summaryrefslogtreecommitdiff
path: root/sshkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshkey.c')
-rw-r--r--sshkey.c96
1 files changed, 26 insertions, 70 deletions
diff --git a/sshkey.c b/sshkey.c
index 6555c5ef8..ad1957762 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.72 2018/10/11 00:52:46 djm Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.73 2019/01/21 09:54:11 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -2056,13 +2056,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
2056 ret = SSH_ERR_ALLOC_FAIL; 2056 ret = SSH_ERR_ALLOC_FAIL;
2057 goto out; 2057 goto out;
2058 } 2058 }
2059 if ((rsa_e = BN_new()) == NULL || 2059 if (sshbuf_get_bignum2(b, &rsa_e) != 0 ||
2060 (rsa_n = BN_new()) == NULL) { 2060 sshbuf_get_bignum2(b, &rsa_n) != 0) {
2061 ret = SSH_ERR_ALLOC_FAIL;
2062 goto out;
2063 }
2064 if (sshbuf_get_bignum2(b, rsa_e) != 0 ||
2065 sshbuf_get_bignum2(b, rsa_n) != 0) {
2066 ret = SSH_ERR_INVALID_FORMAT; 2061 ret = SSH_ERR_INVALID_FORMAT;
2067 goto out; 2062 goto out;
2068 } 2063 }
@@ -2089,17 +2084,10 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
2089 ret = SSH_ERR_ALLOC_FAIL; 2084 ret = SSH_ERR_ALLOC_FAIL;
2090 goto out; 2085 goto out;
2091 } 2086 }
2092 if ((dsa_p = BN_new()) == NULL || 2087 if (sshbuf_get_bignum2(b, &dsa_p) != 0 ||
2093 (dsa_q = BN_new()) == NULL || 2088 sshbuf_get_bignum2(b, &dsa_q) != 0 ||
2094 (dsa_g = BN_new()) == NULL || 2089 sshbuf_get_bignum2(b, &dsa_g) != 0 ||
2095 (dsa_pub_key = BN_new()) == NULL) { 2090 sshbuf_get_bignum2(b, &dsa_pub_key) != 0) {
2096 ret = SSH_ERR_ALLOC_FAIL;
2097 goto out;
2098 }
2099 if (sshbuf_get_bignum2(b, dsa_p) != 0 ||
2100 sshbuf_get_bignum2(b, dsa_q) != 0 ||
2101 sshbuf_get_bignum2(b, dsa_g) != 0 ||
2102 sshbuf_get_bignum2(b, dsa_pub_key) != 0) {
2103 ret = SSH_ERR_INVALID_FORMAT; 2091 ret = SSH_ERR_INVALID_FORMAT;
2104 goto out; 2092 goto out;
2105 } 2093 }
@@ -2941,19 +2929,11 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2941 r = SSH_ERR_ALLOC_FAIL; 2929 r = SSH_ERR_ALLOC_FAIL;
2942 goto out; 2930 goto out;
2943 } 2931 }
2944 if ((dsa_p = BN_new()) == NULL || 2932 if ((r = sshbuf_get_bignum2(buf, &dsa_p)) != 0 ||
2945 (dsa_q = BN_new()) == NULL || 2933 (r = sshbuf_get_bignum2(buf, &dsa_q)) != 0 ||
2946 (dsa_g = BN_new()) == NULL || 2934 (r = sshbuf_get_bignum2(buf, &dsa_g)) != 0 ||
2947 (dsa_pub_key = BN_new()) == NULL || 2935 (r = sshbuf_get_bignum2(buf, &dsa_pub_key)) != 0 ||
2948 (dsa_priv_key = BN_new()) == NULL) { 2936 (r = sshbuf_get_bignum2(buf, &dsa_priv_key)) != 0)
2949 r = SSH_ERR_ALLOC_FAIL;
2950 goto out;
2951 }
2952 if ((r = sshbuf_get_bignum2(buf, dsa_p)) != 0 ||
2953 (r = sshbuf_get_bignum2(buf, dsa_q)) != 0 ||
2954 (r = sshbuf_get_bignum2(buf, dsa_g)) != 0 ||
2955 (r = sshbuf_get_bignum2(buf, dsa_pub_key)) != 0 ||
2956 (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0)
2957 goto out; 2937 goto out;
2958 if (!DSA_set0_pqg(k->dsa, dsa_p, dsa_q, dsa_g)) { 2938 if (!DSA_set0_pqg(k->dsa, dsa_p, dsa_q, dsa_g)) {
2959 r = SSH_ERR_LIBCRYPTO_ERROR; 2939 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -2967,12 +2947,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2967 dsa_pub_key = dsa_priv_key = NULL; /* transferred */ 2947 dsa_pub_key = dsa_priv_key = NULL; /* transferred */
2968 break; 2948 break;
2969 case KEY_DSA_CERT: 2949 case KEY_DSA_CERT:
2970 if ((dsa_priv_key = BN_new()) == NULL) {
2971 r = SSH_ERR_ALLOC_FAIL;
2972 goto out;
2973 }
2974 if ((r = sshkey_froms(buf, &k)) != 0 || 2950 if ((r = sshkey_froms(buf, &k)) != 0 ||
2975 (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0) 2951 (r = sshbuf_get_bignum2(buf, &dsa_priv_key)) != 0)
2976 goto out; 2952 goto out;
2977 if (!DSA_set0_key(k->dsa, NULL, dsa_priv_key)) { 2953 if (!DSA_set0_key(k->dsa, NULL, dsa_priv_key)) {
2978 r = SSH_ERR_LIBCRYPTO_ERROR; 2954 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -2997,12 +2973,12 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2997 goto out; 2973 goto out;
2998 } 2974 }
