pki: Add ssh_pki_publickey_to_string().

2025-08-08 19:02:06 +03:00 · 2011-08-15 18:47:18 +02:00
parent fe375132c3
commit 6ffee22448
4 changed files with 249 additions and 21 deletions
--- a/include/libssh/pki.h
+++ b/include/libssh/pki.h
@@ -58,6 +58,7 @@ int pki_pubkey_build_dss(ssh_key key,
 int pki_pubkey_build_rsa(ssh_key key,
                         ssh_string e,
                         ssh_string n);
 ssh_string pki_publickey_to_string(const ssh_key key);
 /* half public ssh pki functions */
@@ -67,6 +68,7 @@ void ssh_key_clean (ssh_key key);
 ssh_key ssh_pki_publickey_from_privatekey(const ssh_key privkey);
 ssh_string ssh_pki_do_sign(ssh_session session, ssh_buffer sigbuf,
    ssh_key privatekey);
 ssh_string ssh_pki_publickey_to_string(const ssh_key key);
 /* temporary functions, to be removed after migration to ssh_key */
 ssh_public_key ssh_pki_convert_key_to_publickey(ssh_key key);
--- a/src/pki.c
+++ b/src/pki.c
@@ -609,13 +609,21 @@ ssh_key ssh_pki_publickey_from_privatekey(const ssh_key privkey) {
    return pki_key_dup(privkey, 1);
 }
-int ssh_pki_publickey_to_string(const ssh_key key, ssh_string *pstr)
+/**
 * @brief Create a ssh string from a public key.
 *
 * @param[in] key       A public or private key to create the public ssh_string
 *                      from.
 *
 * @return              The string or NULL on error.
 */
 ssh_string ssh_pki_publickey_to_string(const ssh_key key)
 {
-    if (key == NULL || pstr == NULL) {
+    if (key == NULL) {
-        return SSH_ERROR;
+        return NULL;
    }
-    return pki_publickey_to_string(key, pstr);
+    return pki_publickey_to_string(key);
 }
 /*
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -32,6 +32,7 @@
 #include "libssh/priv.h"
 #include "libssh/libssh.h"
 #include "libssh/buffer.h"
 #include "libssh/session.h"
 #include "libssh/callbacks.h"
 #include "libssh/pki.h"
@@ -347,10 +348,11 @@ int pki_pubkey_build_rsa(ssh_key key,
    return SSH_OK;
 }
-int pki_publickey_to_string(const ssh_key key, ssh_string *pstr)
+ssh_string pki_publickey_to_string(const ssh_key key)
 {
-    ssh_string buffer;
+    ssh_buffer buffer;
    ssh_string type_s;
    ssh_string str = NULL;
    ssh_string e = NULL;
    ssh_string n = NULL;
    ssh_string p = NULL;
@@ -378,22 +380,22 @@ int pki_publickey_to_string(const ssh_key key, ssh_string *pstr)
    switch (key->type) {
        case SSH_KEYTYPE_DSS:
-            p = make_bignum_string(key->p);
+            p = make_bignum_string(key->dsa->p);
            if (p == NULL) {
                goto fail;
            }
-            q = make_bignum_string(key->q);
+            q = make_bignum_string(key->dsa->q);
            if (q == NULL) {
                goto fail;
            }
-            g = make_bignum_string(key->g);
+            g = make_bignum_string(key->dsa->g);
            if (g == NULL) {
                goto fail;
            }
-            n = make_bignum_string(key->pub_key);
+            n = make_bignum_string(key->dsa->pub_key);
            if (n == NULL) {
                goto fail;
            }
@@ -410,14 +412,46 @@ int pki_publickey_to_string(const ssh_key key, ssh_string *pstr)
            if (buffer_add_ssh_string(buffer, n) < 0) {
                goto fail;
            }
-      break;
+
-    case SSH_KEYTYPE_RSA:
+            ssh_string_burn(p);
-    case SSH_KEYTYPE_RSA1:
+            ssh_string_free(p);
-      if (rsa_public_to_string(key->rsa_pub, buf) < 0) {
+            ssh_string_burn(g);
-        goto error;
+            ssh_string_free(g);
-      }
+            ssh_string_burn(q);
-      break;
+            ssh_string_free(q);
-  }
+            ssh_string_burn(n);
            ssh_string_free(n);
            break;
        case SSH_KEYTYPE_RSA:
        case SSH_KEYTYPE_RSA1:
            e = make_bignum_string(key->rsa->e);
            if (p == NULL) {
                goto fail;
            }
            n = make_bignum_string(key->rsa->n);
            if (q == NULL) {
                goto fail;
            }
            if (buffer_add_ssh_string(buffer, e) < 0) {
                goto fail;
            }
            if (buffer_add_ssh_string(buffer, n) < 0) {
                goto fail;
            }
            ssh_string_burn(e);
            ssh_string_free(e);
            ssh_string_burn(n);
            ssh_string_free(n);
            break;
        case SSH_KEYTYPE_ECDSA:
        case SSH_KEYTYPE_UNKNOWN:
            goto fail;
    }
    str = ssh_string_new(buffer_get_rest_len(buffer));
    if (str == NULL) {
@@ -430,17 +464,23 @@ int pki_publickey_to_string(const ssh_key key, ssh_string *pstr)
    }
    ssh_buffer_free(buffer);
-    *pstr = str;
+    return str;
    return SSH_OK;
 fail:
    ssh_buffer_free(buffer);
    ssh_string_burn(str);
    ssh_string_free(str);
    ssh_string_burn(e);
    ssh_string_free(e);
    ssh_string_burn(p);
    ssh_string_free(p);
    ssh_string_burn(g);
    ssh_string_free(g);
    ssh_string_burn(q);
    ssh_string_free(q);
    ssh_string_burn(n);
    ssh_string_free(n);
-    return SSH_ERROR;
