diff options
Diffstat (limited to 'sshkey.c')
| -rw-r--r-- | sshkey.c | 53 |
1 files changed, 18 insertions, 35 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshkey.c,v 1.59 2017/12/18 02:25:15 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.60 2018/02/07 02:06:51 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
| @@ -469,8 +469,7 @@ sshkey_new(int type) | |||
| 469 | if ((rsa = RSA_new()) == NULL || | 469 | if ((rsa = RSA_new()) == NULL || |
| 470 | (rsa->n = BN_new()) == NULL || | 470 | (rsa->n = BN_new()) == NULL || |
| 471 | (rsa->e = BN_new()) == NULL) { | 471 | (rsa->e = BN_new()) == NULL) { |
| 472 | if (rsa != NULL) | 472 | RSA_free(rsa); |
| 473 | RSA_free(rsa); | ||
| 474 | free(k); | 473 | free(k); |
| 475 | return NULL; | 474 | return NULL; |
| 476 | } | 475 | } |
| @@ -483,8 +482,7 @@ sshkey_new(int type) | |||
| 483 | (dsa->q = BN_new()) == NULL || | 482 | (dsa->q = BN_new()) == NULL || |
| 484 | (dsa->g = BN_new()) == NULL || | 483 | (dsa->g = BN_new()) == NULL || |
| 485 | (dsa->pub_key = BN_new()) == NULL) { | 484 | (dsa->pub_key = BN_new()) == NULL) { |
| 486 | if (dsa != NULL) | 485 | DSA_free(dsa); |
| 487 | DSA_free(dsa); | ||
| 488 | free(k); | 486 | free(k); |
| 489 | return NULL; | 487 | return NULL; |
| 490 | } | 488 | } |
| @@ -578,21 +576,18 @@ sshkey_free(struct sshkey *k) | |||
| 578 | #ifdef WITH_OPENSSL | 576 | #ifdef WITH_OPENSSL |
| 579 | case KEY_RSA: | 577 | case KEY_RSA: |
| 580 | case KEY_RSA_CERT: | 578 | case KEY_RSA_CERT: |
| 581 | if (k->rsa != NULL) | 579 | RSA_free(k->rsa); |
| 582 | RSA_free(k->rsa); | ||
| 583 | k->rsa = NULL; | 580 | k->rsa = NULL; |
| 584 | break; | 581 | break; |
| 585 | case KEY_DSA: | 582 | case KEY_DSA: |
| 586 | case KEY_DSA_CERT: | 583 | case KEY_DSA_CERT: |
| 587 | if (k->dsa != NULL) | 584 | DSA_free(k->dsa); |
| 588 | DSA_free(k->dsa); | ||
| 589 | k->dsa = NULL; | 585 | k->dsa = NULL; |
| 590 | break; | 586 | break; |
| 591 | # ifdef OPENSSL_HAS_ECC | 587 | # ifdef OPENSSL_HAS_ECC |
| 592 | case KEY_ECDSA: | 588 | case KEY_ECDSA: |
| 593 | case KEY_ECDSA_CERT: | 589 | case KEY_ECDSA_CERT: |
| 594 | if (k->ecdsa != NULL) | 590 | EC_KEY_free(k->ecdsa); |
| 595 | EC_KEY_free(k->ecdsa); | ||
| 596 | k->ecdsa = NULL; | 591 | k->ecdsa = NULL; |
| 597 | break; | 592 | break; |
| 598 | # endif /* OPENSSL_HAS_ECC */ | 593 | # endif /* OPENSSL_HAS_ECC */ |
| @@ -1248,8 +1243,7 @@ sshkey_read(struct sshkey *ret, char **cpp) | |||
| 1248 | switch (sshkey_type_plain(ret->type)) { | 1243 | switch (sshkey_type_plain(ret->type)) { |
| 1249 | #ifdef WITH_OPENSSL | 1244 | #ifdef WITH_OPENSSL |
| 1250 | case KEY_RSA: | 1245 | case KEY_RSA: |
| 1251 | if (ret->rsa != NULL) | 1246 | RSA_free(ret->rsa); |
| 1252 | RSA_free(ret->rsa); | ||
| 1253 | ret->rsa = k->rsa; | 1247 | ret->rsa = k->rsa; |
| 1254 | k->rsa = NULL; | 1248 | k->rsa = NULL; |
| 1255 | #ifdef DEBUG_PK | 1249 | #ifdef DEBUG_PK |
| @@ -1257,8 +1251,7 @@ sshkey_read(struct sshkey *ret, char **cpp) | |||
| 1257 | #endif | 1251 | #endif |
| 1258 | break; | 1252 | break; |
| 1259 | case KEY_DSA: | 1253 | case KEY_DSA: |
| 1260 | if (ret->dsa != NULL) | 1254 | DSA_free(ret->dsa); |
| 1261 | DSA_free(ret->dsa); | ||
| 1262 | ret->dsa = k->dsa; | 1255 | ret->dsa = k->dsa; |
| 1263 | k->dsa = NULL; | 1256 | k->dsa = NULL; |
| 1264 | #ifdef DEBUG_PK | 1257 | #ifdef DEBUG_PK |
| @@ -1267,8 +1260,7 @@ sshkey_read(struct sshkey *ret, char **cpp) | |||
| 1267 | break; | 1260 | break; |
| 1268 | # ifdef OPENSSL_HAS_ECC | 1261 | # ifdef OPENSSL_HAS_ECC |
| 1269 | case KEY_ECDSA: | 1262 | case KEY_ECDSA: |
| 1270 | if (ret->ecdsa != NULL) | 1263 | EC_KEY_free(ret->ecdsa); |
| 1271 | EC_KEY_free(ret->ecdsa); | ||
| 1272 | ret->ecdsa = k->ecdsa; | 1264 | ret->ecdsa = k->ecdsa; |
| 1273 | ret->ecdsa_nid = k->ecdsa_nid; | 1265 | ret->ecdsa_nid = k->ecdsa_nid; |
