Mercurial > dropbear
comparison signkey.c @ 1478:3a933956437e coverity
update coverity
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Fri, 09 Feb 2018 23:49:22 +0800 |
parents | 06d52bcb8094 |
children | 2d450c1056e3 |
comparison
equal
deleted
inserted
replaced
1439:8d24733026c5 | 1478:3a933956437e |
---|---|
398 } | 398 } |
399 | 399 |
400 /* Since we're not sure if we'll have md5 or sha1, we present both. | 400 /* Since we're not sure if we'll have md5 or sha1, we present both. |
401 * MD5 is used in preference, but sha1 could still be useful */ | 401 * MD5 is used in preference, but sha1 could still be useful */ |
402 #if DROPBEAR_MD5_HMAC | 402 #if DROPBEAR_MD5_HMAC |
403 static char * sign_key_md5_fingerprint(unsigned char* keyblob, | 403 static char * sign_key_md5_fingerprint(const unsigned char* keyblob, |
404 unsigned int keybloblen) { | 404 unsigned int keybloblen) { |
405 | 405 |
406 char * ret; | 406 char * ret; |
407 hash_state hs; | 407 hash_state hs; |
408 unsigned char hash[MD5_HASH_SIZE]; | 408 unsigned char hash[MD5_HASH_SIZE]; |
433 | 433 |
434 return ret; | 434 return ret; |
435 } | 435 } |
436 | 436 |
437 #else /* use SHA1 rather than MD5 for fingerprint */ | 437 #else /* use SHA1 rather than MD5 for fingerprint */ |
438 static char * sign_key_sha1_fingerprint(unsigned char* keyblob, | 438 static char * sign_key_sha1_fingerprint(const unsigned char* keyblob, |
439 unsigned int keybloblen) { | 439 unsigned int keybloblen) { |
440 | 440 |
441 char * ret; | 441 char * ret; |
442 hash_state hs; | 442 hash_state hs; |
443 unsigned char hash[SHA1_HASH_SIZE]; | 443 unsigned char hash[SHA1_HASH_SIZE]; |
470 | 470 |
471 #endif /* MD5/SHA1 switch */ | 471 #endif /* MD5/SHA1 switch */ |
472 | 472 |
473 /* This will return a freshly malloced string, containing a fingerprint | 473 /* This will return a freshly malloced string, containing a fingerprint |
474 * in either sha1 or md5 */ | 474 * in either sha1 or md5 */ |
475 char * sign_key_fingerprint(unsigned char* keyblob, unsigned int keybloblen) { | 475 char * sign_key_fingerprint(const unsigned char* keyblob, unsigned int keybloblen) { |
476 | 476 |
477 #if DROPBEAR_MD5_HMAC | 477 #if DROPBEAR_MD5_HMAC |
478 return sign_key_md5_fingerprint(keyblob, keybloblen); | 478 return sign_key_md5_fingerprint(keyblob, keybloblen); |
479 #else | 479 #else |
480 return sign_key_sha1_fingerprint(keyblob, keybloblen); | 480 return sign_key_sha1_fingerprint(keyblob, keybloblen); |
481 #endif | 481 #endif |
482 } | 482 } |
483 | 483 |
484 void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, | 484 void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, |
485 buffer *data_buf) { | 485 const buffer *data_buf) { |
486 buffer *sigblob; | 486 buffer *sigblob; |
487 sigblob = buf_new(MAX_PUBKEY_SIZE); | 487 sigblob = buf_new(MAX_PUBKEY_SIZE); |
488 | 488 |
489 #if DROPBEAR_DSS | 489 #if DROPBEAR_DSS |
490 if (type == DROPBEAR_SIGNKEY_DSS) { | 490 if (type == DROPBEAR_SIGNKEY_DSS) { |
515 #if DROPBEAR_SIGNKEY_VERIFY | 515 #if DROPBEAR_SIGNKEY_VERIFY |
516 /* Return DROPBEAR_SUCCESS or DROPBEAR_FAILURE. | 516 /* Return DROPBEAR_SUCCESS or DROPBEAR_FAILURE. |
517 * If FAILURE is returned, the position of | 517 * If FAILURE is returned, the position of |
518 * buf is undefined. If SUCCESS is returned, buf will be positioned after the | 518 * buf is undefined. If SUCCESS is returned, buf will be positioned after the |
519 * signature blob */ | 519 * signature blob */ |
520 int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) { | 520 int buf_verify(buffer * buf, sign_key *key, const buffer *data_buf) { |
521 | 521 |
522 char *type_name = NULL; | 522 char *type_name = NULL; |
523 unsigned int type_name_len = 0; | 523 unsigned int type_name_len = 0; |
524 enum signkey_type type; | 524 enum signkey_type type; |
525 | 525 |
568 * base64 data, and contains no trailing data */ | 568 * base64 data, and contains no trailing data */ |
569 /* If fingerprint is non-NULL, it will be set to a malloc()ed fingerprint | 569 /* If fingerprint is non-NULL, it will be set to a malloc()ed fingerprint |
570 of the key if it is successfully decoded */ | 570 of the key if it is successfully decoded */ |
571 int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, | 571 int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, |
572 const unsigned char* algoname, unsigned int algolen, | 572 const unsigned char* algoname, unsigned int algolen, |
573 buffer * line, char ** fingerprint) { | 573 const buffer * line, char ** fingerprint) { |
574 | 574 |
575 buffer * decodekey = NULL; | 575 buffer * decodekey = NULL; |
576 int ret = DROPBEAR_FAILURE; | 576 int ret = DROPBEAR_FAILURE; |
577 unsigned int len, filealgolen; | 577 unsigned int len, filealgolen; |
578 unsigned long decodekeylen; | 578 unsigned long decodekeylen; |