2 * Read SSH public keys from files.
4 * First implementation: only supports unencrypted SSH 1.1 format
5 * RSA keys. Encryption, and SSH 2 DSS keys, to be supported later.
10 #include <stdio.h> /* FIXME */
11 #include <stdarg.h> /* FIXME */
12 #include <windows.h> /* FIXME */
13 #include "putty.h" /* FIXME */
17 #define GET_32BIT(cp) \
18 (((unsigned long)(unsigned char)(cp)[0] << 24) | \
19 ((unsigned long)(unsigned char)(cp)[1] << 16) | \
20 ((unsigned long)(unsigned char)(cp)[2] << 8) | \
21 ((unsigned long)(unsigned char)(cp)[3]))
23 #define rsa_signature "SSH PRIVATE KEY FILE FORMAT 1.1\n"
25 int loadrsakey(char *filename, struct RSAKey *key, char *passphrase) {
27 unsigned char buf[16384];
28 unsigned char keybuf[16];
32 struct MD5Context md5c;
34 fp = fopen(filename, "rb");
38 /* Slurp the whole file into a buffer. */
39 len = fread(buf, 1, sizeof(buf), fp);
41 if (len < 0 || len == sizeof(buf))
42 goto end; /* file too big or not read */
44 if (len < sizeof(rsa_signature) ||
45 memcmp(buf, rsa_signature, sizeof(rsa_signature)) != 0)
46 goto end; /* failure to have sig at front */
48 i = sizeof(rsa_signature);
50 /* Next, one byte giving encryption type, and one reserved uint32. */
54 if (ciphertype != 0 && ciphertype != SSH_CIPHER_3DES)
58 goto end; /* reserved field not present */
59 if (buf[i] != 0 || buf[i+1] != 0 || buf[i+2] != 0 || buf[i+3] != 0)
60 goto end; /* reserved field nonzero, panic! */
63 /* Now the serious stuff. An ordinary SSH 1 public key. */
64 i += makekey(buf+i, key, NULL, 1);
66 goto end; /* overran */
68 /* Next, the comment field. */
71 if (len-i < j) goto end;
72 key->comment = malloc(j+1);
74 memcpy(key->comment, buf+i, j);
75 key->comment[j] = '\0';
80 * Decrypt remainder of buffer.
84 MD5Update(&md5c, passphrase, strlen(passphrase));
85 MD5Final(keybuf, &md5c);
86 des3_decrypt_pubkey(keybuf, buf+i, (len-i+7)&~7);
87 memset(keybuf, 0, sizeof(keybuf)); /* burn the evidence */
91 * We are now in the secret part of the key. The first four
92 * bytes should be of the form a, b, a, b.
94 if (len-i < 4) goto end;
95 if (buf[i] != buf[i+2] || buf[i+1] != buf[i+3]) { ret = -1; goto end; }
99 * After that, we have one further bignum which is our
100 * decryption modulus, and then we're done.
102 i += makeprivate(buf+i, key);
103 if (len-i < 0) goto end;
107 memset(buf, 0, sizeof(buf)); /* burn the evidence */
112 * See whether an RSA key is encrypted.
114 int rsakey_encrypted(char *filename) {
116 unsigned char buf[1+sizeof(rsa_signature)];
119 fp = fopen(filename, "rb");
121 return 0; /* doesn't even exist */
123 /* Slurp the whole file into a buffer. */
124 len = fread(buf, 1, sizeof(buf), fp);
126 if (len < sizeof(buf))
127 return 0; /* not even valid */
128 if (buf[sizeof(buf)-1])
129 return 1; /* encrypted */