wincng: add support for authentication keys to be passed in memory
Based upon 18cfec8336e and daa2dfa2db.
diff --git a/src/wincng.c b/src/wincng.c
index 4419562..7f06c0f 100644
--- a/src/wincng.c
+++ b/src/wincng.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2013-2014 Marc Hoersken <info@marc-hoersken.de>
+ * Copyright (C) 2013-2015 Marc Hoersken <info@marc-hoersken.de>
* All rights reserved.
*
* Redistribution and use in source and binary forms,
@@ -540,6 +540,42 @@
}
static int
+_libssh2_wincng_load_private_memory(LIBSSH2_SESSION *session,
+ const char *privatekeydata,
+ size_t privatekeydata_len,
+ const char *passphrase,
+ unsigned char **ppbEncoded,
+ unsigned long *pcbEncoded)
+{
+ unsigned char *data;
+ unsigned int datalen;
+ int ret;
+
+ (void)passphrase;
+
+ ret = _libssh2_pem_parse_memory(session,
+ "-----BEGIN RSA PRIVATE KEY-----",
+ "-----END RSA PRIVATE KEY-----",
+ privatekeydata, privatekeydata_len,
+ &data, &datalen);
+
+ if (ret) {
+ ret = _libssh2_pem_parse_memory(session,
+ "-----BEGIN DSA PRIVATE KEY-----",
+ "-----END DSA PRIVATE KEY-----",
+ privatekeydata, privatekeydata_len,
+ &data, &datalen);
+ }
+
+ if (!ret) {
+ *ppbEncoded = data;
+ *pcbEncoded = datalen;
+ }
+
+ return ret;
+}
+
+static int
_libssh2_wincng_asn_decode(unsigned char *pbEncoded,
unsigned long cbEncoded,
LPCSTR lpszStructType,
@@ -865,27 +901,20 @@
return 0;
}
-int
-_libssh2_wincng_rsa_new_private(libssh2_rsa_ctx **rsa,
- LIBSSH2_SESSION *session,
- const char *filename,
- const unsigned char *passphrase)
-{
#ifdef HAVE_LIBCRYPT32
+static int
+_libssh2_wincng_rsa_new_private_parse(libssh2_rsa_ctx **rsa,
+ LIBSSH2_SESSION *session,
+ unsigned char *pbEncoded,
+ unsigned long cbEncoded)
+{
BCRYPT_KEY_HANDLE hKey;
- unsigned char *pbEncoded, *pbStructInfo;
- unsigned long cbEncoded, cbStructInfo;
+ unsigned char *pbStructInfo;
+ unsigned long cbStructInfo;
int ret;
(void)session;
- ret = _libssh2_wincng_load_private(session, filename,
- (const char *)passphrase,
- &pbEncoded, &cbEncoded);
- if (ret) {
- return -1;
- }
-
ret = _libssh2_wincng_asn_decode(pbEncoded, cbEncoded,
PKCS_RSA_PRIVATE_KEY,
&pbStructInfo, &cbStructInfo);
@@ -918,6 +947,31 @@
(*rsa)->cbKeyObject = cbStructInfo;
return 0;
+}
+#endif /* HAVE_LIBCRYPT32 */
+
+int
+_libssh2_wincng_rsa_new_private(libssh2_rsa_ctx **rsa,
+ LIBSSH2_SESSION *session,
+ const char *filename,
+ const unsigned char *passphrase)
+{
+#ifdef HAVE_LIBCRYPT32
+ unsigned char *pbEncoded;
+ unsigned long cbEncoded;
+ int ret;
+
+ (void)session;
+
+ ret = _libssh2_wincng_load_private(session, filename,
+ (const char *)passphrase,
+ &pbEncoded, &cbEncoded);
+ if (ret) {
+ return -1;
+ }
+
+ return _libssh2_wincng_rsa_new_private_parse(rsa, session,
+ pbEncoded, cbEncoded);
#else
(void)rsa;
(void)filename;
@@ -930,18 +984,38 @@
}
int
-_libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
- LIBSSH2_SESSION *session,
- const char *filedata, size_t filedata_len,
- unsigned const char *passphrase)
+_libssh2_wincng_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
+ LIBSSH2_SESSION *session,
+ char *filedata,
+ size_t filedata_len,
+ unsigned const char *passphrase)
{
+#ifdef HAVE_LIBCRYPT32
+ unsigned char *pbEncoded;
+ unsigned long cbEncoded;
+ int ret;
+
+ (void)session;
