diff options
Diffstat (limited to 'authfile.c')
-rw-r--r-- | authfile.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/authfile.c b/authfile.c index b1e3eda5c..7f98ab547 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfile.c,v 1.84 2010/09/08 03:54:36 djm Exp $ */ | 1 | /* $OpenBSD: authfile.c,v 1.85 2010/10/28 11:22:09 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -523,13 +523,9 @@ key_load_private_pem(int fd, int type, const char *passphrase, | |||
523 | prv = key_new(KEY_UNSPEC); | 523 | prv = key_new(KEY_UNSPEC); |
524 | prv->ecdsa = EVP_PKEY_get1_EC_KEY(pk); | 524 | prv->ecdsa = EVP_PKEY_get1_EC_KEY(pk); |
525 | prv->type = KEY_ECDSA; | 525 | prv->type = KEY_ECDSA; |
526 | prv->ecdsa_nid = key_ecdsa_group_to_nid( | 526 | if ((prv->ecdsa_nid = key_ecdsa_key_to_nid(prv->ecdsa)) == -1 || |
527 | EC_KEY_get0_group(prv->ecdsa)); | 527 | key_curve_nid_to_name(prv->ecdsa_nid) == NULL || |
528 | if (key_curve_nid_to_name(prv->ecdsa_nid) == NULL) { | 528 | key_ec_validate_public(EC_KEY_get0_group(prv->ecdsa), |
529 | key_free(prv); | ||
530 | prv = NULL; | ||
531 | } | ||
532 | if (key_ec_validate_public(EC_KEY_get0_group(prv->ecdsa), | ||
533 | EC_KEY_get0_public_key(prv->ecdsa)) != 0 || | 529 | EC_KEY_get0_public_key(prv->ecdsa)) != 0 || |
534 | key_ec_validate_private(prv->ecdsa) != 0) { | 530 | key_ec_validate_private(prv->ecdsa) != 0) { |
535 | error("%s: bad ECDSA key", __func__); | 531 | error("%s: bad ECDSA key", __func__); |
@@ -538,7 +534,7 @@ key_load_private_pem(int fd, int type, const char *passphrase, | |||
538 | } | 534 | } |
539 | name = "ecdsa w/o comment"; | 535 | name = "ecdsa w/o comment"; |
540 | #ifdef DEBUG_PK | 536 | #ifdef DEBUG_PK |
541 | if (prv->ecdsa != NULL) | 537 | if (prv != NULL && prv->ecdsa != NULL) |
542 | key_dump_ec_key(prv->ecdsa); | 538 | key_dump_ec_key(prv->ecdsa); |
543 | #endif | 539 | #endif |
544 | #endif /* OPENSSL_HAS_ECC */ | 540 | #endif /* OPENSSL_HAS_ECC */ |