From 24444eb396759b24f35dc9d2382a249dd9211990 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sun, 22 Nov 2020 08:40:38 +0000 Subject: [PATCH] Expose a global list of known host key algorithms. The information was already centralised in find_pubkey_alg, but that had a query-based API that couldn't enumerate the key types. Now I expose an underlying array so that it's possible to iterate over them. Also, I'd forgotten to add the two new rsa-sha2-* algorithms to find_pubkey_alg. That's also done as part of this commit. --- ssh.h | 2 ++ sshpubk.c | 34 ++++++++++++++++++---------------- 2 files changed, 20 insertions(+), 16 deletions(-) diff --git a/ssh.h b/ssh.h index 1cdfe3b8..fe9eb394 100644 --- a/ssh.h +++ b/ssh.h @@ -1230,6 +1230,8 @@ int rsa1_loadpub_s(BinarySource *src, BinarySink *bs, int rsa1_loadpub_f(const Filename *filename, BinarySink *bs, char **commentptr, const char **errorstr); +extern const ssh_keyalg *const all_keyalgs[]; +extern const size_t n_keyalgs; const ssh_keyalg *find_pubkey_alg(const char *name); const ssh_keyalg *find_pubkey_alg_len(ptrlen name); diff --git a/sshpubk.c b/sshpubk.c index 4675eec1..b8d7ffb2 100644 --- a/sshpubk.c +++ b/sshpubk.c @@ -634,24 +634,26 @@ static bool read_blob(BinarySource *src, int nlines, BinarySink *bs) */ ssh2_userkey ssh2_wrong_passphrase = { NULL, NULL }; +const ssh_keyalg *const all_keyalgs[] = { + &ssh_rsa, + &ssh_rsa_sha256, + &ssh_rsa_sha512, + &ssh_dss, + &ssh_ecdsa_nistp256, + &ssh_ecdsa_nistp384, + &ssh_ecdsa_nistp521, + &ssh_ecdsa_ed25519, + &ssh_ecdsa_ed448, +}; +const size_t n_keyalgs = lenof(all_keyalgs); + const ssh_keyalg *find_pubkey_alg_len(ptrlen name) { - if (ptrlen_eq_string(name, "ssh-rsa")) - return &ssh_rsa; - else if (ptrlen_eq_string(name, "ssh-dss")) - return &ssh_dss; - else if (ptrlen_eq_string(name, "ecdsa-sha2-nistp256")) - return &ssh_ecdsa_nistp256; - else if (ptrlen_eq_string(name, "ecdsa-sha2-nistp384")) - return &ssh_ecdsa_nistp384; - else if (ptrlen_eq_string(name, "ecdsa-sha2-nistp521")) - return &ssh_ecdsa_nistp521; - else if (ptrlen_eq_string(name, "ssh-ed25519")) - return &ssh_ecdsa_ed25519; - else if (ptrlen_eq_string(name, "ssh-ed448")) - return &ssh_ecdsa_ed448; - else - return NULL; + for (size_t i = 0; i < n_keyalgs; i++) + if (ptrlen_eq_string(name, all_keyalgs[i]->ssh_id)) + return all_keyalgs[i]; + + return NULL; } const ssh_keyalg *find_pubkey_alg(const char *name)