summaryrefslogtreecommitdiff
path: root/key.c
diff options
context:
space:
mode:
Diffstat (limited to 'key.c')
-rw-r--r--key.c54
1 files changed, 24 insertions, 30 deletions
diff --git a/key.c b/key.c
index 08c158b59..93b2d41fe 100644
--- a/key.c
+++ b/key.c
@@ -1,3 +1,4 @@
1/* $OpenBSD: key.c,v 1.68 2006/11/06 21:25:28 markus Exp $ */
1/* 2/*
2 * read_bignum(): 3 * read_bignum():
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -31,17 +32,22 @@
31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 */ 34 */
35
34#include "includes.h" 36#include "includes.h"
35RCSID("$OpenBSD: key.c,v 1.58 2005/06/17 02:44:32 djm Exp $"); 37
38#include <sys/types.h>
36 39
37#include <openssl/evp.h> 40#include <openssl/evp.h>
38 41
42#include <stdarg.h>
43#include <stdio.h>
44#include <string.h>
45
39#include "xmalloc.h" 46#include "xmalloc.h"
40#include "key.h" 47#include "key.h"
41#include "rsa.h" 48#include "rsa.h"
42#include "uuencode.h" 49#include "uuencode.h"
43#include "buffer.h" 50#include "buffer.h"
44#include "bufaux.h"
45#include "log.h" 51#include "log.h"
46 52
47Key * 53Key *
@@ -50,9 +56,8 @@ key_new(int type)
50 Key *k; 56 Key *k;
51 RSA *rsa; 57 RSA *rsa;
52 DSA *dsa; 58 DSA *dsa;
53 k = xmalloc(sizeof(*k)); 59 k = xcalloc(1, sizeof(*k));
54 k->type = type; 60 k->type = type;
55 k->flags = 0;
56 k->dsa = NULL; 61 k->dsa = NULL;
57 k->rsa = NULL; 62 k->rsa = NULL;
58 switch (k->type) { 63 switch (k->type) {
@@ -123,6 +128,8 @@ key_new_private(int type)
123void 128void
124key_free(Key *k) 129key_free(Key *k)
125{ 130{
131 if (k == NULL)
132 fatal("key_free: key is NULL");
126 switch (k->type) { 133 switch (k->type) {
127 case KEY_RSA1: 134 case KEY_RSA1:
128 case KEY_RSA: 135 case KEY_RSA:
@@ -155,14 +162,12 @@ key_equal(const Key *a, const Key *b)
155 return a->rsa != NULL && b->rsa != NULL && 162 return a->rsa != NULL && b->rsa != NULL &&
156 BN_cmp(a->rsa->e, b->rsa->e) == 0 && 163 BN_cmp(a->rsa->e, b->rsa->e) == 0 &&
157 BN_cmp(a->rsa->n, b->rsa->n) == 0; 164 BN_cmp(a->rsa->n, b->rsa->n) == 0;
158 break;
159 case KEY_DSA: 165 case KEY_DSA:
160 return a->dsa != NULL && b->dsa != NULL && 166 return a->dsa != NULL && b->dsa != NULL &&
161 BN_cmp(a->dsa->p, b->dsa->p) == 0 && 167 BN_cmp(a->dsa->p, b->dsa->p) == 0 &&
162 BN_cmp(a->dsa->q, b->dsa->q) == 0 && 168 BN_cmp(a->dsa->q, b->dsa->q) == 0 &&
163 BN_cmp(a->dsa->g, b->dsa->g) == 0 && 169 BN_cmp(a->dsa->g, b->dsa->g) == 0 &&
164 BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0; 170 BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0;
165 break;
166 default: 171 default:
167 fatal("key_equal: bad key type %d", a->type); 172 fatal("key_equal: bad key type %d", a->type);
168 break; 173 break;
@@ -209,7 +214,6 @@ key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
209 break; 214 break;
210 case KEY_UNSPEC: 215 case KEY_UNSPEC:
211 return retval; 216 return retval;
212 break;
213 default: 217 default:
