Skip to content

Commit

Permalink
session server ssh REFACTOR code review
Browse files Browse the repository at this point in the history
  • Loading branch information
roman committed Oct 12, 2023
1 parent a1e684a commit 4bc0ed8
Showing 1 changed file with 1 addition and 235 deletions.
236 changes: 1 addition & 235 deletions src/session_server_ssh.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@

#define _GNU_SOURCE

#include "config.h" /* Expose HAVE_SHADOW and HAVE_CRYPT */
#include "config.h" /* Expose HAVE_SHADOW, HAVE_CRYPT and HAVE_LIBPAM */

#ifdef HAVE_SHADOW
#include <shadow.h>
Expand Down Expand Up @@ -586,240 +586,6 @@ nc_server_ssh_get_pubkey_type(const char *buffer, uint32_t *len)
return buffer;
}

/*
NOT NEEDED NOW, BUT MAYBE USEFUL AT SOME POINT LATER
static int
nc_server_ssh_build_ecdsa_key(const unsigned char *buffer, EVP_PKEY **ec)
{
BIGNUM *x = NULL, *y = NULL;
EC_GROUP *group;
EC_POINT *point;
BN_CTX *bn_ctx;
int ret;
EC_KEY *key;
EVP_PKEY *pkey = EVP_PKEY_new();
bn_ctx = BN_CTX_new();
if(!bn_ctx) {
ERR(NULL, "Error creating BN_CTX (%s).", ERR_reason_error_string(ERR_get_error()));
}
group = EC_GROUP_new_by_curve_name(415);
if (!group) {
ERR(NULL, "Error creating EC_GROUP (%s).", ERR_reason_error_string(ERR_get_error()));
}
point = EC_POINT_new(group);
if (!point) {
ERR(NULL, "Error creating EC_POINT (%s).", ERR_reason_error_string(ERR_get_error()));
}
buffer += 17;
x = BN_bin2bn(buffer, 32, x);
if (!x) {
ERR(NULL, "Error converting binary to bignum (%s).", ERR_reason_error_string(ERR_get_error()));
}
buffer += 32;
y = BN_bin2bn(buffer, 32, y);
if (!y) {
ERR(NULL, "Error converting binary to bignum (%s).", ERR_reason_error_string(ERR_get_error()));
}
ret = EC_POINT_set_affine_coordinates(group, point, x, y, bn_ctx);
if (!ret) {
ERR(NULL, "Error setting coordinates (%s).", ERR_reason_error_string(ERR_get_error()));
}
key = EC_KEY_new();
if (!key) {
ERR(NULL, "Error creating new EC_KEY (%s).", ERR_reason_error_string(ERR_get_error()));
}
ret = EC_KEY_set_group(key, group);
if (!ret) {
ERR(NULL, "Error setting group (%s).", ERR_reason_error_string(ERR_get_error()));
}
ret = EC_KEY_set_public_key_affine_coordinates(key, x, y);
if (!ret) {
ERR(NULL, "Error setting key coords (%s).", ERR_reason_error_string(ERR_get_error()));
}
ret = EVP_PKEY_set1_EC_KEY(pkey, key);
if (!ret) {
ERR(NULL, "Error setting EC_KEY (%s).", ERR_reason_error_string(ERR_get_error()));
}
*ec = pkey;
ret = 0;
return ret;
}
static int
nc_server_ssh_get_rsa_data(const unsigned char *buffer, BIGNUM **e, BIGNUM **n)
{
uint32_t data_len;
data_len = ntohl(*(uint32_t *)buffer);
buffer += sizeof data_len;
*e = BN_bin2bn(buffer, data_len, *e);
if (!*e) {
ERR(NULL, "Error converting binary to bignum (%s).", ERR_reason_error_string(ERR_get_error()));
return 1;
}
buffer += data_len;
data_len = ntohl(*(uint32_t *)buffer);
buffer += sizeof data_len;
*n = BN_bin2bn(buffer, data_len, *n);
