From 23250f07b88ed54e4564d5b55afc3a8855d70872 Mon Sep 17 00:00:00 2001 From: markus Date: Tue, 30 May 2017 14:16:41 +0000 Subject: [PATCH] remove unused wrapper functions from key.[ch]; ok djm@ --- usr.bin/ssh/key.c | 177 +-------------------------------------- usr.bin/ssh/key.h | 36 +------- usr.bin/ssh/ssh-add.c | 4 +- usr.bin/ssh/ssh-keygen.c | 20 ++--- 4 files changed, 14 insertions(+), 223 deletions(-) diff --git a/usr.bin/ssh/key.c b/usr.bin/ssh/key.c index 3be13706614..921a9b54677 100644 --- a/usr.bin/ssh/key.c +++ b/usr.bin/ssh/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.130 2016/05/02 09:36:42 djm Exp $ */ +/* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */ /* * placed in the public domain */ @@ -18,68 +18,6 @@ #include "log.h" #include "authfile.h" -void -key_add_private(Key *k) -{ - int r; - - if ((r = sshkey_add_private(k)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); -} - -Key * -key_new_private(int type) -{ - Key *ret = NULL; - - if ((ret = sshkey_new_private(type)) == NULL) - fatal("%s: failed", __func__); - return ret; -} - -int -key_read(Key *ret, char **cpp) -{ - return sshkey_read(ret, cpp) == 0 ? 1 : -1; -} - -int -key_write(const Key *key, FILE *f) -{ - return sshkey_write(key, f) == 0 ? 1 : 0; -} - -Key * -key_generate(int type, u_int bits) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_generate(type, bits, &ret)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); - return ret; -} - -void -key_cert_copy(const Key *from_key, Key *to_key) -{ - int r; - - if ((r = sshkey_cert_copy(from_key, to_key)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); -} - -Key * -key_from_private(const Key *k) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_from_private(k, &ret)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); - return ret; -} - static void fatal_on_fatal_errors(int r, const char *func, int extra_fatal) { @@ -181,19 +119,6 @@ key_demote(const Key *k) return ret; } -int -key_to_certified(Key *k) -{ - int r; - - if ((r = sshkey_to_certified(k)) != 0) { - fatal_on_fatal_errors(r, __func__, 0); - error("%s: %s", __func__, ssh_err(r)); - return -1; - } - return 0; -} - int key_drop_cert(Key *k) { @@ -207,19 +132,6 @@ key_drop_cert(Key *k) return 0; } -int -key_certify(Key *k, Key *ca) -{ - int r; - - if ((r = sshkey_certify(k, ca, NULL)) != 0) { - fatal_on_fatal_errors(r, __func__, 0); - error("%s: %s", __func__, ssh_err(r)); - return -1; - } - return 0; -} - int key_cert_check_authority(const Key *k, int want_host, int require_principal, const char *name, const char **reason) @@ -235,88 +147,8 @@ key_cert_check_authority(const Key *k, int want_host, int require_principal, return 0; } -#ifdef WITH_OPENSSL -int -key_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) -{ - int r; - - if ((r = sshkey_ec_validate_public(group, public)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - error("%s: %s", __func__, ssh_err(r)); - return -1; - } - return 0; -} - -int -key_ec_validate_private(const EC_KEY *key) -{ - int r; - - if ((r = sshkey_ec_validate_private(key)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - error("%s: %s", __func__, ssh_err(r)); - return -1; - } - return 0; -} -#endif /* WITH_OPENSSL */ - -void -key_private_serialize(const Key *key, struct sshbuf *b) -{ - int r; - - if ((r = sshkey_private_serialize(key, b)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); -} - -Key * -key_private_deserialize(struct sshbuf *blob) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_private_deserialize(blob, &ret)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - error("%s: %s", __func__, ssh_err(r)); - return NULL; - } - return