| /openssh-portable/ |
| H A D | auth2-hostbased.c | 65 struct sshkey *key = NULL; in userauth_hostbased() local
96 if (key == NULL) { in userauth_hostbased()
100 if (key->type != pktype) { in userauth_hostbased()
113 __func__, sshkey_type(key)); in userauth_hostbased()
119 (key->cert == NULL || key->cert->signature_type == NULL) ? in userauth_hostbased()
152 chost, key)) && in userauth_hostbased()
161 sshkey_free(key); in userauth_hostbased()
180 if (auth_key_is_revoked(key)) in hostbased_key_allowed()
217 if (sshkey_is_cert(key) && in hostbased_key_allowed()
237 if (sshkey_is_cert(key)) { in hostbased_key_allowed()
[all …]
|
| H A D | ssh-sk.c | 236 *keyp = key; in sshsk_ecdsa_assemble()
241 sshkey_free(key); in sshsk_ecdsa_assemble()
271 *keyp = key; in sshsk_ed25519_assemble()
329 *keyp = key; in sshsk_key_from_response()
330 key = NULL; in sshsk_key_from_response()
523 *keyp = key; in sshsk_enroll()
621 provider_path, sshkey_type(key), key->sk_flags, in sshsk_sign()
717 freezero(rks[i]->key.key_handle, rks[i]->key.key_handle_len); in sshsk_free_sk_resident_keys()
719 freezero(rks[i]->key.signature, rks[i]->key.signature_len); in sshsk_free_sk_resident_keys()
775 rks[i]->application, flags, &rks[i]->key, &key)) != 0) in sshsk_load_resident()
[all …]
|
| H A D | ssh-xmss.c | 53 if (key == NULL || in ssh_xmss_sign()
54 sshkey_type_plain(key->type) != KEY_XMSS || in ssh_xmss_sign()
55 key->xmss_sk == NULL || in ssh_xmss_sign()
56 sshkey_xmss_params(key) == NULL) in ssh_xmss_sign()
67 if ((ret = xmss_sign(key->xmss_sk, sshkey_xmss_bds_state(key), sig, &smlen, in ssh_xmss_sign()
113 ssh_xmss_verify(const struct sshkey *key, in ssh_xmss_verify() argument
125 if (key == NULL || in ssh_xmss_verify()
126 sshkey_type_plain(key->type) != KEY_XMSS || in ssh_xmss_verify()
127 key->xmss_pk == NULL || in ssh_xmss_verify()
128 sshkey_xmss_params(key) == NULL || in ssh_xmss_verify()
[all …]
|
| H A D | auth2-pubkey.c | 95 struct sshkey *key = NULL; in userauth_pubkey() local
135 if (key == NULL) { in userauth_pubkey()
139 if (key->type != pktype) { in userauth_pubkey()
162 (key->cert == NULL || key->cert->signature_type == NULL) ? in userauth_pubkey()
166 key_s = format_key(key); in userauth_pubkey()
167 if (sshkey_is_cert(key)) in userauth_pubkey()
286 sshkey_free(key); in userauth_pubkey()
576 int want_keytype = sshkey_is_cert(key) ? KEY_UNSPEC : key->type; in check_authkey_line()
615 if (sshkey_is_cert(key)) { in check_authkey_line()
680 key->cert->key_id, in check_authkey_line()
[all …]
|
| H A D | sshkey.c | 808 if (key == NULL) in to_blob_buf()
817 type = force_plain ? sshkey_type_plain(key->type) : key->type; in to_blob_buf()
893 if (key->xmss_name == NULL || key->xmss_pk == NULL || in to_blob_buf()
899 key->xmss_pk, sshkey_xmss_pklen(key))) != 0 || in to_blob_buf()
2254 key->cert->principals = recallocarray(key->cert->principals, in cert_parse()
2255 key->cert->nprincipals, key->cert->nprincipals + 1, in cert_parse()
2460 if ((key->ecdsa = EC_KEY_new_by_curve_name(key->ecdsa_nid)) in sshkey_from_blob_internal()
2580 *keyp = key; in sshkey_from_blob_internal()
2581 key = NULL; in sshkey_from_blob_internal()
2675 if (key->cert == NULL || key->cert->signature_type == NULL) in sshkey_check_cert_sigtype()
[all …]
|
| H A D | xmss_hash.c | 51 buf[i+n] = key[i]; in core_hash_SHA2()
74 int prf(unsigned char *out, const unsigned char *in, const unsigned char *key, unsigned int keylen) in prf() argument
76 return core_hash_SHA2(out, 3, key, keylen, in, 32, keylen); in prf()
82 …t, const unsigned char *in, unsigned long long inlen, const unsigned char *key, const unsigned int… in h_msg() argument
