From 9ec8efcc4a9a0924d0dc822d07e4faeb9548fdf2 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Bar=C4=B1=C5=9F=20Metin?= Date: Tue, 29 Jun 2010 19:34:51 +0000 Subject: [PATCH] use the python implementation for keyconvert --- Makefile | 18 +---- keyconvert/Makefile | 13 ---- keyconvert/b64decode.c | 62 ------------------ keyconvert/b64decode.h | 7 -- keyconvert/keyconvert.c | 127 ------------------------------------ keyconvert/keyconvert.h | 6 -- keyconvert/keyconvertext.c | 34 ---------- keyconvert/keyconvertmain.c | 67 ------------------- keyconvert/test.sh | 18 ++--- setup.py | 1 + sfa.spec | 2 +- sfa/trust/certificate.py | 2 +- 12 files changed, 15 insertions(+), 342 deletions(-) delete mode 100644 keyconvert/Makefile delete mode 100644 keyconvert/b64decode.c delete mode 100644 keyconvert/b64decode.h delete mode 100644 keyconvert/keyconvert.c delete mode 100644 keyconvert/keyconvert.h delete mode 100644 keyconvert/keyconvertext.c delete mode 100644 keyconvert/keyconvertmain.c diff --git a/Makefile b/Makefile index 79321726..a1bd00a1 100644 --- a/Makefile +++ b/Makefile @@ -5,28 +5,16 @@ DESTDIR="/" ########## -all: keyconvert python wsdl +all: python wsdl -install: keyconvert-install python-install wsdl-install xmlbuilder-install +install: python-install wsdl-install xmlbuilder-install -clean: keyconvert-clean python-clean wsdl-clean +clean: python-clean wsdl-clean uninstall: python-uninstall .PHONY: all install clean -########## -keyconvert: - $(MAKE) -C keyconvert - -keyconvert-install: - $(MAKE) -C keyconvert install - -keyconvert-clean: - $(MAKE) -C keyconvert clean - -.PHONY: keyconvert keyconvert-install keyconvert-clean - ########## python: diff --git a/keyconvert/Makefile b/keyconvert/Makefile deleted file mode 100644 index 99ebd914..00000000 --- a/keyconvert/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -# 'make' should not install - DESTDIR might be wrong at this stage -all: keyconvert - -keyconvert: - gcc -o keyconvert -lcrypto -ldl keyconvert.c keyconvertmain.c b64decode.c - -install: keyconvert - install -d -m 0755 $(DESTDIR)/usr/bin - install -c -m 0755 keyconvert $(DESTDIR)/usr/bin/keyconvert - -clean: - rm -rf keyconvert - rm -f $(DESTDIR)/usr/bin/keyconvert diff --git a/keyconvert/b64decode.c b/keyconvert/b64decode.c deleted file mode 100644 index 07dc4520..00000000 --- a/keyconvert/b64decode.c +++ /dev/null @@ -1,62 +0,0 @@ -#include "b64decode.h" - -#define UNDEF_CH -2 - -char s64table[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; -int charmap[257]; -int *pcharmap; - -void b64decodeinit() -{ - int i; - char ch; - - pcharmap= charmap + 1; - - for (i = 0; i <= 255; i++) - pcharmap[i] = UNDEF_CH; - - for (i = 0; i < 64; i++) { - ch = s64table[i]; - if (pcharmap[ch] == UNDEF_CH) - pcharmap[ch] = i; - } -} - -int b64decode(char *s, char *dest) -{ - int k,k2,i; - - i=0; - while (*s!