X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=crypt_common.c;h=8de346c74b47468a15c566cae29a4ff484b056c6;hp=05d71de4076cee75a6c285acc5bc0334dfe1db17;hb=72f53a08032153d2fd6b2b5811d797358ad86f96;hpb=96bd269d26af317ba985ad7eec7f75dec5d76bd7 diff --git a/crypt_common.c b/crypt_common.c index 05d71de4..8de346c7 100644 --- a/crypt_common.c +++ b/crypt_common.c @@ -4,7 +4,7 @@ * Licensed under the GPL v2. For licencing details see COPYING. */ -/** \file crypt_common.c Crypto functions independent of the implementation. */ +/** \file crypt_common.c Crypto functions independent of openssl/libgcrypt. */ #include #include @@ -15,6 +15,7 @@ #include "crypt_backend.h" #include "crypt.h" +/** If the key begins with this text, we treat it as an ssh key. */ #define KEY_TYPE_TXT "ssh-rsa" /** @@ -54,11 +55,19 @@ size_t is_ssh_rsa_key(char *data, size_t size) static const char Base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; static const char Pad64 = '='; -/* + +/** + * base64-decode a buffer. + * + * \param src The buffer to decode. + * \param target Result is stored here. + * \param targsize Number of bytes of \a target. + * * Skips all whitespace anywhere. Converts characters, four at a time, starting * at (or after) src from base - 64 numbers into three 8 bit bytes in the - * target area. it returns the number of data bytes stored at the target, or -E_BASE64 - * on error. + * target area. + * + * \return The number of data bytes stored at the target, -E_BASE64 on errors. */ int base64_decode(char const *src, unsigned char *target, size_t targsize) { @@ -77,7 +86,7 @@ int base64_decode(char const *src, unsigned char *target, size_t targsize) break; pos = strchr(Base64, ch); - if (pos == 0) /* A non-base64 character. */ + if (pos == NULL) /* A non-base64 character. */ return -E_BASE64; switch (state) { @@ -177,6 +186,17 @@ int base64_decode(char const *src, unsigned char *target, size_t targsize) return tarindex; } +/** + * uudecode a buffer. + * + * \param src The buffer to decode. + * \param target Result buffer. + * \param targsize The length of \a target in bytes. + * + * This is just a simple wrapper for base64_decode() which strips whitespace. + * + * \return The return value of the underlying call to base64_decode(). + */ int uudecode(const char *src, unsigned char *target, size_t targsize) { int len; @@ -196,9 +216,15 @@ int uudecode(const char *src, unsigned char *target, size_t targsize) return len; } -/* - * Can not use the inline functions of portable_io.h here because the byte - * order is different. +/** + * Read a 4-byte number from a buffer in big-endian format. + * + * \param vp The buffer. + * + * The byte-order of the buffer is expected to be big-endian, unlike read_u32() + * of portable_io.h which expects little endian. + * + * \return The 32 bit number given by \a vp. */ uint32_t read_ssh_u32(const void *vp) { @@ -213,6 +239,19 @@ uint32_t read_ssh_u32(const void *vp) return v; } +/** + * Sanity checks for the header of an ssh key. + * + * \param blob The buffer. + * \param blen The number of bytes of \a blob. + * + * This performs some checks to make sure we really have an ssh key. It also + * computes the offset in bytes of the start of the key values (modulus, + * exponent..). + * + * \return The number of bytes to skip until the start of the first encoded + * number (usually 11). + */ int check_ssh_key_header(const unsigned char *blob, int blen) { const unsigned char *p = blob, *end = blob + blen; @@ -234,6 +273,18 @@ int check_ssh_key_header(const unsigned char *blob, int blen) return 4 + rlen; } +/** + * Check existence and permissions of a key file. + * + * \param file The path of the key file. + * \param private_key Whether this is a private key. + * + * This checks whether the file exists. If it is a private key, we additionally + * check that the permissions are restrictive enough. It is considered an error + * if we own the file and it is readable for others. + * + * \return Standard. + */ int check_key_file(const char *file, bool private_key) { struct stat st;