| 1274 | k->ecdsa = NULL; | 1266 | k->ecdsa = NULL; |
| @@ -1410,10 +1402,8 @@ rsa_generate_private_key(u_int bits, RSA **rsap) | |||
| 1410 | private = NULL; | 1402 | private = NULL; |
| 1411 | ret = 0; | 1403 | ret = 0; |
| 1412 | out: | 1404 | out: |
| 1413 | if (private != NULL) | 1405 | RSA_free(private); |
| 1414 | RSA_free(private); | 1406 | BN_free(f4); |
| 1415 | if (f4 != NULL) | ||
| 1416 | BN_free(f4); | ||
| 1417 | return ret; | 1407 | return ret; |
| 1418 | } | 1408 | } |
| 1419 | 1409 | ||
| @@ -1441,8 +1431,7 @@ dsa_generate_private_key(u_int bits, DSA **dsap) | |||
| 1441 | private = NULL; | 1431 | private = NULL; |
| 1442 | ret = 0; | 1432 | ret = 0; |
| 1443 | out: | 1433 | out: |
| 1444 | if (private != NULL) | 1434 | DSA_free(private); |
| 1445 | DSA_free(private); | ||
| 1446 | return ret; | 1435 | return ret; |
| 1447 | } | 1436 | } |
| 1448 | 1437 | ||
| @@ -1521,8 +1510,7 @@ ecdsa_generate_private_key(u_int bits, int *nid, EC_KEY **ecdsap) | |||
| 1521 | private = NULL; | 1510 | private = NULL; |
| 1522 | ret = 0; | 1511 | ret = 0; |
| 1523 | out: | 1512 | out: |
| 1524 | if (private != NULL) | 1513 | EC_KEY_free(private); |
| 1525 | EC_KEY_free(private); | ||
| 1526 | return ret; | 1514 | return ret; |
| 1527 | } | 1515 | } |
| 1528 | # endif /* OPENSSL_HAS_ECC */ | 1516 | # endif /* OPENSSL_HAS_ECC */ |
| @@ -1933,8 +1921,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
| 1933 | ret = SSH_ERR_EC_CURVE_MISMATCH; | 1921 | ret = SSH_ERR_EC_CURVE_MISMATCH; |
| 1934 | goto out; | 1922 | goto out; |
| 1935 | } | 1923 | } |
| 1936 | if (key->ecdsa != NULL) | 1924 | EC_KEY_free(key->ecdsa); |
| 1937 | EC_KEY_free(key->ecdsa); | ||
| 1938 | if ((key->ecdsa = EC_KEY_new_by_curve_name(key->ecdsa_nid)) | 1925 | if ((key->ecdsa = EC_KEY_new_by_curve_name(key->ecdsa_nid)) |
| 1939 | == NULL) { | 1926 | == NULL) { |
| 1940 | ret = SSH_ERR_EC_CURVE_INVALID; | 1927 | ret = SSH_ERR_EC_CURVE_INVALID; |
| @@ -2011,8 +1998,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
| 2011 | free(curve); | 1998 | free(curve); |
| 2012 | free(pk); | 1999 | free(pk); |
| 2013 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) | 2000 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) |
| 2014 | if (q != NULL) | 2001 | EC_POINT_free(q); |
| 2015 | EC_POINT_free(q); | ||
| 2016 | #endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ | 2002 | #endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ |
| 2017 | return ret; | 2003 | return ret; |
| 2018 | } | 2004 | } |
| @@ -2765,8 +2751,7 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) | |||
| 2765 | free(tname); | 2751 | free(tname); |
| 2766 | free(curve); | 2752 | free(curve); |
| 2767 | #ifdef WITH_OPENSSL | 2753 | #ifdef WITH_OPENSSL |
| 2768 | if (exponent != NULL) | 2754 | BN_clear_free(exponent); |
| 2769 | BN_clear_free(exponent); | ||
| 2770 | #endif /* WITH_OPENSSL */ | 2755 | #endif /* WITH_OPENSSL */ |
| 2771 | sshkey_free(k); | 2756 | sshkey_free(k); |
| 2772 | if (ed25519_pk != NULL) { | 2757 | if (ed25519_pk != NULL) { |
| @@ -2854,8 +2839,7 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
| 2854 | ret = 0; | 2839 | ret = 0; |
| 2855 | out: | 2840 | out: |
| 2856 | BN_CTX_free(bnctx); | 2841 | BN_CTX_free(bnctx); |
| 2857 | if (nq != NULL) | 2842 | EC_POINT_free(nq); |
| 2858 | EC_POINT_free(nq); | ||
| 2859 | return ret; | 2843 | return ret; |
| 2860 | } | 2844 | } |
| 2861 | 2845 | ||
| @@ -3550,8 +3534,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, | |||
| 3550 | } | 3534 | } |
| 3551 | out: | 3535 | out: |
| 3552 | BIO_free(bio); | 3536 | BIO_free(bio); |
| 3553 | if (pk != NULL) | 3537 | EVP_PKEY_free(pk); |
| 3554 | EVP_PKEY_free(pk); | ||
| 3555 | sshkey_free(prv); | 3538 | sshkey_free(prv); |
| 3556 | return r; | 3539 | return r; |
| 3557 | } | 3540 | } |