ret; -} - /* authfile.c */ -int -key_save_private(Key *key, const char *filename, const char *passphrase, - const char *comment, int force_new_format, const char *new_format_cipher, - int new_format_rounds) -{ - int r; - - if ((r = sshkey_save_private(key, filename, passphrase, comment, - force_new_format, new_format_cipher, new_format_rounds)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - error("%s: %s", __func__, ssh_err(r)); - return 0; - } - return 1; -} - -int -key_load_file(int fd, const char *filename, struct sshbuf *blob) -{ - int r; - - if ((r = sshkey_load_file(fd, blob)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - error("%s: %s", __func__, ssh_err(r)); - return 0; - } - return 1; -} - Key * key_load_cert(const char *filename) { @@ -415,10 +247,3 @@ key_load_private_type(int type, const char *filename, const char *passphrase, } return ret; } - -int -key_perm_ok(int fd, const char *filename) -{ - return sshkey_perm_ok(fd, filename) == 0 ? 1 : 0; -} - diff --git a/usr.bin/ssh/key.h b/usr.bin/ssh/key.h index ecb7db98925..a14f370376c 100644 --- a/usr.bin/ssh/key.h +++ b/usr.bin/ssh/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.50 2016/09/12 23:31:27 djm Exp $ */ +/* $OpenBSD: key.h,v 1.51 2017/05/30 14:16:41 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -35,51 +35,24 @@ typedef struct sshkey Key; #define fp_rep sshkey_fp_rep #ifndef SSH_KEY_NO_DEFINE -#define key_new sshkey_new #define key_free sshkey_free #define key_equal_public sshkey_equal_public #define key_equal sshkey_equal #define key_type sshkey_type -#define key_cert_type sshkey_cert_type #define key_ssh_name sshkey_ssh_name #define key_ssh_name_plain sshkey_ssh_name_plain #define key_type_from_name sshkey_type_from_name -#define key_ecdsa_nid_from_name sshkey_ecdsa_nid_from_name -#define key_type_is_cert sshkey_type_is_cert -#define key_size sshkey_size -#define key_ecdsa_bits_to_nid sshkey_ecdsa_bits_to_nid -#define key_ecdsa_key_to_nid sshkey_ecdsa_key_to_nid #define key_is_cert sshkey_is_cert #define key_type_plain sshkey_type_plain -#define key_curve_name_to_nid sshkey_curve_name_to_nid -#define key_curve_nid_to_bits sshkey_curve_nid_to_bits -#define key_curve_nid_to_name sshkey_curve_nid_to_name -#define key_ec_nid_to_hash_alg sshkey_ec_nid_to_hash_alg -#define key_dump_ec_point sshkey_dump_ec_point -#define key_dump_ec_key sshkey_dump_ec_key #endif -void key_add_private(Key *); -Key *key_new_private(int); void key_free(Key *); Key *key_demote(const Key *); -int key_write(const Key *, FILE *); -int key_read(Key *, char **); -Key *key_generate(int, u_int); -Key *key_from_private(const Key *); -int key_to_certified(Key *); int key_drop_cert(Key *); -int key_certify(Key *, Key *); -void key_cert_copy(const Key *, Key *); int key_cert_check_authority(const Key *, int, int, const char *, const char **); -#ifdef WITH_OPENSSL -int key_ec_validate_public(const EC_GROUP *, const EC_POINT *); -int key_ec_validate_private(const EC_KEY *); -#endif /* WITH_OPENSSL */ - Key *key_from_blob(const u_char *, u_int); int key_to_blob(const Key *, u_char **, u_int *); @@ -87,18 +60,11 @@ int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int, const char *); int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); -void key_private_serialize(const Key *, struct sshbuf *); -Key *key_private_deserialize(struct sshbuf *); - /* authfile.c */ -int key_save_private(Key *, const char *, const char *, const char *, - int, const char *, int); -int key_load_file(int, const char *, struct sshbuf *); Key *key_load_cert(const char *); Key *key_load_public(const char *, char **); Key *key_load_private(const char *, const char *, char **); Key *key_load_private_cert(int, const char *, const char *, int *); Key *key_load_private_type(int, const char *, const char *, char **, int *); -int key_perm_ok(int, const char *); #endif diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c index b24a6c982f9..9ef28eebe8e 100644 --- a/usr.bin/ssh/ssh-add.c +++ b/usr.bin/ssh/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.132 2017/05/30 14:16:41 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -298,7 +298,7 @@ add_file(int agent_fd, const char *filename, int key_only) goto out; } if ((r = sshkey_cert_copy(cert, private)) != 0) { - error("%s: key_cert_copy: %s", __func__, ssh_err(r)); + error("%s: sshkey_cert_copy: %s", __func__, ssh_err(r)); sshkey_free(cert); goto out; } diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index c9b7afa6289..410cc4bfe8b 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.303 2017/05/07 23:15:59 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.304 2017/05/30 14:16:41 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -478,7 +478,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) return NULL; } if ((key = sshkey_new_private(ktype)) == NULL) - fatal("key_new_private failed"); + fatal("sshkey_new_private failed"); free(type); switch (key->type) { @@ -756,7 +756,7 @@ do_print_public(struct passwd *pw) fatal("%s: %s", identity_file, strerror(errno)); prv = load_identity(identity_file); if ((r = sshkey_write(prv, stdout)) != 0) - error("key_write failed: %s", ssh_err(r)); + error("sshkey_write failed: %s", ssh_err(r)); sshkey_free(prv); fprintf(stdout, "\n"); exit(0); @@ -1003,7 +1003,7 @@ do_gen_all_hostkeys(struct passwd *pw) bits = 0; type_bits_valid(type, NULL, &bits); if ((r = sshkey_generate(type, bits, &private)) != 0) { - error("key_generate failed: %s", ssh_err(r)); + error("sshkey_generate failed: %s", ssh_err(r)); first = 0; continue; } @@ -1459,7 +1459,7 @@ do_change_comment(struct passwd *pw) explicit_bzero(passphrase, strlen(passphrase)); free(passphrase); if ((r = sshkey_from_private(private, &public)) != 0) - fatal("key_from_private failed: %s", ssh_err(r)); + fatal("sshkey_from_private failed: %s", ssh_err(r)); sshkey_free(private); strlcat(identity_file, ".pub", sizeof(identity_file)); @@ -1646,7 +1646,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) OPTIONS_EXTENSIONS); if ((r = sshkey_from_private(ca, &public->cert->signature_key)) != 0) - fatal("key_from_private (ca key): %s", ssh_err(r)); + fatal("sshkey_from_private (ca key): %s", ssh_err(r)); if ((r = sshkey_certify(public, ca, key_type_name)) != 0) fatal("Couldn't certify key %s: %s", tmp, ssh_err(r)); @@ -1964,7 +1964,7 @@ do_show_cert(struct passwd *pw) if (*cp == '#' || *cp == '\0') continue; if ((key = sshkey_new(KEY_UNSPEC)) == NULL) - fatal("key_new"); + fatal("sshkey_new"); if ((r = sshkey_read(key, &cp)) != 0) { error("%s:%lu: invalid key: %s", path, lnum, ssh_err(r)); @@ -2111,7 +2111,7 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca, */ } if ((key = sshkey_new(KEY_UNSPEC)) == NULL) - fatal("key_new"); + fatal("sshkey_new"); if ((r = sshkey_read(key, &cp)) != 0) fatal("%s:%lu: invalid key: %s", path, lnum, ssh_err(r)); @@ -2649,9 +2649,9 @@ main(int argc, char **argv) printf("Generating public/private %s key pair.\n", key_type_name); if ((r = sshkey_generate(type, bits, &private)) != 0) - fatal("key_generate failed"); + fatal("sshkey_generate failed"); if ((r = sshkey_from_private(private, &public)) != 0) - fatal("key_from_private failed: %s\n", ssh_err(r)); + fatal("sshkey_from_private failed: %s\n", ssh_err(r)); if (!have_identity) ask_filename(pw, "Enter file in which to save the key"); -- 2.20.1