Mercurial > dropbear

comparison keyimport.c @ 1049:01eea88963f3 fastopen

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge from default
author Matt Johnston <matt@ucc.asn.au>
date Sat, 28 Feb 2015 09:06:40 +0800
parents 31727a8abd4b
children d144a6bece53
comparison
equal deleted inserted replaced
1048:9cec9ed503bb 1049:01eea88963f3
462 if (ret->encrypted && ret->keyblob_len % 8 != 0) { 462 if (ret->encrypted && ret->keyblob_len % 8 != 0) {
463 errmsg = "Encrypted key blob is not a multiple of cipher block size"; 463 errmsg = "Encrypted key blob is not a multiple of cipher block size";
464 goto error; 464 goto error;
465 } 465 }
466 466
467 memset(buffer, 0, sizeof(buffer)); 467 m_burn(buffer, sizeof(buffer));
468 return ret; 468 return ret;
469 469
470 error: 470 error:
471 memset(buffer, 0, sizeof(buffer)); 471 m_burn(buffer, sizeof(buffer));
472 if (ret) { 472 if (ret) {
473 if (ret->keyblob) { 473 if (ret->keyblob) {
474 memset(ret->keyblob, 0, ret->keyblob_size); 474 m_burn(ret->keyblob, ret->keyblob_size);
475 m_free(ret->keyblob); 475 m_free(ret->keyblob);
476 } 476 }
477 memset(&ret, 0, sizeof(ret));
478 m_free(ret); 477 m_free(ret);
479 } 478 }
480 if (fp) { 479 if (fp) {
481 fclose(fp); 480 fclose(fp);
482 } 481 }
492 int ret; 491 int ret;
493 492
494 if (!key) 493 if (!key)
495 return 0; 494 return 0;
496 ret = key->encrypted; 495 ret = key->encrypted;
497 memset(key->keyblob, 0, key->keyblob_size); 496 m_burn(key->keyblob, key->keyblob_size);
498 m_free(key->keyblob); 497 m_free(key->keyblob);
499 memset(&key, 0, sizeof(key));
500 m_free(key); 498 m_free(key);
501 return ret; 499 return ret;
502 } 500 }
503 501
504 static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase)) 502 static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
1044 const long curve_size = (*eck)->dp->size; 1042 const long curve_size = (*eck)->dp->size;
1045 int curve_oid_len = 0; 1043 int curve_oid_len = 0;
1046 const void* curve_oid = NULL; 1044 const void* curve_oid = NULL;
1047 unsigned long pubkey_size = 2*curve_size+1; 1045 unsigned long pubkey_size = 2*curve_size+1;
1048 unsigned int k_size; 1046 unsigned int k_size;
1047 int err = 0;
1049 1048
1050 /* version. less than 10 bytes */ 1049 /* version. less than 10 bytes */
1051 buf_incrwritepos(seq_buf, 1050 buf_incrwritepos(seq_buf,
1052 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 2, 1, 0)); 1051 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 2, 1, 0));
1053 buf_putbyte(seq_buf, 1); 1052 buf_putbyte(seq_buf, 1);
1089 buf_incrwritepos(seq_buf, 1088 buf_incrwritepos(seq_buf,
1090 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 1, 2+1+pubkey_size, 0xa0)); 1089 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 1, 2+1+pubkey_size, 0xa0));
1091 buf_incrwritepos(seq_buf, 1090 buf_incrwritepos(seq_buf,
1092 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 3, 1+pubkey_size, 0)); 1091 ber_write_id_len(buf_getwriteptr(seq_buf, 10), 3, 1+pubkey_size, 0));
1093 buf_putbyte(seq_buf, 0); 1092 buf_putbyte(seq_buf, 0);
1094 int err = ecc_ansi_x963_export(*eck, buf_getwriteptr(seq_buf, pubkey_size), &pubkey_size); 1093 err = ecc_ansi_x963_export(*eck, buf_getwriteptr(seq_buf, pubkey_size), &pubkey_size);
1095 if (err != CRYPT_OK) { 1094 if (err != CRYPT_OK) {
1096 dropbear_exit("ECC error"); 1095 dropbear_exit("ECC error");
1097 } 1096 }
1098 buf_incrwritepos(seq_buf, pubkey_size); 1097 buf_incrwritepos(seq_buf, pubkey_size);
1099 1098