88 return core_hash_SHA2(out, 2, key, keylen, in, inlen, n); in h_msg()
98 unsigned char key[n]; in hash_h() local
105 prf(key, byte_addr, pub_seed, n); in hash_h()
116 return core_hash_SHA2(out, 1, key, n, buf, 2*n, n); in hash_h()
122 unsigned char key[n]; in hash_f() local
129 prf(key, byte_addr, pub_seed, n); in hash_f()
[all …]
|
| H A D | ssh-ecdsa.c | 50 ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, in ssh_ecdsa_sign() argument
66 if (key == NULL || key->ecdsa == NULL || in ssh_ecdsa_sign()
67 sshkey_type_plain(key->type) != KEY_ECDSA) in ssh_ecdsa_sign()
70 if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || in ssh_ecdsa_sign()
77 if ((sig = ECDSA_do_sign(digest, dlen, key->ecdsa)) == NULL) { in ssh_ecdsa_sign()
114 ssh_ecdsa_verify(const struct sshkey *key, in ssh_ecdsa_verify() argument
127 if (key == NULL || key->ecdsa == NULL || in ssh_ecdsa_verify()
128 sshkey_type_plain(key->type) != KEY_ECDSA || in ssh_ecdsa_verify()
132 if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || in ssh_ecdsa_verify()
144 if (strcmp(sshkey_ssh_name_plain(key), ktype) != 0) { in ssh_ecdsa_verify()
[all …]
|
| H A D | ssh-rsa.c | 117 if (key == NULL || key->rsa == NULL || in ssh_rsa_complete_crt_parameters()
118 sshkey_type_plain(key->type) != KEY_RSA) in ssh_rsa_complete_crt_parameters()
121 RSA_get0_key(key->rsa, NULL, NULL, &rsa_d); in ssh_rsa_complete_crt_parameters()
122 RSA_get0_factors(key->rsa, &rsa_p, &rsa_q); in ssh_rsa_complete_crt_parameters()
183 if (key == NULL || key->rsa == NULL || hash_alg == -1 || in ssh_rsa_sign()
186 RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); in ssh_rsa_sign()
189 slen = RSA_size(key->rsa); in ssh_rsa_sign()
245 ssh_rsa_verify(const struct sshkey *key, in ssh_rsa_verify() argument
256 if (key == NULL || key->rsa == NULL || in ssh_rsa_verify()
297 modlen = RSA_size(key->rsa); in ssh_rsa_verify()
[all …]
|
| H A D | authfile.c | 322 struct sshkey *key = NULL, *cert = NULL; in sshkey_load_private_cert() local
343 passphrase, &key, NULL)) != 0 || in sshkey_load_private_cert()
348 if (sshkey_equal_public(key, cert) == 0) { in sshkey_load_private_cert()
353 if ((r = sshkey_to_certified(key)) != 0 || in sshkey_load_private_cert()
354 (r = sshkey_cert_copy(cert, key)) != 0) in sshkey_load_private_cert()
358 *keyp = key; in sshkey_load_private_cert()
359 key = NULL; in sshkey_load_private_cert()
362 sshkey_free(key); in sshkey_load_private_cert()
420 if (sshkey_compare(key, pub) || in sshkey_in_file()
421 (check_ca && sshkey_is_cert(key) && in sshkey_in_file()
[all …]
|
| H A D | ssh-ed25519.c | 36 ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, in ssh_ed25519_sign() argument
50 if (key == NULL || in ssh_ed25519_sign()
51 sshkey_type_plain(key->type) != KEY_ED25519 || in ssh_ed25519_sign()
52 key->ed25519_sk == NULL || in ssh_ed25519_sign()
60 key->ed25519_sk)) != 0 || smlen <= datalen) { in ssh_ed25519_sign()
93 ssh_ed25519_verify(const struct sshkey *key, in ssh_ed25519_verify() argument
105 if (key == NULL || in ssh_ed25519_verify()
106 sshkey_type_plain(key->type) != KEY_ED25519 || in ssh_ed25519_verify()
107 key->ed25519_pk == NULL || in ssh_ed25519_verify()
142 key->ed25519_pk)) != 0) { in ssh_ed25519_verify()
|
| H A D | sshkey.h | 249 int sshkey_private_serialize(struct sshkey *key, struct sshbuf *buf);
255 int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob,
284 int ssh_rsa_sign(const struct sshkey *key,
287 int ssh_rsa_verify(const struct sshkey *key,
290 int ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
292 int ssh_dss_verify(const struct sshkey *key,
297 int ssh_ecdsa_verify(const struct sshkey *key,
