summaryrefslogtreecommitdiff
path: root/sshkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshkey.c')
-rw-r--r--sshkey.c96
1 files changed, 26 insertions, 70 deletions
diff --git a/sshkey.c b/sshkey.c
index a85c185fc..789cd61ef 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.72 2018/10/11 00:52:46 djm Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.73 2019/01/21 09:54:11 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -2057,13 +2057,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
2057 ret = SSH_ERR_ALLOC_FAIL; 2057 ret = SSH_ERR_ALLOC_FAIL;
2058 goto out; 2058 goto out;
2059 } 2059 }
2060 if ((rsa_e = BN_new()) == NULL || 2060 if (sshbuf_get_bignum2(b, &rsa_e) != 0 ||
2061 (rsa_n = BN_new()) == NULL) { 2061 sshbuf_get_bignum2(b, &rsa_n) != 0) {
2062 ret = SSH_ERR_ALLOC_FAIL;
2063 goto out;
2064 }
2065 if (sshbuf_get_bignum2(b, rsa_e) != 0 ||
2066 sshbuf_get_bignum2(b, rsa_n) != 0) {
2067 ret = SSH_ERR_INVALID_FORMAT; 2062 ret = SSH_ERR_INVALID_FORMAT;
2068 goto out; 2063 goto out;
2069 } 2064 }
@@ -2090,17 +2085,10 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
2090 ret = SSH_ERR_ALLOC_FAIL; 2085 ret = SSH_ERR_ALLOC_FAIL;
2091 goto out; 2086 goto out;
2092 } 2087 }
2093 if ((dsa_p = BN_new()) == NULL || 2088 if (sshbuf_get_bignum2(b, &dsa_p) != 0 ||
2094 (dsa_q = BN_new()) == NULL || 2089 sshbuf_get_bignum2(b, &dsa_q) != 0 ||
2095 (dsa_g = BN_new()) == NULL || 2090 sshbuf_get_bignum2(b, &dsa_g) != 0 ||
2096 (dsa_pub_key = BN_new()) == NULL) { 2091 sshbuf_get_bignum2(b, &dsa_pub_key) != 0) {
2097 ret = SSH_ERR_ALLOC_FAIL;
2098 goto out;
2099 }
2100 if (sshbuf_get_bignum2(b, dsa_p) != 0 ||
2101 sshbuf_get_bignum2(b, dsa_q) != 0 ||
2102 sshbuf_get_bignum2(b, dsa_g) != 0 ||
2103 sshbuf_get_bignum2(b, dsa_pub_key) != 0) {
2104 ret = SSH_ERR_INVALID_FORMAT; 2092 ret = SSH_ERR_INVALID_FORMAT;
2105 goto out; 2093 goto out;
2106 } 2094 }
@@ -2942,19 +2930,11 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2942 r = SSH_ERR_ALLOC_FAIL; 2930 r = SSH_ERR_ALLOC_FAIL;
2943 goto out; 2931 goto out;
2944 } 2932 }
2945 if ((dsa_p = BN_new()) == NULL || 2933 if ((r = sshbuf_get_bignum2(buf, &dsa_p)) != 0 ||
2946 (dsa_q = BN_new()) == NULL || 2934 (r = sshbuf_get_bignum2(buf, &dsa_q)) != 0 ||
2947 (dsa_g = BN_new()) == NULL || 2935 (r = sshbuf_get_bignum2(buf, &dsa_g)) != 0 ||
2948 (dsa_pub_key = BN_new()) == NULL || 2936 (r = sshbuf_get_bignum2(buf, &dsa_pub_key)) != 0 ||
2949 (dsa_priv_key = BN_new()) == NULL) { 2937 (r = sshbuf_get_bignum2(buf, &dsa_priv_key)) != 0)
2950 r = SSH_ERR_ALLOC_FAIL;
2951 goto out;
2952 }
2953 if ((r = sshbuf_get_bignum2(buf, dsa_p)) != 0 ||
2954 (r = sshbuf_get_bignum2(buf, dsa_q)) != 0 ||
2955 (r = sshbuf_get_bignum2(buf, dsa_g)) != 0 ||
2956 (r = sshbuf_get_bignum2(buf, dsa_pub_key)) != 0 ||
2957 (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0)
2958 goto out; 2938 goto out;
2959 if (!DSA_set0_pqg(k->dsa, dsa_p, dsa_q, dsa_g)) { 2939 if (!DSA_set0_pqg(k->dsa, dsa_p, dsa_q, dsa_g)) {
2960 r = SSH_ERR_LIBCRYPTO_ERROR; 2940 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -2968,12 +2948,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2968 dsa_pub_key = dsa_priv_key = NULL; /* transferred */ 2948 dsa_pub_key = dsa_priv_key = NULL; /* transferred */
2969 break; 2949 break;
2970 case KEY_DSA_CERT: 2950 case KEY_DSA_CERT:
2971 if ((dsa_priv_key = BN_new()) == NULL) {
2972 r = SSH_ERR_ALLOC_FAIL;
2973 goto out;
2974 }
2975 if ((r = sshkey_froms(buf, &k)) != 0 || 2951 if ((r = sshkey_froms(buf, &k)) != 0 ||
2976 (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0) 2952 (r = sshbuf_get_bignum2(buf, &dsa_priv_key)) != 0)
2977 goto out; 2953 goto out;
2978 if (!DSA_set0_key(k->dsa, NULL, dsa_priv_key)) { 2954 if (!DSA_set0_key(k->dsa, NULL, dsa_priv_key)) {
2979 r = SSH_ERR_LIBCRYPTO_ERROR; 2955 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -2998,12 +2974,12 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2998 goto out; 2974 goto out;
2999 } 2975 }
