[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

pki_private_key_from_base64: key flags issue


Hello,

I found that `pki_private_key_from_base64' procedure returns a key with
both private and public flag set.  It makes it impossible to determine
whether the key is public or private with `ssh_key_is_private' and
`ssh_key_is_public' predicates because they both return 1 (true) for the
key.

The issue was found in libssh 0.6.3 and as far as I can see it persists
in the latest commits in the repository.

Is it done intentionally?

If it is not, then it should be fixed.  I prepared a patch that fixes
that issue, please find the patch attached.  That's my first patch for
libssh, so any comments and suggestions will be very appreciated.

Thanks,

- Artyom

-- 
Artyom V. Poptsov <poptsov.artyom@xxxxxxxxx>
Home page: http://poptsov-artyom.narod.ru/
From 5fdb4061ffb45e332cf2314676fcf10735542208 Mon Sep 17 00:00:00 2001
From: "Artyom V. Poptsov" <poptsov.artyom@xxxxxxxxx>
Date: Sun, 24 Aug 2014 11:56:56 +0400
Subject: [PATCH] pki_crypto: Fix 'pki_private_key_from_base64' key flags

Don't set the SSH_KEY_FLAG_PUBLIC flag for a private key in
'pki_private_key_from_base64' so 'ssh_key_is_public' predicate will
return 0 (false) for the key.

Signed-off-by: Artyom V. Poptsov <poptsov.artyom@xxxxxxxxx>
---
 src/pki_crypto.c | 2 +-
 src/pki_gcrypt.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index 425e535..b73289d 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -772,7 +772,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
 
     key->type = type;
     key->type_c = ssh_key_type_to_char(type);
-    key->flags = SSH_KEY_FLAG_PRIVATE | SSH_KEY_FLAG_PUBLIC;
+    key->flags = SSH_KEY_FLAG_PRIVATE;
     key->dsa = dsa;
     key->rsa = rsa;
     key->ecdsa = ecdsa;
diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c
index fff5237..9f70579 100644
--- a/src/pki_gcrypt.c
+++ b/src/pki_gcrypt.c
@@ -679,7 +679,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
 
     key->type = type;
     key->type_c = ssh_key_type_to_char(type);
-    key->flags = SSH_KEY_FLAG_PRIVATE | SSH_KEY_FLAG_PUBLIC;
+    key->flags = SSH_KEY_FLAG_PRIVATE;
     key->dsa = dsa;
     key->rsa = rsa;
 
-- 
1.8.5.5


Follow-Ups:
Re: pki_private_key_from_base64: key flags issueAndreas Schneider <asn@xxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org