diff options
author | Colin Watson <cjwatson@debian.org> | 2013-09-14 15:43:03 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2013-09-14 15:43:03 +0100 |
commit | 8faf8c84430cf3c19705b1d9f8889d256e7fd1fd (patch) | |
tree | e6cb74192adb00fda5e4d1457547851d7e0d86af /ssh-rsa.c | |
parent | 328b60656f29db6306994d7498dede386ec2d1c3 (diff) | |
parent | c41345ad7ee5a22689e2c009595e85fa27b4b39a (diff) |
merge 6.3p1
Diffstat (limited to 'ssh-rsa.c')
-rw-r--r-- | ssh-rsa.c | 23 |
1 files changed, 11 insertions, 12 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-rsa.c,v 1.45 2010/08/31 09:58:37 djm Exp $ */ | 1 | /* $OpenBSD: ssh-rsa.c,v 1.46 2013/05/17 00:13:14 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> |
4 | * | 4 | * |
@@ -72,7 +72,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
72 | 72 | ||
73 | error("ssh_rsa_sign: RSA_sign failed: %s", | 73 | error("ssh_rsa_sign: RSA_sign failed: %s", |
74 | ERR_error_string(ecode, NULL)); | 74 | ERR_error_string(ecode, NULL)); |
75 | xfree(sig); | 75 | free(sig); |
76 | return -1; | 76 | return -1; |
77 | } | 77 | } |
78 | if (len < slen) { | 78 | if (len < slen) { |
@@ -82,7 +82,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
82 | memset(sig, 0, diff); | 82 | memset(sig, 0, diff); |
83 | } else if (len > slen) { | 83 | } else if (len > slen) { |
84 | error("ssh_rsa_sign: slen %u slen2 %u", slen, len); | 84 | error("ssh_rsa_sign: slen %u slen2 %u", slen, len); |
85 | xfree(sig); | 85 | free(sig); |
86 | return -1; | 86 | return -1; |
87 | } | 87 | } |
88 | /* encode signature */ | 88 | /* encode signature */ |
@@ -98,7 +98,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
98 | } | 98 | } |
99 | buffer_free(&b); | 99 | buffer_free(&b); |
100 | memset(sig, 's', slen); | 100 | memset(sig, 's', slen); |
101 | xfree(sig); | 101 | free(sig); |
102 | 102 | ||
103 | return 0; | 103 | return 0; |
104 | } | 104 | } |
@@ -131,23 +131,23 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
131 | if (strcmp("ssh-rsa", ktype) != 0) { | 131 | if (strcmp("ssh-rsa", ktype) != 0) { |
132 | error("ssh_rsa_verify: cannot handle type %s", ktype); | 132 | error("ssh_rsa_verify: cannot handle type %s", ktype); |
133 | buffer_free(&b); | 133 | buffer_free(&b); |
134 | xfree(ktype); | 134 | free(ktype); |
135 | return -1; | 135 | return -1; |
136 | } | 136 | } |
137 | xfree(ktype); | 137 | free(ktype); |
138 | sigblob = buffer_get_string(&b, &len); | 138 | sigblob = buffer_get_string(&b, &len); |
139 | rlen = buffer_len(&b); | 139 | rlen = buffer_len(&b); |
140 | buffer_free(&b); | 140 | buffer_free(&b); |
141 | if (rlen != 0) { | 141 | if (rlen != 0) { |
142 | error("ssh_rsa_verify: remaining bytes in signature %d", rlen); | 142 | error("ssh_rsa_verify: remaining bytes in signature %d", rlen); |
143 | xfree(sigblob); | 143 | free(sigblob); |
144 | return -1; | 144 | return -1; |
145 | } | 145 | } |
146 | /* RSA_verify expects a signature of RSA_size */ | 146 | /* RSA_verify expects a signature of RSA_size */ |
147 | modlen = RSA_size(key->rsa); | 147 | modlen = RSA_size(key->rsa); |
148 | if (len > modlen) { | 148 | if (len > modlen) { |
149 | error("ssh_rsa_verify: len %u > modlen %u", len, modlen); | 149 | error("ssh_rsa_verify: len %u > modlen %u", len, modlen); |
150 | xfree(sigblob); | 150 | free(sigblob); |
151 | return -1; | 151 | return -1; |
152 | } else if (len < modlen) { | 152 | } else if (len < modlen) { |
153 | u_int diff = modlen - len; | 153 | u_int diff = modlen - len; |
@@ -161,7 +161,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
161 | nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; | 161 | nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; |
162 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { | 162 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
163 | error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); | 163 | error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); |
164 | xfree(sigblob); | 164 | free(sigblob); |
165 | return -1; | 165 | return -1; |
166 | } | 166 | } |
167 | EVP_DigestInit(&md, evp_md); | 167 | EVP_DigestInit(&md, evp_md); |
@@ -171,7 +171,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
171 | ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa); | 171 | ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa); |
172 | memset(digest, 'd', sizeof(digest)); | 172 | memset(digest, 'd', sizeof(digest)); |
173 | memset(sigblob, 's', len); | 173 | memset(sigblob, 's', len); |
174 | xfree(sigblob); | 174 | free(sigblob); |
175 | debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : ""); | 175 | debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : ""); |
176 | return ret; | 176 | return ret; |
177 | } | 177 | } |
@@ -262,7 +262,6 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen, | |||
262 | } | 262 | } |
263 | ret = 1; | 263 | ret = 1; |
264 | done: | 264 | done: |
265 | if (decrypted) | 265 | free(decrypted); |
266 | xfree(decrypted); | ||
267 | return ret; | 266 | return ret; |
268 | } | 267 | } |