removed keyblobtoid.c from libfreeswan

src/libfreeswan/Makefile.am

@@ -2,7 +2,7 @@ noinst_LIBRARIES = libfreeswan.a
 libfreeswan_a_SOURCES = addrtoa.c addrtot.c addrtypeof.c anyaddr.c atoaddr.c atoasr.c \
 			atosubnet.c atoul.c copyright.c datatot.c freeswan.h \
 			goodmask.c initaddr.c initsaid.c initsubnet.c internal.h ipsec_param.h \
-			keyblobtoid.c pfkey_v2_build.c pfkey_v2_debug.c \
+			pfkey_v2_build.c pfkey_v2_debug.c \
 			pfkey_v2_ext_bits.c pfkey_v2_parse.c portof.c rangetoa.c \
 			pfkey.h pfkeyv2.h rangetosubnet.c sameaddr.c \
 			satot.c subnetof.c subnettoa.c subnettot.c \
@@ -15,6 +15,6 @@ INCLUDES = \
 -I$(top_srcdir)/src/pluto
 
 dist_man3_MANS = anyaddr.3 atoaddr.3 atoasr.3 atoul.3 goodmask.3 initaddr.3 initsubnet.3 \
-                 keyblobtoid.3 portof.3 rangetosubnet.3 sameaddr.3 subnetof.3 \
+                 portof.3 rangetosubnet.3 sameaddr.3 subnetof.3 \
                  ttoaddr.3 ttodata.3 ttosa.3 ttoul.3
 

src/libfreeswan/freeswan.h

@@ -158,11 +158,6 @@ err_t ttodatav(const char *src, size_t srclen, int base,
 
 size_t datatot(const char *src, size_t srclen, int format, char *buf,
 								size_t buflen);
-size_t keyblobtoid(const unsigned char *src, size_t srclen, char *dst,
-								size_t dstlen);
-size_t splitkeytoid(const unsigned char *e, size_t elen, const unsigned char *m,
-					size_t mlen, char *dst, size_t dstlen);
-#define	KEYID_BUF		10	/* up to 9 text digits plus NUL */
 err_t ttoprotoport(char *src, size_t src_len, u_int8_t *proto, u_int16_t *port,
 							bool *has_port_wildcard);
 

src/libfreeswan/keyblobtoid.3

@@ -1,102 +0,0 @@
-.TH IPSEC_KEYBLOBTOID 3 "25 March 2002"
-.SH NAME
-ipsec keyblobtoid, splitkeytoid \- generate key IDs from RSA keys
-.SH SYNOPSIS
-.B "#include <freeswan.h>
-.sp
-.B "size_t keyblobtoid(const unsigned char *blob,"
-.ti +1c
-.B "size_t bloblen, char *dst, size_t dstlen);"
-.br
-.B "size_t splitkeytoid(const unsigned char *e, size_t elen,"
-.ti +1c
-.B "const unsigned char *m, size_t mlen, char *dst,
-.ti +1c
-.B "size_t dstlen);"
-.SH DESCRIPTION
-.I Keyblobtoid
-and
-.I splitkeytoid
-generate
-key IDs
-from RSA keys,
-for use in messages and reporting,
-writing the result to
-.IR dst .
-A
-.I key ID
-is a short ASCII string identifying a key;
-currently it is just the first nine characters of the base64
-encoding of the RFC 2537/3110 ``byte blob'' representation of the key.
-(Beware that no finite key ID can be collision-proof:
-there is always some small chance of two random keys having the
-same ID.)
-.PP
-.I Keyblobtoid
-generates a key ID from a key which is already in the form of an
-RFC 2537/3110 binary key
-.I blob
-(encoded exponent length, exponent, modulus).
-.PP
-.I Splitkeytoid
-generates a key ID from a key given in the form of a separate
-(binary) exponent
-.I e
-and modulus
-.IR m .
-.PP
-The
-.I dstlen
-parameter of either
-specifies the size of the
-.I dst
-parameter;
-under no circumstances are more than
-.I dstlen
-bytes written to
-.IR dst .
-A result which will not fit is truncated.
-.I Dstlen
-can be zero, in which case
-.I dst
-need not be valid and no result is written,
-but the return value is unaffected;
-in all other cases, the (possibly truncated) result is NUL-terminated.
-The
-.I freeswan.h
-header file defines a constant
-.B KEYID_BUF
-which is the size of a buffer large enough for worst-case results.
-.PP
-Both functions return
-.B 0
-for a failure, and otherwise
-always return the size of buffer which would 
-be needed to
-accommodate the full conversion result, including terminating NUL;
-it is the caller's responsibility to check this against the size of
-the provided buffer to determine whether truncation has occurred.
-.P
-With keys generated by
-.IR ipsec_rsasigkey (3),
-the first two base64 digits are always the same,
-and the third carries only about one bit of information.
-It's worse with keys using longer fixed exponents,
-e.g. the 24-bit exponent that's common in X.509 certificates.
-However, being able to relate key IDs to the full
-base64 text form of keys by eye is sufficiently useful that this
-waste of space seems justifiable.
-The choice of nine digits is a compromise between bulk and
-probability of collision.
-.SH SEE ALSO
-RFC 3110,
-\fIRSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS)\fR,
-Eastlake, 2001
-(superseding the older but better-known RFC 2537).
-.SH DIAGNOSTICS
-Fatal errors are:
-key too short to supply enough bits to construct a complete key ID
-(almost certainly indicating a garbage key);
-exponent too long for its length to be representable.
-.SH HISTORY
-Written for the FreeS/WAN project by Henry Spencer.