+
+ ret = _libssh2_wincng_load_private_memory(session, filedata, filedata_len,
+ (const char *)passphrase,
+ &pbEncoded, &cbEncoded);
+ if (ret) {
+ return -1;
+ }
+
+ return _libssh2_wincng_rsa_new_private_parse(rsa, session,
+ pbEncoded, cbEncoded);
+#else
(void)rsa;
(void)filedata;
(void)filedata_len;
(void)passphrase;
+
return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED,
"Unable to extract private key from memory: "
- "Method unimplemented in Windows CNG backend");
+ "Method unsupported in Windows CNG backend");
+#endif /* HAVE_LIBCRYPT32 */
}
int
@@ -1128,26 +1202,19 @@
return 0;
}
-int
-_libssh2_wincng_dsa_new_private(libssh2_dsa_ctx **dsa,
- LIBSSH2_SESSION *session,
- const char *filename,
- const unsigned char *passphrase)
-{
#ifdef HAVE_LIBCRYPT32
- unsigned char *pbEncoded, **rpbDecoded;
- unsigned long cbEncoded, *rcbDecoded, index, length;
+static int
+_libssh2_wincng_dsa_new_private_parse(libssh2_dsa_ctx **dsa,
+ LIBSSH2_SESSION *session,
+ unsigned char *pbEncoded,
+ unsigned long cbEncoded)
+{
+ unsigned char **rpbDecoded;
+ unsigned long *rcbDecoded, index, length;
int ret;
(void)session;
- ret = _libssh2_wincng_load_private(session, filename,
- (const char *)passphrase,
- &pbEncoded, &cbEncoded);
- if (ret) {
- return -1;
- }
-
ret = _libssh2_wincng_asn_decode_bns(pbEncoded, cbEncoded,
&rpbDecoded, &rcbDecoded, &length);
@@ -1180,6 +1247,29 @@
free(rcbDecoded);
return ret;
+}
+#endif /* HAVE_LIBCRYPT32 */
+
+int
+_libssh2_wincng_dsa_new_private(libssh2_dsa_ctx **dsa,
+ LIBSSH2_SESSION *session,
+ const char *filename,
+ const unsigned char *passphrase)
+{
+#ifdef HAVE_LIBCRYPT32
+ unsigned char *pbEncoded;
+ unsigned long cbEncoded;
+ int ret;
+
+ ret = _libssh2_wincng_load_private(session, filename,
+ (const char *)passphrase,
+ &pbEncoded, &cbEncoded);
+ if (ret) {
+ return -1;
+ }
+
+ return _libssh2_wincng_dsa_new_private_parse(dsa, session,
+ pbEncoded, cbEncoded);
#else
(void)dsa;
(void)filename;
@@ -1192,18 +1282,36 @@
}
int
-_libssh2_dsa_new_private_frommemory(libssh2_dsa_ctx **dsa,
- LIBSSH2_SESSION *session,
- const char *filedata, size_t filedata_len,
- unsigned const char *passphrase)
+_libssh2_wincng_dsa_new_private_frommemory(libssh2_dsa_ctx **dsa,
+ LIBSSH2_SESSION *session,
+ const char *filedata,
+ size_t filedata_len,
+ unsigned const char *passphrase)
{
+#ifdef HAVE_LIBCRYPT32
+ unsigned char *pbEncoded;
+ unsigned long cbEncoded;
+ int ret;
+
+ ret = _libssh2_wincng_load_private_memory(session, filedata, filedata_len,
+ (const char *)passphrase,
+ &pbEncoded, &cbEncoded);
+ if (ret) {
+ return -1;
+ }
+
+ return _libssh2_wincng_dsa_new_private_parse(dsa, session,
+ pbEncoded, cbEncoded);
+#else
(void)dsa;
(void)filedata;
(void)filedata_len;
(void)passphrase;
+
return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED,
"Unable to extract private key from memory: "
- "Method unimplemented in Windows CNG backend");
+ "Method unsupported in Windows CNG backend");
+#endif /* HAVE_LIBCRYPT32 */
}
int
@@ -1280,6 +1388,7 @@
* Windows CNG backend: Key functions
*/
+#ifdef HAVE_LIBCRYPT32
static unsigned long
_libssh2_wincng_pub_priv_write(unsigned char *key,
unsigned long offset,
@@ -1295,29 +1404,22 @@
return offset;
}
-int
-_libssh2_wincng_pub_priv_keyfile(LIBSSH2_SESSION *session,
