"Fossies" - the Fresh Open Source Software Archive

Member "gvm-libs-11.0.1/util/sshutils.c" (12 May 2020, 3481 Bytes) of package /linux/misc/openvas/gvm-libs-11.0.1.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "sshutils.c" see the Fossies "Dox" file reference documentation and the last Fossies "Diffs" side-by-side code changes report: 1.0-beta2_vs_1.0.0.

    1 /* Copyright (C) 2015-2019 Greenbone Networks GmbH
    2  *
    3  * SPDX-License-Identifier: GPL-2.0-or-later
    4  *
    5  * This program is free software; you can redistribute it and/or
    6  * modify it under the terms of the GNU General Public License
    7  * as published by the Free Software Foundation; either version 2
    8  * of the License, or (at your option) any later version.
    9  *
   10  * This program is distributed in the hope that it will be useful,
   11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
   12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   13  * GNU General Public License for more details.
   14  *
   15  * You should have received a copy of the GNU General Public License
   16  * along with this program; if not, write to the Free Software
   17  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
   18  */
   19 
   20 /**
   21  * @file
   22  * @brief Implementation of SSH related API.
   23  */
   24 
   25 #include "sshutils.h"
   26 
   27 #include <glib.h>          /* for g_free, g_strdup, g_strdup_printf */
   28 #include <gnutls/gnutls.h> /* for gnutls_datum_t */
   29 #include <gnutls/x509.h> /* for gnutls_x509_privkey_deinit, gnutls_x509_p... */
   30 #include <libssh/libssh.h> /* for ssh_key_free, ssh_key_type, ssh_key_type_... */
   31 #include <string.h>        /* for strcmp, strlen */
   32 
   33 /**
   34  * @brief Decrypts a base64 encrypted ssh private key.
   35  *
   36  * @param[in]   pkcs8_key       PKCS#8 encrypted private key.
   37  * @param[in]   passphrase      Passphrase for the private key.
   38  *
   39  * @return Decrypted private key if success, NULL otherwise.
   40  */
   41 char *
   42 gvm_ssh_pkcs8_decrypt (const char *pkcs8_key, const char *passphrase)
   43 {
   44   gnutls_datum_t data;
   45   gnutls_x509_privkey_t key;
   46   char buffer[16 * 2048];
   47   int rc;
   48   size_t size = sizeof (buffer);
   49 
   50   rc = gnutls_x509_privkey_init (&key);
   51   if (rc)
   52     return NULL;
   53   data.size = strlen (pkcs8_key);
   54   data.data = (void *) g_strdup (pkcs8_key);
   55   rc = gnutls_x509_privkey_import_pkcs8 (key, &data, GNUTLS_X509_FMT_PEM,
   56                                          passphrase ? passphrase : "", 0);
   57   if (rc)
   58     {
   59       gnutls_x509_privkey_deinit (key);
   60       return NULL;
   61     }
   62   g_free (data.data);
   63   rc = gnutls_x509_privkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size);
   64   gnutls_x509_privkey_deinit (key);
   65   if (rc)
   66     return NULL;
   67   return g_strdup (buffer);
   68 }
   69 
   70 /**
   71  * @brief Exports a base64 encoded public key from a private key and its
   72  *        passphrase.
   73  *
   74  * @param[in]   private_key     Private key to export.
   75  * @param[in]   passphrase      Passphrase for the private key.
   76  *
   77  * @return Allocated base64 encoded public key if success, NULL otherwise.
   78  */
   79 char *
   80 gvm_ssh_public_from_private (const char *private_key, const char *passphrase)
   81 {
   82   ssh_key priv;
   83   char *pub_key, *decrypted_priv, *pub_str = NULL;
   84   const char *type;
   85   int ret;
   86 
   87   decrypted_priv = gvm_ssh_pkcs8_decrypt (private_key, passphrase);
   88   ret = ssh_pki_import_privkey_base64 (decrypted_priv ? decrypted_priv
   89                                                       : private_key,
   90                                        passphrase, NULL, NULL, &priv);
   91   g_free (decrypted_priv);
   92   if (ret)
   93     return NULL;
   94   ret = ssh_pki_export_pubkey_base64 (priv, &pub_key);
   95   type = ssh_key_type_to_char (ssh_key_type (priv));
   96 #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0, 6, 4)
   97   if (!strcmp (type, "ssh-ecdsa"))
   98     type = ssh_pki_key_ecdsa_name (priv);
   99 #endif
  100   ssh_key_free (priv);
  101   if (ret)
  102     return NULL;
  103   pub_str = g_strdup_printf ("%s %s", type, pub_key);
  104   g_free (pub_key);
  105   return pub_str;
  106 }