src/libfreeswan/keyblobtoid.c

@@ -1,146 +0,0 @@
-/*
- * generate printable key IDs
- * Copyright (C) 2002  Henry Spencer.
- *
- * This library is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Library General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/lgpl.txt>.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Library General Public
- * License for more details.
- */
-#include "internal.h"
-#include "freeswan.h"
-
-/*
- - keyblobtoid - generate a printable key ID from an RFC 2537/3110 key blob
- * Current algorithm is just to use first nine base64 digits.
- */
-size_t
-keyblobtoid(src, srclen, dst, dstlen)
-const unsigned char *src;
-size_t srclen;
-char *dst;			/* need not be valid if dstlen is 0 */
-size_t dstlen;
-{
-	char buf[KEYID_BUF];
-	size_t ret;
-#	define	NDIG	9
-
-	if (srclen < (NDIG*6 + 7)/8) {
-		strcpy(buf, "?len= ?");
-		buf[5] = '0' + srclen;
-		ret = 0;
-	} else {
-		(void) datatot(src, srclen, 64, buf, NDIG+1);
-		ret = NDIG+1;
-	}
-
-	if (dstlen > 0) {
-		if (strlen(buf)+1 > dstlen)
-			*(buf + dstlen - 1) = '\0';
-		strcpy(dst, buf);
-	}
-	return ret;
-}
-
-/*
- - splitkeytoid - generate a printable key ID from exponent/modulus pair
- * Just constructs the beginnings of a key blob and calls keyblobtoid().
- */
-size_t
-splitkeytoid(e, elen, m, mlen, dst, dstlen)
-const unsigned char *e;
-size_t elen;
-const unsigned char *m;
-size_t mlen;
-char *dst;			/* need not be valid if dstlen is 0 */
-size_t dstlen;
-{
-	unsigned char buf[KEYID_BUF];	/* ample room */
-	unsigned char *bufend = buf + sizeof(buf);
-	unsigned char *p;
-	size_t n;
-
-	p = buf;
-	if (elen <= 255)
-		*p++ = elen;
-	else if ((elen &~ 0xffff) == 0) {
-		*p++ = 0;
-		*p++ = (elen>>8) & 0xff;
-		*p++ = elen & 0xff;
-	} else
-		return 0;	/* unrepresentable exponent length */
-
-	n = bufend - p;
-	if (elen < n)
-		n = elen;
-	memcpy(p, e, n);
-	p += n;
-
-	n = bufend - p;
-	if (n > 0) {
-		if (mlen < n)
-			n = mlen;
-		memcpy(p, m, n);
-		p += n;
-	}
-
-	return keyblobtoid(buf, p - buf, dst, dstlen);
-}
-
-
-
-#ifdef KEYBLOBTOID_MAIN
-
-#include <stdio.h>
-
-void regress();
-
-int
-main(argc, argv)
-int argc;
-char *argv[];
-{
-	typedef unsigned char uc;
-	uc hexblob[] = "\x01\x03\x85\xf2\xd6\x76\x9b\x03\x59\xb6\x21\x52";
-	uc hexe[] = "\x03";
-	uc hexm[] = "\x85\xf2\xd6\x76\x9b\x03\x59\xb6\x21\x52\xef\x85";
-	char b64nine[] = "AQOF8tZ2m";
-	char b64six[] = "AQOF8t";
-	char buf[100];
-	size_t n;
-	char *b = b64nine;
-	size_t bl = strlen(b) + 1;
-	int st = 0;
-
-	n = keyblobtoid(hexblob, strlen(hexblob), buf, sizeof(buf));
-	if (n != bl) {
-		fprintf(stderr, "%s: keyblobtoid returned %d not %d\n",
-							argv[0], n, bl);
-		st = 1;
-	}
-	if (strcmp(buf, b) != 0) {
-		fprintf(stderr, "%s: keyblobtoid generated `%s' not `%s'\n",
-							argv[0], buf, b);
-		st = 1;
-	}
-	n = splitkeytoid(hexe, strlen(hexe), hexm, strlen(hexm), buf,
-								sizeof(buf));
-	if (n != bl) {
-		fprintf(stderr, "%s: splitkeytoid returned %d not %d\n",
-							argv[0], n, bl);
-		st = 1;
-	}
-	if (strcmp(buf, b) != 0) {
-		fprintf(stderr, "%s: splitkeytoid generated `%s' not `%s'\n",
-							argv[0], buf, b);
-		st = 1;
-	}
-	exit(st);
-}
-
-#endif /* KEYBLOBTOID_MAIN */