if (!*n) {
ERR(NULL, "Error converting binary to bignum (%s).", ERR_reason_error_string(ERR_get_error()));
return 1;
}
return 0;
}
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
static int
nc_server_ssh_build_rsa_key(char *buffer, EVP_PKEY **rsa)
{
BIGNUM *e = NULL, *n = NULL;
EVP_PKEY *pkey = NULL;
int ret = 0;
OSSL_PARAM_BLD *bld = NULL;
OSSL_PARAM *params = NULL;
EVP_PKEY_CTX *pkey_ctx;
if (nc_server_ssh_get_rsa_data((const unsigned char *)buffer, &e, &n)) {
ret = 1;
goto cleanup;
}
bld = OSSL_PARAM_BLD_new();
if (!bld) {
ERR(NULL, "Error creating new BLD (%s).", ERR_reason_error_string(ERR_get_error()));
ret = 1;
goto cleanup;
}
ret = OSSL_PARAM_BLD_push_BN(bld, "n", n);
if (ret != 1) {
ERR(NULL, "Error setting RSA key (%s).", ERR_reason_error_string(ERR_get_error()));
ret = 1;
goto cleanup;
}
ret = OSSL_PARAM_BLD_push_BN(bld, "e", e);
if (ret != 1) {
ERR(NULL, "Error setting RSA key (%s).", ERR_reason_error_string(ERR_get_error()));
ret = 1;
goto cleanup;
}
params = OSSL_PARAM_BLD_to_param(bld);
if (!params) {
ERR(NULL, "Error creating OSSL params (%s).", ERR_reason_error_string(ERR_get_error()));
ret = 1;
goto cleanup;
}
pkey_ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL);
if (!pkey_ctx) {
ERR(NULL, "Error creating a new EVP_PKEY_CTX (%s).", ERR_reason_error_string(ERR_get_error()));
ret = 1;
goto cleanup;
}
ret = EVP_PKEY_fromdata_init(pkey_ctx);
if (ret != 1) {
ERR(NULL, "Error initializing a public key algorithm context (%s).", ERR_reason_error_string(ERR_get_error()));
ret = 1;
goto cleanup;
}
ret = EVP_PKEY_fromdata(pkey_ctx, &pkey, EVP_PKEY_KEYPAIR, params);
if (ret != 1) {
ERR(NULL, "Error creating PKEY structure (%s).", ERR_reason_error_string(ERR_get_error()));
ret = 1;
goto cleanup;
}
ret = 0;
*rsa = pkey;
pkey = NULL;
cleanup:
BN_free(e);
BN_free(n);
OSSL_PARAM_BLD_free(bld);
OSSL_PARAM_free(params);
EVP_PKEY_CTX_free(pkey_ctx);
EVP_PKEY_free(pkey);
return ret;
}
#else
static int
nc_server_ssh_build_rsa_key(char *buffer, EVP_PKEY **rsa)
{
RSA *key = NULL;
BIGNUM *e = NULL, *n = NULL;
EVP_PKEY *pkey = NULL;
int ret = 0;
key = RSA_new();
pkey = EVP_PKEY_new();
if (!key || !pkey) {
ERRMEM;
ret = 1;
goto cleanup;
}
if (nc_server_ssh_get_rsa_data((const unsigned char *)buffer, &e, &n)) {
ret = 1;
goto cleanup;
}
if (!RSA_set0_key(key, n, e, NULL)) {
ERR(NULL, "Error setting RSA key (%s).", ERR_reason_error_string(ERR_get_error()));
ret = 1;
goto cleanup;
}
if (!EVP_PKEY_set1_RSA(pkey, key)) {
ERR(NULL, "Error setting EVP_PKEY (%s).", ERR_reason_error_string(ERR_get_error()));
ret = 1;
goto cleanup;
}
e = n = NULL;
*rsa = pkey;
pkey = NULL;
cleanup:
BN_free(e);
BN_free(n);
RSA_free(key);
EVP_PKEY_free(pkey);
return ret;
}
#endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
*/

/**
* @brief Create ssh key from base64 pubkey data.
*
Expand Down

0 comments on commit 4bc0ed8

Please sign in to comment.