summaryrefslogtreecommitdiff
path: root/key.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2004-11-05 20:42:28 +1100
committerDarren Tucker <dtucker@zip.com.au>2004-11-05 20:42:28 +1100
commit08d04faf2457e80b65b798f46bc71ac5a81b6d27 (patch)
treea73dd64080e378a6471ae4ebed74d41f69553807 /key.c
parent50dbe8314b1796d05e12c1a8a9b9c8b3242d8c5a (diff)
- djm@cvs.openbsd.org 2004/10/29 23:57:05
[key.c] use new buffer API to avoid fatal errors on corrupt keys in authorized_keys files; ok markus@
Diffstat (limited to 'key.c')
-rw-r--r--key.c38
1 files changed, 27 insertions, 11 deletions
diff --git a/key.c b/key.c
index 21b0869df..e41930464 100644
--- a/key.c
+++ b/key.c
@@ -32,7 +32,7 @@
32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 */ 33 */
34#include "includes.h" 34#include "includes.h"
35RCSID("$OpenBSD: key.c,v 1.56 2004/07/28 09:40:29 markus Exp $"); 35RCSID("$OpenBSD: key.c,v 1.57 2004/10/29 23:57:05 djm Exp $");
36 36
37#include <openssl/evp.h> 37#include <openssl/evp.h>
38 38
@@ -681,8 +681,8 @@ Key *
681key_from_blob(const u_char *blob, u_int blen) 681key_from_blob(const u_char *blob, u_int blen)
682{ 682{
683 Buffer b; 683 Buffer b;
684 char *ktype;
685 int rlen, type; 684 int rlen, type;
685 char *ktype = NULL;
686 Key *key = NULL; 686 Key *key = NULL;
687 687
688#ifdef DEBUG_PK 688#ifdef DEBUG_PK
@@ -690,24 +690,38 @@ key_from_blob(const u_char *blob, u_int blen)
690#endif 690#endif
691 buffer_init(&b); 691 buffer_init(&b);
692 buffer_append(&b, blob, blen); 692 buffer_append(&b, blob, blen);
693 ktype = buffer_get_string(&b, NULL); 693 if ((ktype = buffer_get_string_ret(&b, NULL)) == NULL) {
694 error("key_from_blob: can't read key type");
695 goto out;
696 }
697
694 type = key_type_from_name(ktype); 698 type = key_type_from_name(ktype);
695 699
696 switch (type) { 700 switch (type) {
697 case KEY_RSA: 701 case KEY_RSA:
698 key = key_new(type); 702 key = key_new(type);
699 buffer_get_bignum2(&b, key->rsa->e); 703 if (buffer_get_bignum2_ret(&b, key->rsa->e) == -1 ||
700 buffer_get_bignum2(&b, key->rsa->n); 704 buffer_get_bignum2_ret(&b, key->rsa->n) == -1) {
705 error("key_from_blob: can't read rsa key");
706 key_free(key);
707 key = NULL;
708 goto out;
709 }
701#ifdef DEBUG_PK 710#ifdef DEBUG_PK
702 RSA_print_fp(stderr, key->rsa, 8); 711 RSA_print_fp(stderr, key->rsa, 8);
703#endif 712#endif
704 break; 713 break;
705 case KEY_DSA: 714 case KEY_DSA:
706 key = key_new(type); 715 key = key_new(type);
707 buffer_get_bignum2(&b, key->dsa->p); 716 if (buffer_get_bignum2_ret(&b, key->dsa->p) == -1 ||
708 buffer_get_bignum2(&b, key->dsa->q); 717 buffer_get_bignum2_ret(&b, key->dsa->q) == -1 ||
709 buffer_get_bignum2(&b, key->dsa->g); 718 buffer_get_bignum2_ret(&b, key->dsa->g) == -1 ||
710 buffer_get_bignum2(&b, key->dsa->pub_key); 719 buffer_get_bignum2_ret(&b, key->dsa->pub_key) == -1) {
720 error("key_from_blob: can't read dsa key");
721 key_free(key);
722 key = NULL;
723 goto out;
724 }
711#ifdef DEBUG_PK 725#ifdef DEBUG_PK
712 DSA_print_fp(stderr, key->dsa, 8); 726 DSA_print_fp(stderr, key->dsa, 8);
713#endif 727#endif
@@ -717,12 +731,14 @@ key_from_blob(const u_char *blob, u_int blen)
717 break; 731 break;
718 default: 732 default:
719 error("key_from_blob: cannot handle type %s", ktype); 733 error("key_from_blob: cannot handle type %s", ktype);
720 break; 734 goto out;
721 } 735 }
722 rlen = buffer_len(&b); 736 rlen = buffer_len(&b);
723 if (key != NULL && rlen != 0) 737 if (key != NULL && rlen != 0)
724 error("key_from_blob: remaining bytes in key blob %d", rlen); 738 error("key_from_blob: remaining bytes in key blob %d", rlen);
725 xfree(ktype); 739 out:
740 if (ktype != NULL)
741 xfree(ktype);
726 buffer_free(&b); 742 buffer_free(&b);
727 return key; 743 return key;
728} 744}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 12:41:02 +0000