='\0') { - /* byte #1 */ - if ((*s=='=') || ((k=pcharmap[(unsigned char) (*(s++))])<0)) - return -1; - - /* byte #2 */ - if ((*s=='=') || ((k2=pcharmap[(unsigned char) (*(s++))])<0)) - return -1; - else - dest[i++] = (k<<2) + (k2>>4); - - /* byte #3 */ - if (*s=='=') - s++; - else - if ((k=pcharmap[(unsigned char) (*(s++))])<0) - return -1; - else - dest[i++] = (k2<<4) + (k>>2); - - /* byte #4 */ - if (*s=='=') - s++; - else - if ((k2=pcharmap[(unsigned char) (*(s++))])<0) - -1; - else - dest[i++] = (k<<6) + (k2); - } - - return i; -} diff --git a/keyconvert/b64decode.h b/keyconvert/b64decode.h deleted file mode 100644 index b93a2521..00000000 --- a/keyconvert/b64decode.h +++ /dev/null @@ -1,7 +0,0 @@ -#ifndef __B64DECODE_H -#define __B64DECODE_H - -void b64decodeinit(); -int b64decode(char *s, char *dest); - -#endif diff --git a/keyconvert/keyconvert.c b/keyconvert/keyconvert.c deleted file mode 100644 index 55dd79c1..00000000 --- a/keyconvert/keyconvert.c +++ /dev/null @@ -1,127 +0,0 @@ -#include -#include -#include -#include -#include - -#ifndef TRUE -#define TRUE 1 -#define FALSE (!TRUE) -#endif - -void write_rsa(FILE *fout, char *estr, int elen, char *nstr, int nlen) -{ - RSA *rsa; - BIGNUM *r1, *r2; - - rsa = RSA_new(); - rsa->e = BN_new(); - rsa->n = BN_new(); - - r1 = BN_bin2bn(estr, elen, rsa->e); - r2 = BN_bin2bn(nstr, nlen, rsa->n); - - PEM_write_RSA_PUBKEY(fout, rsa); - - // free rsa ? -} - -void write_dsa(FILE *fout, char *pstr, int plen, char *qstr, int qlen, char *gstr, int glen, char *pkstr, int pklen) -{ - DSA *dsa; - - dsa = DSA_new(); - dsa->p = BN_new(); - dsa->q = BN_new(); - dsa->g = BN_new(); - dsa->pub_key = BN_new(); - - BN_bin2bn(pstr, plen, dsa->p); - BN_bin2bn(qstr, qlen, dsa->q); - BN_bin2bn(gstr, glen, dsa->g); - BN_bin2bn(pkstr, pklen, dsa->pub_key); - - PEM_write_DSA_PUBKEY(fout, dsa); - - // free dsa ? -} - -int get_str(char **src, int *len, char *dest) -{ - int *iptr = (int*) (*src); - int thislen = ntohl(*iptr); - - // eat 4 bytes - (*len) -= 4; - (*src) = (*src) + 4; - -// fprintf(stdout, "thislen = %d\n", thislen); - - if (thislen > *len) { - fprintf(stdout, "thislen(%d) > *len(%d)\n", thislen, *len); - return -1; - } - - memcpy(dest, *src, thislen); - - (*len) = (*len) - thislen; - (*src) = (*src) + thislen; - - // null terminate it - *(dest + thislen) = '\0'; - - return thislen; -} - -int openssh_binary_to_openssl(char *s, int len, FILE *fout) -{ - char keytype[1024], estr[1024], nstr[1024], pstr[1024], qstr[1024], gstr[1024], pkstr[1024]; - int elen, nlen, plen, qlen, glen, pklen; - int result; - - result = get_str(&s, &len, keytype); - if (result <= 0) { - return FALSE; - } - - fprintf(stdout, "keytype = %s\n", keytype); - - if (strcmp(keytype, "ssh-rsa") == 0) { - elen = get_str(&s, &len, estr); -// fprintf(stdout, "elen = %d\n", elen); - if (elen <= 0) { - return FALSE; - } - nlen = get_str(&s, &len, nstr); -// fprintf(stdout, "nlen = %d\n", nlen); - if (nlen <= 0) { - return FALSE; - } - write_rsa(fout, estr, elen, nstr, nlen); - } else if (strcmp(keytype, "ssh-dss") == 0) { - plen = get_str(&s, &len, pstr); -// fprintf(stdout, "plen = %d\n", plen); - if (plen <= 0) { - return FALSE; - } - qlen = get_str(&s, &len, qstr); -// fprintf(stdout, "qlen = %d\n", qlen); - if (qlen <= 0) { - return FALSE; - } - glen = get_str(&s, &len, gstr); -// fprintf(stdout, "glen = %d\n", glen); - if (glen <= 0) { - return FALSE; - } - pklen = get_str(&s, &len, pkstr); -// fprintf(stdout, "pklen = %d\n", pklen); - if (pklen <= 0) { - return FALSE; - } - write_dsa(fout, pstr, plen, qstr, qlen, gstr, glen, pkstr, pklen); - } else { - return FALSE; - } -} - diff --git a/keyconvert/keyconvert.h b/keyconvert/keyconvert.h deleted file mode 100644 index eb942cba..00000000 --- a/keyconvert/keyconvert.h +++ /dev/null @@ -1,6 +0,0 @@ -#ifndef _KEYCONVERT_H -#define _KEYCONVERT_H - -int openssh_binary_to_openssl(char *s, int len, FILE *fout); - -#endif diff --git a/keyconvert/keyconvertext.c b/keyconvert/keyconvertext.c deleted file mode 100644 index d2c9e13a..00000000 --- a/keyconvert/keyconvertext.c +++ /dev/null @@ -1,34 +0,0 @@ -#include - -#include "keyconvert.h" - -static PyObject *keyconvert_opensshtoopenssl(PyObject *self, PyObject *args) -{ - const char *fn; - const char *s; - int len; - FILE *fout; - - PyArg_ParseTuple(args, "ss#", &fn, &s, &len); - - fout = fopen(fn, "wt"); - if (fout == NULL) { - return Py_BuildValue("i", 0); - } else { - fprintf(stdout, "len = %d\n", len); - openssh_binary_to_openssl(s, len, fout); - fclose(fout); - } - - return Py_BuildValue("i", 1); -} - -static PyMethodDef KeyConvertMethods[] = { - {"opensshtoopenssl", keyconvert_opensshtoopenssl, METH_VARARGS, "convert an openssh key to an openssl key"}, - {NULL, NULL, 0, NULL}}; - -PyMODINIT_FUNC initkeyconvert(void) -{ - (void) Py_InitModule("keyconvert", KeyConvertMethods); -} - diff --git a/keyconvert/keyconvertmain.c b/keyconvert/keyconvertmain.c deleted file mode 100644 index 63322957..00000000 --- a/keyconvert/keyconvertmain.c +++ /dev/null @@ -1,67 +0,0 @@ -#include -#include -#include -#include "keyconvert.h" -#include "b64decode.h" - -int main(int argc, char **argv) -{ - FILE *fin, *fout; - char inbytes[16384], *inptr; - char decodedKey[16384]; - int len; - - b64decodeinit(); - - if (argc != 3) { - fprintf(stderr, "syntax: keyconvert \n"); - exit(1); - } - - fin = fopen(argv[1], "rt"); - if (fin == NULL) { - fprintf(stderr, "failed to open %s\n", argv[1]); - exit(1); - } - - memset(inbytes, 0, sizeof(inbytes)); - len = fread(inbytes, 1, sizeof(inbytes), fin); - fclose(fin); - - // fprintf(stdout, "read %d bytes from openssh file\n", len); - - inptr = inbytes; - - // skip leading space - while (isspace(*inptr)) inptr++; - - // skip the ssh-rsa or ssh-dsa part - while (*inptr && !isspace(*inptr)) inptr++; - - // skip spaces between ssh-rsa/ssh-dsa and key - while (isspace(*inptr)) inptr++; - - // if there is any part after the key, terminate it - if (strchr(inptr, ' ') != NULL) { - *strchr(inptr, ' ') = '\0'; - } - - // at this point, inptr contains the b64 encoded openssh key - - len = b64decode(inptr, decodedKey); - -// fprintf(stdout, "decoded openssh file length is %d\n", len); - - fout = fopen(argv[2], "wt"); - if (fout == NULL) { - fprintf(stderr, "failed to open output file %s\n", argv[2]); - exit(1); - } - - openssh_binary_to_openssl(decodedKey, len, fout); - - fclose(fout); - - fprintf(stdout, "completed\n"); - return 0; -} diff --git a/keyconvert/test.sh b/keyconvert/test.sh index 34fc7c2f..5c5744a9 100755 --- a/keyconvert/test.sh +++ b/keyconvert/test.sh @@ -7,19 +7,19 @@ mkdir testout # rsa1 keys # these are in a different format -#./keyconvert test/openssh_rsa1_512.pub testout/openssl_rsa1_512.pem -#./keyconvert test/openssh_rsa1_1024.pub testout/openssl_rsa1_1024.pem -#./keyconvert test/openssh_rsa1_2048.pub testout/openssl_rsa1_2048.pem +#./keyconvert.py test/openssh_rsa1_512.pub testout/openssl_rsa1_512.pem +#./keyconvert.py test/openssh_rsa1_1024.pub testout/openssl_rsa1_1024.pem +#./keyconvert.py test/openssh_rsa1_2048.pub testout/openssl_rsa1_2048.pem # rsa2 keys -./keyconvert test/openssh_rsa_512.pub testout/openssl_rsa_512.pem -./keyconvert test/openssh_rsa_1024.pub testout/openssl_rsa_1024.pem -./keyconvert test/openssh_rsa_2048.pub testout/openssl_rsa_2048.pem +./keyconvert.py test/openssh_rsa_512.pub testout/openssl_rsa_512.pem +./keyconvert.py test/openssh_rsa_1024.pub testout/openssl_rsa_1024.pem +./keyconvert.py test/openssh_rsa_2048.pub testout/openssl_rsa_2048.pem # dsa keys -./keyconvert test/openssh_dsa_512.pub testout/openssl_dsa_512.pem -./keyconvert test/openssh_dsa_1024.pub testout/openssl_dsa_1024.pem -./keyconvert test/openssh_dsa_2048.pub testout/openssl_dsa_2048.pem +./keyconvert.py test/openssh_dsa_512.pub testout/openssl_dsa_512.pem +./keyconvert.py test/openssh_dsa_1024.pub testout/openssl_dsa_1024.pem +./keyconvert.py test/openssh_dsa_2048.pub testout/openssl_dsa_2048.pem # make a test file to encrypt echo "this is a test to see if the key conversion routines work" > test.txt diff --git a/setup.py b/setup.py index 2f3cd7cb..7a858a84 100755 --- a/setup.py +++ b/setup.py @@ -30,6 +30,7 @@ bins = [ 'sfa/client/sfiAddAttribute.py', 'sfa/client/sfiDeleteAttribute.py', 'sfatables/sfatables', + 'keyconvert/keyconvert.py' ] package_dirs = [ diff --git a/sfa.spec b/sfa.spec index cf1c7ed5..ce02d512 100644 --- a/sfa.spec +++ b/sfa.spec @@ -114,7 +114,7 @@ rm -rf $RPM_BUILD_ROOT %{_bindir}/sfa-server.py* /etc/sfatables/* %{python_sitelib}/* -/usr/bin/keyconvert +%{_bindir}/keyconvert.py /var/www/html/wsdl/*.wsdl %files cm diff --git a/sfa/trust/certificate.py b/sfa/trust/certificate.py index 9fd58ed3..12a60e11 100644 --- a/sfa/trust/certificate.py +++ b/sfa/trust/certificate.py @@ -28,7 +28,7 @@ from sfa.util.namespace import urn_to_hrn from sfa.util.faults import * def convert_public_key(key): - keyconvert_path = "/usr/bin/keyconvert" + keyconvert_path = "/usr/bin/keyconvert.py" if not os.path.isfile(keyconvert_path): raise IOError, "Could not find keyconvert in %s" % keyconvert_path -- 2.43.0