300 int ssh_ecdsa_sk_verify(const struct sshkey *key,
306 int ssh_ed25519_verify(const struct sshkey *key,
309 int ssh_ed25519_sk_verify(const struct sshkey *key,
[all …]
|
| H A D | sshconnect2.c | 635 if (id->key) { in format_identity()
643 id->key ? sshkey_type(id->key) : "", id->key ? " " : "", in format_identity()
693 if (sshkey_equal(key, id->key)) { in input_userauth_pk_ok()
1142 (key->type != KEY_RSA && key->type != KEY_RSA_CERT) || in key_sig_algorithm()
1287 if (sshkey_equal_public(id->key, private_id->key) && in sign_and_send_pubkey()
1288 id->key->type != private_id->key->type) { in sign_and_send_pubkey()
1590 if (key && key->cert && in pubkey_prepare()
1606 id->key = key; in pubkey_prepare()
1614 if (!sshkey_is_cert(key) || key->cert == NULL || in pubkey_prepare()
1630 id->key = key; in pubkey_prepare()
[all …]
|
| H A D | ssh-keysign.c | 69 struct sshkey *key = NULL; in valid_request() local
123 } else if (key->type != pktype) in valid_request()
156 sshkey_free(key); in valid_request()
158 *ret = key; in valid_request()
169 struct sshkey *keys[NUM_KEYTYPES], *key = NULL; in main() local
228 NULL, &key, NULL); in main()
232 else if (key != NULL) { in main()
233 keys[i] = key; in main()
260 if (valid_request(pw, host, &key, data, dlen) < 0) in main()
267 sshkey_equal_public(key, keys[i])) { in main()
[all …]
|
| H A D | sshd.c | 621 struct sshkey *key; local
629 if (key == NULL)
631 if (key == NULL)
650 if (key == NULL)
681 struct sshkey *key; local
700 if (key == NULL || key->type != type)
777 struct sshkey *key; local
790 if (key == NULL || key->type == KEY_UNSPEC ||
1540 struct sshkey *key; local
1845 sshkey_free(key);
[all …]
|
| H A D | ssh-dss.c | 52 ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, in ssh_dss_sign() argument
67 if (key == NULL || key->dsa == NULL || in ssh_dss_sign()
68 sshkey_type_plain(key->type) != KEY_DSA) in ssh_dss_sign()
77 if ((sig = DSA_do_sign(digest, dlen, key->dsa)) == NULL) { in ssh_dss_sign()
120 ssh_dss_verify(const struct sshkey *key, in ssh_dss_verify() argument
132 if (key == NULL || key->dsa == NULL || in ssh_dss_verify()
133 sshkey_type_plain(key->type) != KEY_DSA || in ssh_dss_verify()
184 switch (DSA_do_verify(digest, dlen, sig, key->dsa)) { in ssh_dss_verify()
|
| H A D | ssh_api.c | 162 sshkey_free(k->key); in ssh_free()
202 k_prv->key = key; in ssh_add_hostkey()
206 k->key = pubkey; in ssh_add_hostkey()
212 k->key = key; in ssh_add_hostkey()
475 if (k->key->type == type && in _ssh_host_public_key()
477 return (k->key); in _ssh_host_public_key()
490 if (k->key->type == type && in _ssh_host_private_key()
492 return (k->key); in _ssh_host_private_key()
505 if (sshkey_equal_public(hostkey, k->key)) in _ssh_verify_host_key()
539 if (k->key->type == ktype || in _ssh_order_hostkeyalgs()
[all …]
|
| H A D | hostfile.c | 260 hostkeys->entries[hostkeys->num_entries].key = l->key; in record_hostkey()
261 l->key = NULL; /* steal it */ in record_hostkey()
318 hostkeys->entries[i].key)) in check_key_not_revoked()
360 k = hostkeys->entries[i].key; in check_hostkeys_by_key_or_type()
365 hostkeys->entries[i].key)) { in check_hostkeys_by_key_or_type()
397 if (key == NULL) in check_key_in_hostkeys()
502 if (key == NULL) in add_host_to_hostfile()
737 sshkey_free(lineinfo.key); in hostkeys_foreach()
868 sshkey_free(lineinfo.key); in hostkeys_foreach()
869 lineinfo.key = NULL; in hostkeys_foreach()
[all …]
|
| H A D | ssh-pkcs11-client.c | 120 struct sshkey *key = NULL; in rsa_encrypt() local
129 if (key == NULL) { in rsa_encrypt()
133 key->type = KEY_RSA; in rsa_encrypt()
135 key->rsa = rsa; in rsa_encrypt()
161 sshkey_free(key); in rsa_encrypt()