3000 k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); 2976 k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid);
3001 if (k->ecdsa == NULL || (exponent = BN_new()) == NULL) { 2977 if (k->ecdsa == NULL) {
3002 r = SSH_ERR_LIBCRYPTO_ERROR; 2978 r = SSH_ERR_LIBCRYPTO_ERROR;
3003 goto out; 2979 goto out;
3004 } 2980 }
3005 if ((r = sshbuf_get_eckey(buf, k->ecdsa)) != 0 || 2981 if ((r = sshbuf_get_eckey(buf, k->ecdsa)) != 0 ||
3006 (r = sshbuf_get_bignum2(buf, exponent))) 2982 (r = sshbuf_get_bignum2(buf, &exponent)))
3007 goto out; 2983 goto out;
3008 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { 2984 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) {
3009 r = SSH_ERR_LIBCRYPTO_ERROR; 2985 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -3015,12 +2991,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
3015 goto out; 2991 goto out;
3016 break; 2992 break;
3017 case KEY_ECDSA_CERT: 2993 case KEY_ECDSA_CERT:
3018 if ((exponent = BN_new()) == NULL) {
3019 r = SSH_ERR_LIBCRYPTO_ERROR;
3020 goto out;
3021 }
3022 if ((r = sshkey_froms(buf, &k)) != 0 || 2994 if ((r = sshkey_froms(buf, &k)) != 0 ||
3023 (r = sshbuf_get_bignum2(buf, exponent)) != 0) 2995 (r = sshbuf_get_bignum2(buf, &exponent)) != 0)
3024 goto out; 2996 goto out;
3025 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { 2997 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) {
3026 r = SSH_ERR_LIBCRYPTO_ERROR; 2998 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -3037,21 +3009,12 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
3037 r = SSH_ERR_ALLOC_FAIL; 3009 r = SSH_ERR_ALLOC_FAIL;
3038 goto out; 3010 goto out;
3039 } 3011 }
3040 if ((rsa_n = BN_new()) == NULL || 3012 if ((r = sshbuf_get_bignum2(buf, &rsa_n)) != 0 ||
3041 (rsa_e = BN_new()) == NULL || 3013 (r = sshbuf_get_bignum2(buf, &rsa_e)) != 0 ||
3042 (rsa_d = BN_new()) == NULL || 3014 (r = sshbuf_get_bignum2(buf, &rsa_d)) != 0 ||
3043 (rsa_iqmp = BN_new()) == NULL || 3015 (r = sshbuf_get_bignum2(buf, &rsa_iqmp)) != 0 ||
3044 (rsa_p = BN_new()) == NULL || 3016 (r = sshbuf_get_bignum2(buf, &rsa_p)) != 0 ||
3045 (rsa_q = BN_new()) == NULL) { 3017 (r = sshbuf_get_bignum2(buf, &rsa_q)) != 0)
3046 r = SSH_ERR_ALLOC_FAIL;
3047 goto out;
3048 }
3049 if ((r = sshbuf_get_bignum2(buf, rsa_n)) != 0 ||
3050 (r = sshbuf_get_bignum2(buf, rsa_e)) != 0 ||
3051 (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 ||
3052 (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 ||
3053 (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 ||
3054 (r = sshbuf_get_bignum2(buf, rsa_q)) != 0)
3055 goto out; 3018 goto out;
3056 if (!RSA_set0_key(k->rsa, rsa_n, rsa_e, rsa_d)) { 3019 if (!RSA_set0_key(k->rsa, rsa_n, rsa_e, rsa_d)) {
3057 r = SSH_ERR_LIBCRYPTO_ERROR; 3020 r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -3069,18 +3032,11 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
3069 goto out; 3032 goto out;
3070 break; 3033 break;
3071 case KEY_RSA_CERT: 3034 case KEY_RSA_CERT:
3072 if ((rsa_d = BN_new()) == NULL ||
3073 (rsa_iqmp = BN_new()) == NULL ||
3074 (rsa_p = BN_new()) == NULL ||
3075 (rsa_q = BN_new()) == NULL) {
3076 r = SSH_ERR_ALLOC_FAIL;
3077 goto out;
3078 }
3079 if ((r = sshkey_froms(buf, &k)) != 0 || 3035 if ((r = sshkey_froms(buf, &k)) != 0 ||
3080 (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 || 3036 (r = sshbuf_get_bignum2(buf, &rsa_d)) != 0 ||
3081 (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 || 3037 (r = sshbuf_get_bignum2(buf, &rsa_iqmp)) != 0 ||
3082 (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 || 3038 (r = sshbuf_get_bignum2(buf, &rsa_p)) != 0 ||
3083 (r = sshbuf_get_bignum2(buf, rsa_q)) != 0) 3039 (r = sshbuf_get_bignum2(buf, &rsa_q)) != 0)
3084 goto out; 3040 goto out;
3085 if (!RSA_set0_key(k->rsa, NULL, NULL, rsa_d)) { 3041 if (!RSA_set0_key(k->rsa, NULL, NULL, rsa_d)) {
3086 r = SSH_ERR_LIBCRYPTO_ERROR; 3042 r = SSH_ERR_LIBCRYPTO_ERROR;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-11 13:40:31 +0000