-/*
- * Copyright (C) 2005 Andre Noll <maan@tuebingen.mpg.de>
- *
- * Licensed under the GPL v2. For licencing details see COPYING.
- */
+/* Copyright (C) 2005 Andre Noll <maan@tuebingen.mpg.de>, see file COPYING. */
/** \file crypt_common.c Crypto functions independent of openssl/libgcrypt. */
#include "string.h"
#include "crypt.h"
#include "crypt_backend.h"
+#include "portable_io.h"
/** If the key begins with this text, we treat it as an ssh key. */
#define KEY_TYPE_TXT "ssh-rsa"
return cp - data;
}
-/**
- * Read a 4-byte number from a buffer in big-endian format.
- *
- * \param vp The buffer.
- *
- * The byte-order of the buffer is expected to be big-endian, unlike read_u32()
- * of portable_io.h which expects little endian.
- *
- * \return The 32 bit number given by \a vp.
- */
-uint32_t read_ssh_u32(const void *vp)
-{
- const unsigned char *p = (const unsigned char *)vp;
- uint32_t v;
-
- v = (uint32_t)p[0] << 24;
- v |= (uint32_t)p[1] << 16;
- v |= (uint32_t)p[2] << 8;
- v |= (uint32_t)p[3];
-
- return v;
-}
-
/**
* Sanity checks for the header of an ssh key.
*
if (p + 4 > end)
return -E_SSH_KEY_HEADER;
- rlen = read_ssh_u32(p);
+ rlen = read_u32_be(p);
p += 4;
if (p + rlen < p)
return -E_SSH_KEY_HEADER;
}
/**
- * Check existence and permissions of a key file.
+ * Check existence and permissions of a private key file.
*
* \param file The path of the key file.
- * \param private_key Whether this is a private key.
*
- * This checks whether the file exists. If it is a private key, we additionally
- * check that the permissions are restrictive enough. It is considered an error
- * if we own the file and it is readable for others.
+ * This checks whether the file exists and its permissions are restrictive
+ * enough. It is considered an error if we own the file and it is readable for
+ * others.
*
* \return Standard.
*/
-int check_key_file(const char *file, bool private_key)
+int check_private_key_file(const char *file)
{
struct stat st;
if (stat(file, &st) != 0)
return -ERRNO_TO_PARA_ERROR(errno);
- if (!private_key)
- return 0;
if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0)
return -E_KEY_PERM;
return 1;