171 struct sshkey *key = NULL; in ecdsa_do_sign() local
186 if (key == NULL) { in ecdsa_do_sign()
190 key->ecdsa = ec; in ecdsa_do_sign()
191 key->ecdsa_nid = nid; in ecdsa_do_sign()
192 key->type = KEY_ECDSA; in ecdsa_do_sign()
[all …]
|
| H A D | ssh-ed25519-sk.c | 39 ssh_ed25519_sk_verify(const struct sshkey *key, in ssh_ed25519_sk_verify() argument
63 if (key == NULL || in ssh_ed25519_sk_verify()
64 sshkey_type_plain(key->type) != KEY_ED25519_SK || in ssh_ed25519_sk_verify()
65 key->ed25519_pk == NULL || in ssh_ed25519_sk_verify()
86 if (strcmp(sshkey_ssh_name_plain(key), ktype) != 0) { in ssh_ed25519_sk_verify()
98 if (ssh_digest_memory(SSH_DIGEST_SHA256, key->sk_application, in ssh_ed25519_sk_verify()
99 strlen(key->sk_application), apphash, sizeof(apphash)) != 0 || in ssh_ed25519_sk_verify()
141 key->ed25519_pk)) != 0) { in ssh_ed25519_sk_verify()
|
| H A D | krl.c | 459 if (!sshkey_is_cert(key)) in ssh_krl_revoke_key()
465 key->cert->key_id); in ssh_krl_revoke_key()
469 key->cert->serial); in ssh_krl_revoke_key()
1102 ca_used[nca_used++] = key; in ssh_krl_from_blob()
1103 key = NULL; in ssh_krl_from_blob()
1214 sshkey_free(key); in ssh_krl_from_blob()
1240 if (key->cert->serial == 0) in is_cert_revoked()
1295 if (!sshkey_is_cert(key)) in is_key_revoked()
1326 if (sshkey_is_cert(key)) { in ssh_krl_check_key()
1363 struct sshkey *key = NULL; in krl_dump() local
[all …]
|
| H A D | ssh-pkcs11-helper.c | 52 struct sshkey *key; member
72 ki->key = k; in add_key()
88 sshkey_free(ki->key); in del_keys_by_name()
102 if (sshkey_equal(k, ki->key)) in lookup_key()
103 return (ki->key); in lookup_key()
194 struct sshkey *key, *found; in process_sign() local
210 if (key->type == KEY_RSA) { in process_sign()
211 slen = RSA_size(key->rsa); in process_sign()
220 } else if (key->type == KEY_ECDSA) { in process_sign()
221 u_int xslen = ECDSA_size(key->ecdsa); in process_sign()
[all …]
|
| H A D | ssh-sk-client.c | 231 sshsk_sign(const char *provider, struct sshkey *key, in sshsk_sign() argument
252 if ((r = sshkey_private_serialize(key, kbuf)) != 0) { in sshsk_sign()
309 struct sshkey *key = NULL; in sshsk_enroll() local
366 *keyp = key; in sshsk_enroll()
367 key = NULL; in sshsk_enroll()
370 sshkey_free(key); in sshsk_enroll()
385 struct sshkey *key = NULL, **keys = NULL, **tmp; in sshsk_load_resident() local
426 nkeys, sshkey_type(key), key->sk_application); in sshsk_load_resident()
428 keys[nkeys++] = key; in sshsk_load_resident()
429 key = NULL; in sshsk_load_resident()
[all …]
|
| H A D | kexc25519.c | 50 kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) in kexc25519_keygen()
54 arc4random_buf(key, CURVE25519_SIZE); in kexc25519_keygen()
55 crypto_scalarmult_curve25519(pub, key, basepoint); in kexc25519_keygen()
59 kexc25519_shared_key_ext(const u_char key[CURVE25519_SIZE], in kexc25519_shared_key_ext()
66 crypto_scalarmult_curve25519(shared_key, key, pub); in kexc25519_shared_key_ext()
85 kexc25519_shared_key(const u_char key[CURVE25519_SIZE], in kexc25519_shared_key()
88 return kexc25519_shared_key_ext(key, pub, out, 0); in kexc25519_shared_key()
|
| /openssh-portable/regress/ |
| H A D | keygen-comment.sh | 24 rm -f $OBJ/$t-key*
38 -t $t -f $OBJ/$t-key >/dev/null 2>&1 || \
40 check_fingerprint $OBJ/$t-key "${comment}"
41 check_fingerprint $OBJ/$t-key.pub "${comment}"
44 rm -f $OBJ/$t-key.pub
49 check_fingerprint $OBJ/$t-key "${comment}"
50 rm -f $OBJ/$t-key*
|
| H A D | keytype.sh | 25 rm -f $OBJ/key.$kt
33 ${SSHKEYGEN} $bits_arg -q -N '' -t $type -f $OBJ/key.$kt || \
60 echo HostKey $OBJ/key.$ht
66 echo IdentityFile $OBJ/key.$ut
72 cat $OBJ/key.$ht.pub
74 cat $OBJ/key.$ut.pub > $OBJ/authorized_keys_$USER
|