- unsigned char **method,
- size_t *method_len,
- unsigned char **pubkeydata,
- size_t *pubkeydata_len,
- const char *privatekey,
- const char *passphrase)
+static int
+_libssh2_wincng_pub_priv_keyfile_parse(LIBSSH2_SESSION *session,
+ unsigned char **method,
+ size_t *method_len,
+ unsigned char **pubkeydata,
+ size_t *pubkeydata_len,
+ unsigned char *pbEncoded,
+ unsigned long cbEncoded)
{
-#ifdef HAVE_LIBCRYPT32
- unsigned char *pbEncoded, **rpbDecoded;
- unsigned long cbEncoded, *rcbDecoded;
+ unsigned char **rpbDecoded;
+ unsigned long *rcbDecoded;
unsigned char *key = NULL, *mth = NULL;
unsigned long keylen = 0, mthlen = 0;
unsigned long index, offset, length;
int ret;
- ret = _libssh2_wincng_load_private(session, privatekey, passphrase,
- &pbEncoded, &cbEncoded);
- if (ret) {
- return -1;
- }
-
ret = _libssh2_wincng_asn_decode_bns(pbEncoded, cbEncoded,
&rpbDecoded, &rcbDecoded, &length);
@@ -1417,6 +1519,32 @@
}
return ret;
+}
+#endif /* HAVE_LIBCRYPT32 */
+
+int
+_libssh2_wincng_pub_priv_keyfile(LIBSSH2_SESSION *session,
+ unsigned char **method,
+ size_t *method_len,
+ unsigned char **pubkeydata,
+ size_t *pubkeydata_len,
+ const char *privatekey,
+ const char *passphrase)
+{
+#ifdef HAVE_LIBCRYPT32
+ unsigned char *pbEncoded;
+ unsigned long cbEncoded;
+ int ret;
+
+ ret = _libssh2_wincng_load_private(session, privatekey, passphrase,
+ &pbEncoded, &cbEncoded);
+ if (ret) {
+ return -1;
+ }
+
+ return _libssh2_wincng_pub_priv_keyfile_parse(session, method, method_len,
+ pubkeydata, pubkeydata_len,
+ pbEncoded, cbEncoded);
#else
(void)method;
(void)method_len;
@@ -1432,15 +1560,31 @@
}
int
-_libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION * session,
- unsigned char **method,
- size_t *method_len,
- unsigned char **pubkeydata,
- size_t *pubkeydata_len,
- const char *privatekeydata,
- size_t privatekeydata_len,
- const char *passphrase)
+_libssh2_wincng_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
+ unsigned char **method,
+ size_t *method_len,
+ unsigned char **pubkeydata,
+ size_t *pubkeydata_len,
+ const char *privatekeydata,
+ size_t privatekeydata_len,
+ const char *passphrase)
{
+#ifdef HAVE_LIBCRYPT32
+ unsigned char *pbEncoded;
+ unsigned long cbEncoded;
+ int ret;
+
+ ret = _libssh2_wincng_load_private_memory(session, privatekeydata,
+ privatekeydata_len, passphrase,
+ &pbEncoded, &cbEncoded);
+ if (ret) {
+ return -1;
+ }
+
+ return _libssh2_wincng_pub_priv_keyfile_parse(session, method, method_len,
+ pubkeydata, pubkeydata_len,
+ pbEncoded, cbEncoded);
+#else
(void)method;
(void)method_len;
(void)pubkeydata_len;
@@ -1451,7 +1595,8 @@
return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED,
"Unable to extract public key from private key in memory: "
- "Method unimplemented in Windows CNG backend");
+ "Method unsupported in Windows CNG backend");
+#endif /* HAVE_LIBCRYPT32 */
}
/*******************************************************************/
diff --git a/src/wincng.h b/src/wincng.h
index 57c6ba2..075331a 100644
--- a/src/wincng.h
+++ b/src/wincng.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2013-2014 Marc Hoersken <info@marc-hoersken.de>
+ * Copyright (C) 2013-2015 Marc Hoersken <info@marc-hoersken.de>
* All rights reserved.
