summaryrefslogtreecommitdiff
path: root/ssh-rsa.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2013-06-02 07:31:17 +1000
committerDarren Tucker <dtucker@zip.com.au>2013-06-02 07:31:17 +1000
commita627d42e51ffa71e014d7b2d2c07118122fd3ec3 (patch)
tree7bda769de81f509e28d800916fa20abd37906d79 /ssh-rsa.c
parentc7aad0058c957afeb26a3f703e8cb0eddeb62365 (diff)
- djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
Diffstat (limited to 'ssh-rsa.c')
-rw-r--r--ssh-rsa.c23
1 files changed, 11 insertions, 12 deletions
diff --git a/ssh-rsa.c b/ssh-rsa.c
index c6355fa09..30f96abc2 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-rsa.c,v 1.45 2010/08/31 09:58:37 djm Exp $ */ 1/* $OpenBSD: ssh-rsa.c,v 1.46 2013/05/17 00:13:14 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> 3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
4 * 4 *
@@ -72,7 +72,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
72 72
73 error("ssh_rsa_sign: RSA_sign failed: %s", 73 error("ssh_rsa_sign: RSA_sign failed: %s",
74 ERR_error_string(ecode, NULL)); 74 ERR_error_string(ecode, NULL));
75 xfree(sig); 75 free(sig);
76 return -1; 76 return -1;
77 } 77 }
78 if (len < slen) { 78 if (len < slen) {
@@ -82,7 +82,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
82 memset(sig, 0, diff); 82 memset(sig, 0, diff);
83 } else if (len > slen) { 83 } else if (len > slen) {
84 error("ssh_rsa_sign: slen %u slen2 %u", slen, len); 84 error("ssh_rsa_sign: slen %u slen2 %u", slen, len);
85 xfree(sig); 85 free(sig);
86 return -1; 86 return -1;
87 } 87 }
88 /* encode signature */ 88 /* encode signature */
@@ -98,7 +98,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
98 } 98 }
99 buffer_free(&b); 99 buffer_free(&b);
100 memset(sig, 's', slen); 100 memset(sig, 's', slen);
101 xfree(sig); 101 free(sig);
102 102
103 return 0; 103 return 0;
104} 104}
@@ -131,23 +131,23 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
131 if (strcmp("ssh-rsa", ktype) != 0) { 131 if (strcmp("ssh-rsa", ktype) != 0) {
132 error("ssh_rsa_verify: cannot handle type %s", ktype); 132 error("ssh_rsa_verify: cannot handle type %s", ktype);
133 buffer_free(&b); 133 buffer_free(&b);
134 xfree(ktype); 134 free(ktype);
135 return -1; 135 return -1;
136 } 136 }
137 xfree(ktype); 137 free(ktype);
138 sigblob = buffer_get_string(&b, &len); 138 sigblob = buffer_get_string(&b, &len);
139 rlen = buffer_len(&b); 139 rlen = buffer_len(&b);
140 buffer_free(&b); 140 buffer_free(&b);
141 if (rlen != 0) { 141 if (rlen != 0) {
142 error("ssh_rsa_verify: remaining bytes in signature %d", rlen); 142 error("ssh_rsa_verify: remaining bytes in signature %d", rlen);
143 xfree(sigblob); 143 free(sigblob);
144 return -1; 144 return -1;
145 } 145 }
146 /* RSA_verify expects a signature of RSA_size */ 146 /* RSA_verify expects a signature of RSA_size */
147 modlen = RSA_size(key->rsa); 147 modlen = RSA_size(key->rsa);
148 if (len > modlen) { 148 if (len > modlen) {
149 error("ssh_rsa_verify: len %u > modlen %u", len, modlen); 149 error("ssh_rsa_verify: len %u > modlen %u", len, modlen);
150 xfree(sigblob); 150 free(sigblob);
151 return -1; 151 return -1;
152 } else if (len < modlen) { 152 } else if (len < modlen) {
153 u_int diff = modlen - len; 153 u_int diff = modlen - len;
@@ -161,7 +161,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
161 nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; 161 nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
162 if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { 162 if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
163 error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); 163 error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
164 xfree(sigblob); 164 free(sigblob);
165 return -1; 165 return -1;
166 } 166 }
167 EVP_DigestInit(&md, evp_md); 167 EVP_DigestInit(&md, evp_md);
@@ -171,7 +171,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
171 ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa); 171 ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa);
172 memset(digest, 'd', sizeof(digest)); 172 memset(digest, 'd', sizeof(digest));
173 memset(sigblob, 's', len); 173 memset(sigblob, 's', len);
174 xfree(sigblob); 174 free(sigblob);
175 debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : ""); 175 debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
176 return ret; 176 return ret;
177} 177}
@@ -262,7 +262,6 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen,
262 } 262 }
263 ret = 1; 263 ret = 1;
264done: 264done:
265 if (decrypted) 265 free(decrypted);
266 xfree(decrypted);
267 return ret; 266 return ret;
268} 267}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-18 11:57:30 +0000