diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-01-21 02:01:03 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-01-21 13:06:58 +1100 |
commit | ce46c3a077dfb4c531ccffcfff03f37775725b75 (patch) | |
tree | 1e60c855a0a0a071d7b5ed858230f27410b7dd3d | |
parent | 0a5f2ea35626022299ece3c8817a1abe8cf37b3e (diff) |
upstream: get the ex_data (pkcs11_key object) back from the keys at
the index at which it was inserted, rather than assuming index 0
OpenBSD-Commit-ID: 1f3a6ce0346c8014e895e50423bef16401510aa8
-rw-r--r-- | ssh-pkcs11.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index c4afac994..c4fe60948 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-pkcs11.c,v 1.37 2019/01/21 00:47:34 djm Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11.c,v 1.38 2019/01/21 02:01:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2014 Pedro Martelletto. All rights reserved. | 4 | * Copyright (c) 2014 Pedro Martelletto. All rights reserved. |
@@ -187,6 +187,11 @@ pkcs11_del_provider(char *provider_id) | |||
187 | return (-1); | 187 | return (-1); |
188 | } | 188 | } |
189 | 189 | ||
190 | static RSA_METHOD *rsa_method; | ||
191 | static int rsa_idx = 0; | ||
192 | static EC_KEY_METHOD *ec_key_method; | ||
193 | static int ec_key_idx = 0; | ||
194 | |||
190 | /* release a wrapped object */ | 195 | /* release a wrapped object */ |
191 | static void | 196 | static void |
192 | pkcs11_k11_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, | 197 | pkcs11_k11_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, |
@@ -328,7 +333,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | |||
328 | CK_RV rv; | 333 | CK_RV rv; |
329 | int rval = -1; | 334 | int rval = -1; |
330 | 335 | ||
331 | if ((k11 = RSA_get_ex_data(rsa, 0)) == NULL) { | 336 | if ((k11 = RSA_get_ex_data(rsa, rsa_idx)) == NULL) { |
332 | error("RSA_get_ex_data failed for rsa %p", rsa); | 337 | error("RSA_get_ex_data failed for rsa %p", rsa); |
333 | return (-1); | 338 | return (-1); |
334 | } | 339 | } |
@@ -359,9 +364,6 @@ pkcs11_rsa_private_decrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | |||
359 | return (-1); | 364 | return (-1); |
360 | } | 365 | } |
361 | 366 | ||
362 | static RSA_METHOD *rsa_method; | ||
363 | static int rsa_idx = 0; | ||
364 | |||
365 | static int | 367 | static int |
366 | pkcs11_rsa_start_wrapper(void) | 368 | pkcs11_rsa_start_wrapper(void) |
367 | { | 369 | { |
@@ -424,7 +426,7 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, | |||
424 | u_char *sig; | 426 | u_char *sig; |
425 | BIGNUM *r = NULL, *s = NULL; | 427 | BIGNUM *r = NULL, *s = NULL; |
426 | 428 | ||
427 | if ((k11 = EC_KEY_get_ex_data(ec, 0)) == NULL) { | 429 | if ((k11 = EC_KEY_get_ex_data(ec, ec_key_idx)) == NULL) { |
428 | ossl_error("EC_KEY_get_key_method_data failed for ec"); | 430 | ossl_error("EC_KEY_get_key_method_data failed for ec"); |
429 | return (NULL); | 431 | return (NULL); |
430 | } | 432 | } |
@@ -478,9 +480,6 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, | |||
478 | return (ret); | 480 | return (ret); |
479 | } | 481 | } |
480 | 482 | ||
481 | static EC_KEY_METHOD *ec_key_method; | ||
482 | static int ec_key_idx = 0; | ||
483 | |||
484 | static int | 483 | static int |
485 | pkcs11_ecdsa_start_wrapper(void) | 484 | pkcs11_ecdsa_start_wrapper(void) |
486 | { | 485 | { |