214 fatal("key_fingerprint_raw: bad key type %d", k->type); 218 fatal("key_fingerprint_raw: bad key type %d", k->type);
215 break; 219 break;
@@ -233,8 +237,7 @@ key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len)
233 char *retval; 237 char *retval;
234 u_int i; 238 u_int i;
235 239
236 retval = xmalloc(dgst_raw_len * 3 + 1); 240 retval = xcalloc(1, dgst_raw_len * 3 + 1);
237 retval[0] = '\0';
238 for (i = 0; i < dgst_raw_len; i++) { 241 for (i = 0; i < dgst_raw_len; i++) {
239 char hex[4]; 242 char hex[4];
240 snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]); 243 snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]);
@@ -256,7 +259,7 @@ key_fingerprint_bubblebabble(u_char *dgst_raw, u_int dgst_raw_len)
256 char *retval; 259 char *retval;
257 260
258 rounds = (dgst_raw_len / 2) + 1; 261 rounds = (dgst_raw_len / 2) + 1;
259 retval = xmalloc(sizeof(char) * (rounds*6)); 262 retval = xcalloc((rounds * 6), sizeof(char));
260 retval[j++] = 'x'; 263 retval[j++] = 'x';
261 for (i = 0; i < rounds; i++) { 264 for (i = 0; i < rounds; i++) {
262 u_int idx0, idx1, idx2, idx3, idx4; 265 u_int idx0, idx1, idx2, idx3, idx4;
@@ -530,13 +533,10 @@ key_type(const Key *k)
530 switch (k->type) { 533 switch (k->type) {
531 case KEY_RSA1: 534 case KEY_RSA1:
532 return "RSA1"; 535 return "RSA1";
533 break;
534 case KEY_RSA: 536 case KEY_RSA:
535 return "RSA"; 537 return "RSA";
536 break;
537 case KEY_DSA: 538 case KEY_DSA:
538 return "DSA"; 539 return "DSA";
539 break;
540 } 540 }
541 return "unknown"; 541 return "unknown";
542} 542}
@@ -547,10 +547,8 @@ key_ssh_name(const Key *k)
547 switch (k->type) { 547 switch (k->type) {
548 case KEY_RSA: 548 case KEY_RSA:
549 return "ssh-rsa"; 549 return "ssh-rsa";
550 break;
551 case KEY_DSA: 550 case KEY_DSA:
552 return "ssh-dss"; 551 return "ssh-dss";
553 break;
554 } 552 }
555 return "ssh-unknown"; 553 return "ssh-unknown";
556} 554}
@@ -562,10 +560,8 @@ key_size(const Key *k)
562 case KEY_RSA1: 560 case KEY_RSA1:
563 case KEY_RSA: 561 case KEY_RSA:
564 return BN_num_bits(k->rsa->n); 562 return BN_num_bits(k->rsa->n);
565 break;
566 case KEY_DSA: 563 case KEY_DSA:
567 return BN_num_bits(k->dsa->p); 564 return BN_num_bits(k->dsa->p);
568 break;
569 } 565 }
570 return 0; 566 return 0;
571} 567}
@@ -574,6 +570,7 @@ static RSA *
574rsa_generate_private_key(u_int bits) 570rsa_generate_private_key(u_int bits)
575{ 571{
576 RSA *private; 572 RSA *private;
573
577 private = RSA_generate_key(bits, 35, NULL, NULL); 574 private = RSA_generate_key(bits, 35, NULL, NULL);
578 if (private == NULL) 575 if (private == NULL)
579 fatal("rsa_generate_private_key: key generation failed."); 576 fatal("rsa_generate_private_key: key generation failed.");
@@ -584,6 +581,7 @@ static DSA*
584dsa_generate_private_key(u_int bits) 581dsa_generate_private_key(u_int bits)
585{ 582{
586 DSA *private = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL); 583 DSA *private = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL);
584