+    return NULL;
 }
 struct signature_struct *pki_do_sign(ssh_key privatekey,
--- a/src/pki_gcrypt.c
+++ b/src/pki_gcrypt.c
@@ -991,6 +991,184 @@ fail:
    return NULL;
 }
 ssh_string pki_publickey_to_string(const ssh_key key)
 {
    ssh_buffer buffer;
    ssh_string type_s;
    ssh_string str = NULL;
    ssh_string e = NULL;
    ssh_string n = NULL;
    ssh_string p = NULL;
    ssh_string g = NULL;
    ssh_string q = NULL;
    const char *tmp = NULL;
    size_t size;
    gcry_sexp_t sexp;
    int rc;
    buffer = ssh_buffer_new();
    if (buffer == NULL) {
        return NULL;
    }
    type_s = ssh_string_from_char(key->type_c);
    if (type_s == NULL) {
        ssh_buffer_free(buffer);
        return NULL;
    }
    rc = buffer_add_ssh_string(buffer, type_s);
    string_free(type_s);
    if (rc < 0) {
        ssh_buffer_free(buffer);
        return NULL;
    }
    switch (key->type) {
        case SSH_KEYTYPE_DSS:
            sexp = gcry_sexp_find_token(key, "p", 0);
            if (sexp == NULL) {
                goto fail;
            }
            tmp = gcry_sexp_nth_data(sexp, 1, &size);
            p = ssh_string_new(size);
            if (p == NULL) {
                goto fail;
            }
            ssh_string_fill(p, (char *) tmp, size);
            gcry_sexp_release(sexp);
            sexp = gcry_sexp_find_token(key, "q", 0);
            if (sexp == NULL) {
                goto fail;
            }
            tmp = gcry_sexp_nth_data(sexp, 1, &size);
            q = ssh_string_new(size);
            if (q == NULL) {
                goto fail;
            }
            ssh_string_fill(q, (char *) tmp, size);
            gcry_sexp_release(sexp);
            sexp = gcry_sexp_find_token(key, "g", 0);
            if (sexp == NULL) {
                goto fail;
            }
            tmp = gcry_sexp_nth_data(sexp, 1, &size);
            g = ssh_string_new(size);
            if (g == NULL) {
                goto fail;
            }
            ssh_string_fill(g, (char *) tmp, size);
            gcry_sexp_release(sexp);
            sexp = gcry_sexp_find_token(key, "y", 0);
            if (sexp == NULL) {
                goto fail;
            }
            tmp = gcry_sexp_nth_data(sexp, 1, &size);
            n = ssh_string_new(size);
            if (n == NULL) {
                goto fail;
            }
            ssh_string_fill(n, (char *) tmp, size);
            if (buffer_add_ssh_string(buffer, p) < 0) {
                goto fail;
            }
            if (buffer_add_ssh_string(buffer, q) < 0) {
                goto fail;
            }
            if (buffer_add_ssh_string(buffer, g) < 0) {
                goto fail;
            }
            if (buffer_add_ssh_string(buffer, n) < 0) {
                goto fail;
            }
            ssh_string_burn(p);
            ssh_string_free(p);
            ssh_string_burn(g);
            ssh_string_free(g);
            ssh_string_burn(q);
            ssh_string_free(q);
            ssh_string_burn(n);
            ssh_string_free(n);
            break;
        case SSH_KEYTYPE_RSA:
        case SSH_KEYTYPE_RSA1:
            sexp = gcry_sexp_find_token(key, "e", 0);
            if (sexp == NULL) {
                goto error;
            }
            tmp = gcry_sexp_nth_data(sexp, 1, &size);
            e = ssh_string_new(size);
            if (e == NULL) {
                goto error;
            }
            ssh_string_fill(e, (char *) tmp, size);
            sexp = gcry_sexp_find_token(key, "n", 0);
            if (sexp == NULL) {
                goto error;
            }
            tmp = gcry_sexp_nth_data(sexp, 1, &size);
            n = ssh_string_new(size);
            if (n == NULL) {
                goto error;
            }
            ssh_string_fill(n, (char *) tmp, size);
            gcry_sexp_release(sexp);
            if (buffer_add_ssh_string(buffer, e) < 0) {
                goto fail;
            }
            if (buffer_add_ssh_string(buffer, n) < 0) {
                goto fail;
            }
            ssh_string_burn(e);
            ssh_string_free(e);
            ssh_string_burn(n);
            ssh_string_free(n);
            break;
        case SSH_KEYTYPE_ECDSA:
        case SSH_KEYTYPE_UNKNOWN:
            goto fail;
    }
    str = ssh_string_new(buffer_get_rest_len(buffer));
    if (str == NULL) {
        goto fail;
    }
    rc = ssh_string_fill(str, buffer_get_rest(buffer), buffer_get_rest_len(buffer));
    if (rc < 0) {
        goto fail;
    }
    ssh_buffer_free(buffer);
    return str;
 fail:
    ssh_buffer_free(buffer);
    ssh_string_burn(str);
    ssh_string_free(str);
    ssh_string_burn(e);
    ssh_string_free(e);
    ssh_string_burn(p);
    ssh_string_free(p);
    ssh_string_burn(g);
    ssh_string_free(g);
    ssh_string_burn(q);
    ssh_string_free(q);
    ssh_string_burn(n);
    ssh_string_free(n);
    return NULL;
 }
 struct signature_struct *pki_do_sign(ssh_key privatekey,
                                     const unsigned char *hash) {
    struct signature_struct *sign;