This patch removes an #if 0 set of code. And it removes a passphrase
check which cannot happen.
E
--
Erik Hovland
mail: erik AT hovland DOT org
web: http://hovland.org/
PGP/GPG public key available on request
#
# old_revision [4c32ad8064e93b83c6d635d193b34d5f9112d1ae]
#
# patch "keyimport.c"
# from [4d6aa56819151b18d6828b1a9b1db0b9864e40b3]
# to [4052ebe94ea2b063028c4cd9f437cbd5180a9e54]
#
============================================================
--- keyimport.c 4d6aa56819151b18d6828b1a9b1db0b9864e40b3
+++ keyimport.c 4052ebe94ea2b063028c4cd9f437cbd5180a9e54
@@ -926,40 +926,6 @@
if (passphrase) {
fprintf(stderr, "Encrypted keys aren't supported currently\n");
goto error;
-#if 0
- /*
- * Invent an iv. Then derive encryption key from passphrase
- * and iv/salt:
- *
- * - let block A equal MD5(passphrase || iv)
- * - let block B equal MD5(A || passphrase || iv)
- * - block C would be MD5(B || passphrase || iv) and so on
- * - encryption key is the first N bytes of A || B
- */
- struct MD5Context md5c;
- unsigned char keybuf[32];
-
- for (i = 0; i < 8; i++) iv[i] = random_byte();
-
- MD5Init(&md5c);
- MD5Update(&md5c, (unsigned char *)passphrase,
strlen(passphrase));
- MD5Update(&md5c, iv, 8);
- MD5Final(keybuf, &md5c);
-
- MD5Init(&md5c);
- MD5Update(&md5c, keybuf, 16);
- MD5Update(&md5c, (unsigned char *)passphrase,
strlen(passphrase));
- MD5Update(&md5c, iv, 8);
- MD5Final(keybuf+16, &md5c);
-
- /*
- * Now encrypt the key blob.
- */
- des3_encrypt_pubkey_ossh(keybuf, iv, outblob, outlen);
-
- memset(&md5c, 0, sizeof(md5c));
- memset(keybuf, 0, sizeof(keybuf));
-#endif
}
/*
@@ -976,12 +942,6 @@
goto error;
}
fputs(header, fp);
- if (passphrase) {
- fprintf(fp, "Proc-Type: 4,ENCRYPTED\nDEK-Info: DES-EDE3-CBC,");
- for (i = 0; i < 8; i++)
- fprintf(fp, "%02X", iv[i]);
- fprintf(fp, "\n\n");
- }
base64_encode_fp(fp, outblob, outlen, 64);
fputs(footer, fp);
fclose(fp);