587 if (private == NULL) 585 if (private == NULL)
588 fatal("dsa_generate_private_key: DSA_generate_parameters failed"); 586 fatal("dsa_generate_private_key: DSA_generate_parameters failed");
589 if (!DSA_generate_key(private)) 587 if (!DSA_generate_key(private))
@@ -619,16 +617,18 @@ key_from_private(const Key *k)
619 switch (k->type) { 617 switch (k->type) {
620 case KEY_DSA: 618 case KEY_DSA:
621 n = key_new(k->type); 619 n = key_new(k->type);
622 BN_copy(n->dsa->p, k->dsa->p); 620 if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) ||
623 BN_copy(n->dsa->q, k->dsa->q); 621 (BN_copy(n->dsa->q, k->dsa->q) == NULL) ||
624 BN_copy(n->dsa->g, k->dsa->g); 622 (BN_copy(n->dsa->g, k->dsa->g) == NULL) ||
625 BN_copy(n->dsa->pub_key, k->dsa->pub_key); 623 (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL))
624 fatal("key_from_private: BN_copy failed");
626 break; 625 break;
627 case KEY_RSA: 626 case KEY_RSA:
628 case KEY_RSA1: 627 case KEY_RSA1:
629 n = key_new(k->type); 628 n = key_new(k->type);
630 BN_copy(n->rsa->n, k->rsa->n); 629 if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
631 BN_copy(n->rsa->e, k->rsa->e); 630 (BN_copy(n->rsa->e, k->rsa->e) == NULL))
631 fatal("key_from_private: BN_copy failed");
632 break; 632 break;
633 default: 633 default:
634 fatal("key_from_private: unknown type %d", k->type); 634 fatal("key_from_private: unknown type %d", k->type);
@@ -793,14 +793,11 @@ key_sign(
793 switch (key->type) { 793 switch (key->type) {
794 case KEY_DSA: 794 case KEY_DSA:
795 return ssh_dss_sign(key, sigp, lenp, data, datalen); 795 return ssh_dss_sign(key, sigp, lenp, data, datalen);
796 break;
797 case KEY_RSA: 796 case KEY_RSA:
798 return ssh_rsa_sign(key, sigp, lenp, data, datalen); 797 return ssh_rsa_sign(key, sigp, lenp, data, datalen);
799 break;
800 default: 798 default:
801 error("key_sign: invalid key type %d", key->type); 799 error("key_sign: invalid key type %d", key->type);
802 return -1; 800 return -1;
803 break;
804 } 801 }
805} 802}
806 803
@@ -820,14 +817,11 @@ key_verify(
820 switch (key->type) { 817 switch (key->type) {
821 case KEY_DSA: 818 case KEY_DSA:
822 return ssh_dss_verify(key, signature, signaturelen, data, datalen); 819 return ssh_dss_verify(key, signature, signaturelen, data, datalen);
823 break;
824 case KEY_RSA: 820 case KEY_RSA:
825 return ssh_rsa_verify(key, signature, signaturelen, data, datalen); 821 return ssh_rsa_verify(key, signature, signaturelen, data, datalen);
826 break;
827 default: 822 default:
828 error("key_verify: invalid key type %d", key->type); 823 error("key_verify: invalid key type %d", key->type);
829 return -1; 824 return -1;
830 break;
831 } 825 }
832} 826}
833 827
@@ -837,7 +831,7 @@ key_demote(const Key *k)
837{ 831{
838 Key *pk; 832 Key *pk;
839 833
840 pk = xmalloc(sizeof(*pk)); 834 pk = xcalloc(1, sizeof(*pk));
841 pk->type = k->type; 835 pk->type = k->type;
842 pk->flags = k->flags; 836 pk->flags = k->flags;
843 pk->dsa = NULL; 837 pk->dsa = NULL;