commit 51a1e1939d1452e9b8181a3dd7ba7544c8402cdc
author roman <xjanot04@fit.vutbr.cz> Thu Sep 14 10:13:45 2023 +0200
committer Michal Vasko <mvasko@cesnet.cz> Fri Nov 03 15:03:11 2023 +0100
tree 4075cb5329754d8726cc8a2ab524c8c3ee07a963
parent eadc478c9c2a1bdbb6daf66d5169bfdc7ec92822

session server UPDATE move and rename PK fmt check

src/session.c

diff --git a/src/session.c b/src/session.c
index ad96fc5..78cec17 100644
--- a/src/session.c
+++ b/src/session.c
@@ -39,6 +39,8 @@
 #include <openssl/bio.h>
 #include <openssl/conf.h>
 #include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
 
 #endif /* NC_ENABLED_SSH_TLS */
 
@@ -183,6 +185,41 @@
     return size;
 }
 
+int
+nc_is_pk_subject_public_key_info(const char *b64)
+{
+    int ret = 0;
+    long len;
+    char *bin = NULL, *tmp;
+    EVP_PKEY *pkey = NULL;
+
+    /* base64 2 binary */
+    len = nc_base64_to_bin(b64, &bin);
+    if (len == -1) {
+        ERR(NULL, "Decoding base64 public key to binary failed.");
+        ret = -1;
+        goto cleanup;
+    }
+
+    /* for deallocation later */
+    tmp = bin;
+
+    /* try to create EVP_PKEY from the supposed SubjectPublicKeyInfo binary data */
+    pkey = d2i_PUBKEY(NULL, (const unsigned char **)&tmp, len);
+    if (pkey) {
+        /* success, it's most likely SubjectPublicKeyInfo pubkey */
+        ret = 1;
+    } else {
+        /* fail, it's most likely not SubjectPublicKeyInfo pubkey */
+        ret = 0;
+    }
+
+cleanup:
+    EVP_PKEY_free(pkey);
+    free(bin);
+    return ret;
+}
+
 #endif /* NC_ENABLED_SSH_TLS */
 
 int