY_ECDSA; in ecdsa_do_sign() [all …]
|
H A D | sshd.c | 610 struct sshkey *key; local 618 if (key == NULL) 620 if (key == NULL) 639 if (key == NULL) 670 struct sshkey *key; local 689 if (key == NULL || key->type != type) 766 struct sshkey *key; local 779 if (key == NULL || key->type == KEY_UNSPEC || 1521 struct sshkey *key; local 1821 sshkey_free(key); [all …]
|
H A D | ssh-dss.c | 52 ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, in ssh_dss_sign() argument 67 if (key == NULL || key->dsa == NULL || in ssh_dss_sign() 68 sshkey_type_plain(key->type) != KEY_DSA) in ssh_dss_sign() 77 if ((sig = DSA_do_sign(digest, dlen, key->dsa)) == NULL) { in ssh_dss_sign() 120 ssh_dss_verify(const struct sshkey *key, in ssh_dss_verify() argument 132 if (key == NULL || key->dsa == NULL || in ssh_dss_verify() 133 sshkey_type_plain(key->type) != KEY_DSA || in ssh_dss_verify() 184 switch (DSA_do_verify(digest, dlen, sig, key->dsa)) { in ssh_dss_verify()
|
H A D | ssh_api.c | 161 sshkey_free(k->key); in ssh_free() 201 k_prv->key = key; in ssh_add_hostkey() 205 k->key = pubkey; in ssh_add_hostkey() 211 k->key = key; in ssh_add_hostkey() 474 if (k->key->type == type && in _ssh_host_public_key() 476 return (k->key); in _ssh_host_public_key() 489 if (k->key->type == type && in _ssh_host_private_key() 491 return (k->key); in _ssh_host_private_key() 504 if (sshkey_equal_public(hostkey, k->key)) in _ssh_verify_host_key() 538 if (k->key->type == ktype || in _ssh_order_hostkeyalgs() [all …]
|
H A D | hostfile.c | 256 hostkeys->entries[hostkeys->num_entries].key = l->key; in record_hostkey() 257 l->key = NULL; /* steal it */ in record_hostkey() 329 hostkeys->entries[i].key)) in check_key_not_revoked() 375 k = hostkeys->entries[i].key; in check_hostkeys_by_key_or_type() 380 hostkeys->entries[i].key)) { in check_hostkeys_by_key_or_type() 412 if (key == NULL) in check_key_in_hostkeys() 520 if (key == NULL) in add_host_to_hostfile() 770 sshkey_free(lineinfo.key); in hostkeys_foreach_file() 901 sshkey_free(lineinfo.key); in hostkeys_foreach_file() 902 lineinfo.key = NULL; in hostkeys_foreach_file() [all …]
|
H A D | ssh-ed25519-sk.c | 39 ssh_ed25519_sk_verify(const struct sshkey *key, in ssh_ed25519_sk_verify() argument 63 if (key == NULL || in ssh_ed25519_sk_verify() 64 sshkey_type_plain(key->type) != KEY_ED25519_SK || in ssh_ed25519_sk_verify() 65 key->ed25519_pk == NULL || in ssh_ed25519_sk_verify() 86 if (strcmp(sshkey_ssh_name_plain(key), ktype) != 0) { in ssh_ed25519_sk_verify() 98 if (ssh_digest_memory(SSH_DIGEST_SHA256, key->sk_application, in ssh_ed25519_sk_verify() 99 strlen(key->sk_application), apphash, sizeof(apphash)) != 0 || in ssh_ed25519_sk_verify() 141 key->ed25519_pk)) != 0) { in ssh_ed25519_sk_verify()
|
H A D | ssh-pkcs11-helper.c | 52 struct sshkey *key; member 72 ki->key = k; in add_key() 88 sshkey_free(ki->key); in del_keys_by_name() 102 if (sshkey_equal(k, ki->key)) in lookup_key() 103 return (ki->key); in lookup_key() 189 struct sshkey *key, *found; in process_sign() local 205 if (key->type == KEY_RSA) { in process_sign() 206 slen = RSA_size(key->rsa); in process_sign() 215 } else if (key->type == KEY_ECDSA) { in process_sign() 230 "type %d", (int)key->type); in process_sign() [all …]
|
H A D | krl.c | 455 if (!sshkey_is_cert(key)) in ssh_krl_revoke_key() 461 key->cert->key_id); in ssh_krl_revoke_key() 465 key->cert->serial); in ssh_krl_revoke_key() 1097 ca_used[nca_used++] = key; in ssh_krl_from_blob() 1098 key = NULL; in ssh_krl_from_blob() 1209 sshkey_free(key); in ssh_krl_from_blob() 1235 if (key->cert->serial == 0) in is_cert_revoked() 1290 if (!sshkey_is_cert(key)) in is_key_revoked() 1321 if (sshkey_is_cert(key)) { in ssh_krl_check_key() 1358 struct sshkey *key = NULL; in krl_dump() local [all …]
|
H A D | ssh-sk-client.c | 230 sshsk_sign(const char *provider, struct sshkey *key, in sshsk_sign() argument 251 if ((r = sshkey_private_serialize(key, kbuf)) != 0) { in sshsk_sign() 308 struct sshkey *key = NULL; in sshsk_enroll() local 365 *keyp = key; in sshsk_enroll() 366 key = NULL; in sshsk_enroll() 369 sshkey_free(key); in sshsk_enroll() 384 struct sshkey *key = NULL, **keys = NULL, **tmp; in sshsk_load_resident() local 425 key->sk_application); in sshsk_load_resident() 427 keys[nkeys++] = key; in sshsk_load_resident() 428 key = NULL; in sshsk_load_resident() [all …]
|
H A D | kexc25519.c | 50 kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) in kexc25519_keygen() 54 arc4random_buf(key, CURVE25519_SIZE); in kexc25519_keygen() 55 crypto_scalarmult_curve25519(pub, key, basepoint); in kexc25519_keygen() 59 kexc25519_shared_key_ext(const u_char key[CURVE25519_SIZE], in kexc25519_shared_key_ext() 66 crypto_scalarmult_curve25519(shared_key, key, pub); in kexc25519_shared_key_ext() 85 kexc25519_shared_key(const u_char key[CURVE25519_SIZE], in kexc25519_shared_key() 88 return kexc25519_shared_key_ext(key, pub, out, 0); in kexc25519_shared_key()
|
/openssh-portable/regress/ |
H A D | keygen-comment.sh | 24 rm -f $OBJ/$t-key* 38 -t $t -f $OBJ/$t-key >/dev/null 2>&1 || \ 40 check_fingerprint $OBJ/$t-key "${comment}" 41 check_fingerprint $OBJ/$t-key.pub "${comment}" 44 rm -f $OBJ/$t-key.pub 49 check_fingerprint $OBJ/$t-key "${comment}" 50 rm -f $OBJ/$t-key*
|
H A D | keytype.sh | 25 rm -f $OBJ/key.$kt 33 ${SSHKEYGEN} $bits_arg -q -N '' -t $type -f $OBJ/key.$kt || \ 60 echo HostKey $OBJ/key.$ht 66 echo IdentityFile $OBJ/key.$ut 72 cat $OBJ/key.$ht.pub 74 cat $OBJ/key.$ut.pub > $OBJ/authorized_keys_$USER
|