*
* Redistribution and use in source and binary forms,
@@ -191,6 +191,10 @@
e1, e1_len, e2, e2_len, c, c_len)
#define _libssh2_rsa_new_private(rsactx, s, filename, passphrase) \
_libssh2_wincng_rsa_new_private(rsactx, s, filename, passphrase)
+#define _libssh2_rsa_new_private_frommemory(rsactx, s, filedata, \
+ filedata_len, passphrase) \
+ _libssh2_wincng_rsa_new_private_frommemory(rsactx, s, filedata, \
+ filedata_len, passphrase)
#define _libssh2_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) \
_libssh2_wincng_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len)
#define _libssh2_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) \
@@ -209,6 +213,10 @@
g, g_len, y, y_len, x, x_len)
#define _libssh2_dsa_new_private(rsactx, s, filename, passphrase) \
_libssh2_wincng_dsa_new_private(rsactx, s, filename, passphrase)
+#define _libssh2_dsa_new_private_frommemory(rsactx, s, filedata, \
+ filedata_len, passphrase) \
+ _libssh2_wincng_dsa_new_private_frommemory(rsactx, s, filedata, \
+ filedata_len, passphrase)
#define _libssh2_dsa_sha1_sign(dsactx, hash, hash_len, sig) \
_libssh2_wincng_dsa_sha1_sign(dsactx, hash, hash_len, sig)
#define _libssh2_dsa_sha1_verify(dsactx, sig, m, m_len) \
@@ -222,6 +230,10 @@
#define _libssh2_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw) \
_libssh2_wincng_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw)
+#define _libssh2_pub_priv_keyfilememory(s, m, m_len, p, p_len, \
+ pk, pk_len, pw) \
+ _libssh2_wincng_pub_priv_keyfilememory(s, m, m_len, p, p_len, \
+ pk, pk_len, pw)
/*******************************************************************/
@@ -382,6 +394,12 @@
const char *filename,
const unsigned char *passphrase);
int
+_libssh2_wincng_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
+ LIBSSH2_SESSION *session,
+ char *filedata,
+ size_t filedata_len,
+ unsigned const char *passphrase);
+int
_libssh2_wincng_rsa_sha1_verify(libssh2_rsa_ctx *rsa,
const unsigned char *sig,
unsigned long sig_len,
@@ -416,6 +434,12 @@
const char *filename,
const unsigned char *passphrase);
int
+_libssh2_wincng_dsa_new_private_frommemory(libssh2_dsa_ctx **dsa,
+ LIBSSH2_SESSION *session,
+ const char *filedata,
+ size_t filedata_len,
+ unsigned const char *passphrase);
+int
_libssh2_wincng_dsa_sha1_verify(libssh2_dsa_ctx *dsa,
const unsigned char *sig_fixed,
const unsigned char *m,
@@ -437,6 +461,15 @@
size_t *pubkeydata_len,
const char *privatekey,
const char *passphrase);
+int
+_libssh2_wincng_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
+ unsigned char **method,
+ size_t *method_len,
+ unsigned char **pubkeydata,
+ size_t *pubkeydata_len,
+ const char *privatekeydata,
+ size_t privatekeydata_len,
+ const char *passphrase);
int
_libssh2_wincng_cipher_init(_libssh2_cipher_ctx *ctx,