2999 k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); 2975 k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid);
3000 if (k->ecdsa == NULL || (exponent = BN_new()) == NULL) { 2976 if (k->ecdsa == NULL) {
3001 r = SSH_ERR_LIBCRYPTO_ERROR; 2977 r = SSH_ERR_LIBCRYPTO_ERROR;
3002 goto out; 2978 goto out;
3003 } 2979 }
3004 if ((r = sshbuf_get_eckey(buf, k->ecdsa)) != 0 || 2980 if ((r = sshbuf_get_eckey(buf, k->ecdsa)) != 0 ||
3005 (r = sshbuf_get_bignum2(buf, exponent))) 2981 (r = sshbuf_get_bignum2(buf, &exponent)))
3006 goto out; 2982 goto out;
3007 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { 2983 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) {
3008 r = SSH_ERR_LIBCRYPTO_ERROR; 2984 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -3014,12 +2990,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
3014 goto out; 2990 goto out;
3015 break; 2991 break;
3016 case KEY_ECDSA_CERT: 2992 case KEY_ECDSA_CERT:
3017 if ((exponent = BN_new()) == NULL) {
3018 r = SSH_ERR_LIBCRYPTO_ERROR;
3019 goto out;
3020 }
3021 if ((r = sshkey_froms(buf, &k)) != 0 || 2993 if ((r = sshkey_froms(buf, &k)) != 0 ||
3022 (r = sshbuf_get_bignum2(buf, exponent)) != 0) 2994 (r = sshbuf_get_bignum2(buf, &exponent)) != 0)
3023 goto out; 2995 goto out;
3024 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { 2996 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) {
3025 r = SSH_ERR_LIBCRYPTO_ERROR; 2997 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -3036,21 +3008,12 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
3036 r = SSH_ERR_ALLOC_FAIL; 3008 r = SSH_ERR_ALLOC_FAIL;
3037 goto out; 3009 goto out;
3038 } 3010 }
3039 if ((rsa_n = BN_new()) == NULL || 3011 if ((r = sshbuf_get_bignum2(buf, &rsa_n)) != 0 ||
3040 (rsa_e = BN_new()) == NULL || 3012 (r = sshbuf_get_bignum2(buf, &rsa_e)) != 0 ||
3041 (rsa_d = BN_new()) == NULL || 3013 (r = sshbuf_get_bignum2(buf, &rsa_d)) != 0 ||
3042 (rsa_iqmp = BN_new()) == NULL || 3014 (r = sshbuf_get_bignum2(buf, &rsa_iqmp)) != 0 ||
3043 (rsa_p = BN_new()) == NULL || 3015 (r = sshbuf_get_bignum2(buf, &rsa_p)) != 0 ||
3044 (rsa_q = BN_new()) == NULL) { 3016 (r = sshbuf_get_bignum2(buf, &rsa_q)) != 0)
3045 r = SSH_ERR_ALLOC_FAIL;
3046 goto out;
3047 }
3048 if ((r = sshbuf_get_bignum2(buf, rsa_n)) != 0 ||
3049 (r = sshbuf_get_bignum2(buf, rsa_e)) != 0 ||
3050 (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 ||
3051 (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 ||
3052 (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 ||
3053 (r = sshbuf_get_bignum2(buf, rsa_q)) != 0)
3054 goto out; 3017 goto out;
3055 if (!RSA_set0_key(k->rsa, rsa_n, rsa_e, rsa_d)) { 3018 if (!RSA_set0_key(k->rsa, rsa_n, rsa_e, rsa_d)) {
3056 r = SSH_ERR_LIBCRYPTO_ERROR; 3019 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -3068,18 +3031,11 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
3068 goto out; 3031 goto out;
3069 break; 3032 break;
3070 case KEY_RSA_CERT: 3033 case KEY_RSA_CERT:
3071 if ((rsa_d = BN_new()) == NULL ||
3072 (rsa_iqmp = BN_new()) == NULL ||
3073 (rsa_p = BN_new()) == NULL ||
3074 (rsa_q = BN_new()) == NULL) {
3075 r = SSH_ERR_ALLOC_FAIL;
3076 goto out;
3077 }
3078 if ((r = sshkey_froms(buf, &k)) != 0 || 3034 if ((r = sshkey_froms(buf, &k)) != 0 ||
3079 (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 || 3035 (r = sshbuf_get_bignum2(buf, &rsa_d)) != 0 ||
3080 (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 || 3036 (r = sshbuf_get_bignum2(buf, &rsa_iqmp)) != 0 ||
3081 (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 || 3037 (r = sshbuf_get_bignum2(buf, &rsa_p)) != 0 ||
3082 (r = sshbuf_get_bignum2(buf, rsa_q)) != 0) 3038 (r = sshbuf_get_bignum2(buf, &rsa_q)) != 0)
3083 goto out; 3039 goto out;
3084 if (!RSA_set0_key(k->rsa, NULL, NULL, rsa_d)) { 3040 if (!RSA_set0_key(k->rsa, NULL, NULL, rsa_d)) {
3085 r = SSH_ERR_LIBCRYPTO_ERROR; 3041 r = SSH_ERR_LIBCRYPTO_ERROR;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 16:15:24 +0000