server session CHANGE support for PKCS#8 keys

michalvasko · michalvasko · commit 68177b7f3d78 · 2020-04-27T15:46:53.000+02:00
Refs #224
diff --git a/src/session_server.h b/src/session_server.h
@@ -581,7 +581,8 @@ void nc_server_ssh_set_interactive_auth_clb(int (*interactive_auth_clb)(const st
  *                        to be set. The one set will be freed.
  *                        - \p privkey_path expects a PEM file,
  *                        - \p privkey_data expects a base-64 encoded ANS.1 DER data,
- *                        - \p privkey_type type of the key in \p privkey_data.
+ *                        - \p privkey_type type of the key in \p privkey_data. Use ::NC_SSH_KEY_UNKNOWN for
+ *                          PKCS#8 key that includes the information about the key in its data.
  * @param[in] user_data Optional arbitrary user data that will be passed to \p hostkey_clb.
  * @param[in] free_user_data Optional callback that will be called during cleanup to free any \p user_data.
  */
diff --git a/src/session_server_ssh.c b/src/session_server_ssh.c
@@ -69,18 +69,30 @@ base64der_key_to_tmp_file(const char *in, const char *key_str)
     }
 
     /* write the key into the file */
-    written = fwrite("-----BEGIN ", 1, 11, file);
-    written += fwrite(key_str, 1, strlen(key_str), file);
-    written += fwrite(" PRIVATE KEY-----\n", 1, 18, file);
-    written += fwrite(in, 1, strlen(in), file);
-    written += fwrite("\n-----END ", 1, 10, file);
-    written += fwrite(key_str, 1, strlen(key_str), file);
-    written += fwrite(" PRIVATE KEY-----", 1, 17, file);
-
-    fclose(file);
-    if ((unsigned)written != 11 + strlen(key_str) + 18 + strlen(in) + 10 + strlen(key_str) + 17) {
-        unlink(path);
-        return NULL;
+    if (key_str) {
+        written = fwrite("-----BEGIN ", 1, 11, file);
+        written += fwrite(key_str, 1, strlen(key_str), file);
+        written += fwrite(" PRIVATE KEY-----\n", 1, 18, file);
+        written += fwrite(in, 1, strlen(in), file);
+        written += fwrite("\n-----END ", 1, 10, file);
+        written += fwrite(key_str, 1, strlen(key_str), file);
+        written += fwrite(" PRIVATE KEY-----", 1, 17, file);
+
+        fclose(file);
+        if ((unsigned)written != 11 + strlen(key_str) + 18 + strlen(in) + 10 + strlen(key_str) + 17) {
+            unlink(path);
+            return NULL;
+        }
+    } else {
+        written = fwrite("-----BEGIN PRIVATE KEY-----\n", 1, 28, file);
+        written += fwrite(in, 1, strlen(in), file);
+        written += fwrite("\n-----END PRIVATE KEY-----", 1, 26, file);
+
+        fclose(file);
+        if ((unsigned)written != 28 + strlen(in) + 26) {
+            unlink(path);
+            return NULL;
+        }
     }
 
     return strdup(path);
